proto

README.md

@@ -33,8 +33,6 @@ Then simply run `codex` to get started:
 codex
 ```
 
-If you're running into upgrade issues with Homebrew, see the [FAQ entry on brew upgrade codex](./docs/faq.md#brew-update-codex-isnt-upgrading-me).
-
 <details>
 <summary>You can also go to the <a href="https://github.com/openai/codex/releases/latest">latest GitHub Release</a> and download the appropriate binary for your platform.</summary>
 

codex-rs/Cargo.lock

@@ -843,7 +843,6 @@ dependencies = [
  "codex-backend-client",
  "codex-common",
  "codex-core",
- "codex-feedback",
  "codex-file-search",
  "codex-login",
  "codex-protocol",
@@ -854,7 +853,6 @@ dependencies = [
  "pretty_assertions",
  "serde",
  "serde_json",
- "serial_test",
  "tempfile",
  "tokio",
  "toml",
@@ -1063,15 +1061,11 @@ dependencies = [
  "codex-apply-patch",
  "codex-async-utils",
  "codex-file-search",
- "codex-git-tooling",
- "codex-keyring-store",
  "codex-otel",
  "codex-protocol",
  "codex-rmcp-client",
  "codex-utils-pty",
- "codex-utils-readiness",
  "codex-utils-string",
- "codex-utils-tokenizer",
  "core-foundation 0.9.4",
  "core_test_support",
  "dirs",
@@ -1080,10 +1074,7 @@ dependencies = [
  "escargot",
  "eventsource-stream",
  "futures",
- "http",
- "image",
  "indexmap 2.10.0",
- "keyring",
  "landlock",
  "libc",
  "maplit",
@@ -1100,7 +1091,6 @@ dependencies = [
  "serde_json",
  "serial_test",
  "sha1",
- "sha2",
  "shlex",
  "similar",
  "strum_macros 0.27.2",
@@ -1216,22 +1206,11 @@ version = "0.0.0"
 dependencies = [
  "assert_matches",
  "pretty_assertions",
- "schemars 0.8.22",
- "serde",
  "tempfile",
  "thiserror 2.0.16",
- "ts-rs",
  "walkdir",
 ]
 
-[[package]]
-name = "codex-keyring-store"
-version = "0.0.0"
-dependencies = [
- "keyring",
- "tracing",
-]
-
 [[package]]
 name = "codex-linux-sandbox"
 version = "0.0.0"
@@ -1346,8 +1325,6 @@ version = "0.0.0"
 dependencies = [
  "anyhow",
  "base64",
- "codex-git-tooling",
- "codex-utils-image",
  "icu_decimal",
  "icu_locale_core",
  "mcp-types",
@@ -1397,7 +1374,6 @@ version = "0.0.0"
 dependencies = [
  "anyhow",
  "axum",
- "codex-keyring-store",
  "codex-protocol",
  "dirs",
  "escargot",
@@ -1449,6 +1425,7 @@ dependencies = [
  "codex-core",
  "codex-feedback",
  "codex-file-search",
+ "codex-git-tooling",
  "codex-login",
  "codex-ollama",
  "codex-protocol",
@@ -1493,27 +1470,6 @@ dependencies = [
  "vt100",
 ]
 
-[[package]]
-name = "codex-utils-cache"
-version = "0.0.0"
-dependencies = [
- "lru",
- "sha1",
- "tokio",
-]
-
-[[package]]
-name = "codex-utils-image"
-version = "0.0.0"
-dependencies = [
- "base64",
- "codex-utils-cache",
- "image",
- "tempfile",
- "thiserror 2.0.16",
- "tokio",
-]
-
 [[package]]
 name = "codex-utils-json-to-toml"
 version = "0.0.0"
@@ -1677,7 +1633,6 @@ dependencies = [
  "anyhow",
  "assert_cmd",
  "codex-core",
- "codex-protocol",
  "notify",
  "regex-lite",
  "serde_json",
@@ -4997,9 +4952,9 @@ dependencies = [
 
 [[package]]
 name = "rmcp"
-version = "0.8.3"
+version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1fdad1258f7259fdc0f2dfc266939c82c3b5d1fd72bcde274d600cdc27e60243"
+checksum = "4e35d31f89beb59c83bc31363426da25b323ce0c2e5b53c7bf29867d16ee7898"
 dependencies = [
  "base64",
  "bytes",
@@ -5031,9 +4986,9 @@ dependencies = [
 
 [[package]]
 name = "rmcp-macros"
-version = "0.8.3"
+version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ede0589a208cc7ce81d1be68aa7e74b917fcd03c81528408bab0457e187dcd9b"
+checksum = "d88518b38110c439a03f0f4eee40e5105d648a530711cb87f98991e3f324a664"
 dependencies = [
  "darling 0.21.3",
  "proc-macro2",
@@ -5499,9 +5454,9 @@ dependencies = [
 
 [[package]]
 name = "serde"
-version = "1.0.228"
+version = "1.0.226"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
+checksum = "0dca6411025b24b60bfa7ec1fe1f8e710ac09782dca409ee8237ba74b51295fd"
 dependencies = [
  "serde_core",
  "serde_derive",
@@ -5509,18 +5464,18 @@ dependencies = [
 
 [[package]]
 name = "serde_core"
-version = "1.0.228"
+version = "1.0.226"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
+checksum = "ba2ba63999edb9dac981fb34b3e5c0d111a69b0924e253ed29d83f7c99e966a4"
 dependencies = [
  "serde_derive",
 ]
 
 [[package]]
 name = "serde_derive"
-version = "1.0.228"
+version = "1.0.226"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
+checksum = "8db53ae22f34573731bafa1db20f04027b2d25e02d8205921b569171699cdb33"
 dependencies = [
  "proc-macro2",
  "quote",

codex-rs/Cargo.toml

@@ -16,7 +16,6 @@ members = [
     "core",
     "exec",
     "execpolicy",
-    "keyring-store",
     "file-search",
     "git-tooling",
     "linux-sandbox",
@@ -33,11 +32,9 @@ members = [
     "otel",
     "tui",
     "git-apply",
-    "utils/cache",
-    "utils/image",
     "utils/json-to-toml",
-    "utils/pty",
     "utils/readiness",
+    "utils/pty",
     "utils/string",
     "utils/tokenizer",
 ]
@@ -68,7 +65,6 @@ codex-exec = { path = "exec" }
 codex-feedback = { path = "feedback" }
 codex-file-search = { path = "file-search" }
 codex-git-tooling = { path = "git-tooling" }
-codex-keyring-store = { path = "keyring-store" }
 codex-linux-sandbox = { path = "linux-sandbox" }
 codex-login = { path = "login" }
 codex-mcp-server = { path = "mcp-server" }
@@ -81,8 +77,6 @@ codex-responses-api-proxy = { path = "responses-api-proxy" }
 codex-rmcp-client = { path = "rmcp-client" }
 codex-stdio-to-uds = { path = "stdio-to-uds" }
 codex-tui = { path = "tui" }
-codex-utils-cache = { path = "utils/cache" }
-codex-utils-image = { path = "utils/image" }
 codex-utils-json-to-toml = { path = "utils/json-to-toml" }
 codex-utils-pty = { path = "utils/pty" }
 codex-utils-readiness = { path = "utils/readiness" }
@@ -122,7 +116,6 @@ env_logger = "0.11.5"
 escargot = "0.5"
 eventsource-stream = "0.2.3"
 futures = { version = "0.3", default-features = false }
-http = "1.3.1"
 icu_decimal = "2.0.0"
 icu_locale_core = "2.0.0"
 ignore = "0.4.23"
@@ -135,7 +128,6 @@ landlock = "0.4.1"
 lazy_static = "1"
 libc = "0.2.175"
 log = "0.4"
-lru = "0.12.5"
 maplit = "1.0.2"
 mime_guess = "2.0.5"
 multimap = "0.10.0"
@@ -161,7 +153,7 @@ ratatui = "0.29.0"
 ratatui-macros = "0.6.0"
 regex-lite = "0.1.7"
 reqwest = "0.12"
-rmcp = { version = "0.8.3", default-features = false }
+rmcp = { version = "0.8.2", default-features = false }
 schemars = "0.8.22"
 seccompiler = "0.5.0"
 sentry = "0.34.0"

codex-rs/app-server-protocol/src/protocol.rs

@@ -5,7 +5,6 @@ use crate::JSONRPCNotification;
 use crate::JSONRPCRequest;
 use crate::RequestId;
 use codex_protocol::ConversationId;
-use codex_protocol::account::PlanType;
 use codex_protocol::config_types::ForcedLoginMethod;
 use codex_protocol::config_types::ReasoningEffort;
 use codex_protocol::config_types::ReasoningSummary;
@@ -17,7 +16,6 @@ use codex_protocol::protocol::EventMsg;
 use codex_protocol::protocol::FileChange;
 use codex_protocol::protocol::RateLimitSnapshot;
 use codex_protocol::protocol::ReviewDecision;
-use codex_protocol::protocol::SandboxCommandAssessment;
 use codex_protocol::protocol::SandboxPolicy;
 use codex_protocol::protocol::TurnAbortReason;
 use paste::paste;
@@ -95,50 +93,6 @@ macro_rules! client_request_definitions {
 }
 
 client_request_definitions! {
-    /// NEW APIs
-    #[serde(rename = "model/list")]
-    #[ts(rename = "model/list")]
-    ListModels {
-        params: ListModelsParams,
-        response: ListModelsResponse,
-    },
-
-    #[serde(rename = "account/login")]
-    #[ts(rename = "account/login")]
-    LoginAccount {
-        params: LoginAccountParams,
-        response: LoginAccountResponse,
-    },
-
-    #[serde(rename = "account/logout")]
-    #[ts(rename = "account/logout")]
-    LogoutAccount {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: LogoutAccountResponse,
-    },
-
-    #[serde(rename = "account/rateLimits/read")]
-    #[ts(rename = "account/rateLimits/read")]
-    GetAccountRateLimits {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: GetAccountRateLimitsResponse,
-    },
-
-    #[serde(rename = "feedback/upload")]
-    #[ts(rename = "feedback/upload")]
-    UploadFeedback {
-        params: UploadFeedbackParams,
-        response: UploadFeedbackResponse,
-    },
-
-    #[serde(rename = "account/read")]
-    #[ts(rename = "account/read")]
-    GetAccount {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: GetAccountResponse,
-    },
-
-    /// DEPRECATED APIs below
     Initialize {
         params: InitializeParams,
         response: InitializeResponse,
@@ -147,15 +101,18 @@ client_request_definitions! {
         params: NewConversationParams,
         response: NewConversationResponse,
     },
-    GetConversationSummary {
-        params: GetConversationSummaryParams,
-        response: GetConversationSummaryResponse,
-    },
     /// List recorded Codex conversations (rollouts) with optional pagination and search.
     ListConversations {
         params: ListConversationsParams,
         response: ListConversationsResponse,
     },
+    #[serde(rename = "model/list")]
+    #[ts(rename = "model/list")]
+    /// List available Codex models along with display metadata.
+    ListModels {
+        params: ListModelsParams,
+        response: ListModelsResponse,
+    },
     /// Resume a recorded Codex conversation from a rollout file.
     ResumeConversation {
         params: ResumeConversationParams,
@@ -234,30 +191,14 @@ client_request_definitions! {
         params: ExecOneOffCommandParams,
         response: ExecOneOffCommandResponse,
     },
-}
-
-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
-#[serde(tag = "type", rename_all = "camelCase")]
-#[ts(tag = "type")]
-pub enum Account {
-    #[serde(rename = "apiKey", rename_all = "camelCase")]
-    #[ts(rename = "apiKey", rename_all = "camelCase")]
-    ApiKey { api_key: String },
-
-    #[serde(rename = "chatgpt", rename_all = "camelCase")]
-    #[ts(rename = "chatgpt", rename_all = "camelCase")]
-    ChatGpt {
-        email: Option<String>,
-        plan_type: PlanType,
+    #[serde(rename = "account/rateLimits/read")]
+    #[ts(rename = "account/rateLimits/read")]
+    GetAccountRateLimits {
+        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
+        response: GetAccountRateLimitsResponse,
     },
 }
 
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetAccountResponse {
-    pub account: Account,
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct InitializeParams {
@@ -286,10 +227,6 @@ pub struct NewConversationParams {
     #[serde(skip_serializing_if = "Option::is_none")]
     pub model: Option<String>,
 
-    /// Override the model provider to use for this session.
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub model_provider: Option<String>,
-
     /// Configuration profile from config.toml to specify default options.
     #[serde(skip_serializing_if = "Option::is_none")]
     pub profile: Option<String>,
@@ -342,18 +279,6 @@ pub struct ResumeConversationResponse {
     pub initial_messages: Option<Vec<EventMsg>>,
 }
 
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetConversationSummaryParams {
-    pub rollout_path: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetConversationSummaryResponse {
-    pub summary: ConversationSummary,
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ListConversationsParams {
@@ -363,12 +288,6 @@ pub struct ListConversationsParams {
     /// Opaque pagination cursor returned by a previous call.
     #[serde(skip_serializing_if = "Option::is_none")]
     pub cursor: Option<String>,
-    /// Optional model provider filter (matches against session metadata).
-    /// - None => filter by the server's default model provider
-    /// - Some([]) => no filtering, include all providers
-    /// - Some([...]) => only include sessions with one of the specified providers
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub model_providers: Option<Vec<String>>,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -380,8 +299,6 @@ pub struct ConversationSummary {
     /// RFC3339 timestamp string for the session start, if available.
     #[serde(skip_serializing_if = "Option::is_none")]
     pub timestamp: Option<String>,
-    /// Model provider recorded for the session (resolved when absent in metadata).
-    pub model_provider: String,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -435,55 +352,6 @@ pub struct ListModelsResponse {
     pub next_cursor: Option<String>,
 }
 
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct UploadFeedbackParams {
-    pub classification: String,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub reason: Option<String>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub conversation_id: Option<ConversationId>,
-    pub include_logs: bool,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct UploadFeedbackResponse {
-    pub thread_id: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(tag = "type")]
-#[ts(tag = "type")]
-pub enum LoginAccountParams {
-    #[serde(rename = "apiKey")]
-    #[ts(rename = "apiKey")]
-    ApiKey {
-        #[serde(rename = "apiKey")]
-        #[ts(rename = "apiKey")]
-        api_key: String,
-    },
-    #[serde(rename = "chatgpt")]
-    #[ts(rename = "chatgpt")]
-    ChatGpt,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LoginAccountResponse {
-    /// Only set if the login method is ChatGPT.
-    #[schemars(with = "String")]
-    pub login_id: Option<Uuid>,
-
-    /// URL the client should open in a browser to initiate the OAuth flow.
-    /// Only set if the login method is ChatGPT.
-    pub auth_url: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LogoutAccountResponse {}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ResumeConversationParams {
@@ -785,8 +653,6 @@ pub struct SendUserMessageResponse {}
 #[serde(rename_all = "camelCase")]
 pub struct AddConversationListenerParams {
     pub conversation_id: ConversationId,
-    #[serde(default)]
-    pub experimental_raw_events: bool,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -918,8 +784,6 @@ pub struct ExecCommandApprovalParams {
     pub cwd: PathBuf,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub reason: Option<String>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub risk: Option<SandboxCommandAssessment>,
     pub parsed_cmd: Vec<ParsedCommand>,
 }
 
@@ -1011,13 +875,6 @@ pub struct AuthStatusChangeNotification {
 #[serde(tag = "method", content = "params", rename_all = "camelCase")]
 #[strum(serialize_all = "camelCase")]
 pub enum ServerNotification {
-    /// NEW NOTIFICATIONS
-    #[serde(rename = "account/rateLimits/updated")]
-    #[ts(rename = "account/rateLimits/updated")]
-    #[strum(serialize = "account/rateLimits/updated")]
-    AccountRateLimitsUpdated(RateLimitSnapshot),
-
-    /// DEPRECATED NOTIFICATIONS below
     /// Authentication status changed
     AuthStatusChange(AuthStatusChangeNotification),
 
@@ -1031,7 +888,6 @@ pub enum ServerNotification {
 impl ServerNotification {
     pub fn to_params(self) -> Result<serde_json::Value, serde_json::Error> {
         match self {
-            ServerNotification::AccountRateLimitsUpdated(params) => serde_json::to_value(params),
             ServerNotification::AuthStatusChange(params) => serde_json::to_value(params),
             ServerNotification::LoginChatGptComplete(params) => serde_json::to_value(params),
             ServerNotification::SessionConfigured(params) => serde_json::to_value(params),
@@ -1068,7 +924,6 @@ mod tests {
             request_id: RequestId::Integer(42),
             params: NewConversationParams {
                 model: Some("gpt-5-codex".to_string()),
-                model_provider: None,
                 profile: None,
                 cwd: None,
                 approval_policy: Some(AskForApproval::OnRequest),
@@ -1137,7 +992,6 @@ mod tests {
             command: vec!["echo".to_string(), "hello".to_string()],
             cwd: PathBuf::from("/tmp"),
             reason: Some("because tests".to_string()),
-            risk: None,
             parsed_cmd: vec![ParsedCommand::Unknown {
                 cmd: "echo hello".to_string(),
             }],
@@ -1189,118 +1043,16 @@ mod tests {
         Ok(())
     }
 
-    #[test]
-    fn serialize_account_login_api_key() -> Result<()> {
-        let request = ClientRequest::LoginAccount {
-            request_id: RequestId::Integer(2),
-            params: LoginAccountParams::ApiKey {
-                api_key: "secret".to_string(),
-            },
-        };
-        assert_eq!(
-            json!({
-                "method": "account/login",
-                "id": 2,
-                "params": {
-                    "type": "apiKey",
-                    "apiKey": "secret"
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_account_login_chatgpt() -> Result<()> {
-        let request = ClientRequest::LoginAccount {
-            request_id: RequestId::Integer(3),
-            params: LoginAccountParams::ChatGpt,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/login",
-                "id": 3,
-                "params": {
-                    "type": "chatgpt"
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_account_logout() -> Result<()> {
-        let request = ClientRequest::LogoutAccount {
-            request_id: RequestId::Integer(4),
-            params: None,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/logout",
-                "id": 4,
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_get_account() -> Result<()> {
-        let request = ClientRequest::GetAccount {
-            request_id: RequestId::Integer(5),
-            params: None,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/read",
-                "id": 5,
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn account_serializes_fields_in_camel_case() -> Result<()> {
-        let api_key = Account::ApiKey {
-            api_key: "secret".to_string(),
-        };
-        assert_eq!(
-            json!({
-                "type": "apiKey",
-                "apiKey": "secret",
-            }),
-            serde_json::to_value(&api_key)?,
-        );
-
-        let chatgpt = Account::ChatGpt {
-            email: Some("user@example.com".to_string()),
-            plan_type: PlanType::Plus,
-        };
-        assert_eq!(
-            json!({
-                "type": "chatgpt",
-                "email": "user@example.com",
-                "planType": "plus",
-            }),
-            serde_json::to_value(&chatgpt)?,
-        );
-
-        Ok(())
-    }
-
     #[test]
     fn serialize_list_models() -> Result<()> {
         let request = ClientRequest::ListModels {
-            request_id: RequestId::Integer(6),
+            request_id: RequestId::Integer(2),
             params: ListModelsParams::default(),
         };
         assert_eq!(
             json!({
                 "method": "model/list",
-                "id": 6,
+                "id": 2,
                 "params": {}
             }),
             serde_json::to_value(&request)?,

codex-rs/app-server/Cargo.toml

@@ -24,7 +24,6 @@ codex-file-search = { workspace = true }
 codex-login = { workspace = true }
 codex-protocol = { workspace = true }
 codex-app-server-protocol = { workspace = true }
-codex-feedback = { workspace = true }
 codex-utils-json-to-toml = { workspace = true }
 chrono = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
@@ -48,7 +47,6 @@ base64 = { workspace = true }
 core_test_support = { workspace = true }
 os_info = { workspace = true }
 pretty_assertions = { workspace = true }
-serial_test = { workspace = true }
 tempfile = { workspace = true }
 toml = { workspace = true }
 wiremock = { workspace = true }

codex-rs/app-server/src/codex_message_processor.rs

@@ -21,8 +21,6 @@ use codex_app_server_protocol::ExecOneOffCommandResponse;
 use codex_app_server_protocol::FuzzyFileSearchParams;
 use codex_app_server_protocol::FuzzyFileSearchResponse;
 use codex_app_server_protocol::GetAccountRateLimitsResponse;
-use codex_app_server_protocol::GetConversationSummaryParams;
-use codex_app_server_protocol::GetConversationSummaryResponse;
 use codex_app_server_protocol::GetUserAgentResponse;
 use codex_app_server_protocol::GetUserSavedConfigResponse;
 use codex_app_server_protocol::GitDiffToRemoteResponse;
@@ -54,8 +52,6 @@ use codex_app_server_protocol::ServerRequestPayload;
 use codex_app_server_protocol::SessionConfiguredNotification;
 use codex_app_server_protocol::SetDefaultModelParams;
 use codex_app_server_protocol::SetDefaultModelResponse;
-use codex_app_server_protocol::UploadFeedbackParams;
-use codex_app_server_protocol::UploadFeedbackResponse;
 use codex_app_server_protocol::UserInfoResponse;
 use codex_app_server_protocol::UserSavedConfig;
 use codex_backend_client::Client as BackendClient;
@@ -68,7 +64,9 @@ use codex_core::NewConversation;
 use codex_core::RolloutRecorder;
 use codex_core::SessionMeta;
 use codex_core::auth::CLIENT_ID;
+use codex_core::auth::get_auth_file;
 use codex_core::auth::login_with_api_key;
+use codex_core::auth::try_read_auth_json;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config::ConfigToml;
@@ -87,8 +85,6 @@ use codex_core::protocol::EventMsg;
 use codex_core::protocol::ExecApprovalRequestEvent;
 use codex_core::protocol::Op;
 use codex_core::protocol::ReviewDecision;
-use codex_core::read_head_for_summary;
-use codex_feedback::CodexFeedback;
 use codex_login::ServerOptions as LoginServerOptions;
 use codex_login::ShutdownHandle;
 use codex_login::run_login_server;
@@ -102,8 +98,6 @@ use codex_protocol::user_input::UserInput as CoreInputItem;
 use codex_utils_json_to_toml::json_to_toml;
 use std::collections::HashMap;
 use std::ffi::OsStr;
-use std::io::Error as IoError;
-use std::path::Path;
 use std::path::PathBuf;
 use std::sync::Arc;
 use std::sync::atomic::AtomicBool;
@@ -142,7 +136,6 @@ pub(crate) struct CodexMessageProcessor {
     // Queue of pending interrupt requests per conversation. We reply when TurnAborted arrives.
     pending_interrupts: Arc<Mutex<HashMap<ConversationId, Vec<RequestId>>>>,
     pending_fuzzy_searches: Arc<Mutex<HashMap<String, Arc<AtomicBool>>>>,
-    feedback: CodexFeedback,
 }
 
 impl CodexMessageProcessor {
@@ -152,7 +145,6 @@ impl CodexMessageProcessor {
         outgoing: Arc<OutgoingMessageSender>,
         codex_linux_sandbox_exe: Option<PathBuf>,
         config: Arc<Config>,
-        feedback: CodexFeedback,
     ) -> Self {
         Self {
             auth_manager,
@@ -164,7 +156,6 @@ impl CodexMessageProcessor {
             active_login: Arc::new(Mutex::new(None)),
             pending_interrupts: Arc::new(Mutex::new(HashMap::new())),
             pending_fuzzy_searches: Arc::new(Mutex::new(HashMap::new())),
-            feedback,
         }
     }
 
@@ -179,36 +170,12 @@ impl CodexMessageProcessor {
                 // created before processing any subsequent messages.
                 self.process_new_conversation(request_id, params).await;
             }
-            ClientRequest::GetConversationSummary { request_id, params } => {
-                self.get_conversation_summary(request_id, params).await;
-            }
             ClientRequest::ListConversations { request_id, params } => {
                 self.handle_list_conversations(request_id, params).await;
             }
             ClientRequest::ListModels { request_id, params } => {
                 self.list_models(request_id, params).await;
             }
-            ClientRequest::LoginAccount {
-                request_id,
-                params: _,
-            } => {
-                self.send_unimplemented_error(request_id, "account/login")
-                    .await;
-            }
-            ClientRequest::LogoutAccount {
-                request_id,
-                params: _,
-            } => {
-                self.send_unimplemented_error(request_id, "account/logout")
-                    .await;
-            }
-            ClientRequest::GetAccount {
-                request_id,
-                params: _,
-            } => {
-                self.send_unimplemented_error(request_id, "account/read")
-                    .await;
-            }
             ClientRequest::ResumeConversation { request_id, params } => {
                 self.handle_resume_conversation(request_id, params).await;
             }
@@ -287,21 +254,9 @@ impl CodexMessageProcessor {
             } => {
                 self.get_account_rate_limits(request_id).await;
             }
-            ClientRequest::UploadFeedback { request_id, params } => {
-                self.upload_feedback(request_id, params).await;
-            }
         }
     }
 
-    async fn send_unimplemented_error(&self, request_id: RequestId, method: &str) {
-        let error = JSONRPCErrorError {
-            code: INTERNAL_ERROR_CODE,
-            message: format!("{method} is not implemented yet"),
-            data: None,
-        };
-        self.outgoing.send_error(request_id, error).await;
-    }
-
     async fn login_api_key(&mut self, request_id: RequestId, params: LoginApiKeyParams) {
         if matches!(
             self.config.forced_login_method,
@@ -669,8 +624,12 @@ impl CodexMessageProcessor {
     }
 
     async fn get_user_info(&self, request_id: RequestId) {
-        // Read alleged user email from cached auth (best-effort; not verified).
-        let alleged_user_email = self.auth_manager.auth().and_then(|a| a.get_account_email());
+        // Read alleged user email from auth.json (best-effort; not verified).
+        let auth_path = get_auth_file(&self.config.codex_home);
+        let alleged_user_email = match try_read_auth_json(&auth_path) {
+            Ok(auth) => auth.tokens.and_then(|t| t.id_token.email),
+            Err(_) => None,
+        };
 
         let response = UserInfoResponse { alleged_user_email };
         self.outgoing.send_response(request_id, response).await;
@@ -824,76 +783,24 @@ impl CodexMessageProcessor {
         }
     }
 
-    async fn get_conversation_summary(
-        &self,
-        request_id: RequestId,
-        params: GetConversationSummaryParams,
-    ) {
-        let GetConversationSummaryParams { rollout_path } = params;
-        let path = if rollout_path.is_relative() {
-            self.config.codex_home.join(&rollout_path)
-        } else {
-            rollout_path.clone()
-        };
-        let fallback_provider = self.config.model_provider_id.as_str();
-
-        match read_summary_from_rollout(&path, fallback_provider).await {
-            Ok(summary) => {
-                let response = GetConversationSummaryResponse { summary };
-                self.outgoing.send_response(request_id, response).await;
-            }
-            Err(err) => {
-                let error = JSONRPCErrorError {
-                    code: INTERNAL_ERROR_CODE,
-                    message: format!(
-                        "failed to load conversation summary from {}: {}",
-                        path.display(),
-                        err
-                    ),
-                    data: None,
-                };
-                self.outgoing.send_error(request_id, error).await;
-            }
-        }
-    }
-
     async fn handle_list_conversations(
         &self,
         request_id: RequestId,
         params: ListConversationsParams,
     ) {
-        let ListConversationsParams {
-            page_size,
-            cursor,
-            model_providers: model_provider,
-        } = params;
-        let page_size = page_size.unwrap_or(25);
+        let page_size = params.page_size.unwrap_or(25);
         // Decode the optional cursor string to a Cursor via serde (Cursor implements Deserialize from string)
-        let cursor_obj: Option<RolloutCursor> = match cursor {
+        let cursor_obj: Option<RolloutCursor> = match params.cursor {
             Some(s) => serde_json::from_str::<RolloutCursor>(&format!("\"{s}\"")).ok(),
             None => None,
         };
         let cursor_ref = cursor_obj.as_ref();
-        let model_provider_filter = match model_provider {
-            Some(providers) => {
-                if providers.is_empty() {
-                    None
-                } else {
-                    Some(providers)
-                }
-            }
-            None => Some(vec![self.config.model_provider_id.clone()]),
-        };
-        let model_provider_slice = model_provider_filter.as_deref();
-        let fallback_provider = self.config.model_provider_id.clone();
 
         let page = match RolloutRecorder::list_conversations(
             &self.config.codex_home,
             page_size,
             cursor_ref,
             INTERACTIVE_SESSION_SOURCES,
-            model_provider_slice,
-            fallback_provider.as_str(),
         )
         .await
         {
@@ -912,7 +819,7 @@ impl CodexMessageProcessor {
         let items = page
             .items
             .into_iter()
-            .filter_map(|it| extract_conversation_summary(it.path, &it.head, &fallback_provider))
+            .filter_map(|it| extract_conversation_summary(it.path, &it.head))
             .collect();
 
         // Encode next_cursor as a plain string
@@ -1319,10 +1226,7 @@ impl CodexMessageProcessor {
         request_id: RequestId,
         params: AddConversationListenerParams,
     ) {
-        let AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events,
-        } = params;
+        let AddConversationListenerParams { conversation_id } = params;
         let Ok(conversation) = self
             .conversation_manager
             .get_conversation(conversation_id)
@@ -1359,11 +1263,6 @@ impl CodexMessageProcessor {
                             }
                         };
 
-                        if let EventMsg::RawResponseItem(_) = &event.msg
-                            && !experimental_raw_events {
-                                continue;
-                            }
-
                         // For now, we send a notification for every event,
                         // JSON-serializing the `Event` as-is, but these should
                         // be migrated to be variants of `ServerNotification`
@@ -1481,77 +1380,6 @@ impl CodexMessageProcessor {
         let response = FuzzyFileSearchResponse { files: results };
         self.outgoing.send_response(request_id, response).await;
     }
-
-    async fn upload_feedback(&self, request_id: RequestId, params: UploadFeedbackParams) {
-        let UploadFeedbackParams {
-            classification,
-            reason,
-            conversation_id,
-            include_logs,
-        } = params;
-
-        let snapshot = self.feedback.snapshot(conversation_id);
-        let thread_id = snapshot.thread_id.clone();
-
-        let validated_rollout_path = if include_logs {
-            match conversation_id {
-                Some(conv_id) => self.resolve_rollout_path(conv_id).await,
-                None => None,
-            }
-        } else {
-            None
-        };
-
-        let upload_result = tokio::task::spawn_blocking(move || {
-            let rollout_path_ref = validated_rollout_path.as_deref();
-            snapshot.upload_feedback(
-                &classification,
-                reason.as_deref(),
-                include_logs,
-                rollout_path_ref,
-            )
-        })
-        .await;
-
-        let upload_result = match upload_result {
-            Ok(result) => result,
-            Err(join_err) => {
-                let error = JSONRPCErrorError {
-                    code: INTERNAL_ERROR_CODE,
-                    message: format!("failed to upload feedback: {join_err}"),
-                    data: None,
-                };
-                self.outgoing.send_error(request_id, error).await;
-                return;
-            }
-        };
-
-        match upload_result {
-            Ok(()) => {
-                let response = UploadFeedbackResponse { thread_id };
-                self.outgoing.send_response(request_id, response).await;
-            }
-            Err(err) => {
-                let error = JSONRPCErrorError {
-                    code: INTERNAL_ERROR_CODE,
-                    message: format!("failed to upload feedback: {err}"),
-                    data: None,
-                };
-                self.outgoing.send_error(request_id, error).await;
-            }
-        }
-    }
-
-    async fn resolve_rollout_path(&self, conversation_id: ConversationId) -> Option<PathBuf> {
-        match self
-            .conversation_manager
-            .get_conversation(conversation_id)
-            .await
-        {
-            Ok(conv) => Some(conv.rollout_path()),
-            Err(_) => None,
-        }
-    }
 }
 
 async fn apply_bespoke_event_handling(
@@ -1589,7 +1417,6 @@ async fn apply_bespoke_event_handling(
             command,
             cwd,
             reason,
-            risk,
             parsed_cmd,
         }) => {
             let params = ExecCommandApprovalParams {
@@ -1598,7 +1425,6 @@ async fn apply_bespoke_event_handling(
                 command,
                 cwd,
                 reason,
-                risk,
                 parsed_cmd,
             };
             let rx = outgoing
@@ -1610,15 +1436,6 @@ async fn apply_bespoke_event_handling(
                 on_exec_approval_response(event_id, rx, conversation).await;
             });
         }
-        EventMsg::TokenCount(token_count_event) => {
-            if let Some(rate_limits) = token_count_event.rate_limits {
-                outgoing
-                    .send_server_notification(ServerNotification::AccountRateLimitsUpdated(
-                        rate_limits,
-                    ))
-                    .await;
-            }
-        }
         // If this is a TurnAborted, reply to any pending interrupt requests.
         EventMsg::TurnAborted(turn_aborted_event) => {
             let pending = {
@@ -1645,7 +1462,6 @@ async fn derive_config_from_params(
 ) -> std::io::Result<Config> {
     let NewConversationParams {
         model,
-        model_provider,
         profile,
         cwd,
         approval_policy,
@@ -1661,14 +1477,13 @@ async fn derive_config_from_params(
         cwd: cwd.map(PathBuf::from),
         approval_policy,
         sandbox_mode,
-        model_provider,
+        model_provider: None,
         codex_linux_sandbox_exe,
         base_instructions,
         include_apply_patch_tool,
         include_view_image_tool: None,
         show_raw_agent_reasoning: None,
         tools_web_search_request: None,
-        experimental_sandbox_command_assessment: None,
         additional_writable_roots: Vec::new(),
     };
 
@@ -1759,54 +1574,9 @@ async fn on_exec_approval_response(
     }
 }
 
-async fn read_summary_from_rollout(
-    path: &Path,
-    fallback_provider: &str,
-) -> std::io::Result<ConversationSummary> {
-    let head = read_head_for_summary(path).await?;
-
-    let Some(first) = head.first() else {
-        return Err(IoError::other(format!(
-            "rollout at {} is empty",
-            path.display()
-        )));
-    };
-
-    let session_meta = serde_json::from_value::<SessionMeta>(first.clone()).map_err(|_| {
-        IoError::other(format!(
-            "rollout at {} does not start with session metadata",
-            path.display()
-        ))
-    })?;
-
-    if let Some(summary) =
-        extract_conversation_summary(path.to_path_buf(), &head, fallback_provider)
-    {
-        return Ok(summary);
-    }
-
-    let timestamp = if session_meta.timestamp.is_empty() {
-        None
-    } else {
-        Some(session_meta.timestamp.clone())
-    };
-    let model_provider = session_meta
-        .model_provider
-        .unwrap_or_else(|| fallback_provider.to_string());
-
-    Ok(ConversationSummary {
-        conversation_id: session_meta.id,
-        timestamp,
-        path: path.to_path_buf(),
-        preview: String::new(),
-        model_provider,
-    })
-}
-
 fn extract_conversation_summary(
     path: PathBuf,
     head: &[serde_json::Value],
-    fallback_provider: &str,
 ) -> Option<ConversationSummary> {
     let session_meta = match head.first() {
         Some(first_line) => serde_json::from_value::<SessionMeta>(first_line.clone()).ok()?,
@@ -1831,17 +1601,12 @@ fn extract_conversation_summary(
     } else {
         Some(session_meta.timestamp.clone())
     };
-    let conversation_id = session_meta.id;
-    let model_provider = session_meta
-        .model_provider
-        .unwrap_or_else(|| fallback_provider.to_string());
 
     Some(ConversationSummary {
-        conversation_id,
+        conversation_id: session_meta.id,
         timestamp,
         path,
         preview: preview.to_string(),
-        model_provider,
     })
 }
 
@@ -1851,7 +1616,6 @@ mod tests {
     use anyhow::Result;
     use pretty_assertions::assert_eq;
     use serde_json::json;
-    use tempfile::TempDir;
 
     #[test]
     fn extract_conversation_summary_prefers_plain_user_messages() -> Result<()> {
@@ -1866,8 +1630,7 @@ mod tests {
                 "cwd": "/",
                 "originator": "codex",
                 "cli_version": "0.0.0",
-                "instructions": null,
-                "model_provider": "test-provider"
+                "instructions": null
             }),
             json!({
                 "type": "message",
@@ -1887,62 +1650,15 @@ mod tests {
             }),
         ];
 
-        let summary =
-            extract_conversation_summary(path.clone(), &head, "test-provider").expect("summary");
+        let summary = extract_conversation_summary(path.clone(), &head).expect("summary");
 
-        let expected = ConversationSummary {
-            conversation_id,
-            timestamp,
-            path,
-            preview: "Count to 5".to_string(),
-            model_provider: "test-provider".to_string(),
-        };
-
-        assert_eq!(summary, expected);
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn read_summary_from_rollout_returns_empty_preview_when_no_user_message() -> Result<()> {
-        use codex_protocol::protocol::RolloutItem;
-        use codex_protocol::protocol::RolloutLine;
-        use codex_protocol::protocol::SessionMetaLine;
-        use std::fs;
-
-        let temp_dir = TempDir::new()?;
-        let path = temp_dir.path().join("rollout.jsonl");
-
-        let conversation_id = ConversationId::from_string("bfd12a78-5900-467b-9bc5-d3d35df08191")?;
-        let timestamp = "2025-09-05T16:53:11.850Z".to_string();
-
-        let session_meta = SessionMeta {
-            id: conversation_id,
-            timestamp: timestamp.clone(),
-            model_provider: None,
-            ..SessionMeta::default()
-        };
-
-        let line = RolloutLine {
-            timestamp: timestamp.clone(),
-            item: RolloutItem::SessionMeta(SessionMetaLine {
-                meta: session_meta.clone(),
-                git: None,
-            }),
-        };
-
-        fs::write(&path, format!("{}\n", serde_json::to_string(&line)?))?;
-
-        let summary = read_summary_from_rollout(path.as_path(), "fallback").await?;
-
-        let expected = ConversationSummary {
-            conversation_id,
-            timestamp: Some(timestamp),
-            path: path.clone(),
-            preview: String::new(),
-            model_provider: "fallback".to_string(),
-        };
-
-        assert_eq!(summary, expected);
+        assert_eq!(summary.conversation_id, conversation_id);
+        assert_eq!(
+            summary.timestamp,
+            Some("2025-09-05T16:53:11.850Z".to_string())
+        );
+        assert_eq!(summary.path, path);
+        assert_eq!(summary.preview, "Count to 5");
         Ok(())
     }
 }

codex-rs/app-server/src/fuzzy_file_search.rs

@@ -46,7 +46,6 @@ pub(crate) async fn run_fuzzy_file_search(
                 threads,
                 cancel_flag,
                 COMPUTE_INDICES,
-                true,
             ) {
                 Ok(res) => Ok((root, res)),
                 Err(err) => Err((root, err)),

codex-rs/app-server/src/lib.rs

@@ -12,19 +12,16 @@ use crate::message_processor::MessageProcessor;
 use crate::outgoing_message::OutgoingMessage;
 use crate::outgoing_message::OutgoingMessageSender;
 use codex_app_server_protocol::JSONRPCMessage;
-use codex_feedback::CodexFeedback;
 use tokio::io::AsyncBufReadExt;
 use tokio::io::AsyncWriteExt;
 use tokio::io::BufReader;
 use tokio::io::{self};
 use tokio::sync::mpsc;
-use tracing::Level;
 use tracing::debug;
 use tracing::error;
 use tracing::info;
 use tracing_subscriber::EnvFilter;
 use tracing_subscriber::Layer;
-use tracing_subscriber::filter::Targets;
 use tracing_subscriber::layer::SubscriberExt;
 use tracing_subscriber::util::SubscriberInitExt;
 
@@ -85,8 +82,6 @@ pub async fn run_main(
             std::io::Error::new(ErrorKind::InvalidData, format!("error loading config: {e}"))
         })?;
 
-    let feedback = CodexFeedback::new();
-
     let otel =
         codex_core::otel_init::build_provider(&config, env!("CARGO_PKG_VERSION")).map_err(|e| {
             std::io::Error::new(
@@ -101,15 +96,8 @@ pub async fn run_main(
         .with_writer(std::io::stderr)
         .with_filter(EnvFilter::from_default_env());
 
-    let feedback_layer = tracing_subscriber::fmt::layer()
-        .with_writer(feedback.make_writer())
-        .with_ansi(false)
-        .with_target(false)
-        .with_filter(Targets::new().with_default(Level::TRACE));
-
     let _ = tracing_subscriber::registry()
         .with(stderr_fmt)
-        .with(feedback_layer)
         .with(otel.as_ref().map(|provider| {
             OpenTelemetryTracingBridge::new(&provider.logger).with_filter(
                 tracing_subscriber::filter::filter_fn(codex_core::otel_init::codex_export_filter),
@@ -124,7 +112,6 @@ pub async fn run_main(
             outgoing_message_sender,
             codex_linux_sandbox_exe,
             std::sync::Arc::new(config),
-            feedback.clone(),
         );
         async move {
             while let Some(msg) = incoming_rx.recv().await {

codex-rs/app-server/src/message_processor.rs

@@ -17,7 +17,6 @@ use codex_core::ConversationManager;
 use codex_core::config::Config;
 use codex_core::default_client::USER_AGENT_SUFFIX;
 use codex_core::default_client::get_codex_user_agent;
-use codex_feedback::CodexFeedback;
 use codex_protocol::protocol::SessionSource;
 use std::sync::Arc;
 
@@ -34,7 +33,6 @@ impl MessageProcessor {
         outgoing: OutgoingMessageSender,
         codex_linux_sandbox_exe: Option<PathBuf>,
         config: Arc<Config>,
-        feedback: CodexFeedback,
     ) -> Self {
         let outgoing = Arc::new(outgoing);
         let auth_manager = AuthManager::shared(config.codex_home.clone(), false);
@@ -48,7 +46,6 @@ impl MessageProcessor {
             outgoing.clone(),
             codex_linux_sandbox_exe,
             config,
-            feedback,
         );
 
         Self {

codex-rs/app-server/src/outgoing_message.rs

@@ -142,8 +142,6 @@ pub(crate) struct OutgoingError {
 #[cfg(test)]
 mod tests {
     use codex_app_server_protocol::LoginChatGptCompleteNotification;
-    use codex_protocol::protocol::RateLimitSnapshot;
-    use codex_protocol::protocol::RateLimitWindow;
     use pretty_assertions::assert_eq;
     use serde_json::json;
     use uuid::Uuid;
@@ -173,34 +171,4 @@ mod tests {
             "ensure the strum macros serialize the method field correctly"
         );
     }
-
-    #[test]
-    fn verify_account_rate_limits_notification_serialization() {
-        let notification = ServerNotification::AccountRateLimitsUpdated(RateLimitSnapshot {
-            primary: Some(RateLimitWindow {
-                used_percent: 25.0,
-                window_minutes: Some(15),
-                resets_at: Some(123),
-            }),
-            secondary: None,
-        });
-
-        let jsonrpc_notification = OutgoingMessage::AppServerNotification(notification);
-        assert_eq!(
-            json!({
-                "method": "account/rateLimits/updated",
-                "params": {
-                    "primary": {
-                        "used_percent": 25.0,
-                        "window_minutes": 15,
-                        "resets_at": 123,
-                    },
-                    "secondary": null,
-                },
-            }),
-            serde_json::to_value(jsonrpc_notification)
-                .expect("ensure the notification serializes correctly"),
-            "ensure the notification serializes correctly"
-        );
-    }
 }

codex-rs/app-server/tests/common/auth_fixtures.rs

@@ -7,7 +7,8 @@ use base64::engine::general_purpose::URL_SAFE_NO_PAD;
 use chrono::DateTime;
 use chrono::Utc;
 use codex_core::auth::AuthDotJson;
-use codex_core::auth::save_auth;
+use codex_core::auth::get_auth_file;
+use codex_core::auth::write_auth_json;
 use codex_core::token_data::TokenData;
 use codex_core::token_data::parse_id_token;
 use serde_json::json;
@@ -126,5 +127,5 @@ pub fn write_chatgpt_auth(codex_home: &Path, fixture: ChatGptAuthFixture) -> Res
         last_refresh,
     };
 
-    save_auth(codex_home, &auth).context("write auth.json")
+    write_auth_json(&get_auth_file(codex_home), &auth).context("write auth.json")
 }

codex-rs/app-server/tests/common/mcp_process.rs

@@ -30,7 +30,6 @@ use codex_app_server_protocol::SendUserMessageParams;
 use codex_app_server_protocol::SendUserTurnParams;
 use codex_app_server_protocol::ServerRequest;
 use codex_app_server_protocol::SetDefaultModelParams;
-use codex_app_server_protocol::UploadFeedbackParams;
 
 use codex_app_server_protocol::JSONRPCError;
 use codex_app_server_protocol::JSONRPCMessage;
@@ -243,15 +242,6 @@ impl McpProcess {
         self.send_request("account/rateLimits/read", None).await
     }
 
-    /// Send a `feedback/upload` JSON-RPC request.
-    pub async fn send_upload_feedback_request(
-        &mut self,
-        params: UploadFeedbackParams,
-    ) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("feedback/upload", params).await
-    }
-
     /// Send a `userInfo` JSON-RPC request.
     pub async fn send_user_info_request(&mut self) -> anyhow::Result<i64> {
         self.send_request("userInfo", None).await

codex-rs/app-server/tests/suite/codex_message_processor_flow.rs

@@ -103,10 +103,7 @@ async fn test_codex_jsonrpc_conversation_flow() {
 
     // 2) addConversationListener
     let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: false,
-        })
+        .send_add_conversation_listener_request(AddConversationListenerParams { conversation_id })
         .await
         .expect("send addConversationListener");
     let add_listener_resp: JSONRPCResponse = timeout(
@@ -255,10 +252,7 @@ async fn test_send_user_turn_changes_approval_policy_behavior() {
 
     // 2) addConversationListener
     let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: false,
-        })
+        .send_add_conversation_listener_request(AddConversationListenerParams { conversation_id })
         .await
         .expect("send addConversationListener");
     let _: AddConversationSubscriptionResponse =
@@ -317,7 +311,6 @@ async fn test_send_user_turn_changes_approval_policy_behavior() {
             ],
             cwd: working_directory.clone(),
             reason: None,
-            risk: None,
             parsed_cmd: vec![ParsedCommand::Unknown {
                 cmd: "python3 -c 'print(42)'".to_string()
             }],
@@ -465,10 +458,7 @@ async fn test_send_user_turn_updates_sandbox_and_cwd_between_turns() {
         .expect("deserialize newConversation response");
 
     let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: false,
-        })
+        .send_add_conversation_listener_request(AddConversationListenerParams { conversation_id })
         .await
         .expect("send addConversationListener");
     timeout(

codex-rs/app-server/tests/suite/create_conversation.rs

@@ -67,10 +67,7 @@ async fn test_conversation_create_and_send_message_ok() {
 
     // Add a listener so we receive notifications for this conversation (not strictly required for this test).
     let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: false,
-        })
+        .send_add_conversation_listener_request(AddConversationListenerParams { conversation_id })
         .await
         .expect("send addConversationListener");
     let _sub: AddConversationSubscriptionResponse =

codex-rs/app-server/tests/suite/interrupt.rs

@@ -88,10 +88,7 @@ async fn shell_command_interruption() -> anyhow::Result<()> {
 
     // 2) addConversationListener
     let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: false,
-        })
+        .send_add_conversation_listener_request(AddConversationListenerParams { conversation_id })
         .await?;
     let _add_listener_resp: JSONRPCResponse = timeout(
         DEFAULT_READ_TIMEOUT,

codex-rs/app-server/tests/suite/list_resume.rs

@@ -30,21 +30,18 @@ async fn test_list_and_resume_conversations() {
         "2025-01-02T12-00-00",
         "2025-01-02T12:00:00Z",
         "Hello A",
-        Some("openai"),
     );
     create_fake_rollout(
         codex_home.path(),
         "2025-01-01T13-00-00",
         "2025-01-01T13:00:00Z",
         "Hello B",
-        Some("openai"),
     );
     create_fake_rollout(
         codex_home.path(),
         "2025-01-01T12-00-00",
         "2025-01-01T12:00:00Z",
         "Hello C",
-        None,
     );
 
     let mut mcp = McpProcess::new(codex_home.path())
@@ -60,7 +57,6 @@ async fn test_list_and_resume_conversations() {
         .send_list_conversations_request(ListConversationsParams {
             page_size: Some(2),
             cursor: None,
-            model_providers: None,
         })
         .await
         .expect("send listConversations");
@@ -78,8 +74,6 @@ async fn test_list_and_resume_conversations() {
     // Newest first; preview text should match
     assert_eq!(items[0].preview, "Hello A");
     assert_eq!(items[1].preview, "Hello B");
-    assert_eq!(items[0].model_provider, "openai");
-    assert_eq!(items[1].model_provider, "openai");
     assert!(items[0].path.is_absolute());
     assert!(next_cursor.is_some());
 
@@ -88,7 +82,6 @@ async fn test_list_and_resume_conversations() {
         .send_list_conversations_request(ListConversationsParams {
             page_size: Some(2),
             cursor: next_cursor,
-            model_providers: None,
         })
         .await
         .expect("send listConversations page 2");
@@ -106,88 +99,7 @@ async fn test_list_and_resume_conversations() {
     } = to_response::<ListConversationsResponse>(resp2).expect("deserialize response");
     assert_eq!(items2.len(), 1);
     assert_eq!(items2[0].preview, "Hello C");
-    assert_eq!(items2[0].model_provider, "openai");
-    assert_eq!(next2, None);
-
-    // Add a conversation with an explicit non-OpenAI provider for filter tests.
-    create_fake_rollout(
-        codex_home.path(),
-        "2025-01-01T11-30-00",
-        "2025-01-01T11:30:00Z",
-        "Hello TP",
-        Some("test-provider"),
-    );
-
-    // Filtering by model provider should return only matching sessions.
-    let filter_req_id = mcp
-        .send_list_conversations_request(ListConversationsParams {
-            page_size: Some(10),
-            cursor: None,
-            model_providers: Some(vec!["test-provider".to_string()]),
-        })
-        .await
-        .expect("send listConversations filtered");
-    let filter_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(filter_req_id)),
-    )
-    .await
-    .expect("listConversations filtered timeout")
-    .expect("listConversations filtered resp");
-    let ListConversationsResponse {
-        items: filtered_items,
-        next_cursor: filtered_next,
-    } = to_response::<ListConversationsResponse>(filter_resp).expect("deserialize filtered");
-    assert_eq!(filtered_items.len(), 1);
-    assert_eq!(filtered_next, None);
-    assert_eq!(filtered_items[0].preview, "Hello TP");
-    assert_eq!(filtered_items[0].model_provider, "test-provider");
-
-    // Empty filter should include every session regardless of provider metadata.
-    let unfiltered_req_id = mcp
-        .send_list_conversations_request(ListConversationsParams {
-            page_size: Some(10),
-            cursor: None,
-            model_providers: Some(Vec::new()),
-        })
-        .await
-        .expect("send listConversations unfiltered");
-    let unfiltered_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(unfiltered_req_id)),
-    )
-    .await
-    .expect("listConversations unfiltered timeout")
-    .expect("listConversations unfiltered resp");
-    let ListConversationsResponse {
-        items: unfiltered_items,
-        next_cursor: unfiltered_next,
-    } = to_response::<ListConversationsResponse>(unfiltered_resp)
-        .expect("deserialize unfiltered response");
-    assert_eq!(unfiltered_items.len(), 4);
-    assert!(unfiltered_next.is_none());
-
-    let empty_req_id = mcp
-        .send_list_conversations_request(ListConversationsParams {
-            page_size: Some(10),
-            cursor: None,
-            model_providers: Some(vec!["other".to_string()]),
-        })
-        .await
-        .expect("send listConversations filtered empty");
-    let empty_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(empty_req_id)),
-    )
-    .await
-    .expect("listConversations filtered empty timeout")
-    .expect("listConversations filtered empty resp");
-    let ListConversationsResponse {
-        items: empty_items,
-        next_cursor: empty_next,
-    } = to_response::<ListConversationsResponse>(empty_resp).expect("deserialize filtered empty");
-    assert!(empty_items.is_empty());
-    assert!(empty_next.is_none());
+    assert!(next2.is_some());
 
     // Now resume one of the sessions and expect a SessionConfigured notification and response.
     let resume_req_id = mcp
@@ -240,13 +152,7 @@ async fn test_list_and_resume_conversations() {
     assert!(!conversation_id.to_string().is_empty());
 }
 
-fn create_fake_rollout(
-    codex_home: &Path,
-    filename_ts: &str,
-    meta_rfc3339: &str,
-    preview: &str,
-    model_provider: Option<&str>,
-) {
+fn create_fake_rollout(codex_home: &Path, filename_ts: &str, meta_rfc3339: &str, preview: &str) {
     let uuid = Uuid::new_v4();
     // sessions/YYYY/MM/DD/ derived from filename_ts (YYYY-MM-DDThh-mm-ss)
     let year = &filename_ts[0..4];
@@ -258,22 +164,18 @@ fn create_fake_rollout(
     let file_path = dir.join(format!("rollout-{filename_ts}-{uuid}.jsonl"));
     let mut lines = Vec::new();
     // Meta line with timestamp (flattened meta in payload for new schema)
-    let mut payload = json!({
-        "id": uuid,
-        "timestamp": meta_rfc3339,
-        "cwd": "/",
-        "originator": "codex",
-        "cli_version": "0.0.0",
-        "instructions": null,
-    });
-    if let Some(provider) = model_provider {
-        payload["model_provider"] = json!(provider);
-    }
     lines.push(
         json!({
             "timestamp": meta_rfc3339,
             "type": "session_meta",
-            "payload": payload
+            "payload": {
+                "id": uuid,
+                "timestamp": meta_rfc3339,
+                "cwd": "/",
+                "originator": "codex",
+                "cli_version": "0.0.0",
+                "instructions": null
+            }
         })
         .to_string(),
     );

codex-rs/app-server/tests/suite/login.rs

@@ -13,7 +13,6 @@ use codex_app_server_protocol::LoginChatGptResponse;
 use codex_app_server_protocol::LogoutChatGptResponse;
 use codex_app_server_protocol::RequestId;
 use codex_login::login_with_api_key;
-use serial_test::serial;
 use tempfile::TempDir;
 use tokio::time::timeout;
 
@@ -95,8 +94,6 @@ async fn logout_chatgpt_removes_auth() {
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-// Serialize tests that launch the login server since it binds to a fixed port.
-#[serial(login_port)]
 async fn login_and_cancel_chatgpt() {
     let codex_home = TempDir::new().unwrap_or_else(|e| panic!("create tempdir: {e}"));
     create_config_toml(codex_home.path()).unwrap_or_else(|err| panic!("write config.toml: {err}"));
@@ -211,8 +208,6 @@ async fn login_chatgpt_rejected_when_forced_api() {
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-// Serialize tests that launch the login server since it binds to a fixed port.
-#[serial(login_port)]
 async fn login_chatgpt_includes_forced_workspace_query_param() {
     let codex_home = TempDir::new().unwrap_or_else(|e| panic!("create tempdir: {e}"));
     create_config_toml_forced_workspace(codex_home.path(), "ws-forced")

codex-rs/app-server/tests/suite/send_message.rs

@@ -15,8 +15,6 @@ use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::SendUserMessageParams;
 use codex_app_server_protocol::SendUserMessageResponse;
 use codex_protocol::ConversationId;
-use codex_protocol::models::ContentItem;
-use codex_protocol::models::ResponseItem;
 use pretty_assertions::assert_eq;
 use tempfile::TempDir;
 use tokio::time::timeout;
@@ -64,10 +62,7 @@ async fn test_send_message_success() {
 
     // 2) addConversationListener
     let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: false,
-        })
+        .send_add_conversation_listener_request(AddConversationListenerParams { conversation_id })
         .await
         .expect("send addConversationListener");
     let add_listener_resp: JSONRPCResponse = timeout(
@@ -129,105 +124,6 @@ async fn send_message(message: &str, conversation_id: ConversationId, mcp: &mut
             .expect("should have conversationId"),
         &serde_json::Value::String(conversation_id.to_string())
     );
-
-    let raw_attempt = tokio::time::timeout(
-        std::time::Duration::from_millis(200),
-        mcp.read_stream_until_notification_message("codex/event/raw_response_item"),
-    )
-    .await;
-    assert!(
-        raw_attempt.is_err(),
-        "unexpected raw item notification when not opted in"
-    );
-}
-
-#[tokio::test]
-async fn test_send_message_raw_notifications_opt_in() {
-    let responses = vec![
-        create_final_assistant_message_sse_response("Done").expect("build mock assistant message"),
-    ];
-    let server = create_mock_chat_completions_server(responses).await;
-
-    let codex_home = TempDir::new().expect("create temp dir");
-    create_config_toml(codex_home.path(), &server.uri()).expect("write config.toml");
-
-    let mut mcp = McpProcess::new(codex_home.path())
-        .await
-        .expect("spawn mcp process");
-    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
-        .await
-        .expect("init timed out")
-        .expect("init failed");
-
-    let new_conv_id = mcp
-        .send_new_conversation_request(NewConversationParams::default())
-        .await
-        .expect("send newConversation");
-    let new_conv_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(new_conv_id)),
-    )
-    .await
-    .expect("newConversation timeout")
-    .expect("newConversation resp");
-    let NewConversationResponse {
-        conversation_id, ..
-    } = to_response::<_>(new_conv_resp).expect("deserialize newConversation response");
-
-    let add_listener_id = mcp
-        .send_add_conversation_listener_request(AddConversationListenerParams {
-            conversation_id,
-            experimental_raw_events: true,
-        })
-        .await
-        .expect("send addConversationListener");
-    let add_listener_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(add_listener_id)),
-    )
-    .await
-    .expect("addConversationListener timeout")
-    .expect("addConversationListener resp");
-    let AddConversationSubscriptionResponse { subscription_id: _ } =
-        to_response::<_>(add_listener_resp).expect("deserialize addConversationListener response");
-
-    let send_id = mcp
-        .send_send_user_message_request(SendUserMessageParams {
-            conversation_id,
-            items: vec![InputItem::Text {
-                text: "Hello".to_string(),
-            }],
-        })
-        .await
-        .expect("send sendUserMessage");
-
-    let instructions = read_raw_response_item(&mut mcp, conversation_id).await;
-    assert_instructions_message(&instructions);
-
-    let environment = read_raw_response_item(&mut mcp, conversation_id).await;
-    assert_environment_message(&environment);
-
-    let response: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(send_id)),
-    )
-    .await
-    .expect("sendUserMessage response timeout")
-    .expect("sendUserMessage response error");
-    let _ok: SendUserMessageResponse = to_response::<SendUserMessageResponse>(response)
-        .expect("deserialize sendUserMessage response");
-
-    let user_message = read_raw_response_item(&mut mcp, conversation_id).await;
-    assert_user_message(&user_message, "Hello");
-
-    let assistant_message = read_raw_response_item(&mut mcp, conversation_id).await;
-    assert_assistant_message(&assistant_message, "Done");
-
-    let _ = tokio::time::timeout(
-        std::time::Duration::from_millis(250),
-        mcp.read_stream_until_notification_message("codex/event/task_complete"),
-    )
-    .await;
 }
 
 #[tokio::test]
@@ -288,108 +184,3 @@ stream_max_retries = 0
         ),
     )
 }
-
-#[expect(clippy::expect_used)]
-async fn read_raw_response_item(
-    mcp: &mut McpProcess,
-    conversation_id: ConversationId,
-) -> ResponseItem {
-    let raw_notification: JSONRPCNotification = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_notification_message("codex/event/raw_response_item"),
-    )
-    .await
-    .expect("codex/event/raw_response_item notification timeout")
-    .expect("codex/event/raw_response_item notification resp");
-
-    let serde_json::Value::Object(params) = raw_notification
-        .params
-        .expect("codex/event/raw_response_item should have params")
-    else {
-        panic!("codex/event/raw_response_item should have params");
-    };
-
-    let conversation_id_value = params
-        .get("conversationId")
-        .and_then(|value| value.as_str())
-        .expect("raw response item should include conversationId");
-
-    assert_eq!(
-        conversation_id_value,
-        conversation_id.to_string(),
-        "raw response item conversation mismatch"
-    );
-
-    let msg_value = params
-        .get("msg")
-        .cloned()
-        .expect("raw response item should include msg payload");
-
-    serde_json::from_value(msg_value).expect("deserialize raw response item")
-}
-
-fn assert_instructions_message(item: &ResponseItem) {
-    match item {
-        ResponseItem::Message { role, content, .. } => {
-            assert_eq!(role, "user");
-            let texts = content_texts(content);
-            assert!(
-                texts
-                    .iter()
-                    .any(|text| text.contains("<user_instructions>")),
-                "expected instructions message, got {texts:?}"
-            );
-        }
-        other => panic!("expected instructions message, got {other:?}"),
-    }
-}
-
-fn assert_environment_message(item: &ResponseItem) {
-    match item {
-        ResponseItem::Message { role, content, .. } => {
-            assert_eq!(role, "user");
-            let texts = content_texts(content);
-            assert!(
-                texts
-                    .iter()
-                    .any(|text| text.contains("<environment_context>")),
-                "expected environment context message, got {texts:?}"
-            );
-        }
-        other => panic!("expected environment message, got {other:?}"),
-    }
-}
-
-fn assert_user_message(item: &ResponseItem, expected_text: &str) {
-    match item {
-        ResponseItem::Message { role, content, .. } => {
-            assert_eq!(role, "user");
-            let texts = content_texts(content);
-            assert_eq!(texts, vec![expected_text]);
-        }
-        other => panic!("expected user message, got {other:?}"),
-    }
-}
-
-fn assert_assistant_message(item: &ResponseItem, expected_text: &str) {
-    match item {
-        ResponseItem::Message { role, content, .. } => {
-            assert_eq!(role, "assistant");
-            let texts = content_texts(content);
-            assert_eq!(texts, vec![expected_text]);
-        }
-        other => panic!("expected assistant message, got {other:?}"),
-    }
-}
-
-fn content_texts(content: &[ContentItem]) -> Vec<&str> {
-    content
-        .iter()
-        .filter_map(|item| match item {
-            ContentItem::InputText { text } | ContentItem::OutputText { text } => {
-                Some(text.as_str())
-            }
-            _ => None,
-        })
-        .collect()
-}

codex-rs/apply-patch/tests/suite/mod.rs

@@ -1,3 +1 @@
 mod cli;
-#[cfg(not(target_os = "windows"))]
-mod tool;

codex-rs/apply-patch/tests/suite/tool.rs

@@ -1,257 +0,0 @@
-use assert_cmd::Command;
-use pretty_assertions::assert_eq;
-use std::fs;
-use std::path::Path;
-use tempfile::tempdir;
-
-fn run_apply_patch_in_dir(dir: &Path, patch: &str) -> anyhow::Result<assert_cmd::assert::Assert> {
-    let mut cmd = Command::cargo_bin("apply_patch")?;
-    cmd.current_dir(dir);
-    Ok(cmd.arg(patch).assert())
-}
-
-fn apply_patch_command(dir: &Path) -> anyhow::Result<Command> {
-    let mut cmd = Command::cargo_bin("apply_patch")?;
-    cmd.current_dir(dir);
-    Ok(cmd)
-}
-
-#[test]
-fn test_apply_patch_cli_applies_multiple_operations() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let modify_path = tmp.path().join("modify.txt");
-    let delete_path = tmp.path().join("delete.txt");
-
-    fs::write(&modify_path, "line1\nline2\n")?;
-    fs::write(&delete_path, "obsolete\n")?;
-
-    let patch = "*** Begin Patch\n*** Add File: nested/new.txt\n+created\n*** Delete File: delete.txt\n*** Update File: modify.txt\n@@\n-line2\n+changed\n*** End Patch";
-
-    run_apply_patch_in_dir(tmp.path(), patch)?.success().stdout(
-        "Success. Updated the following files:\nA nested/new.txt\nM modify.txt\nD delete.txt\n",
-    );
-
-    assert_eq!(
-        fs::read_to_string(tmp.path().join("nested/new.txt"))?,
-        "created\n"
-    );
-    assert_eq!(fs::read_to_string(&modify_path)?, "line1\nchanged\n");
-    assert!(!delete_path.exists());
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_applies_multiple_chunks() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let target_path = tmp.path().join("multi.txt");
-    fs::write(&target_path, "line1\nline2\nline3\nline4\n")?;
-
-    let patch = "*** Begin Patch\n*** Update File: multi.txt\n@@\n-line2\n+changed2\n@@\n-line4\n+changed4\n*** End Patch";
-
-    run_apply_patch_in_dir(tmp.path(), patch)?
-        .success()
-        .stdout("Success. Updated the following files:\nM multi.txt\n");
-
-    assert_eq!(
-        fs::read_to_string(&target_path)?,
-        "line1\nchanged2\nline3\nchanged4\n"
-    );
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_moves_file_to_new_directory() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let original_path = tmp.path().join("old/name.txt");
-    let new_path = tmp.path().join("renamed/dir/name.txt");
-    fs::create_dir_all(original_path.parent().expect("parent should exist"))?;
-    fs::write(&original_path, "old content\n")?;
-
-    let patch = "*** Begin Patch\n*** Update File: old/name.txt\n*** Move to: renamed/dir/name.txt\n@@\n-old content\n+new content\n*** End Patch";
-
-    run_apply_patch_in_dir(tmp.path(), patch)?
-        .success()
-        .stdout("Success. Updated the following files:\nM renamed/dir/name.txt\n");
-
-    assert!(!original_path.exists());
-    assert_eq!(fs::read_to_string(&new_path)?, "new content\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_rejects_empty_patch() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr("No files were modified.\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_reports_missing_context() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let target_path = tmp.path().join("modify.txt");
-    fs::write(&target_path, "line1\nline2\n")?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Update File: modify.txt\n@@\n-missing\n+changed\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr("Failed to find expected lines in modify.txt:\nmissing\n");
-    assert_eq!(fs::read_to_string(&target_path)?, "line1\nline2\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_rejects_missing_file_delete() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Delete File: missing.txt\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr("Failed to delete file missing.txt\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_rejects_empty_update_hunk() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Update File: foo.txt\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr("Invalid patch hunk on line 2: Update file hunk for path 'foo.txt' is empty\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_requires_existing_file_for_update() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Update File: missing.txt\n@@\n-old\n+new\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr(
-            "Failed to read file to update missing.txt: No such file or directory (os error 2)\n",
-        );
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_move_overwrites_existing_destination() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let original_path = tmp.path().join("old/name.txt");
-    let destination = tmp.path().join("renamed/dir/name.txt");
-    fs::create_dir_all(original_path.parent().expect("parent should exist"))?;
-    fs::create_dir_all(destination.parent().expect("parent should exist"))?;
-    fs::write(&original_path, "from\n")?;
-    fs::write(&destination, "existing\n")?;
-
-    run_apply_patch_in_dir(
-        tmp.path(),
-        "*** Begin Patch\n*** Update File: old/name.txt\n*** Move to: renamed/dir/name.txt\n@@\n-from\n+new\n*** End Patch",
-    )?
-    .success()
-    .stdout("Success. Updated the following files:\nM renamed/dir/name.txt\n");
-
-    assert!(!original_path.exists());
-    assert_eq!(fs::read_to_string(&destination)?, "new\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_add_overwrites_existing_file() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let path = tmp.path().join("duplicate.txt");
-    fs::write(&path, "old content\n")?;
-
-    run_apply_patch_in_dir(
-        tmp.path(),
-        "*** Begin Patch\n*** Add File: duplicate.txt\n+new content\n*** End Patch",
-    )?
-    .success()
-    .stdout("Success. Updated the following files:\nA duplicate.txt\n");
-
-    assert_eq!(fs::read_to_string(&path)?, "new content\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_delete_directory_fails() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    fs::create_dir(tmp.path().join("dir"))?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Delete File: dir\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr("Failed to delete file dir\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_rejects_invalid_hunk_header() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Frobnicate File: foo\n*** End Patch")
-        .assert()
-        .failure()
-        .stderr("Invalid patch hunk on line 2: '*** Frobnicate File: foo' is not a valid hunk header. Valid hunk headers: '*** Add File: {path}', '*** Delete File: {path}', '*** Update File: {path}'\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_updates_file_appends_trailing_newline() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let target_path = tmp.path().join("no_newline.txt");
-    fs::write(&target_path, "no newline at end")?;
-
-    run_apply_patch_in_dir(
-        tmp.path(),
-        "*** Begin Patch\n*** Update File: no_newline.txt\n@@\n-no newline at end\n+first line\n+second line\n*** End Patch",
-    )?
-    .success()
-    .stdout("Success. Updated the following files:\nM no_newline.txt\n");
-
-    let contents = fs::read_to_string(&target_path)?;
-    assert!(contents.ends_with('\n'));
-    assert_eq!(contents, "first line\nsecond line\n");
-
-    Ok(())
-}
-
-#[test]
-fn test_apply_patch_cli_failure_after_partial_success_leaves_changes() -> anyhow::Result<()> {
-    let tmp = tempdir()?;
-    let new_file = tmp.path().join("created.txt");
-
-    apply_patch_command(tmp.path())?
-        .arg("*** Begin Patch\n*** Add File: created.txt\n+hello\n*** Update File: missing.txt\n@@\n-old\n+new\n*** End Patch")
-        .assert()
-        .failure()
-        .stdout("")
-        .stderr("Failed to read file to update missing.txt: No such file or directory (os error 2)\n");
-
-    assert_eq!(fs::read_to_string(&new_file)?, "hello\n");
-
-    Ok(())
-}

codex-rs/chatgpt/src/chatgpt_token.rs

@@ -19,7 +19,7 @@ pub fn set_chatgpt_token_data(value: TokenData) {
 
 /// Initialize the ChatGPT token from auth.json file
 pub async fn init_chatgpt_token_from_auth(codex_home: &Path) -> std::io::Result<()> {
-    let auth = CodexAuth::from_auth_storage(codex_home)?;
+    let auth = CodexAuth::from_codex_home(codex_home)?;
     if let Some(auth) = auth {
         let token_data = auth.get_token_data().await?;
         set_chatgpt_token_data(token_data);

codex-rs/cli/src/login.rs

@@ -140,7 +140,7 @@ pub async fn run_login_with_device_code(
 pub async fn run_login_status(cli_config_overrides: CliConfigOverrides) -> ! {
     let config = load_config_or_exit(cli_config_overrides).await;
 
-    match CodexAuth::from_auth_storage(&config.codex_home) {
+    match CodexAuth::from_codex_home(&config.codex_home) {
         Ok(Some(auth)) => match auth.mode {
             AuthMode::ApiKey => match auth.get_token().await {
                 Ok(api_key) => {

codex-rs/cli/src/main.rs

@@ -29,7 +29,6 @@ mod mcp_cmd;
 use crate::mcp_cmd::McpCli;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
-use codex_core::features::is_known_feature_key;
 
 /// Codex CLI
 ///
@@ -287,25 +286,15 @@ struct FeatureToggles {
 }
 
 impl FeatureToggles {
-    fn to_overrides(&self) -> anyhow::Result<Vec<String>> {
+    fn to_overrides(&self) -> Vec<String> {
         let mut v = Vec::new();
-        for feature in &self.enable {
-            Self::validate_feature(feature)?;
-            v.push(format!("features.{feature}=true"));
+        for k in &self.enable {
+            v.push(format!("features.{k}=true"));
         }
-        for feature in &self.disable {
-            Self::validate_feature(feature)?;
-            v.push(format!("features.{feature}=false"));
-        }
-        Ok(v)
-    }
-
-    fn validate_feature(feature: &str) -> anyhow::Result<()> {
-        if is_known_feature_key(feature) {
-            Ok(())
-        } else {
-            anyhow::bail!("Unknown feature flag: {feature}")
+        for k in &self.disable {
+            v.push(format!("features.{k}=false"));
         }
+        v
     }
 }
 
@@ -356,8 +345,9 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
     } = MultitoolCli::parse();
 
     // Fold --enable/--disable into config overrides so they flow to all subcommands.
-    let toggle_overrides = feature_toggles.to_overrides()?;
-    root_config_overrides.raw_overrides.extend(toggle_overrides);
+    root_config_overrides
+        .raw_overrides
+        .extend(feature_toggles.to_overrides());
 
     match subcommand {
         None => {
@@ -615,7 +605,6 @@ mod tests {
     use assert_matches::assert_matches;
     use codex_core::protocol::TokenUsage;
     use codex_protocol::ConversationId;
-    use pretty_assertions::assert_eq;
 
     fn finalize_from_args(args: &[&str]) -> TuiCli {
         let cli = MultitoolCli::try_parse_from(args).expect("parse");
@@ -792,32 +781,4 @@ mod tests {
         assert!(!interactive.resume_last);
         assert_eq!(interactive.resume_session_id, None);
     }
-
-    #[test]
-    fn feature_toggles_known_features_generate_overrides() {
-        let toggles = FeatureToggles {
-            enable: vec!["web_search_request".to_string()],
-            disable: vec!["unified_exec".to_string()],
-        };
-        let overrides = toggles.to_overrides().expect("valid features");
-        assert_eq!(
-            overrides,
-            vec![
-                "features.web_search_request=true".to_string(),
-                "features.unified_exec=false".to_string(),
-            ]
-        );
-    }
-
-    #[test]
-    fn feature_toggles_unknown_feature_errors() {
-        let toggles = FeatureToggles {
-            enable: vec!["does_not_exist".to_string()],
-            disable: Vec::new(),
-        };
-        let err = toggles
-            .to_overrides()
-            .expect_err("feature should be rejected");
-        assert_eq!(err.to_string(), "Unknown feature flag: does_not_exist");
-    }
 }

codex-rs/cli/src/mcp_cmd.rs

@@ -274,33 +274,19 @@ async fn run_add(config_overrides: &CliConfigOverrides, add_args: AddArgs) -> Re
         http_headers,
         env_http_headers,
     } = transport
+        && matches!(supports_oauth_login(&url).await, Ok(true))
     {
-        match supports_oauth_login(&url).await {
-            Ok(true) => {
-                if !config.features.enabled(Feature::RmcpClient) {
-                    println!(
-                        "MCP server supports login. Add `experimental_use_rmcp_client = true` \
-                         to your config.toml and run `codex mcp login {name}` to login."
-                    );
-                } else {
-                    println!("Detected OAuth support. Starting OAuth flow…");
-                    perform_oauth_login(
-                        &name,
-                        &url,
-                        config.mcp_oauth_credentials_store_mode,
-                        http_headers.clone(),
-                        env_http_headers.clone(),
-                        &Vec::new(),
-                    )
-                    .await?;
-                    println!("Successfully logged in.");
-                }
-            }
-            Ok(false) => {}
-            Err(_) => println!(
-                "MCP server may or may not require login. Run `codex mcp login {name}` to login."
-            ),
-        }
+        println!("Detected OAuth support. Starting OAuth flow…");
+        perform_oauth_login(
+            &name,
+            &url,
+            config.mcp_oauth_credentials_store_mode,
+            http_headers.clone(),
+            env_http_headers.clone(),
+            &Vec::new(),
+        )
+        .await?;
+        println!("Successfully logged in.");
     }
 
     Ok(())
@@ -537,12 +523,10 @@ async fn run_list(config_overrides: &CliConfigOverrides, list_args: ListArgs) ->
                     .map(|entry| entry.auth_status)
                     .unwrap_or(McpAuthStatus::Unsupported)
                     .to_string();
-                let bearer_token_display =
-                    bearer_token_env_var.as_deref().unwrap_or("-").to_string();
                 http_rows.push([
                     name.clone(),
                     url.clone(),
-                    bearer_token_display,
+                    bearer_token_env_var.clone().unwrap_or("-".to_string()),
                     status,
                     auth_status,
                 ]);
@@ -768,15 +752,15 @@ async fn run_get(config_overrides: &CliConfigOverrides, get_args: GetArgs) -> Re
         } => {
             println!("  transport: streamable_http");
             println!("  url: {url}");
-            let bearer_token_display = bearer_token_env_var.as_deref().unwrap_or("-");
-            println!("  bearer_token_env_var: {bearer_token_display}");
+            let env_var = bearer_token_env_var.as_deref().unwrap_or("-");
+            println!("  bearer_token_env_var: {env_var}");
             let headers_display = match http_headers {
                 Some(map) if !map.is_empty() => {
                     let mut pairs: Vec<_> = map.iter().collect();
                     pairs.sort_by(|(a, _), (b, _)| a.cmp(b));
                     pairs
                         .into_iter()
-                        .map(|(k, _)| format!("{k}=*****"))
+                        .map(|(k, v)| format!("{k}={v}"))
                         .collect::<Vec<_>>()
                         .join(", ")
                 }
@@ -789,7 +773,7 @@ async fn run_get(config_overrides: &CliConfigOverrides, get_args: GetArgs) -> Re
                     pairs.sort_by(|(a, _), (b, _)| a.cmp(b));
                     pairs
                         .into_iter()
-                        .map(|(k, var)| format!("{k}={var}"))
+                        .map(|(k, v)| format!("{k}={v}"))
                         .collect::<Vec<_>>()
                         .join(", ")
                 }

codex-rs/cli/tests/mcp_list.rs

@@ -68,9 +68,9 @@ async fn list_and_get_render_expected_output() -> Result<()> {
     assert!(stdout.contains("Name"));
     assert!(stdout.contains("docs"));
     assert!(stdout.contains("docs-server"));
-    assert!(stdout.contains("TOKEN=*****"));
-    assert!(stdout.contains("APP_TOKEN=*****"));
-    assert!(stdout.contains("WORKSPACE_ID=*****"));
+    assert!(stdout.contains("TOKEN=secret"));
+    assert!(stdout.contains("APP_TOKEN=$APP_TOKEN"));
+    assert!(stdout.contains("WORKSPACE_ID=$WORKSPACE_ID"));
     assert!(stdout.contains("Status"));
     assert!(stdout.contains("Auth"));
     assert!(stdout.contains("enabled"));
@@ -119,9 +119,9 @@ async fn list_and_get_render_expected_output() -> Result<()> {
     assert!(stdout.contains("transport: stdio"));
     assert!(stdout.contains("command: docs-server"));
     assert!(stdout.contains("args: --port 4000"));
-    assert!(stdout.contains("env: TOKEN=*****"));
-    assert!(stdout.contains("APP_TOKEN=*****"));
-    assert!(stdout.contains("WORKSPACE_ID=*****"));
+    assert!(stdout.contains("env: TOKEN=secret"));
+    assert!(stdout.contains("APP_TOKEN=$APP_TOKEN"));
+    assert!(stdout.contains("WORKSPACE_ID=$WORKSPACE_ID"));
     assert!(stdout.contains("enabled: true"));
     assert!(stdout.contains("remove: codex mcp remove docs"));
 

codex-rs/common/src/format_env_display.rs

@@ -6,11 +6,15 @@ pub fn format_env_display(env: Option<&HashMap<String, String>>, env_vars: &[Str
     if let Some(map) = env {
         let mut pairs: Vec<_> = map.iter().collect();
         pairs.sort_by(|(a, _), (b, _)| a.cmp(b));
-        parts.extend(pairs.into_iter().map(|(key, _)| format!("{key}=*****")));
+        parts.extend(
+            pairs
+                .into_iter()
+                .map(|(key, value)| format!("{key}={value}")),
+        );
     }
 
     if !env_vars.is_empty() {
-        parts.extend(env_vars.iter().map(|var| format!("{var}=*****")));
+        parts.extend(env_vars.iter().map(|var| format!("{var}=${var}")));
     }
 
     if parts.is_empty() {
@@ -38,14 +42,14 @@ mod tests {
         env.insert("B".to_string(), "two".to_string());
         env.insert("A".to_string(), "one".to_string());
 
-        assert_eq!(format_env_display(Some(&env), &[]), "A=*****, B=*****");
+        assert_eq!(format_env_display(Some(&env), &[]), "A=one, B=two");
     }
 
     #[test]
     fn formats_env_vars_with_dollar_prefix() {
         let vars = vec!["TOKEN".to_string(), "PATH".to_string()];
 
-        assert_eq!(format_env_display(None, &vars), "TOKEN=*****, PATH=*****");
+        assert_eq!(format_env_display(None, &vars), "TOKEN=$TOKEN, PATH=$PATH");
     }
 
     #[test]
@@ -56,7 +60,7 @@ mod tests {
 
         assert_eq!(
             format_env_display(Some(&env), &vars),
-            "HOME=*****, TOKEN=*****"
+            "HOME=/tmp, TOKEN=$TOKEN"
         );
     }
 }

codex-rs/core/Cargo.toml

@@ -21,25 +21,19 @@ bytes = { workspace = true }
 chrono = { workspace = true, features = ["serde"] }
 codex-app-server-protocol = { workspace = true }
 codex-apply-patch = { workspace = true }
-codex-async-utils = { workspace = true }
 codex-file-search = { workspace = true }
-codex-git-tooling = { workspace = true }
-codex-keyring-store = { workspace = true }
 codex-otel = { workspace = true, features = ["otel"] }
 codex-protocol = { workspace = true }
 codex-rmcp-client = { workspace = true }
-codex-utils-pty = { workspace = true }
-codex-utils-readiness = { workspace = true }
+codex-async-utils = { workspace = true }
 codex-utils-string = { workspace = true }
-codex-utils-tokenizer = { workspace = true }
+codex-utils-pty = { workspace = true }
 dirs = { workspace = true }
 dunce = { workspace = true }
 env-flags = { workspace = true }
 eventsource-stream = { workspace = true }
 futures = { workspace = true }
-http = { workspace = true }
 indexmap = { workspace = true }
-keyring = { workspace = true }
 libc = { workspace = true }
 mcp-types = { workspace = true }
 os_info = { workspace = true }
@@ -49,7 +43,6 @@ reqwest = { workspace = true, features = ["json", "stream"] }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 sha1 = { workspace = true }
-sha2 = { workspace = true }
 shlex = { workspace = true }
 similar = { workspace = true }
 strum_macros = { workspace = true }
@@ -100,7 +93,6 @@ assert_cmd = { workspace = true }
 assert_matches = { workspace = true }
 core_test_support = { workspace = true }
 escargot = { workspace = true }
-image = { workspace = true, features = ["jpeg", "png"] }
 maplit = { workspace = true }
 predicates = { workspace = true }
 pretty_assertions = { workspace = true }

codex-rs/core/src/auth.rs

@@ -1,12 +1,16 @@
-mod storage;
-
+use chrono::DateTime;
 use chrono::Utc;
 use serde::Deserialize;
 use serde::Serialize;
 #[cfg(test)]
 use serial_test::serial;
 use std::env;
-use std::fmt::Debug;
+use std::fs::File;
+use std::fs::OpenOptions;
+use std::io::Read;
+use std::io::Write;
+#[cfg(unix)]
+use std::os::unix::fs::OpenOptionsExt;
 use std::path::Path;
 use std::path::PathBuf;
 use std::sync::Arc;
@@ -16,12 +20,7 @@ use std::time::Duration;
 use codex_app_server_protocol::AuthMode;
 use codex_protocol::config_types::ForcedLoginMethod;
 
-pub use crate::auth::storage::AuthCredentialsStoreMode;
-pub use crate::auth::storage::AuthDotJson;
-use crate::auth::storage::AuthStorageBackend;
-use crate::auth::storage::create_auth_storage;
 use crate::config::Config;
-use crate::default_client::CodexHttpClient;
 use crate::token_data::PlanType;
 use crate::token_data::TokenData;
 use crate::token_data::parse_id_token;
@@ -32,8 +31,8 @@ pub struct CodexAuth {
 
     pub(crate) api_key: Option<String>,
     pub(crate) auth_dot_json: Arc<Mutex<Option<AuthDotJson>>>,
-    storage: Arc<dyn AuthStorageBackend>,
-    pub(crate) client: CodexHttpClient,
+    pub(crate) auth_file: PathBuf,
+    pub(crate) client: reqwest::Client,
 }
 
 impl PartialEq for CodexAuth {
@@ -44,8 +43,6 @@ impl PartialEq for CodexAuth {
 
 impl CodexAuth {
     pub async fn refresh_token(&self) -> Result<String, std::io::Error> {
-        tracing::info!("Refreshing token");
-
         let token_data = self
             .get_current_token_data()
             .ok_or(std::io::Error::other("Token data is not available."))?;
@@ -56,7 +53,7 @@ impl CodexAuth {
             .map_err(std::io::Error::other)?;
 
         let updated = update_tokens(
-            &self.storage,
+            &self.auth_file,
             refresh_response.id_token,
             refresh_response.access_token,
             refresh_response.refresh_token,
@@ -78,8 +75,8 @@ impl CodexAuth {
         Ok(access)
     }
 
-    /// Loads the available auth information from auth storage.
-    pub fn from_auth_storage(codex_home: &Path) -> std::io::Result<Option<CodexAuth>> {
+    /// Loads the available auth information from the auth.json.
+    pub fn from_codex_home(codex_home: &Path) -> std::io::Result<Option<CodexAuth>> {
         load_auth(codex_home, false)
     }
 
@@ -103,7 +100,7 @@ impl CodexAuth {
                     .map_err(std::io::Error::other)?;
 
                     let updated_auth_dot_json = update_tokens(
-                        &self.storage,
+                        &self.auth_file,
                         refresh_response.id_token,
                         refresh_response.access_token,
                         refresh_response.refresh_token,
@@ -177,17 +174,17 @@ impl CodexAuth {
         Self {
             api_key: None,
             mode: AuthMode::ChatGPT,
-            storage: create_auth_storage(PathBuf::new(), AuthCredentialsStoreMode::File),
+            auth_file: PathBuf::new(),
             auth_dot_json,
             client: crate::default_client::create_client(),
         }
     }
 
-    fn from_api_key_with_client(api_key: &str, client: CodexHttpClient) -> Self {
+    fn from_api_key_with_client(api_key: &str, client: reqwest::Client) -> Self {
         Self {
             api_key: Some(api_key.to_owned()),
             mode: AuthMode::ApiKey,
-            storage: create_auth_storage(PathBuf::new(), AuthCredentialsStoreMode::File),
+            auth_file: PathBuf::new(),
             auth_dot_json: Arc::new(Mutex::new(None)),
             client,
         }
@@ -215,11 +212,19 @@ pub fn read_codex_api_key_from_env() -> Option<String> {
         .filter(|value| !value.is_empty())
 }
 
+pub fn get_auth_file(codex_home: &Path) -> PathBuf {
+    codex_home.join("auth.json")
+}
+
 /// Delete the auth.json file inside `codex_home` if it exists. Returns `Ok(true)`
 /// if a file was removed, `Ok(false)` if no auth file was present.
 pub fn logout(codex_home: &Path) -> std::io::Result<bool> {
-    let storage = create_auth_storage(codex_home.to_path_buf(), AuthCredentialsStoreMode::File);
-    storage.delete()
+    let auth_file = get_auth_file(codex_home);
+    match std::fs::remove_file(&auth_file) {
+        Ok(_) => Ok(true),
+        Err(err) if err.kind() == std::io::ErrorKind::NotFound => Ok(false),
+        Err(err) => Err(err),
+    }
 }
 
 /// Writes an `auth.json` that contains only the API key.
@@ -229,20 +234,7 @@ pub fn login_with_api_key(codex_home: &Path, api_key: &str) -> std::io::Result<(
         tokens: None,
         last_refresh: None,
     };
-    save_auth(codex_home, &auth_dot_json)
-}
-
-/// Persist the provided auth payload using the specified backend.
-pub fn save_auth(codex_home: &Path, auth: &AuthDotJson) -> std::io::Result<()> {
-    let storage = create_auth_storage(codex_home.to_path_buf(), AuthCredentialsStoreMode::File);
-    storage.save(auth)
-}
-
-/// Load CLI auth data using the configured credential store backend.
-/// Returns `None` when no credentials are stored.
-pub fn load_auth_dot_json(codex_home: &Path) -> std::io::Result<Option<AuthDotJson>> {
-    let storage = create_auth_storage(codex_home.to_path_buf(), AuthCredentialsStoreMode::File);
-    storage.load()
+    write_auth_json(&get_auth_file(codex_home), &auth_dot_json)
 }
 
 pub async fn enforce_login_restrictions(config: &Config) -> std::io::Result<()> {
@@ -325,12 +317,12 @@ fn load_auth(
         )));
     }
 
-    let storage = create_auth_storage(codex_home.to_path_buf(), AuthCredentialsStoreMode::File);
-
+    let auth_file = get_auth_file(codex_home);
     let client = crate::default_client::create_client();
-    let auth_dot_json = match storage.load()? {
-        Some(auth) => auth,
-        None => return Ok(None),
+    let auth_dot_json = match try_read_auth_json(&auth_file) {
+        Ok(auth) => auth,
+        Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(None),
+        Err(err) => return Err(err),
     };
 
     let AuthDotJson {
@@ -347,7 +339,7 @@ fn load_auth(
     Ok(Some(CodexAuth {
         api_key: None,
         mode: AuthMode::ChatGPT,
-        storage: storage.clone(),
+        auth_file,
         auth_dot_json: Arc::new(Mutex::new(Some(AuthDotJson {
             openai_api_key: None,
             tokens,
@@ -357,20 +349,44 @@ fn load_auth(
     }))
 }
 
+/// Attempt to read and refresh the `auth.json` file in the given `CODEX_HOME` directory.
+/// Returns the full AuthDotJson structure after refreshing if necessary.
+pub fn try_read_auth_json(auth_file: &Path) -> std::io::Result<AuthDotJson> {
+    let mut file = File::open(auth_file)?;
+    let mut contents = String::new();
+    file.read_to_string(&mut contents)?;
+    let auth_dot_json: AuthDotJson = serde_json::from_str(&contents)?;
+
+    Ok(auth_dot_json)
+}
+
+pub fn write_auth_json(auth_file: &Path, auth_dot_json: &AuthDotJson) -> std::io::Result<()> {
+    if let Some(parent) = auth_file.parent() {
+        std::fs::create_dir_all(parent)?;
+    }
+    let json_data = serde_json::to_string_pretty(auth_dot_json)?;
+    let mut options = OpenOptions::new();
+    options.truncate(true).write(true).create(true);
+    #[cfg(unix)]
+    {
+        options.mode(0o600);
+    }
+    let mut file = options.open(auth_file)?;
+    file.write_all(json_data.as_bytes())?;
+    file.flush()?;
+    Ok(())
+}
+
 async fn update_tokens(
-    storage: &Arc<dyn AuthStorageBackend>,
-    id_token: Option<String>,
+    auth_file: &Path,
+    id_token: String,
     access_token: Option<String>,
     refresh_token: Option<String>,
 ) -> std::io::Result<AuthDotJson> {
-    let mut auth_dot_json = storage
-        .load()?
-        .ok_or(std::io::Error::other("Token data is not available."))?;
+    let mut auth_dot_json = try_read_auth_json(auth_file)?;
 
     let tokens = auth_dot_json.tokens.get_or_insert_with(TokenData::default);
-    if let Some(id_token) = id_token {
-        tokens.id_token = parse_id_token(&id_token).map_err(std::io::Error::other)?;
-    }
+    tokens.id_token = parse_id_token(&id_token).map_err(std::io::Error::other)?;
     if let Some(access_token) = access_token {
         tokens.access_token = access_token;
     }
@@ -378,13 +394,13 @@ async fn update_tokens(
         tokens.refresh_token = refresh_token;
     }
     auth_dot_json.last_refresh = Some(Utc::now());
-    storage.save(&auth_dot_json)?;
+    write_auth_json(auth_file, &auth_dot_json)?;
     Ok(auth_dot_json)
 }
 
 async fn try_refresh_token(
     refresh_token: String,
-    client: &CodexHttpClient,
+    client: &reqwest::Client,
 ) -> std::io::Result<RefreshResponse> {
     let refresh_request = RefreshRequest {
         client_id: CLIENT_ID,
@@ -426,11 +442,24 @@ struct RefreshRequest {
 
 #[derive(Deserialize, Clone)]
 struct RefreshResponse {
-    id_token: Option<String>,
+    id_token: String,
     access_token: Option<String>,
     refresh_token: Option<String>,
 }
 
+/// Expected structure for $CODEX_HOME/auth.json.
+#[derive(Deserialize, Serialize, Clone, Debug, PartialEq)]
+pub struct AuthDotJson {
+    #[serde(rename = "OPENAI_API_KEY")]
+    pub openai_api_key: Option<String>,
+
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub tokens: Option<TokenData>,
+
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub last_refresh: Option<DateTime<Utc>>,
+}
+
 // Shared constant for token refresh (client id used for oauth token refresh flow)
 pub const CLIENT_ID: &str = "app_EMoamEEZ73f0CkXaXp7hrann";
 
@@ -445,15 +474,12 @@ struct CachedAuth {
 #[cfg(test)]
 mod tests {
     use super::*;
-    use crate::auth::storage::FileAuthStorage;
-    use crate::auth::storage::get_auth_file;
     use crate::config::Config;
     use crate::config::ConfigOverrides;
     use crate::config::ConfigToml;
     use crate::token_data::IdTokenInfo;
     use crate::token_data::KnownPlan;
     use crate::token_data::PlanType;
-
     use base64::Engine;
     use codex_protocol::config_types::ForcedLoginMethod;
     use pretty_assertions::assert_eq;
@@ -462,9 +488,9 @@ mod tests {
     use tempfile::tempdir;
 
     #[tokio::test]
-    async fn refresh_without_id_token() {
+    async fn roundtrip_auth_dot_json() {
         let codex_home = tempdir().unwrap();
-        let fake_jwt = write_auth_file(
+        let _ = write_auth_file(
             AuthFileParams {
                 openai_api_key: None,
                 chatgpt_plan_type: "pro".to_string(),
@@ -474,23 +500,12 @@ mod tests {
         )
         .expect("failed to write auth file");
 
-        let storage = create_auth_storage(
-            codex_home.path().to_path_buf(),
-            AuthCredentialsStoreMode::File,
-        );
-        let updated = super::update_tokens(
-            &storage,
-            None,
-            Some("new-access-token".to_string()),
-            Some("new-refresh-token".to_string()),
-        )
-        .await
-        .expect("update_tokens should succeed");
+        let file = get_auth_file(codex_home.path());
+        let auth_dot_json = try_read_auth_json(&file).unwrap();
+        write_auth_json(&file, &auth_dot_json).unwrap();
 
-        let tokens = updated.tokens.expect("tokens should exist");
-        assert_eq!(tokens.id_token.raw_jwt, fake_jwt);
-        assert_eq!(tokens.access_token, "new-access-token");
-        assert_eq!(tokens.refresh_token, "new-refresh-token");
+        let same_auth_dot_json = try_read_auth_json(&file).unwrap();
+        assert_eq!(auth_dot_json, same_auth_dot_json);
     }
 
     #[test]
@@ -514,10 +529,7 @@ mod tests {
 
         super::login_with_api_key(dir.path(), "sk-new").expect("login_with_api_key should succeed");
 
-        let storage = FileAuthStorage::new(dir.path().to_path_buf());
-        let auth = storage
-            .try_read_auth_json(&auth_path)
-            .expect("auth.json should parse");
+        let auth = super::try_read_auth_json(&auth_path).expect("auth.json should parse");
         assert_eq!(auth.openai_api_key.as_deref(), Some("sk-new"));
         assert!(auth.tokens.is_none(), "tokens should be cleared");
     }
@@ -525,7 +537,7 @@ mod tests {
     #[test]
     fn missing_auth_json_returns_none() {
         let dir = tempdir().unwrap();
-        let auth = CodexAuth::from_auth_storage(dir.path()).expect("call should succeed");
+        let auth = CodexAuth::from_codex_home(dir.path()).expect("call should succeed");
         assert_eq!(auth, None);
     }
 
@@ -547,7 +559,7 @@ mod tests {
             api_key,
             mode,
             auth_dot_json,
-            storage: _,
+            auth_file: _,
             ..
         } = super::load_auth(codex_home.path(), false).unwrap().unwrap();
         assert_eq!(None, api_key);
@@ -605,11 +617,11 @@ mod tests {
             tokens: None,
             last_refresh: None,
         };
-        super::save_auth(dir.path(), &auth_dot_json)?;
-        let auth_file = get_auth_file(dir.path());
-        assert!(auth_file.exists());
-        assert!(logout(dir.path())?);
-        assert!(!auth_file.exists());
+        write_auth_json(&get_auth_file(dir.path()), &auth_dot_json)?;
+        assert!(dir.path().join("auth.json").exists());
+        let removed = logout(dir.path())?;
+        assert!(removed);
+        assert!(!dir.path().join("auth.json").exists());
         Ok(())
     }
 
@@ -904,10 +916,7 @@ impl AuthManager {
                 self.reload();
                 Ok(Some(token))
             }
-            Err(e) => {
-                tracing::error!("Failed to refresh token: {}", e);
-                Err(e)
-            }
+            Err(e) => Err(e),
         }
     }
 

codex-rs/core/src/auth/storage.rs

@@ -1,672 +0,0 @@
-use chrono::DateTime;
-use chrono::Utc;
-use serde::Deserialize;
-use serde::Serialize;
-use sha2::Digest;
-use sha2::Sha256;
-use std::fmt::Debug;
-use std::fs::File;
-use std::fs::OpenOptions;
-use std::io::Read;
-use std::io::Write;
-#[cfg(unix)]
-use std::os::unix::fs::OpenOptionsExt;
-use std::path::Path;
-use std::path::PathBuf;
-use std::sync::Arc;
-use tracing::warn;
-
-use crate::token_data::TokenData;
-use codex_keyring_store::DefaultKeyringStore;
-use codex_keyring_store::KeyringStore;
-
-/// Determine where Codex should store CLI auth credentials.
-#[derive(Debug, Default, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
-#[serde(rename_all = "lowercase")]
-pub enum AuthCredentialsStoreMode {
-    #[default]
-    /// Persist credentials in CODEX_HOME/auth.json.
-    File,
-    /// Persist credentials in the keyring. Fail if unavailable.
-    Keyring,
-    /// Use keyring when available; otherwise, fall back to a file in CODEX_HOME.
-    Auto,
-}
-
-/// Expected structure for $CODEX_HOME/auth.json.
-#[derive(Deserialize, Serialize, Clone, Debug, PartialEq)]
-pub struct AuthDotJson {
-    #[serde(rename = "OPENAI_API_KEY")]
-    pub openai_api_key: Option<String>,
-
-    #[serde(default, skip_serializing_if = "Option::is_none")]
-    pub tokens: Option<TokenData>,
-
-    #[serde(default, skip_serializing_if = "Option::is_none")]
-    pub last_refresh: Option<DateTime<Utc>>,
-}
-
-pub(super) fn get_auth_file(codex_home: &Path) -> PathBuf {
-    codex_home.join("auth.json")
-}
-
-pub(super) fn delete_file_if_exists(codex_home: &Path) -> std::io::Result<bool> {
-    let auth_file = get_auth_file(codex_home);
-    match std::fs::remove_file(&auth_file) {
-        Ok(()) => Ok(true),
-        Err(err) if err.kind() == std::io::ErrorKind::NotFound => Ok(false),
-        Err(err) => Err(err),
-    }
-}
-
-pub(super) trait AuthStorageBackend: Debug + Send + Sync {
-    fn load(&self) -> std::io::Result<Option<AuthDotJson>>;
-    fn save(&self, auth: &AuthDotJson) -> std::io::Result<()>;
-    fn delete(&self) -> std::io::Result<bool>;
-}
-
-#[derive(Clone, Debug)]
-pub(super) struct FileAuthStorage {
-    codex_home: PathBuf,
-}
-
-impl FileAuthStorage {
-    pub(super) fn new(codex_home: PathBuf) -> Self {
-        Self { codex_home }
-    }
-
-    /// Attempt to read and refresh the `auth.json` file in the given `CODEX_HOME` directory.
-    /// Returns the full AuthDotJson structure after refreshing if necessary.
-    pub(super) fn try_read_auth_json(&self, auth_file: &Path) -> std::io::Result<AuthDotJson> {
-        let mut file = File::open(auth_file)?;
-        let mut contents = String::new();
-        file.read_to_string(&mut contents)?;
-        let auth_dot_json: AuthDotJson = serde_json::from_str(&contents)?;
-
-        Ok(auth_dot_json)
-    }
-}
-
-impl AuthStorageBackend for FileAuthStorage {
-    fn load(&self) -> std::io::Result<Option<AuthDotJson>> {
-        let auth_file = get_auth_file(&self.codex_home);
-        let auth_dot_json = match self.try_read_auth_json(&auth_file) {
-            Ok(auth) => auth,
-            Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(None),
-            Err(err) => return Err(err),
-        };
-        Ok(Some(auth_dot_json))
-    }
-
-    fn save(&self, auth_dot_json: &AuthDotJson) -> std::io::Result<()> {
-        let auth_file = get_auth_file(&self.codex_home);
-
-        if let Some(parent) = auth_file.parent() {
-            std::fs::create_dir_all(parent)?;
-        }
-        let json_data = serde_json::to_string_pretty(auth_dot_json)?;
-        let mut options = OpenOptions::new();
-        options.truncate(true).write(true).create(true);
-        #[cfg(unix)]
-        {
-            options.mode(0o600);
-        }
-        let mut file = options.open(auth_file)?;
-        file.write_all(json_data.as_bytes())?;
-        file.flush()?;
-        Ok(())
-    }
-
-    fn delete(&self) -> std::io::Result<bool> {
-        delete_file_if_exists(&self.codex_home)
-    }
-}
-
-const KEYRING_SERVICE: &str = "Codex Auth";
-
-// turns codex_home path into a stable, short key string
-fn compute_store_key(codex_home: &Path) -> std::io::Result<String> {
-    let canonical = codex_home
-        .canonicalize()
-        .unwrap_or_else(|_| codex_home.to_path_buf());
-    let path_str = canonical.to_string_lossy();
-    let mut hasher = Sha256::new();
-    hasher.update(path_str.as_bytes());
-    let digest = hasher.finalize();
-    let hex = format!("{digest:x}");
-    let truncated = hex.get(..16).unwrap_or(&hex);
-    Ok(format!("cli|{truncated}"))
-}
-
-#[derive(Clone, Debug)]
-struct KeyringAuthStorage {
-    codex_home: PathBuf,
-    keyring_store: Arc<dyn KeyringStore>,
-}
-
-impl KeyringAuthStorage {
-    fn new(codex_home: PathBuf, keyring_store: Arc<dyn KeyringStore>) -> Self {
-        Self {
-            codex_home,
-            keyring_store,
-        }
-    }
-
-    fn load_from_keyring(&self, key: &str) -> std::io::Result<Option<AuthDotJson>> {
-        match self.keyring_store.load(KEYRING_SERVICE, key) {
-            Ok(Some(serialized)) => serde_json::from_str(&serialized).map(Some).map_err(|err| {
-                std::io::Error::other(format!(
-                    "failed to deserialize CLI auth from keyring: {err}"
-                ))
-            }),
-            Ok(None) => Ok(None),
-            Err(error) => Err(std::io::Error::other(format!(
-                "failed to load CLI auth from keyring: {}",
-                error.message()
-            ))),
-        }
-    }
-
-    fn save_to_keyring(&self, key: &str, value: &str) -> std::io::Result<()> {
-        match self.keyring_store.save(KEYRING_SERVICE, key, value) {
-            Ok(()) => Ok(()),
-            Err(error) => {
-                let message = format!(
-                    "failed to write OAuth tokens to keyring: {}",
-                    error.message()
-                );
-                warn!("{message}");
-                Err(std::io::Error::other(message))
-            }
-        }
-    }
-}
-
-impl AuthStorageBackend for KeyringAuthStorage {
-    fn load(&self) -> std::io::Result<Option<AuthDotJson>> {
-        let key = compute_store_key(&self.codex_home)?;
-        self.load_from_keyring(&key)
-    }
-
-    fn save(&self, auth: &AuthDotJson) -> std::io::Result<()> {
-        let key = compute_store_key(&self.codex_home)?;
-        // Simpler error mapping per style: prefer method reference over closure
-        let serialized = serde_json::to_string(auth).map_err(std::io::Error::other)?;
-        self.save_to_keyring(&key, &serialized)?;
-        if let Err(err) = delete_file_if_exists(&self.codex_home) {
-            warn!("failed to remove CLI auth fallback file: {err}");
-        }
-        Ok(())
-    }
-
-    fn delete(&self) -> std::io::Result<bool> {
-        let key = compute_store_key(&self.codex_home)?;
-        let keyring_removed = self
-            .keyring_store
-            .delete(KEYRING_SERVICE, &key)
-            .map_err(|err| {
-                std::io::Error::other(format!("failed to delete auth from keyring: {err}"))
-            })?;
-        let file_removed = delete_file_if_exists(&self.codex_home)?;
-        Ok(keyring_removed || file_removed)
-    }
-}
-
-#[derive(Clone, Debug)]
-struct AutoAuthStorage {
-    keyring_storage: Arc<KeyringAuthStorage>,
-    file_storage: Arc<FileAuthStorage>,
-}
-
-impl AutoAuthStorage {
-    fn new(codex_home: PathBuf, keyring_store: Arc<dyn KeyringStore>) -> Self {
-        Self {
-            keyring_storage: Arc::new(KeyringAuthStorage::new(codex_home.clone(), keyring_store)),
-            file_storage: Arc::new(FileAuthStorage::new(codex_home)),
-        }
-    }
-}
-
-impl AuthStorageBackend for AutoAuthStorage {
-    fn load(&self) -> std::io::Result<Option<AuthDotJson>> {
-        match self.keyring_storage.load() {
-            Ok(Some(auth)) => Ok(Some(auth)),
-            Ok(None) => self.file_storage.load(),
-            Err(err) => {
-                warn!("failed to load CLI auth from keyring, falling back to file storage: {err}");
-                self.file_storage.load()
-            }
-        }
-    }
-
-    fn save(&self, auth: &AuthDotJson) -> std::io::Result<()> {
-        match self.keyring_storage.save(auth) {
-            Ok(()) => Ok(()),
-            Err(err) => {
-                warn!("failed to save auth to keyring, falling back to file storage: {err}");
-                self.file_storage.save(auth)
-            }
-        }
-    }
-
-    fn delete(&self) -> std::io::Result<bool> {
-        // Keyring storage will delete from disk as well
-        self.keyring_storage.delete()
-    }
-}
-
-pub(super) fn create_auth_storage(
-    codex_home: PathBuf,
-    mode: AuthCredentialsStoreMode,
-) -> Arc<dyn AuthStorageBackend> {
-    let keyring_store: Arc<dyn KeyringStore> = Arc::new(DefaultKeyringStore);
-    create_auth_storage_with_keyring_store(codex_home, mode, keyring_store)
-}
-
-fn create_auth_storage_with_keyring_store(
-    codex_home: PathBuf,
-    mode: AuthCredentialsStoreMode,
-    keyring_store: Arc<dyn KeyringStore>,
-) -> Arc<dyn AuthStorageBackend> {
-    match mode {
-        AuthCredentialsStoreMode::File => Arc::new(FileAuthStorage::new(codex_home)),
-        AuthCredentialsStoreMode::Keyring => {
-            Arc::new(KeyringAuthStorage::new(codex_home, keyring_store))
-        }
-        AuthCredentialsStoreMode::Auto => Arc::new(AutoAuthStorage::new(codex_home, keyring_store)),
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use crate::token_data::IdTokenInfo;
-    use anyhow::Context;
-    use base64::Engine;
-    use pretty_assertions::assert_eq;
-    use serde_json::json;
-    use tempfile::tempdir;
-
-    use codex_keyring_store::tests::MockKeyringStore;
-    use keyring::Error as KeyringError;
-
-    #[tokio::test]
-    async fn file_storage_load_returns_auth_dot_json() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let storage = FileAuthStorage::new(codex_home.path().to_path_buf());
-        let auth_dot_json = AuthDotJson {
-            openai_api_key: Some("test-key".to_string()),
-            tokens: None,
-            last_refresh: Some(Utc::now()),
-        };
-
-        storage
-            .save(&auth_dot_json)
-            .context("failed to save auth file")?;
-
-        let loaded = storage.load().context("failed to load auth file")?;
-        assert_eq!(Some(auth_dot_json), loaded);
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn file_storage_save_persists_auth_dot_json() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let storage = FileAuthStorage::new(codex_home.path().to_path_buf());
-        let auth_dot_json = AuthDotJson {
-            openai_api_key: Some("test-key".to_string()),
-            tokens: None,
-            last_refresh: Some(Utc::now()),
-        };
-
-        let file = get_auth_file(codex_home.path());
-        storage
-            .save(&auth_dot_json)
-            .context("failed to save auth file")?;
-
-        let same_auth_dot_json = storage
-            .try_read_auth_json(&file)
-            .context("failed to read auth file after save")?;
-        assert_eq!(auth_dot_json, same_auth_dot_json);
-        Ok(())
-    }
-
-    #[test]
-    fn file_storage_delete_removes_auth_file() -> anyhow::Result<()> {
-        let dir = tempdir()?;
-        let auth_dot_json = AuthDotJson {
-            openai_api_key: Some("sk-test-key".to_string()),
-            tokens: None,
-            last_refresh: None,
-        };
-        let storage = create_auth_storage(dir.path().to_path_buf(), AuthCredentialsStoreMode::File);
-        storage.save(&auth_dot_json)?;
-        assert!(dir.path().join("auth.json").exists());
-        let storage = FileAuthStorage::new(dir.path().to_path_buf());
-        let removed = storage.delete()?;
-        assert!(removed);
-        assert!(!dir.path().join("auth.json").exists());
-        Ok(())
-    }
-
-    fn seed_keyring_and_fallback_auth_file_for_delete<F>(
-        mock_keyring: &MockKeyringStore,
-        codex_home: &Path,
-        compute_key: F,
-    ) -> anyhow::Result<(String, PathBuf)>
-    where
-        F: FnOnce() -> std::io::Result<String>,
-    {
-        let key = compute_key()?;
-        mock_keyring.save(KEYRING_SERVICE, &key, "{}")?;
-        let auth_file = get_auth_file(codex_home);
-        std::fs::write(&auth_file, "stale")?;
-        Ok((key, auth_file))
-    }
-
-    fn seed_keyring_with_auth<F>(
-        mock_keyring: &MockKeyringStore,
-        compute_key: F,
-        auth: &AuthDotJson,
-    ) -> anyhow::Result<()>
-    where
-        F: FnOnce() -> std::io::Result<String>,
-    {
-        let key = compute_key()?;
-        let serialized = serde_json::to_string(auth)?;
-        mock_keyring.save(KEYRING_SERVICE, &key, &serialized)?;
-        Ok(())
-    }
-
-    fn assert_keyring_saved_auth_and_removed_fallback(
-        mock_keyring: &MockKeyringStore,
-        key: &str,
-        codex_home: &Path,
-        expected: &AuthDotJson,
-    ) {
-        let saved_value = mock_keyring
-            .saved_value(key)
-            .expect("keyring entry should exist");
-        let expected_serialized = serde_json::to_string(expected).expect("serialize expected auth");
-        assert_eq!(saved_value, expected_serialized);
-        let auth_file = get_auth_file(codex_home);
-        assert!(
-            !auth_file.exists(),
-            "fallback auth.json should be removed after keyring save"
-        );
-    }
-
-    fn id_token_with_prefix(prefix: &str) -> IdTokenInfo {
-        #[derive(Serialize)]
-        struct Header {
-            alg: &'static str,
-            typ: &'static str,
-        }
-
-        let header = Header {
-            alg: "none",
-            typ: "JWT",
-        };
-        let payload = json!({
-            "email": format!("{prefix}@example.com"),
-            "https://api.openai.com/auth": {
-                "chatgpt_account_id": format!("{prefix}-account"),
-            },
-        });
-        let encode = |bytes: &[u8]| base64::engine::general_purpose::URL_SAFE_NO_PAD.encode(bytes);
-        let header_b64 = encode(&serde_json::to_vec(&header).expect("serialize header"));
-        let payload_b64 = encode(&serde_json::to_vec(&payload).expect("serialize payload"));
-        let signature_b64 = encode(b"sig");
-        let fake_jwt = format!("{header_b64}.{payload_b64}.{signature_b64}");
-
-        crate::token_data::parse_id_token(&fake_jwt).expect("fake JWT should parse")
-    }
-
-    fn auth_with_prefix(prefix: &str) -> AuthDotJson {
-        AuthDotJson {
-            openai_api_key: Some(format!("{prefix}-api-key")),
-            tokens: Some(TokenData {
-                id_token: id_token_with_prefix(prefix),
-                access_token: format!("{prefix}-access"),
-                refresh_token: format!("{prefix}-refresh"),
-                account_id: Some(format!("{prefix}-account-id")),
-            }),
-            last_refresh: None,
-        }
-    }
-
-    #[test]
-    fn keyring_auth_storage_load_returns_deserialized_auth() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = KeyringAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let expected = AuthDotJson {
-            openai_api_key: Some("sk-test".to_string()),
-            tokens: None,
-            last_refresh: None,
-        };
-        seed_keyring_with_auth(
-            &mock_keyring,
-            || compute_store_key(codex_home.path()),
-            &expected,
-        )?;
-
-        let loaded = storage.load()?;
-        assert_eq!(Some(expected), loaded);
-        Ok(())
-    }
-
-    #[test]
-    fn keyring_auth_storage_compute_store_key_for_home_directory() -> anyhow::Result<()> {
-        let codex_home = PathBuf::from("~/.codex");
-
-        let key = compute_store_key(codex_home.as_path())?;
-
-        assert_eq!(key, "cli|940db7b1d0e4eb40");
-        Ok(())
-    }
-
-    #[test]
-    fn keyring_auth_storage_save_persists_and_removes_fallback_file() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = KeyringAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let auth_file = get_auth_file(codex_home.path());
-        std::fs::write(&auth_file, "stale")?;
-        let auth = AuthDotJson {
-            openai_api_key: None,
-            tokens: Some(TokenData {
-                id_token: Default::default(),
-                access_token: "access".to_string(),
-                refresh_token: "refresh".to_string(),
-                account_id: Some("account".to_string()),
-            }),
-            last_refresh: Some(Utc::now()),
-        };
-
-        storage.save(&auth)?;
-
-        let key = compute_store_key(codex_home.path())?;
-        assert_keyring_saved_auth_and_removed_fallback(
-            &mock_keyring,
-            &key,
-            codex_home.path(),
-            &auth,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn keyring_auth_storage_delete_removes_keyring_and_file() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = KeyringAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let (key, auth_file) = seed_keyring_and_fallback_auth_file_for_delete(
-            &mock_keyring,
-            codex_home.path(),
-            || compute_store_key(codex_home.path()),
-        )?;
-
-        let removed = storage.delete()?;
-
-        assert!(removed, "delete should report removal");
-        assert!(
-            !mock_keyring.contains(&key),
-            "keyring entry should be removed"
-        );
-        assert!(
-            !auth_file.exists(),
-            "fallback auth.json should be removed after keyring delete"
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn auto_auth_storage_load_prefers_keyring_value() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = AutoAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let keyring_auth = auth_with_prefix("keyring");
-        seed_keyring_with_auth(
-            &mock_keyring,
-            || compute_store_key(codex_home.path()),
-            &keyring_auth,
-        )?;
-
-        let file_auth = auth_with_prefix("file");
-        storage.file_storage.save(&file_auth)?;
-
-        let loaded = storage.load()?;
-        assert_eq!(loaded, Some(keyring_auth));
-        Ok(())
-    }
-
-    #[test]
-    fn auto_auth_storage_load_uses_file_when_keyring_empty() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = AutoAuthStorage::new(codex_home.path().to_path_buf(), Arc::new(mock_keyring));
-
-        let expected = auth_with_prefix("file-only");
-        storage.file_storage.save(&expected)?;
-
-        let loaded = storage.load()?;
-        assert_eq!(loaded, Some(expected));
-        Ok(())
-    }
-
-    #[test]
-    fn auto_auth_storage_load_falls_back_when_keyring_errors() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = AutoAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let key = compute_store_key(codex_home.path())?;
-        mock_keyring.set_error(&key, KeyringError::Invalid("error".into(), "load".into()));
-
-        let expected = auth_with_prefix("fallback");
-        storage.file_storage.save(&expected)?;
-
-        let loaded = storage.load()?;
-        assert_eq!(loaded, Some(expected));
-        Ok(())
-    }
-
-    #[test]
-    fn auto_auth_storage_save_prefers_keyring() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = AutoAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let key = compute_store_key(codex_home.path())?;
-
-        let stale = auth_with_prefix("stale");
-        storage.file_storage.save(&stale)?;
-
-        let expected = auth_with_prefix("to-save");
-        storage.save(&expected)?;
-
-        assert_keyring_saved_auth_and_removed_fallback(
-            &mock_keyring,
-            &key,
-            codex_home.path(),
-            &expected,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn auto_auth_storage_save_falls_back_when_keyring_errors() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = AutoAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let key = compute_store_key(codex_home.path())?;
-        mock_keyring.set_error(&key, KeyringError::Invalid("error".into(), "save".into()));
-
-        let auth = auth_with_prefix("fallback");
-        storage.save(&auth)?;
-
-        let auth_file = get_auth_file(codex_home.path());
-        assert!(
-            auth_file.exists(),
-            "fallback auth.json should be created when keyring save fails"
-        );
-        let saved = storage
-            .file_storage
-            .load()?
-            .context("fallback auth should exist")?;
-        assert_eq!(saved, auth);
-        assert!(
-            mock_keyring.saved_value(&key).is_none(),
-            "keyring should not contain value when save fails"
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn auto_auth_storage_delete_removes_keyring_and_file() -> anyhow::Result<()> {
-        let codex_home = tempdir()?;
-        let mock_keyring = MockKeyringStore::default();
-        let storage = AutoAuthStorage::new(
-            codex_home.path().to_path_buf(),
-            Arc::new(mock_keyring.clone()),
-        );
-        let (key, auth_file) = seed_keyring_and_fallback_auth_file_for_delete(
-            &mock_keyring,
-            codex_home.path(),
-            || compute_store_key(codex_home.path()),
-        )?;
-
-        let removed = storage.delete()?;
-
-        assert!(removed, "delete should report removal");
-        assert!(
-            !mock_keyring.contains(&key),
-            "keyring entry should be removed"
-        );
-        assert!(
-            !auth_file.exists(),
-            "fallback auth.json should be removed after delete"
-        );
-        Ok(())
-    }
-}

codex-rs/core/src/chat_completions.rs

@@ -1,11 +1,9 @@
-use std::sync::Arc;
 use std::time::Duration;
 
 use crate::ModelProviderInfo;
 use crate::client_common::Prompt;
 use crate::client_common::ResponseEvent;
 use crate::client_common::ResponseStream;
-use crate::default_client::CodexHttpClient;
 use crate::error::CodexErr;
 use crate::error::ConnectionFailedError;
 use crate::error::ResponseStreamFailed;
@@ -13,16 +11,13 @@ use crate::error::Result;
 use crate::error::RetryLimitReachedError;
 use crate::error::UnexpectedResponseError;
 use crate::model_family::ModelFamily;
-use crate::protocol::TokenUsage;
 use crate::tools::spec::create_tools_json_for_chat_completions_api;
 use crate::util::backoff;
 use bytes::Bytes;
 use codex_otel::otel_event_manager::OtelEventManager;
 use codex_protocol::models::ContentItem;
-use codex_protocol::models::FunctionCallOutputContentItem;
 use codex_protocol::models::ReasoningItemContent;
 use codex_protocol::models::ResponseItem;
-use codex_utils_tokenizer::Tokenizer;
 use eventsource_stream::Eventsource;
 use futures::Stream;
 use futures::StreamExt;
@@ -37,107 +32,11 @@ use tokio::time::timeout;
 use tracing::debug;
 use tracing::trace;
 
-struct ChatUsageHeuristic {
-    tokenizer: Arc<Tokenizer>,
-    input_tokens: i64,
-    output_tokens: i64,
-    reasoning_tokens: i64,
-}
-
-impl ChatUsageHeuristic {
-    fn new(model: &str, messages: &[serde_json::Value]) -> Option<Self> {
-        let tokenizer = match Tokenizer::for_model(model) {
-            Ok(tok) => tok,
-            Err(err) => {
-                debug!(
-                    "failed to build tokenizer for model {model}; falling back to default: {err:?}"
-                );
-                match Tokenizer::try_default() {
-                    Ok(tok) => tok,
-                    Err(fallback_err) => {
-                        debug!(
-                            "failed to fall back to default tokenizer for model {model}: {fallback_err:?}"
-                        );
-                        return None;
-                    }
-                }
-            }
-        };
-
-        let tokenizer = Arc::new(tokenizer);
-        let mut input_tokens =
-            4_i64.saturating_mul(i64::try_from(messages.len()).unwrap_or(i64::MAX));
-
-        for message in messages {
-            input_tokens =
-                input_tokens.saturating_add(Self::count_value_tokens(tokenizer.as_ref(), message));
-
-            if let Some(tool_calls) = message.get("tool_calls").and_then(|v| v.as_array()) {
-                input_tokens = input_tokens.saturating_add(
-                    8_i64.saturating_mul(i64::try_from(tool_calls.len()).unwrap_or(i64::MAX)),
-                );
-            }
-        }
-
-        Some(Self {
-            tokenizer,
-            input_tokens,
-            output_tokens: 0,
-            reasoning_tokens: 0,
-        })
-    }
-
-    fn record_output(&mut self, text: &str) {
-        if text.is_empty() {
-            return;
-        }
-        self.output_tokens = self
-            .output_tokens
-            .saturating_add(self.tokenizer.count(text));
-    }
-
-    fn record_reasoning(&mut self, text: &str) {
-        if text.is_empty() {
-            return;
-        }
-        self.reasoning_tokens = self
-            .reasoning_tokens
-            .saturating_add(self.tokenizer.count(text));
-    }
-
-    fn to_usage(&self) -> TokenUsage {
-        let total = self
-            .input_tokens
-            .saturating_add(self.output_tokens)
-            .saturating_add(self.reasoning_tokens);
-        TokenUsage {
-            input_tokens: self.input_tokens,
-            cached_input_tokens: 0,
-            output_tokens: self.output_tokens,
-            reasoning_output_tokens: self.reasoning_tokens,
-            total_tokens: total,
-        }
-    }
-
-    fn count_value_tokens(tokenizer: &Tokenizer, value: &serde_json::Value) -> i64 {
-        match value {
-            serde_json::Value::String(s) => tokenizer.count(s),
-            serde_json::Value::Array(items) => items.iter().fold(0_i64, |acc, item| {
-                acc.saturating_add(Self::count_value_tokens(tokenizer, item))
-            }),
-            serde_json::Value::Object(map) => map.values().fold(0_i64, |acc, item| {
-                acc.saturating_add(Self::count_value_tokens(tokenizer, item))
-            }),
-            _ => 0,
-        }
-    }
-}
-
 /// Implementation for the classic Chat Completions API.
 pub(crate) async fn stream_chat_completions(
     prompt: &Prompt,
     model_family: &ModelFamily,
-    client: &CodexHttpClient,
+    client: &reqwest::Client,
     provider: &ModelProviderInfo,
     otel_event_manager: &OtelEventManager,
 ) -> Result<ResponseStream> {
@@ -176,7 +75,6 @@ pub(crate) async fn stream_chat_completions(
             ResponseItem::CustomToolCall { .. } => {}
             ResponseItem::CustomToolCallOutput { .. } => {}
             ResponseItem::WebSearchCall { .. } => {}
-            ResponseItem::GhostSnapshot { .. } => {}
         }
     }
 
@@ -259,26 +157,16 @@ pub(crate) async fn stream_chat_completions(
     for (idx, item) in input.iter().enumerate() {
         match item {
             ResponseItem::Message { role, content, .. } => {
-                // Build content either as a plain string (typical for assistant text)
-                // or as an array of content items when images are present (user/tool multimodal).
                 let mut text = String::new();
-                let mut items: Vec<serde_json::Value> = Vec::new();
-                let mut saw_image = false;
-
                 for c in content {
                     match c {
                         ContentItem::InputText { text: t }
                         | ContentItem::OutputText { text: t } => {
                             text.push_str(t);
-                            items.push(json!({"type":"text","text": t}));
-                        }
-                        ContentItem::InputImage { image_url } => {
-                            saw_image = true;
-                            items.push(json!({"type":"image_url","image_url": {"url": image_url}}));
                         }
+                        _ => {}
                     }
                 }
-
                 // Skip exact-duplicate assistant messages.
                 if role == "assistant" {
                     if let Some(prev) = &last_assistant_text
@@ -289,17 +177,7 @@ pub(crate) async fn stream_chat_completions(
                     last_assistant_text = Some(text.clone());
                 }
 
-                // For assistant messages, always send a plain string for compatibility.
-                // For user messages, if an image is present, send an array of content items.
-                let content_value = if role == "assistant" {
-                    json!(text)
-                } else if saw_image {
-                    json!(items)
-                } else {
-                    json!(text)
-                };
-
-                let mut msg = json!({"role": role, "content": content_value});
+                let mut msg = json!({"role": role, "content": text});
                 if role == "assistant"
                     && let Some(reasoning) = reasoning_by_anchor_index.get(&idx)
                     && let Some(obj) = msg.as_object_mut()
@@ -358,29 +236,10 @@ pub(crate) async fn stream_chat_completions(
                 messages.push(msg);
             }
             ResponseItem::FunctionCallOutput { call_id, output } => {
-                // Prefer structured content items when available (e.g., images)
-                // otherwise fall back to the legacy plain-string content.
-                let content_value = if let Some(items) = &output.content_items {
-                    let mapped: Vec<serde_json::Value> = items
-                        .iter()
-                        .map(|it| match it {
-                            FunctionCallOutputContentItem::InputText { text } => {
-                                json!({"type":"text","text": text})
-                            }
-                            FunctionCallOutputContentItem::InputImage { image_url } => {
-                                json!({"type":"image_url","image_url": {"url": image_url}})
-                            }
-                        })
-                        .collect();
-                    json!(mapped)
-                } else {
-                    json!(output.content)
-                };
-
                 messages.push(json!({
                     "role": "tool",
                     "tool_call_id": call_id,
-                    "content": content_value,
+                    "content": output.content,
                 }));
             }
             ResponseItem::CustomToolCall {
@@ -410,10 +269,6 @@ pub(crate) async fn stream_chat_completions(
                     "content": output,
                 }));
             }
-            ResponseItem::GhostSnapshot { .. } => {
-                // Ghost snapshots annotate history but are not sent to the model.
-                continue;
-            }
             ResponseItem::Reasoning { .. }
             | ResponseItem::WebSearchCall { .. }
             | ResponseItem::Other => {
@@ -424,8 +279,6 @@ pub(crate) async fn stream_chat_completions(
     }
 
     let tools_json = create_tools_json_for_chat_completions_api(&prompt.tools)?;
-    let usage_heuristic = ChatUsageHeuristic::new(model_family.slug.as_str(), &messages);
-
     let payload = json!({
         "model": model_family.slug,
         "messages": messages,
@@ -469,7 +322,6 @@ pub(crate) async fn stream_chat_completions(
                     tx_event,
                     provider.stream_idle_timeout(),
                     otel_event_manager.clone(),
-                    usage_heuristic,
                 ));
                 return Ok(ResponseStream { rx_event });
             }
@@ -523,7 +375,6 @@ async fn process_chat_sse<S>(
     tx_event: mpsc::Sender<Result<ResponseEvent>>,
     idle_timeout: Duration,
     otel_event_manager: OtelEventManager,
-    mut usage_heuristic: Option<ChatUsageHeuristic>,
 ) where
     S: Stream<Item = Result<Bytes>> + Unpin,
 {
@@ -562,11 +413,10 @@ async fn process_chat_sse<S>(
             }
             Ok(None) => {
                 // Stream closed gracefully – emit Completed with dummy id.
-                let token_usage = usage_heuristic.as_ref().map(ChatUsageHeuristic::to_usage);
                 let _ = tx_event
                     .send(Ok(ResponseEvent::Completed {
                         response_id: String::new(),
-                        token_usage,
+                        token_usage: None,
                     }))
                     .await;
                 return;
@@ -609,11 +459,10 @@ async fn process_chat_sse<S>(
                 let _ = tx_event.send(Ok(ResponseEvent::OutputItemDone(item))).await;
             }
 
-            let token_usage = usage_heuristic.as_ref().map(ChatUsageHeuristic::to_usage);
             let _ = tx_event
                 .send(Ok(ResponseEvent::Completed {
                     response_id: String::new(),
-                    token_usage,
+                    token_usage: None,
                 }))
                 .await;
             return;
@@ -637,9 +486,6 @@ async fn process_chat_sse<S>(
                 && !content.is_empty()
             {
                 assistant_text.push_str(content);
-                if let Some(usage) = usage_heuristic.as_mut() {
-                    usage.record_output(content);
-                }
                 let _ = tx_event
                     .send(Ok(ResponseEvent::OutputTextDelta(content.to_string())))
                     .await;
@@ -673,9 +519,6 @@ async fn process_chat_sse<S>(
                 if let Some(reasoning) = maybe_text {
                     // Accumulate so we can emit a terminal Reasoning item at the end.
                     reasoning_text.push_str(&reasoning);
-                    if let Some(usage) = usage_heuristic.as_mut() {
-                        usage.record_reasoning(&reasoning);
-                    }
                     let _ = tx_event
                         .send(Ok(ResponseEvent::ReasoningContentDelta(reasoning)))
                         .await;
@@ -689,9 +532,6 @@ async fn process_chat_sse<S>(
                 if let Some(s) = message_reasoning.as_str() {
                     if !s.is_empty() {
                         reasoning_text.push_str(s);
-                        if let Some(usage) = usage_heuristic.as_mut() {
-                            usage.record_reasoning(s);
-                        }
                         let _ = tx_event
                             .send(Ok(ResponseEvent::ReasoningContentDelta(s.to_string())))
                             .await;
@@ -704,9 +544,6 @@ async fn process_chat_sse<S>(
                     && !s.is_empty()
                 {
                     reasoning_text.push_str(s);
-                    if let Some(usage) = usage_heuristic.as_mut() {
-                        usage.record_reasoning(s);
-                    }
                     let _ = tx_event
                         .send(Ok(ResponseEvent::ReasoningContentDelta(s.to_string())))
                         .await;
@@ -725,31 +562,18 @@ async fn process_chat_sse<S>(
 
                 // Extract call_id if present.
                 if let Some(id) = tool_call.get("id").and_then(|v| v.as_str()) {
-                    if fn_call_state.call_id.is_none() {
-                        if let Some(usage) = usage_heuristic.as_mut() {
-                            usage.record_output(id);
-                        }
-                        fn_call_state.call_id = Some(id.to_string());
-                    }
+                    fn_call_state.call_id.get_or_insert_with(|| id.to_string());
                 }
 
                 // Extract function details if present.
                 if let Some(function) = tool_call.get("function") {
                     if let Some(name) = function.get("name").and_then(|n| n.as_str()) {
-                        if fn_call_state.name.is_none() {
-                            if let Some(usage) = usage_heuristic.as_mut() {
-                                usage.record_output(name);
-                            }
-                            fn_call_state.name = Some(name.to_string());
-                        }
+                        fn_call_state.name.get_or_insert_with(|| name.to_string());
                     }
 
                     if let Some(args_fragment) = function.get("arguments").and_then(|a| a.as_str())
                     {
                         fn_call_state.arguments.push_str(args_fragment);
-                        if let Some(usage) = usage_heuristic.as_mut() {
-                            usage.record_output(args_fragment);
-                        }
                     }
                 }
             }
@@ -812,11 +636,10 @@ async fn process_chat_sse<S>(
                 }
 
                 // Emit Completed regardless of reason so the agent can advance.
-                let token_usage = usage_heuristic.as_ref().map(ChatUsageHeuristic::to_usage);
                 let _ = tx_event
                     .send(Ok(ResponseEvent::Completed {
                         response_id: String::new(),
-                        token_usage,
+                        token_usage: None,
                     }))
                     .await;
 

codex-rs/core/src/client.rs

@@ -39,7 +39,6 @@ use crate::client_common::ResponsesApiRequest;
 use crate::client_common::create_reasoning_param_for_request;
 use crate::client_common::create_text_param_for_request;
 use crate::config::Config;
-use crate::default_client::CodexHttpClient;
 use crate::default_client::create_client;
 use crate::error::CodexErr;
 use crate::error::ConnectionFailedError;
@@ -82,7 +81,7 @@ pub struct ModelClient {
     config: Arc<Config>,
     auth_manager: Option<Arc<AuthManager>>,
     otel_event_manager: OtelEventManager,
-    client: CodexHttpClient,
+    client: reqwest::Client,
     provider: ModelProviderInfo,
     conversation_id: ConversationId,
     effort: Option<ReasoningEffortConfig>,
@@ -134,14 +133,6 @@ impl ModelClient {
         self.stream_with_task_kind(prompt, TaskKind::Regular).await
     }
 
-    pub fn config(&self) -> Arc<Config> {
-        Arc::clone(&self.config)
-    }
-
-    pub fn provider(&self) -> &ModelProviderInfo {
-        &self.provider
-    }
-
     pub(crate) async fn stream_with_task_kind(
         &self,
         prompt: &Prompt,
@@ -223,14 +214,18 @@ impl ModelClient {
 
         let input_with_instructions = prompt.get_formatted_input();
 
-        let verbosity = if self.config.model_family.support_verbosity {
-            self.config.model_verbosity
-        } else {
-            warn!(
-                "model_verbosity is set but ignored as the model does not support verbosity: {}",
-                self.config.model_family.family
-            );
-            None
+        let verbosity = match &self.config.model_family.family {
+            family if family == "gpt-5" => self.config.model_verbosity,
+            _ => {
+                if self.config.model_verbosity.is_some() {
+                    warn!(
+                        "model_verbosity is set but ignored for non-gpt-5 model family: {}",
+                        self.config.model_family.family
+                    );
+                }
+
+                None
+            }
         };
 
         // Only include `text.verbosity` for GPT-5 family models
@@ -305,7 +300,6 @@ impl ModelClient {
             "POST to {}: {:?}",
             self.provider.get_full_url(&auth),
             serde_json::to_string(payload_json)
-                .unwrap_or("<unable to serialize payload>".to_string())
         );
 
         let mut req_builder = self
@@ -341,6 +335,13 @@ impl ModelClient {
                 .headers()
                 .get("cf-ray")
                 .map(|v| v.to_str().unwrap_or_default().to_string());
+
+            debug!(
+                "Response status: {}, cf-ray: {:?}, version: {:?}",
+                resp.status(),
+                request_id,
+                resp.version()
+            );
         }
 
         match res {
@@ -385,14 +386,9 @@ impl ModelClient {
 
                 if status == StatusCode::UNAUTHORIZED
                     && let Some(manager) = auth_manager.as_ref()
-                    && let Some(auth) = auth.as_ref()
-                    && auth.mode == AuthMode::ChatGPT
+                    && manager.auth().is_some()
                 {
-                    manager.refresh_token().await.map_err(|err| {
-                        StreamAttemptError::Fatal(CodexErr::Fatal(format!(
-                            "Failed to refresh ChatGPT credentials: {err}"
-                        )))
-                    })?;
+                    let _ = manager.refresh_token().await;
                 }
 
                 // The OpenAI Responses endpoint returns structured JSON bodies even for 4xx/5xx

codex-rs/core/src/codex.rs

@@ -8,11 +8,9 @@ use crate::AuthManager;
 use crate::client_common::REVIEW_PROMPT;
 use crate::function_tool::FunctionCallError;
 use crate::mcp::auth::McpAuthStatusEntry;
-use crate::mcp_connection_manager::DEFAULT_STARTUP_TIMEOUT;
 use crate::parse_command::parse_command;
 use crate::parse_turn_item;
 use crate::response_processing::process_items;
-use crate::review_format::format_review_findings_block;
 use crate::terminal;
 use crate::user_notification::UserNotifier;
 use async_channel::Receiver;
@@ -20,7 +18,7 @@ use async_channel::Sender;
 use codex_apply_patch::ApplyPatchAction;
 use codex_protocol::ConversationId;
 use codex_protocol::items::TurnItem;
-use codex_protocol::protocol::ExitedReviewModeEvent;
+use codex_protocol::protocol::ConversationPathResponseEvent;
 use codex_protocol::protocol::ItemCompletedEvent;
 use codex_protocol::protocol::ItemStartedEvent;
 use codex_protocol::protocol::ReviewRequest;
@@ -47,7 +45,6 @@ use tokio_util::sync::CancellationToken;
 use tracing::debug;
 use tracing::error;
 use tracing::info;
-use tracing::trace;
 use tracing::warn;
 
 use crate::ModelProviderInfo;
@@ -86,8 +83,6 @@ use crate::protocol::ListCustomPromptsResponseEvent;
 use crate::protocol::Op;
 use crate::protocol::RateLimitSnapshot;
 use crate::protocol::ReviewDecision;
-use crate::protocol::ReviewOutputEvent;
-use crate::protocol::SandboxCommandAssessment;
 use crate::protocol::SandboxPolicy;
 use crate::protocol::SessionConfiguredEvent;
 use crate::protocol::StreamErrorEvent;
@@ -104,12 +99,8 @@ use crate::state::SessionServices;
 use crate::state::SessionState;
 use crate::state::TaskKind;
 use crate::tasks::CompactTask;
-use crate::tasks::GhostSnapshotTask;
 use crate::tasks::RegularTask;
 use crate::tasks::ReviewTask;
-use crate::tasks::SessionTask;
-use crate::tasks::SessionTaskContext;
-use crate::tasks::UndoTask;
 use crate::tools::ToolRouter;
 use crate::tools::context::SharedTurnDiffTracker;
 use crate::tools::parallel::ToolCallRuntime;
@@ -132,8 +123,6 @@ use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::protocol::InitialHistory;
 use codex_protocol::user_input::UserInput;
-use codex_utils_readiness::Readiness;
-use codex_utils_readiness::ReadinessFlag;
 
 pub mod compact;
 use self::compact::build_compacted_history;
@@ -184,7 +173,6 @@ impl Codex {
             sandbox_policy: config.sandbox_policy.clone(),
             cwd: config.cwd.clone(),
             original_config_do_not_use: Arc::clone(&config),
-            features: config.features.clone(),
         };
 
         // Generate a unique ID for the lifetime of this Codex session.
@@ -275,10 +263,8 @@ pub(crate) struct TurnContext {
     pub(crate) sandbox_policy: SandboxPolicy,
     pub(crate) shell_environment_policy: ShellEnvironmentPolicy,
     pub(crate) tools_config: ToolsConfig,
-    pub(crate) is_review_mode: bool,
     pub(crate) final_output_json_schema: Option<Value>,
     pub(crate) codex_linux_sandbox_exe: Option<PathBuf>,
-    pub(crate) tool_call_gate: Arc<ReadinessFlag>,
 }
 
 impl TurnContext {
@@ -320,9 +306,6 @@ pub(crate) struct SessionConfiguration {
     /// operate deterministically.
     cwd: PathBuf,
 
-    /// Set of feature flags for this session
-    features: Features,
-
     // TODO(pakrym): Remove config from here
     original_config_do_not_use: Arc<Config>,
 }
@@ -414,10 +397,8 @@ impl Session {
             sandbox_policy: session_configuration.sandbox_policy.clone(),
             shell_environment_policy: config.shell_environment_policy.clone(),
             tools_config,
-            is_review_mode: false,
             final_output_json_schema: None,
             codex_linux_sandbox_exe: config.codex_linux_sandbox_exe.clone(),
-            tool_call_gate: Arc::new(ReadinessFlag::new()),
         }
     }
 
@@ -581,6 +562,7 @@ impl Session {
         // Dispatch the SessionConfiguredEvent first and then report any errors.
         // If resuming, include converted initial messages in the payload so UIs can render them immediately.
         let initial_messages = initial_history.get_event_msgs();
+        sess.record_initial_history(initial_history).await;
 
         let events = std::iter::once(Event {
             id: INITIAL_SUBMIT_ID.to_owned(),
@@ -599,9 +581,6 @@ impl Session {
             sess.send_event_raw(event).await;
         }
 
-        // record_initial_history can emit events. We record only after the SessionConfiguredEvent is emitted.
-        sess.record_initial_history(initial_history).await;
-
         Ok(sess)
     }
 
@@ -609,19 +588,6 @@ impl Session {
         self.tx_event.clone()
     }
 
-    /// Ensure all rollout writes are durably flushed.
-    pub(crate) async fn flush_rollout(&self) {
-        let recorder = {
-            let guard = self.services.rollout.lock().await;
-            guard.clone()
-        };
-        if let Some(rec) = recorder
-            && let Err(e) = rec.flush().await
-        {
-            warn!("failed to flush rollout recorder: {e}");
-        }
-    }
-
     fn next_internal_sub_id(&self) -> String {
         let id = self
             .next_internal_sub_id
@@ -635,9 +601,7 @@ impl Session {
             InitialHistory::New => {
                 // Build and record initial items (user instructions + environment context)
                 let items = self.build_initial_context(&turn_context);
-                self.record_conversation_items(&turn_context, &items).await;
-                // Ensure initial items are visible to immediate readers (e.g., tests, forks).
-                self.flush_rollout().await;
+                self.record_conversation_items(&items).await;
             }
             InitialHistory::Resumed(_) | InitialHistory::Forked(_) => {
                 let rollout_items = conversation_history.get_rollout_items();
@@ -654,8 +618,6 @@ impl Session {
                 if persist && !rollout_items.is_empty() {
                     self.persist_rollout_items(&rollout_items).await;
                 }
-                // Flush after seeding history and any persisted rollout copy.
-                self.flush_rollout().await;
             }
         }
     }
@@ -666,6 +628,14 @@ impl Session {
         state.session_configuration = state.session_configuration.apply(&updates);
     }
 
+    pub(crate) async fn base_config(&self) -> Arc<Config> {
+        let state = self.state.lock().await;
+        state
+            .session_configuration
+            .original_config_do_not_use
+            .clone()
+    }
+
     pub(crate) async fn new_turn(&self, updates: SessionSettingsUpdate) -> Arc<TurnContext> {
         let sub_id = self.next_internal_sub_id();
         self.new_turn_with_sub_id(sub_id, updates).await
@@ -786,32 +756,6 @@ impl Session {
         }
     }
 
-    pub(crate) async fn assess_sandbox_command(
-        &self,
-        turn_context: &TurnContext,
-        call_id: &str,
-        command: &[String],
-        failure_message: Option<&str>,
-    ) -> Option<SandboxCommandAssessment> {
-        let config = turn_context.client.config();
-        let provider = turn_context.client.provider().clone();
-        let auth_manager = Arc::clone(&self.services.auth_manager);
-        let otel = self.services.otel_event_manager.clone();
-        crate::sandboxing::assessment::assess_command(
-            config,
-            provider,
-            auth_manager,
-            &otel,
-            self.conversation_id,
-            call_id,
-            command,
-            &turn_context.sandbox_policy,
-            &turn_context.cwd,
-            failure_message,
-        )
-        .await
-    }
-
     /// Emit an exec approval request event and await the user's decision.
     ///
     /// The request is keyed by `sub_id`/`call_id` so matching responses are delivered
@@ -824,7 +768,6 @@ impl Session {
         command: Vec<String>,
         cwd: PathBuf,
         reason: Option<String>,
-        risk: Option<SandboxCommandAssessment>,
     ) -> ReviewDecision {
         let sub_id = turn_context.sub_id.clone();
         // Add the tx_approve callback to the map before sending the request.
@@ -850,7 +793,6 @@ impl Session {
             command,
             cwd,
             reason,
-            risk,
             parsed_cmd,
         });
         self.send_event(turn_context, event).await;
@@ -916,14 +858,9 @@ impl Session {
 
     /// Records input items: always append to conversation history and
     /// persist these response items to rollout.
-    pub(crate) async fn record_conversation_items(
-        &self,
-        turn_context: &TurnContext,
-        items: &[ResponseItem],
-    ) {
+    pub(crate) async fn record_conversation_items(&self, items: &[ResponseItem]) {
         self.record_into_history(items).await;
         self.persist_rollout_response_items(items).await;
-        self.send_raw_response_items(turn_context, items).await;
     }
 
     fn reconstruct_history_from_rollout(
@@ -959,7 +896,7 @@ impl Session {
         state.record_items(items.iter());
     }
 
-    pub(crate) async fn replace_history(&self, items: Vec<ResponseItem>) {
+    async fn replace_history(&self, items: Vec<ResponseItem>) {
         let mut state = self.state.lock().await;
         state.replace_history(items);
     }
@@ -973,13 +910,6 @@ impl Session {
         self.persist_rollout_items(&rollout_items).await;
     }
 
-    async fn send_raw_response_items(&self, turn_context: &TurnContext, items: &[ResponseItem]) {
-        for item in items {
-            self.send_event(turn_context, EventMsg::RawResponseItem(item.clone()))
-                .await;
-        }
-    }
-
     pub(crate) fn build_initial_context(&self, turn_context: &TurnContext) -> Vec<ResponseItem> {
         let mut items = Vec::<ResponseItem>::with_capacity(2);
         if let Some(user_instructions) = turn_context.user_instructions.as_deref() {
@@ -1075,7 +1005,7 @@ impl Session {
     ) {
         let response_item: ResponseItem = response_input.clone().into();
         // Add to conversation history and persist response item to rollout
-        self.record_conversation_items(turn_context, std::slice::from_ref(&response_item))
+        self.record_conversation_items(std::slice::from_ref(&response_item))
             .await;
 
         // Derive user message events and persist only UserMessage to rollout
@@ -1108,43 +1038,6 @@ impl Session {
         self.send_event(turn_context, event).await;
     }
 
-    async fn maybe_start_ghost_snapshot(
-        self: &Arc<Self>,
-        turn_context: Arc<TurnContext>,
-        cancellation_token: CancellationToken,
-    ) {
-        if turn_context.is_review_mode
-            || !self
-                .state
-                .lock()
-                .await
-                .session_configuration
-                .features
-                .enabled(Feature::GhostCommit)
-        {
-            return;
-        }
-
-        let token = match turn_context.tool_call_gate.subscribe().await {
-            Ok(token) => token,
-            Err(err) => {
-                warn!("failed to subscribe to ghost snapshot readiness: {err}");
-                return;
-            }
-        };
-
-        info!("spawning ghost snapshot task");
-        let task = GhostSnapshotTask::new(token);
-        Arc::new(task)
-            .run(
-                Arc::new(SessionTaskContext::new(self.clone())),
-                turn_context.clone(),
-                Vec::new(),
-                cancellation_token,
-            )
-            .await;
-    }
-
     /// Returns the input if there was no task running to inject into
     pub async fn inject_input(&self, input: Vec<UserInput>) -> Result<(), Vec<UserInput>> {
         let mut active = self.active_turn.lock().await;
@@ -1303,11 +1196,8 @@ async fn submission_loop(sess: Arc<Session>, config: Arc<Config>, rx_sub: Receiv
                     if let Some(env_item) = sess
                         .build_environment_update_item(previous_context.as_ref(), &current_context)
                     {
-                        sess.record_conversation_items(
-                            &current_context,
-                            std::slice::from_ref(&env_item),
-                        )
-                        .await;
+                        sess.record_conversation_items(std::slice::from_ref(&env_item))
+                            .await;
                     }
 
                     sess.spawn_task(Arc::clone(&current_context), items, RegularTask)
@@ -1421,13 +1311,6 @@ async fn submission_loop(sess: Arc<Session>, config: Arc<Config>, rx_sub: Receiv
                 };
                 sess.send_event_raw(event).await;
             }
-            Op::Undo => {
-                let turn_context = sess
-                    .new_turn_with_sub_id(sub.id.clone(), SessionSettingsUpdate::default())
-                    .await;
-                sess.spawn_task(turn_context, Vec::new(), UndoTask::new())
-                    .await;
-            }
             Op::Compact => {
                 let turn_context = sess
                     .new_turn_with_sub_id(sub.id.clone(), SessionSettingsUpdate::default())
@@ -1473,7 +1356,33 @@ async fn submission_loop(sess: Arc<Session>, config: Arc<Config>, rx_sub: Receiv
                 sess.send_event_raw(event).await;
                 break;
             }
-
+            Op::GetPath => {
+                let sub_id = sub.id.clone();
+                // Flush rollout writes before returning the path so readers observe a consistent file.
+                let (path, rec_opt) = {
+                    let guard = sess.services.rollout.lock().await;
+                    match guard.as_ref() {
+                        Some(rec) => (rec.get_rollout_path(), Some(rec.clone())),
+                        None => {
+                            error!("rollout recorder not found");
+                            continue;
+                        }
+                    }
+                };
+                if let Some(rec) = rec_opt
+                    && let Err(e) = rec.flush().await
+                {
+                    warn!("failed to flush rollout recorder before GetHistory: {e}");
+                }
+                let event = Event {
+                    id: sub_id.clone(),
+                    msg: EventMsg::ConversationPath(ConversationPathResponseEvent {
+                        conversation_id: sess.conversation_id,
+                        path,
+                    }),
+                };
+                sess.send_event_raw(event).await;
+            }
             Op::Review { review_request } => {
                 let turn_context = sess
                     .new_turn_with_sub_id(sub.id.clone(), SessionSettingsUpdate::default())
@@ -1561,10 +1470,8 @@ async fn spawn_review_thread(
         sandbox_policy: parent_turn_context.sandbox_policy.clone(),
         shell_environment_policy: parent_turn_context.shell_environment_policy.clone(),
         cwd: parent_turn_context.cwd.clone(),
-        is_review_mode: true,
         final_output_json_schema: None,
         codex_linux_sandbox_exe: parent_turn_context.codex_linux_sandbox_exe.clone(),
-        tool_call_gate: Arc::new(ReadinessFlag::new()),
     };
 
     // Seed the child task with the review prompt as the initial user message.
@@ -1612,24 +1519,9 @@ pub(crate) async fn run_task(
     sess.send_event(&turn_context, event).await;
 
     let initial_input_for_turn: ResponseInputItem = ResponseInputItem::from(input);
-    // For review threads, keep an isolated in-memory history so the
-    // model sees a fresh conversation without the parent session's history.
-    // For normal turns, continue recording to the session history as before.
-    let is_review_mode = turn_context.is_review_mode;
-
-    let mut review_thread_history: ConversationHistory = ConversationHistory::new();
-    if is_review_mode {
-        // Seed review threads with environment context so the model knows the working directory.
-        review_thread_history
-            .record_items(sess.build_initial_context(turn_context.as_ref()).iter());
-        review_thread_history.record_items(std::iter::once(&initial_input_for_turn.into()));
-    } else {
-        sess.record_input_and_rollout_usermsg(turn_context.as_ref(), &initial_input_for_turn)
-            .await;
-    }
-
-    sess.maybe_start_ghost_snapshot(Arc::clone(&turn_context), cancellation_token.child_token())
+    sess.record_input_and_rollout_usermsg(turn_context.as_ref(), &initial_input_for_turn)
         .await;
+
     let mut last_agent_message: Option<String> = None;
     // Although from the perspective of codex.rs, TurnDiffTracker has the lifecycle of a Task which contains
     // many turns, from the perspective of the user, it is a single turn.
@@ -1657,14 +1549,8 @@ pub(crate) async fn run_task(
         //   conversation history on each turn. The rollout file, however, should
         //   only record the new items that originated in this turn so that it
         //   represents an append-only log without duplicates.
-        let turn_input: Vec<ResponseItem> = if is_review_mode {
-            if !pending_input.is_empty() {
-                review_thread_history.record_items(&pending_input);
-            }
-            review_thread_history.get_history()
-        } else {
-            sess.record_conversation_items(&turn_context, &pending_input)
-                .await;
+        let turn_input: Vec<ResponseItem> = {
+            sess.record_conversation_items(&pending_input).await;
             sess.history_snapshot().await
         };
 
@@ -1706,14 +1592,8 @@ pub(crate) async fn run_task(
                 let token_limit_reached = total_usage_tokens
                     .map(|tokens| tokens >= limit)
                     .unwrap_or(false);
-                let (responses, items_to_record_in_conversation_history) = process_items(
-                    processed_items,
-                    is_review_mode,
-                    &mut review_thread_history,
-                    &sess,
-                    &turn_context,
-                )
-                .await;
+                let (responses, items_to_record_in_conversation_history) =
+                    process_items(processed_items, &sess).await;
 
                 if token_limit_reached {
                     if auto_compact_recently_attempted {
@@ -1755,14 +1635,7 @@ pub(crate) async fn run_task(
             Err(CodexErr::TurnAborted {
                 dangling_artifacts: processed_items,
             }) => {
-                let _ = process_items(
-                    processed_items,
-                    is_review_mode,
-                    &mut review_thread_history,
-                    &sess,
-                    &turn_context,
-                )
-                .await;
+                let _ = process_items(processed_items, &sess).await;
                 // Aborted turn is reported via a different event.
                 break;
             }
@@ -1778,57 +1651,9 @@ pub(crate) async fn run_task(
         }
     }
 
-    // If this was a review thread and we have a final assistant message,
-    // try to parse it as a ReviewOutput.
-    //
-    // If parsing fails, construct a minimal ReviewOutputEvent using the plain
-    // text as the overall explanation. Else, just exit review mode with None.
-    //
-    // Emits an ExitedReviewMode event with the parsed review output.
-    if turn_context.is_review_mode {
-        exit_review_mode(
-            sess.clone(),
-            Arc::clone(&turn_context),
-            last_agent_message.as_deref().map(parse_review_output_event),
-        )
-        .await;
-    }
-
     last_agent_message
 }
 
-/// Parse the review output; when not valid JSON, build a structured
-/// fallback that carries the plain text as the overall explanation.
-///
-/// Returns: a ReviewOutputEvent parsed from JSON or a fallback populated from text.
-fn parse_review_output_event(text: &str) -> ReviewOutputEvent {
-    // Try direct parse first
-    if let Ok(ev) = serde_json::from_str::<ReviewOutputEvent>(text) {
-        return ev;
-    }
-    // If wrapped in markdown fences or extra prose, attempt to extract the first JSON object
-    if let (Some(start), Some(end)) = (text.find('{'), text.rfind('}'))
-        && start < end
-        && let Some(slice) = text.get(start..=end)
-        && let Ok(ev) = serde_json::from_str::<ReviewOutputEvent>(slice)
-    {
-        return ev;
-    }
-    // Not JSON – return a structured ReviewOutputEvent that carries
-    // the plain text as the overall explanation.
-    ReviewOutputEvent {
-        overall_explanation: text.to_string(),
-        ..Default::default()
-    }
-}
-
-fn filter_model_visible_history(input: Vec<ResponseItem>) -> Vec<ResponseItem> {
-    input
-        .into_iter()
-        .filter(|item| !matches!(item, ResponseItem::GhostSnapshot { .. }))
-        .collect()
-}
-
 async fn run_turn(
     sess: Arc<Session>,
     turn_context: Arc<TurnContext>,
@@ -1849,7 +1674,7 @@ async fn run_turn(
         .supports_parallel_tool_calls;
     let parallel_tool_calls = model_supports_parallel;
     let prompt = Prompt {
-        input: filter_model_visible_history(input),
+        input,
         tools: router.specs(),
         parallel_tool_calls,
         base_instructions_override: turn_context.base_instructions.clone(),
@@ -1911,7 +1736,7 @@ async fn run_turn(
                     // at a seemingly frozen screen.
                     sess.notify_stream_error(
                         turn_context.as_ref(),
-                        format!("Reconnecting... {retries}/{max_retries}"),
+                        format!("Re-connecting... {retries}/{max_retries}"),
                     )
                     .await;
 
@@ -2047,7 +1872,7 @@ async fn try_run_turn(
                             call_id: String::new(),
                             output: FunctionCallOutputPayload {
                                 content: msg.to_string(),
-                                ..Default::default()
+                                success: None,
                             },
                         };
                         add_completed(ProcessedResponseItem {
@@ -2061,7 +1886,7 @@ async fn try_run_turn(
                             call_id: String::new(),
                             output: FunctionCallOutputPayload {
                                 content: message,
-                                ..Default::default()
+                                success: None,
                             },
                         };
                         add_completed(ProcessedResponseItem {
@@ -2115,12 +1940,8 @@ async fn try_run_turn(
             ResponseEvent::OutputTextDelta(delta) => {
                 // In review child threads, suppress assistant text deltas; the
                 // UI will show a selection popup from the final ReviewOutput.
-                if !turn_context.is_review_mode {
-                    let event = EventMsg::AgentMessageDelta(AgentMessageDeltaEvent { delta });
-                    sess.send_event(&turn_context, event).await;
-                } else {
-                    trace!("suppressing OutputTextDelta in review mode");
-                }
+                let event = EventMsg::AgentMessageDelta(AgentMessageDeltaEvent { delta });
+                sess.send_event(&turn_context, event).await;
             }
             ResponseEvent::ReasoningSummaryDelta(delta) => {
                 let event = EventMsg::AgentReasoningDelta(AgentReasoningDeltaEvent { delta });
@@ -2155,13 +1976,7 @@ async fn handle_non_tool_response_item(
         ResponseItem::Message { .. }
         | ResponseItem::Reasoning { .. }
         | ResponseItem::WebSearchCall { .. } => {
-            let turn_item = match &item {
-                ResponseItem::Message { .. } if turn_context.is_review_mode => {
-                    trace!("suppressing assistant Message in review mode");
-                    None
-                }
-                _ => parse_turn_item(&item),
-            };
+            let turn_item = parse_turn_item(&item);
             if let Some(turn_item) = turn_item {
                 sess.emit_turn_item_started_completed(
                     turn_context.as_ref(),
@@ -2199,61 +2014,39 @@ pub(super) fn get_last_assistant_message_from_turn(responses: &[ResponseItem]) -
         }
     })
 }
-/// Emits an ExitedReviewMode Event with optional ReviewOutput,
-/// and records a developer message with the review output.
-pub(crate) async fn exit_review_mode(
-    session: Arc<Session>,
-    turn_context: Arc<TurnContext>,
-    review_output: Option<ReviewOutputEvent>,
-) {
-    let event = EventMsg::ExitedReviewMode(ExitedReviewModeEvent {
-        review_output: review_output.clone(),
-    });
-    session.send_event(turn_context.as_ref(), event).await;
+pub(crate) fn convert_call_tool_result_to_function_call_output_payload(
+    call_tool_result: &CallToolResult,
+) -> FunctionCallOutputPayload {
+    let CallToolResult {
+        content,
+        is_error,
+        structured_content,
+    } = call_tool_result;
 
-    let mut user_message = String::new();
-    if let Some(out) = review_output {
-        let mut findings_str = String::new();
-        let text = out.overall_explanation.trim();
-        if !text.is_empty() {
-            findings_str.push_str(text);
-        }
-        if !out.findings.is_empty() {
-            let block = format_review_findings_block(&out.findings, None);
-            findings_str.push_str(&format!("\n{block}"));
-        }
-        user_message.push_str(&format!(
-            r#"<user_action>
-  <context>User initiated a review task. Here's the full review output from reviewer model. User may select one or more comments to resolve.</context>
-  <action>review</action>
-  <results>
-  {findings_str}
-  </results>
-</user_action>
-"#));
+    // In terms of what to send back to the model, we prefer structured_content,
+    // if available, and fallback to content, otherwise.
+    let mut is_success = is_error != &Some(true);
+    let content = if let Some(structured_content) = structured_content
+        && structured_content != &serde_json::Value::Null
+        && let Ok(serialized_structured_content) = serde_json::to_string(&structured_content)
+    {
+        serialized_structured_content
     } else {
-        user_message.push_str(r#"<user_action>
-  <context>User initiated a review task, but was interrupted. If user asks about this, tell them to re-initiate a review with `/review` and wait for it to complete.</context>
-  <action>review</action>
-  <results>
-  None.
-  </results>
-</user_action>
-"#);
-    }
+        match serde_json::to_string(&content) {
+            Ok(serialized_content) => serialized_content,
+            Err(err) => {
+                // If we could not serialize either content or structured_content to
+                // JSON, flag this as an error.
+                is_success = false;
+                err.to_string()
+            }
+        }
+    };
 
-    session
-        .record_conversation_items(
-            &turn_context,
-            &[ResponseItem::Message {
-                id: None,
-                role: "user".to_string(),
-                content: vec![ContentItem::InputText { text: user_message }],
-            }],
-        )
-        .await;
-    // Make the recorded review note visible immediately for readers.
-    session.flush_rollout().await;
+    FunctionCallOutputPayload {
+        content,
+        success: Some(is_success),
+    }
 }
 
 fn mcp_init_error_display(
@@ -2275,24 +2068,12 @@ fn mcp_init_error_display(
         // That means that the user has to specify a personal access token either via bearer_token_env_var or http_headers.
         // https://github.com/github/github-mcp-server/issues/921#issuecomment-3221026448
         format!(
-            "GitHub MCP does not support OAuth. Log in by adding a personal access token (https://github.com/settings/personal-access-tokens) to your environment and config.toml:\n[mcp_servers.{server_name}]\nbearer_token_env_var = CODEX_GITHUB_PERSONAL_ACCESS_TOKEN"
+            "GitHub MCP does not support OAuth. Log in by adding `bearer_token_env_var = CODEX_GITHUB_PAT` in the `mcp_servers.{server_name}` section of your config.toml"
         )
     } else if is_mcp_client_auth_required_error(err) {
         format!(
             "The {server_name} MCP server is not logged in. Run `codex mcp login {server_name}`."
         )
-    } else if is_mcp_client_startup_timeout_error(err) {
-        let startup_timeout_secs = match entry {
-            Some(entry) => match entry.config.startup_timeout_sec {
-                Some(timeout) => timeout,
-                None => DEFAULT_STARTUP_TIMEOUT,
-            },
-            None => DEFAULT_STARTUP_TIMEOUT,
-        }
-        .as_secs();
-        format!(
-            "MCP client for `{server_name}` timed out after {startup_timeout_secs} seconds. Add or adjust `startup_timeout_sec` in your config.toml:\n[mcp_servers.{server_name}]\nstartup_timeout_sec = XX"
-        )
     } else {
         format!("MCP client for `{server_name}` failed to start: {err:#}")
     }
@@ -2303,14 +2084,6 @@ fn is_mcp_client_auth_required_error(error: &anyhow::Error) -> bool {
     error.to_string().contains("Auth required")
 }
 
-fn is_mcp_client_startup_timeout_error(error: &anyhow::Error) -> bool {
-    let error_message = error.to_string();
-    error_message.contains("request timed out")
-        || error_message.contains("timed out handshaking with MCP server")
-}
-
-use crate::features::Feature;
-use crate::features::Features;
 #[cfg(test)]
 pub(crate) use tests::make_session_and_context;
 
@@ -2331,12 +2104,12 @@ mod tests {
     use crate::state::TaskKind;
     use crate::tasks::SessionTask;
     use crate::tasks::SessionTaskContext;
+    use crate::tools::MODEL_FORMAT_HEAD_LINES;
+    use crate::tools::MODEL_FORMAT_MAX_BYTES;
+    use crate::tools::MODEL_FORMAT_MAX_LINES;
+    use crate::tools::MODEL_FORMAT_TAIL_LINES;
     use crate::tools::ToolRouter;
-    use crate::tools::context::ToolInvocation;
-    use crate::tools::context::ToolOutput;
-    use crate::tools::context::ToolPayload;
-    use crate::tools::handlers::ShellHandler;
-    use crate::tools::registry::ToolHandler;
+    use crate::tools::handle_container_exec_with_params;
     use crate::turn_diff_tracker::TurnDiffTracker;
     use codex_app_server_protocol::AuthMode;
     use codex_protocol::models::ContentItem;
@@ -2404,7 +2177,7 @@ mod tests {
             })),
         };
 
-        let got = FunctionCallOutputPayload::from(&ctr);
+        let got = convert_call_tool_result_to_function_call_output_payload(&ctr);
         let expected = FunctionCallOutputPayload {
             content: serde_json::to_string(&json!({
                 "ok": true,
@@ -2412,12 +2185,100 @@ mod tests {
             }))
             .unwrap(),
             success: Some(true),
-            ..Default::default()
         };
 
         assert_eq!(expected, got);
     }
 
+    #[test]
+    fn model_truncation_head_tail_by_lines() {
+        // Build 400 short lines so line-count limit, not byte budget, triggers truncation
+        let lines: Vec<String> = (1..=400).map(|i| format!("line{i}")).collect();
+        let full = lines.join("\n");
+
+        let exec = ExecToolCallOutput {
+            exit_code: 0,
+            stdout: StreamOutput::new(String::new()),
+            stderr: StreamOutput::new(String::new()),
+            aggregated_output: StreamOutput::new(full),
+            duration: StdDuration::from_secs(1),
+            timed_out: false,
+        };
+
+        let out = format_exec_output_str(&exec);
+
+        // Strip truncation header if present for subsequent assertions
+        let body = out
+            .strip_prefix("Total output lines: ")
+            .and_then(|rest| rest.split_once("\n\n").map(|x| x.1))
+            .unwrap_or(out.as_str());
+
+        // Expect elision marker with correct counts
+        let omitted = 400 - MODEL_FORMAT_MAX_LINES; // 144
+        let marker = format!("\n[... omitted {omitted} of 400 lines ...]\n\n");
+        assert!(out.contains(&marker), "missing marker: {out}");
+
+        // Validate head and tail
+        let parts: Vec<&str> = body.split(&marker).collect();
+        assert_eq!(parts.len(), 2, "expected one marker split");
+        let head = parts[0];
+        let tail = parts[1];
+
+        let expected_head: String = (1..=MODEL_FORMAT_HEAD_LINES)
+            .map(|i| format!("line{i}"))
+            .collect::<Vec<_>>()
+            .join("\n");
+        assert!(head.starts_with(&expected_head), "head mismatch");
+
+        let expected_tail: String = ((400 - MODEL_FORMAT_TAIL_LINES + 1)..=400)
+            .map(|i| format!("line{i}"))
+            .collect::<Vec<_>>()
+            .join("\n");
+        assert!(tail.ends_with(&expected_tail), "tail mismatch");
+    }
+
+    #[test]
+    fn model_truncation_respects_byte_budget() {
+        // Construct a large output (about 100kB) so byte budget dominates
+        let big_line = "x".repeat(100);
+        let full = std::iter::repeat_n(big_line, 1000)
+            .collect::<Vec<_>>()
+            .join("\n");
+
+        let exec = ExecToolCallOutput {
+            exit_code: 0,
+            stdout: StreamOutput::new(String::new()),
+            stderr: StreamOutput::new(String::new()),
+            aggregated_output: StreamOutput::new(full.clone()),
+            duration: StdDuration::from_secs(1),
+            timed_out: false,
+        };
+
+        let out = format_exec_output_str(&exec);
+        // Keep strict budget on the truncated body (excluding header)
+        let body = out
+            .strip_prefix("Total output lines: ")
+            .and_then(|rest| rest.split_once("\n\n").map(|x| x.1))
+            .unwrap_or(out.as_str());
+        assert!(body.len() <= MODEL_FORMAT_MAX_BYTES, "exceeds byte budget");
+        assert!(out.contains("omitted"), "should contain elision marker");
+
+        // Ensure head and tail are drawn from the original
+        assert!(full.starts_with(body.chars().take(8).collect::<String>().as_str()));
+        assert!(
+            full.ends_with(
+                body.chars()
+                    .rev()
+                    .take(8)
+                    .collect::<String>()
+                    .chars()
+                    .rev()
+                    .collect::<String>()
+                    .as_str()
+            )
+        );
+    }
+
     #[test]
     fn includes_timed_out_message() {
         let exec = ExecToolCallOutput {
@@ -2445,12 +2306,11 @@ mod tests {
             structured_content: Some(serde_json::Value::Null),
         };
 
-        let got = FunctionCallOutputPayload::from(&ctr);
+        let got = convert_call_tool_result_to_function_call_output_payload(&ctr);
         let expected = FunctionCallOutputPayload {
             content: serde_json::to_string(&vec![text_block("hello"), text_block("world")])
                 .unwrap(),
             success: Some(true),
-            ..Default::default()
         };
 
         assert_eq!(expected, got);
@@ -2464,11 +2324,10 @@ mod tests {
             structured_content: Some(json!({ "message": "bad" })),
         };
 
-        let got = FunctionCallOutputPayload::from(&ctr);
+        let got = convert_call_tool_result_to_function_call_output_payload(&ctr);
         let expected = FunctionCallOutputPayload {
             content: serde_json::to_string(&json!({ "message": "bad" })).unwrap(),
             success: Some(false),
-            ..Default::default()
         };
 
         assert_eq!(expected, got);
@@ -2482,11 +2341,10 @@ mod tests {
             structured_content: None,
         };
 
-        let got = FunctionCallOutputPayload::from(&ctr);
+        let got = convert_call_tool_result_to_function_call_output_payload(&ctr);
         let expected = FunctionCallOutputPayload {
             content: serde_json::to_string(&vec![text_block("alpha")]).unwrap(),
             success: Some(true),
-            ..Default::default()
         };
 
         assert_eq!(expected, got);
@@ -2538,7 +2396,6 @@ mod tests {
             sandbox_policy: config.sandbox_policy.clone(),
             cwd: config.cwd.clone(),
             original_config_do_not_use: Arc::clone(&config),
-            features: Features::default(),
         };
 
         let state = SessionState::new(session_configuration.clone());
@@ -2607,7 +2464,6 @@ mod tests {
             sandbox_policy: config.sandbox_policy.clone(),
             cwd: config.cwd.clone(),
             original_config_do_not_use: Arc::clone(&config),
-            features: Features::default(),
         };
 
         let state = SessionState::new(session_configuration.clone());
@@ -2672,12 +2528,6 @@ mod tests {
                 sleep(Duration::from_secs(60)).await;
             }
         }
-
-        async fn abort(&self, session: Arc<SessionTaskContext>, ctx: Arc<TurnContext>) {
-            if let TaskKind::Review = self.kind {
-                exit_review_mode(session.clone_session(), ctx, None).await;
-            }
-        }
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -2762,19 +2612,13 @@ mod tests {
             EventMsg::ExitedReviewMode(ev) => assert!(ev.review_output.is_none()),
             other => panic!("unexpected first event: {other:?}"),
         }
-        loop {
-            let evt = tokio::time::timeout(std::time::Duration::from_secs(2), rx.recv())
-                .await
-                .expect("timeout waiting for next event")
-                .expect("event");
-            match evt.msg {
-                EventMsg::RawResponseItem(_) => continue,
-                EventMsg::TurnAborted(e) => {
-                    assert_eq!(TurnAbortReason::Interrupted, e.reason);
-                    break;
-                }
-                other => panic!("unexpected second event: {other:?}"),
-            }
+        let second = tokio::time::timeout(std::time::Duration::from_secs(2), rx.recv())
+            .await
+            .expect("timeout waiting for second event")
+            .expect("second event");
+        match second.msg {
+            EventMsg::TurnAborted(e) => assert_eq!(TurnAbortReason::Interrupted, e.reason),
+            other => panic!("unexpected second event: {other:?}"),
         }
 
         let history = sess.history_snapshot().await;
@@ -2982,26 +2826,15 @@ mod tests {
         let tool_name = "shell";
         let call_id = "test-call".to_string();
 
-        let handler = ShellHandler;
-        let resp = handler
-            .handle(ToolInvocation {
-                session: Arc::clone(&session),
-                turn: Arc::clone(&turn_context),
-                tracker: Arc::clone(&turn_diff_tracker),
-                call_id,
-                tool_name: tool_name.to_string(),
-                payload: ToolPayload::Function {
-                    arguments: serde_json::json!({
-                        "command": params.command.clone(),
-                        "workdir": Some(turn_context.cwd.to_string_lossy().to_string()),
-                        "timeout_ms": params.timeout_ms,
-                        "with_escalated_permissions": params.with_escalated_permissions,
-                        "justification": params.justification.clone(),
-                    })
-                    .to_string(),
-                },
-            })
-            .await;
+        let resp = handle_container_exec_with_params(
+            tool_name,
+            params,
+            Arc::clone(&session),
+            Arc::clone(&turn_context),
+            Arc::clone(&turn_diff_tracker),
+            call_id,
+        )
+        .await;
 
         let Err(FunctionCallError::RespondToModel(output)) = resp else {
             panic!("expected error result");
@@ -3020,30 +2853,17 @@ mod tests {
             .expect("unique turn context Arc")
             .sandbox_policy = SandboxPolicy::DangerFullAccess;
 
-        let resp2 = handler
-            .handle(ToolInvocation {
-                session: Arc::clone(&session),
-                turn: Arc::clone(&turn_context),
-                tracker: Arc::clone(&turn_diff_tracker),
-                call_id: "test-call-2".to_string(),
-                tool_name: tool_name.to_string(),
-                payload: ToolPayload::Function {
-                    arguments: serde_json::json!({
-                        "command": params2.command.clone(),
-                        "workdir": Some(turn_context.cwd.to_string_lossy().to_string()),
-                        "timeout_ms": params2.timeout_ms,
-                        "with_escalated_permissions": params2.with_escalated_permissions,
-                        "justification": params2.justification.clone(),
-                    })
-                    .to_string(),
-                },
-            })
-            .await;
+        let resp2 = handle_container_exec_with_params(
+            tool_name,
+            params2,
+            Arc::clone(&session),
+            Arc::clone(&turn_context),
+            Arc::clone(&turn_diff_tracker),
+            "test-call-2".to_string(),
+        )
+        .await;
 
-        let output = match resp2.expect("expected Ok result") {
-            ToolOutput::Function { content, .. } => content,
-            _ => panic!("unexpected tool output"),
-        };
+        let output = resp2.expect("expected Ok result");
 
         #[derive(Deserialize, PartialEq, Eq, Debug)]
         struct ResponseExecMetadata {
@@ -3087,7 +2907,7 @@ mod tests {
         let display = mcp_init_error_display(server_name, Some(&entry), &err);
 
         let expected = format!(
-            "GitHub MCP does not support OAuth. Log in by adding a personal access token (https://github.com/settings/personal-access-tokens) to your environment and config.toml:\n[mcp_servers.{server_name}]\nbearer_token_env_var = CODEX_GITHUB_PERSONAL_ACCESS_TOKEN"
+            "GitHub MCP does not support OAuth. Log in by adding `bearer_token_env_var = CODEX_GITHUB_PAT` in the `mcp_servers.{server_name}` section of your config.toml"
         );
 
         assert_eq!(expected, display);
@@ -3134,17 +2954,4 @@ mod tests {
 
         assert_eq!(expected, display);
     }
-
-    #[test]
-    fn mcp_init_error_display_includes_startup_timeout_hint() {
-        let server_name = "slow";
-        let err = anyhow::anyhow!("request timed out");
-
-        let display = mcp_init_error_display(server_name, None, &err);
-
-        assert_eq!(
-            "MCP client for `slow` timed out after 10 seconds. Add or adjust `startup_timeout_sec` in your config.toml:\n[mcp_servers.slow]\nstartup_timeout_sec = XX",
-            display
-        );
-    }
 }

codex-rs/core/src/codex/compact.rs

@@ -2,7 +2,6 @@ use std::sync::Arc;
 
 use super::Session;
 use super::TurnContext;
-use super::filter_model_visible_history;
 use super::get_last_assistant_message_from_turn;
 use crate::Prompt;
 use crate::client_common::ResponseEvent;
@@ -87,9 +86,8 @@ async fn run_compact_task_inner(
 
     loop {
         let turn_input = history.get_history();
-        let prompt_input = filter_model_visible_history(turn_input.clone());
         let prompt = Prompt {
-            input: prompt_input.clone(),
+            input: turn_input.clone(),
             ..Default::default()
         };
         let attempt_result = drain_to_completed(&sess, turn_context.as_ref(), &prompt).await;
@@ -111,7 +109,7 @@ async fn run_compact_task_inner(
                 return;
             }
             Err(e @ CodexErr::ContextWindowExceeded) => {
-                if prompt_input.len() > 1 {
+                if turn_input.len() > 1 {
                     // Trim from the beginning to preserve cache (prefix-based) and keep recent messages intact.
                     error!(
                         "Context window exceeded while compacting; removing oldest history item. Error: {e}"
@@ -134,7 +132,7 @@ async fn run_compact_task_inner(
                     let delay = backoff(retries);
                     sess.notify_stream_error(
                         turn_context.as_ref(),
-                        format!("Reconnecting... {retries}/{max_retries}"),
+                        format!("Re-connecting... {retries}/{max_retries}"),
                     )
                     .await;
                     tokio::time::sleep(delay).await;
@@ -154,13 +152,7 @@ async fn run_compact_task_inner(
     let summary_text = get_last_assistant_message_from_turn(&history_snapshot).unwrap_or_default();
     let user_messages = collect_user_messages(&history_snapshot);
     let initial_context = sess.build_initial_context(turn_context.as_ref());
-    let mut new_history = build_compacted_history(initial_context, &user_messages, &summary_text);
-    let ghost_snapshots: Vec<ResponseItem> = history_snapshot
-        .iter()
-        .filter(|item| matches!(item, ResponseItem::GhostSnapshot { .. }))
-        .cloned()
-        .collect();
-    new_history.extend(ghost_snapshots);
+    let new_history = build_compacted_history(initial_context, &user_messages, &summary_text);
     sess.replace_history(new_history).await;
 
     let rollout_item = RolloutItem::Compacted(CompactedItem {
@@ -208,20 +200,7 @@ pub(crate) fn build_compacted_history(
     user_messages: &[String],
     summary_text: &str,
 ) -> Vec<ResponseItem> {
-    build_compacted_history_with_limit(
-        initial_context,
-        user_messages,
-        summary_text,
-        COMPACT_USER_MESSAGE_MAX_TOKENS * 4,
-    )
-}
-
-fn build_compacted_history_with_limit(
-    mut history: Vec<ResponseItem>,
-    user_messages: &[String],
-    summary_text: &str,
-    max_bytes: usize,
-) -> Vec<ResponseItem> {
+    let mut history = initial_context;
     let mut user_messages_text = if user_messages.is_empty() {
         "(none)".to_string()
     } else {
@@ -229,6 +208,7 @@ fn build_compacted_history_with_limit(
     };
     // Truncate the concatenated prior user messages so the bridge message
     // stays well under the context window (approx. 4 bytes/token).
+    let max_bytes = COMPACT_USER_MESSAGE_MAX_TOKENS * 4;
     if user_messages_text.len() > max_bytes {
         user_messages_text = truncate_middle(&user_messages_text, max_bytes).0;
     }
@@ -381,16 +361,11 @@ mod tests {
 
     #[test]
     fn build_compacted_history_truncates_overlong_user_messages() {
-        // Use a small truncation limit so the test remains fast while still validating
-        // that oversized user content is truncated.
-        let max_bytes = 128;
-        let big = "X".repeat(max_bytes + 50);
-        let history = super::build_compacted_history_with_limit(
-            Vec::new(),
-            std::slice::from_ref(&big),
-            "SUMMARY",
-            max_bytes,
-        );
+        // Prepare a very large prior user message so the aggregated
+        // `user_messages_text` exceeds the truncation threshold used by
+        // `build_compacted_history` (80k bytes).
+        let big = "X".repeat(200_000);
+        let history = build_compacted_history(Vec::new(), std::slice::from_ref(&big), "SUMMARY");
 
         // Expect exactly one bridge message added to history (plus any initial context we provided, which is none).
         assert_eq!(history.len(), 1);

codex-rs/core/src/codex_conversation.rs

@@ -3,21 +3,16 @@ use crate::error::Result as CodexResult;
 use crate::protocol::Event;
 use crate::protocol::Op;
 use crate::protocol::Submission;
-use std::path::PathBuf;
 
 pub struct CodexConversation {
     codex: Codex,
-    rollout_path: PathBuf,
 }
 
 /// Conduit for the bidirectional stream of messages that compose a conversation
 /// in Codex.
 impl CodexConversation {
-    pub(crate) fn new(codex: Codex, rollout_path: PathBuf) -> Self {
-        Self {
-            codex,
-            rollout_path,
-        }
+    pub(crate) fn new(codex: Codex) -> Self {
+        Self { codex }
     }
 
     pub async fn submit(&self, op: Op) -> CodexResult<String> {
@@ -32,8 +27,4 @@ impl CodexConversation {
     pub async fn next_event(&self) -> CodexResult<Event> {
         self.codex.next_event().await
     }
-
-    pub fn rollout_path(&self) -> PathBuf {
-        self.rollout_path.clone()
-    }
 }

codex-rs/core/src/config.rs

@@ -223,9 +223,6 @@ pub struct Config {
 
     pub tools_web_search_request: bool,
 
-    /// When `true`, run a model-based assessment for commands denied by the sandbox.
-    pub experimental_sandbox_command_assessment: bool,
-
     pub use_experimental_streamable_shell_tool: bool,
 
     /// If set to `true`, used only the experimental unified exec tool.
@@ -961,7 +958,6 @@ pub struct ConfigToml {
     pub experimental_use_unified_exec_tool: Option<bool>,
     pub experimental_use_rmcp_client: Option<bool>,
     pub experimental_use_freeform_apply_patch: Option<bool>,
-    pub experimental_sandbox_command_assessment: Option<bool>,
 }
 
 impl From<ConfigToml> for UserSavedConfig {
@@ -1027,11 +1023,9 @@ impl ConfigToml {
     fn derive_sandbox_policy(
         &self,
         sandbox_mode_override: Option<SandboxMode>,
-        profile_sandbox_mode: Option<SandboxMode>,
         resolved_cwd: &Path,
     ) -> SandboxPolicy {
         let resolved_sandbox_mode = sandbox_mode_override
-            .or(profile_sandbox_mode)
             .or(self.sandbox_mode)
             .or_else(|| {
                 // if no sandbox_mode is set, but user has marked directory as trusted, use WorkspaceWrite
@@ -1124,7 +1118,6 @@ pub struct ConfigOverrides {
     pub include_view_image_tool: Option<bool>,
     pub show_raw_agent_reasoning: Option<bool>,
     pub tools_web_search_request: Option<bool>,
-    pub experimental_sandbox_command_assessment: Option<bool>,
     /// Additional directories that should be treated as writable roots for this session.
     pub additional_writable_roots: Vec<PathBuf>,
 }
@@ -1154,7 +1147,6 @@ impl Config {
             include_view_image_tool: include_view_image_tool_override,
             show_raw_agent_reasoning,
             tools_web_search_request: override_tools_web_search_request,
-            experimental_sandbox_command_assessment: sandbox_command_assessment_override,
             additional_writable_roots,
         } = overrides;
 
@@ -1180,7 +1172,6 @@ impl Config {
             include_apply_patch_tool: include_apply_patch_tool_override,
             include_view_image_tool: include_view_image_tool_override,
             web_search_request: override_tools_web_search_request,
-            experimental_sandbox_command_assessment: sandbox_command_assessment_override,
         };
 
         let features = Features::from_config(&cfg, &config_profile, feature_overrides);
@@ -1221,8 +1212,7 @@ impl Config {
             .get_active_project(&resolved_cwd)
             .unwrap_or(ProjectConfig { trust_level: None });
 
-        let mut sandbox_policy =
-            cfg.derive_sandbox_policy(sandbox_mode, config_profile.sandbox_mode, &resolved_cwd);
+        let mut sandbox_policy = cfg.derive_sandbox_policy(sandbox_mode, &resolved_cwd);
         if let SandboxPolicy::WorkspaceWrite { writable_roots, .. } = &mut sandbox_policy {
             for path in additional_writable_roots {
                 if !writable_roots.iter().any(|existing| existing == &path) {
@@ -1245,8 +1235,8 @@ impl Config {
             .is_some()
             || config_profile.approval_policy.is_some()
             || cfg.approval_policy.is_some()
+            // TODO(#3034): profile.sandbox_mode is not implemented
             || sandbox_mode.is_some()
-            || config_profile.sandbox_mode.is_some()
             || cfg.sandbox_mode.is_some();
 
         let mut model_providers = built_in_model_providers();
@@ -1279,8 +1269,6 @@ impl Config {
         let use_experimental_streamable_shell_tool = features.enabled(Feature::StreamableShell);
         let use_experimental_unified_exec_tool = features.enabled(Feature::UnifiedExec);
         let use_experimental_use_rmcp_client = features.enabled(Feature::RmcpClient);
-        let experimental_sandbox_command_assessment =
-            features.enabled(Feature::SandboxCommandAssessment);
 
         let forced_chatgpt_workspace_id =
             cfg.forced_chatgpt_workspace_id.as_ref().and_then(|value| {
@@ -1402,7 +1390,6 @@ impl Config {
             forced_login_method,
             include_apply_patch_tool: include_apply_patch_tool_flag,
             tools_web_search_request,
-            experimental_sandbox_command_assessment,
             use_experimental_streamable_shell_tool,
             use_experimental_unified_exec_tool,
             use_experimental_use_rmcp_client,
@@ -1606,11 +1593,8 @@ network_access = false  # This should be ignored.
         let sandbox_mode_override = None;
         assert_eq!(
             SandboxPolicy::DangerFullAccess,
-            sandbox_full_access_cfg.derive_sandbox_policy(
-                sandbox_mode_override,
-                None,
-                &PathBuf::from("/tmp/test")
-            )
+            sandbox_full_access_cfg
+                .derive_sandbox_policy(sandbox_mode_override, &PathBuf::from("/tmp/test"))
         );
 
         let sandbox_read_only = r#"
@@ -1625,11 +1609,8 @@ network_access = true  # This should be ignored.
         let sandbox_mode_override = None;
         assert_eq!(
             SandboxPolicy::ReadOnly,
-            sandbox_read_only_cfg.derive_sandbox_policy(
-                sandbox_mode_override,
-                None,
-                &PathBuf::from("/tmp/test")
-            )
+            sandbox_read_only_cfg
+                .derive_sandbox_policy(sandbox_mode_override, &PathBuf::from("/tmp/test"))
         );
 
         let sandbox_workspace_write = r#"
@@ -1653,11 +1634,8 @@ exclude_slash_tmp = true
                 exclude_tmpdir_env_var: true,
                 exclude_slash_tmp: true,
             },
-            sandbox_workspace_write_cfg.derive_sandbox_policy(
-                sandbox_mode_override,
-                None,
-                &PathBuf::from("/tmp/test")
-            )
+            sandbox_workspace_write_cfg
+                .derive_sandbox_policy(sandbox_mode_override, &PathBuf::from("/tmp/test"))
         );
 
         let sandbox_workspace_write = r#"
@@ -1684,11 +1662,8 @@ trust_level = "trusted"
                 exclude_tmpdir_env_var: true,
                 exclude_slash_tmp: true,
             },
-            sandbox_workspace_write_cfg.derive_sandbox_policy(
-                sandbox_mode_override,
-                None,
-                &PathBuf::from("/tmp/test")
-            )
+            sandbox_workspace_write_cfg
+                .derive_sandbox_policy(sandbox_mode_override, &PathBuf::from("/tmp/test"))
         );
     }
 
@@ -1780,75 +1755,6 @@ trust_level = "trusted"
         Ok(())
     }
 
-    #[test]
-    fn profile_sandbox_mode_overrides_base() -> std::io::Result<()> {
-        let codex_home = TempDir::new()?;
-        let mut profiles = HashMap::new();
-        profiles.insert(
-            "work".to_string(),
-            ConfigProfile {
-                sandbox_mode: Some(SandboxMode::DangerFullAccess),
-                ..Default::default()
-            },
-        );
-        let cfg = ConfigToml {
-            profiles,
-            profile: Some("work".to_string()),
-            sandbox_mode: Some(SandboxMode::ReadOnly),
-            ..Default::default()
-        };
-
-        let config = Config::load_from_base_config_with_overrides(
-            cfg,
-            ConfigOverrides::default(),
-            codex_home.path().to_path_buf(),
-        )?;
-
-        assert!(matches!(
-            config.sandbox_policy,
-            SandboxPolicy::DangerFullAccess
-        ));
-        assert!(config.did_user_set_custom_approval_policy_or_sandbox_mode);
-
-        Ok(())
-    }
-
-    #[test]
-    fn cli_override_takes_precedence_over_profile_sandbox_mode() -> std::io::Result<()> {
-        let codex_home = TempDir::new()?;
-        let mut profiles = HashMap::new();
-        profiles.insert(
-            "work".to_string(),
-            ConfigProfile {
-                sandbox_mode: Some(SandboxMode::DangerFullAccess),
-                ..Default::default()
-            },
-        );
-        let cfg = ConfigToml {
-            profiles,
-            profile: Some("work".to_string()),
-            ..Default::default()
-        };
-
-        let overrides = ConfigOverrides {
-            sandbox_mode: Some(SandboxMode::WorkspaceWrite),
-            ..Default::default()
-        };
-
-        let config = Config::load_from_base_config_with_overrides(
-            cfg,
-            overrides,
-            codex_home.path().to_path_buf(),
-        )?;
-
-        assert!(matches!(
-            config.sandbox_policy,
-            SandboxPolicy::WorkspaceWrite { .. }
-        ));
-
-        Ok(())
-    }
-
     #[test]
     fn feature_table_overrides_legacy_flags() -> std::io::Result<()> {
         let codex_home = TempDir::new()?;
@@ -2967,7 +2873,6 @@ model_verbosity = "high"
                 forced_login_method: None,
                 include_apply_patch_tool: false,
                 tools_web_search_request: false,
-                experimental_sandbox_command_assessment: false,
                 use_experimental_streamable_shell_tool: false,
                 use_experimental_unified_exec_tool: false,
                 use_experimental_use_rmcp_client: false,
@@ -3036,7 +2941,6 @@ model_verbosity = "high"
             forced_login_method: None,
             include_apply_patch_tool: false,
             tools_web_search_request: false,
-            experimental_sandbox_command_assessment: false,
             use_experimental_streamable_shell_tool: false,
             use_experimental_unified_exec_tool: false,
             use_experimental_use_rmcp_client: false,
@@ -3120,7 +3024,6 @@ model_verbosity = "high"
             forced_login_method: None,
             include_apply_patch_tool: false,
             tools_web_search_request: false,
-            experimental_sandbox_command_assessment: false,
             use_experimental_streamable_shell_tool: false,
             use_experimental_unified_exec_tool: false,
             use_experimental_use_rmcp_client: false,
@@ -3190,7 +3093,6 @@ model_verbosity = "high"
             forced_login_method: None,
             include_apply_patch_tool: false,
             tools_web_search_request: false,
-            experimental_sandbox_command_assessment: false,
             use_experimental_streamable_shell_tool: false,
             use_experimental_unified_exec_tool: false,
             use_experimental_use_rmcp_client: false,

codex-rs/core/src/config_profile.rs

@@ -4,7 +4,6 @@ use std::path::PathBuf;
 use crate::protocol::AskForApproval;
 use codex_protocol::config_types::ReasoningEffort;
 use codex_protocol::config_types::ReasoningSummary;
-use codex_protocol::config_types::SandboxMode;
 use codex_protocol::config_types::Verbosity;
 
 /// Collection of common configuration options that a user can define as a unit
@@ -16,7 +15,6 @@ pub struct ConfigProfile {
     /// [`ModelProviderInfo`] to use.
     pub model_provider: Option<String>,
     pub approval_policy: Option<AskForApproval>,
-    pub sandbox_mode: Option<SandboxMode>,
     pub model_reasoning_effort: Option<ReasoningEffort>,
     pub model_reasoning_summary: Option<ReasoningSummary>,
     pub model_verbosity: Option<Verbosity>,
@@ -28,7 +26,6 @@ pub struct ConfigProfile {
     pub experimental_use_exec_command_tool: Option<bool>,
     pub experimental_use_rmcp_client: Option<bool>,
     pub experimental_use_freeform_apply_patch: Option<bool>,
-    pub experimental_sandbox_command_assessment: Option<bool>,
     pub tools_web_search: Option<bool>,
     pub tools_view_image: Option<bool>,
     /// Optional feature toggles scoped to this profile.

codex-rs/core/src/conversation_history.rs

@@ -1,47 +1,17 @@
-use codex_protocol::models::FunctionCallOutputContentItem;
 use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::TokenUsage;
-use codex_protocol::protocol::TokenUsageInfo;
-use codex_utils_string::take_bytes_at_char_boundary;
-use codex_utils_string::take_last_bytes_at_char_boundary;
-use std::ops::Deref;
 use tracing::error;
 
-// Model-formatting limits: clients get full streams; only content sent to the model is truncated.
-pub(crate) const MODEL_FORMAT_MAX_BYTES: usize = 10 * 1024; // 10 KiB
-pub(crate) const MODEL_FORMAT_MAX_LINES: usize = 256; // lines
-pub(crate) const MODEL_FORMAT_HEAD_LINES: usize = MODEL_FORMAT_MAX_LINES / 2;
-pub(crate) const MODEL_FORMAT_TAIL_LINES: usize = MODEL_FORMAT_MAX_LINES - MODEL_FORMAT_HEAD_LINES; // 128
-pub(crate) const MODEL_FORMAT_HEAD_BYTES: usize = MODEL_FORMAT_MAX_BYTES / 2;
-
 /// Transcript of conversation history
 #[derive(Debug, Clone, Default)]
 pub(crate) struct ConversationHistory {
     /// The oldest items are at the beginning of the vector.
     items: Vec<ResponseItem>,
-    token_info: Option<TokenUsageInfo>,
 }
 
 impl ConversationHistory {
     pub(crate) fn new() -> Self {
-        Self {
-            items: Vec::new(),
-            token_info: TokenUsageInfo::new_or_append(&None, &None, None),
-        }
-    }
-
-    pub(crate) fn token_info(&self) -> Option<TokenUsageInfo> {
-        self.token_info.clone()
-    }
-
-    pub(crate) fn set_token_usage_full(&mut self, context_window: i64) {
-        match &mut self.token_info {
-            Some(info) => info.fill_to_context_window(context_window),
-            None => {
-                self.token_info = Some(TokenUsageInfo::full_context_window(context_window));
-            }
-        }
+        Self { items: Vec::new() }
     }
 
     /// `items` is ordered from oldest to newest.
@@ -51,14 +21,11 @@ impl ConversationHistory {
         I::Item: std::ops::Deref<Target = ResponseItem>,
     {
         for item in items {
-            let item_ref = item.deref();
-            let is_ghost_snapshot = matches!(item_ref, ResponseItem::GhostSnapshot { .. });
-            if !is_api_message(item_ref) && !is_ghost_snapshot {
+            if !is_api_message(&item) {
                 continue;
             }
 
-            let processed = Self::process_item(&item);
-            self.items.push(processed);
+            self.items.push(item.clone());
         }
     }
 
@@ -79,22 +46,6 @@ impl ConversationHistory {
         }
     }
 
-    pub(crate) fn replace(&mut self, items: Vec<ResponseItem>) {
-        self.items = items;
-    }
-
-    pub(crate) fn update_token_info(
-        &mut self,
-        usage: &TokenUsage,
-        model_context_window: Option<i64>,
-    ) {
-        self.token_info = TokenUsageInfo::new_or_append(
-            &self.token_info,
-            &Some(usage.clone()),
-            model_context_window,
-        );
-    }
-
     /// This function enforces a couple of invariants on the in-memory history:
     /// 1. every call (function/custom) has a corresponding output entry
     /// 2. every output has a corresponding call entry
@@ -137,7 +88,7 @@ impl ConversationHistory {
                                 call_id: call_id.clone(),
                                 output: FunctionCallOutputPayload {
                                     content: "aborted".to_string(),
-                                    ..Default::default()
+                                    success: None,
                                 },
                             },
                         ));
@@ -184,7 +135,7 @@ impl ConversationHistory {
                                     call_id: call_id.clone(),
                                     output: FunctionCallOutputPayload {
                                         content: "aborted".to_string(),
-                                        ..Default::default()
+                                        success: None,
                                     },
                                 },
                             ));
@@ -195,7 +146,6 @@ impl ConversationHistory {
                 | ResponseItem::WebSearchCall { .. }
                 | ResponseItem::FunctionCallOutput { .. }
                 | ResponseItem::CustomToolCallOutput { .. }
-                | ResponseItem::GhostSnapshot { .. }
                 | ResponseItem::Other
                 | ResponseItem::Message { .. } => {
                     // nothing to do for these variants
@@ -262,7 +212,6 @@ impl ConversationHistory {
                 | ResponseItem::LocalShellCall { .. }
                 | ResponseItem::Reasoning { .. }
                 | ResponseItem::WebSearchCall { .. }
-                | ResponseItem::GhostSnapshot { .. }
                 | ResponseItem::Other
                 | ResponseItem::Message { .. } => {
                     // nothing to do for these variants
@@ -280,6 +229,10 @@ impl ConversationHistory {
         }
     }
 
+    pub(crate) fn replace(&mut self, items: Vec<ResponseItem>) {
+        self.items = items;
+    }
+
     /// Removes the corresponding paired item for the provided `item`, if any.
     ///
     /// Pairs:
@@ -348,125 +301,6 @@ impl ConversationHistory {
             self.items.remove(pos);
         }
     }
-
-    fn process_item(item: &ResponseItem) -> ResponseItem {
-        match item {
-            ResponseItem::FunctionCallOutput { call_id, output } => {
-                let truncated = format_output_for_model_body(output.content.as_str());
-                let truncated_items = output.content_items.as_ref().map(|items| {
-                    items
-                        .iter()
-                        .map(|it| match it {
-                            FunctionCallOutputContentItem::InputText { text } => {
-                                FunctionCallOutputContentItem::InputText {
-                                    text: format_output_for_model_body(text),
-                                }
-                            }
-                            FunctionCallOutputContentItem::InputImage { image_url } => {
-                                FunctionCallOutputContentItem::InputImage {
-                                    image_url: image_url.clone(),
-                                }
-                            }
-                        })
-                        .collect()
-                });
-                ResponseItem::FunctionCallOutput {
-                    call_id: call_id.clone(),
-                    output: FunctionCallOutputPayload {
-                        content: truncated,
-                        content_items: truncated_items,
-                        success: output.success,
-                    },
-                }
-            }
-            ResponseItem::CustomToolCallOutput { call_id, output } => {
-                let truncated = format_output_for_model_body(output);
-                ResponseItem::CustomToolCallOutput {
-                    call_id: call_id.clone(),
-                    output: truncated,
-                }
-            }
-            ResponseItem::Message { .. }
-            | ResponseItem::Reasoning { .. }
-            | ResponseItem::LocalShellCall { .. }
-            | ResponseItem::FunctionCall { .. }
-            | ResponseItem::WebSearchCall { .. }
-            | ResponseItem::CustomToolCall { .. }
-            | ResponseItem::GhostSnapshot { .. }
-            | ResponseItem::Other => item.clone(),
-        }
-    }
-}
-
-pub(crate) fn format_output_for_model_body(content: &str) -> String {
-    // Head+tail truncation for the model: show the beginning and end with an elision.
-    // Clients still receive full streams; only this formatted summary is capped.
-    let total_lines = content.lines().count();
-    if content.len() <= MODEL_FORMAT_MAX_BYTES && total_lines <= MODEL_FORMAT_MAX_LINES {
-        return content.to_string();
-    }
-    let output = truncate_formatted_exec_output(content, total_lines);
-    format!("Total output lines: {total_lines}\n\n{output}")
-}
-
-fn truncate_formatted_exec_output(content: &str, total_lines: usize) -> String {
-    let segments: Vec<&str> = content.split_inclusive('\n').collect();
-    let head_take = MODEL_FORMAT_HEAD_LINES.min(segments.len());
-    let tail_take = MODEL_FORMAT_TAIL_LINES.min(segments.len().saturating_sub(head_take));
-    let omitted = segments.len().saturating_sub(head_take + tail_take);
-
-    let head_slice_end: usize = segments
-        .iter()
-        .take(head_take)
-        .map(|segment| segment.len())
-        .sum();
-    let tail_slice_start: usize = if tail_take == 0 {
-        content.len()
-    } else {
-        content.len()
-            - segments
-                .iter()
-                .rev()
-                .take(tail_take)
-                .map(|segment| segment.len())
-                .sum::<usize>()
-    };
-    let head_slice = &content[..head_slice_end];
-    let tail_slice = &content[tail_slice_start..];
-    let truncated_by_bytes = content.len() > MODEL_FORMAT_MAX_BYTES;
-    // this is a bit wrong. We are counting metadata lines and not just shell output lines.
-    let marker = if omitted > 0 {
-        Some(format!(
-            "\n[... omitted {omitted} of {total_lines} lines ...]\n\n"
-        ))
-    } else if truncated_by_bytes {
-        Some(format!(
-            "\n[... output truncated to fit {MODEL_FORMAT_MAX_BYTES} bytes ...]\n\n"
-        ))
-    } else {
-        None
-    };
-
-    let marker_len = marker.as_ref().map_or(0, String::len);
-    let base_head_budget = MODEL_FORMAT_HEAD_BYTES.min(MODEL_FORMAT_MAX_BYTES);
-    let head_budget = base_head_budget.min(MODEL_FORMAT_MAX_BYTES.saturating_sub(marker_len));
-    let head_part = take_bytes_at_char_boundary(head_slice, head_budget);
-    let mut result = String::with_capacity(MODEL_FORMAT_MAX_BYTES.min(content.len()));
-
-    result.push_str(head_part);
-    if let Some(marker_text) = marker.as_ref() {
-        result.push_str(marker_text);
-    }
-
-    let remaining = MODEL_FORMAT_MAX_BYTES.saturating_sub(result.len());
-    if remaining == 0 {
-        return result;
-    }
-
-    let tail_part = take_last_bytes_at_char_boundary(tail_slice, remaining);
-    result.push_str(tail_part);
-
-    result
 }
 
 #[inline]
@@ -490,7 +324,6 @@ fn is_api_message(message: &ResponseItem) -> bool {
         | ResponseItem::LocalShellCall { .. }
         | ResponseItem::Reasoning { .. }
         | ResponseItem::WebSearchCall { .. } => true,
-        ResponseItem::GhostSnapshot { .. } => false,
         ResponseItem::Other => false,
     }
 }
@@ -584,7 +417,7 @@ mod tests {
                 call_id: "call-1".to_string(),
                 output: FunctionCallOutputPayload {
                     content: "ok".to_string(),
-                    ..Default::default()
+                    success: None,
                 },
             },
         ];
@@ -600,7 +433,7 @@ mod tests {
                 call_id: "call-2".to_string(),
                 output: FunctionCallOutputPayload {
                     content: "ok".to_string(),
-                    ..Default::default()
+                    success: None,
                 },
             },
             ResponseItem::FunctionCall {
@@ -634,7 +467,7 @@ mod tests {
                 call_id: "call-3".to_string(),
                 output: FunctionCallOutputPayload {
                     content: "ok".to_string(),
-                    ..Default::default()
+                    success: None,
                 },
             },
         ];
@@ -663,184 +496,6 @@ mod tests {
         assert_eq!(h.contents(), vec![]);
     }
 
-    #[test]
-    fn record_items_truncates_function_call_output_content() {
-        let mut history = ConversationHistory::new();
-        let long_line = "a very long line to trigger truncation\n";
-        let long_output = long_line.repeat(2_500);
-        let item = ResponseItem::FunctionCallOutput {
-            call_id: "call-100".to_string(),
-            output: FunctionCallOutputPayload {
-                content: long_output.clone(),
-                success: Some(true),
-                ..Default::default()
-            },
-        };
-
-        history.record_items([&item]);
-
-        assert_eq!(history.items.len(), 1);
-        match &history.items[0] {
-            ResponseItem::FunctionCallOutput { output, .. } => {
-                assert_ne!(output.content, long_output);
-                assert!(
-                    output.content.starts_with("Total output lines:"),
-                    "expected truncated summary, got {}",
-                    output.content
-                );
-            }
-            other => panic!("unexpected history item: {other:?}"),
-        }
-    }
-
-    #[test]
-    fn record_items_truncates_custom_tool_call_output_content() {
-        let mut history = ConversationHistory::new();
-        let line = "custom output that is very long\n";
-        let long_output = line.repeat(2_500);
-        let item = ResponseItem::CustomToolCallOutput {
-            call_id: "tool-200".to_string(),
-            output: long_output.clone(),
-        };
-
-        history.record_items([&item]);
-
-        assert_eq!(history.items.len(), 1);
-        match &history.items[0] {
-            ResponseItem::CustomToolCallOutput { output, .. } => {
-                assert_ne!(output, &long_output);
-                assert!(
-                    output.starts_with("Total output lines:"),
-                    "expected truncated summary, got {output}"
-                );
-            }
-            other => panic!("unexpected history item: {other:?}"),
-        }
-    }
-
-    // The following tests were adapted from tools::mod truncation tests to
-    // target the new truncation functions in conversation_history.
-
-    use regex_lite::Regex;
-
-    fn assert_truncated_message_matches(message: &str, line: &str, total_lines: usize) {
-        let pattern = truncated_message_pattern(line, total_lines);
-        let regex = Regex::new(&pattern).unwrap_or_else(|err| {
-            panic!("failed to compile regex {pattern}: {err}");
-        });
-        let captures = regex
-            .captures(message)
-            .unwrap_or_else(|| panic!("message failed to match pattern {pattern}: {message}"));
-        let body = captures
-            .name("body")
-            .expect("missing body capture")
-            .as_str();
-        assert!(
-            body.len() <= MODEL_FORMAT_MAX_BYTES,
-            "body exceeds byte limit: {} bytes",
-            body.len()
-        );
-    }
-
-    fn truncated_message_pattern(line: &str, total_lines: usize) -> String {
-        let head_take = MODEL_FORMAT_HEAD_LINES.min(total_lines);
-        let tail_take = MODEL_FORMAT_TAIL_LINES.min(total_lines.saturating_sub(head_take));
-        let omitted = total_lines.saturating_sub(head_take + tail_take);
-        let escaped_line = regex_lite::escape(line);
-        if omitted == 0 {
-            return format!(
-                r"(?s)^Total output lines: {total_lines}\n\n(?P<body>{escaped_line}.*\n\[\.{{3}} output truncated to fit {MODEL_FORMAT_MAX_BYTES} bytes \.{{3}}]\n\n.*)$",
-            );
-        }
-        format!(
-            r"(?s)^Total output lines: {total_lines}\n\n(?P<body>{escaped_line}.*\n\[\.{{3}} omitted {omitted} of {total_lines} lines \.{{3}}]\n\n.*)$",
-        )
-    }
-
-    #[test]
-    fn format_exec_output_truncates_large_error() {
-        let line = "very long execution error line that should trigger truncation\n";
-        let large_error = line.repeat(2_500); // way beyond both byte and line limits
-
-        let truncated = format_output_for_model_body(&large_error);
-
-        let total_lines = large_error.lines().count();
-        assert_truncated_message_matches(&truncated, line, total_lines);
-        assert_ne!(truncated, large_error);
-    }
-
-    #[test]
-    fn format_exec_output_marks_byte_truncation_without_omitted_lines() {
-        let long_line = "a".repeat(MODEL_FORMAT_MAX_BYTES + 50);
-        let truncated = format_output_for_model_body(&long_line);
-
-        assert_ne!(truncated, long_line);
-        let marker_line =
-            format!("[... output truncated to fit {MODEL_FORMAT_MAX_BYTES} bytes ...]");
-        assert!(
-            truncated.contains(&marker_line),
-            "missing byte truncation marker: {truncated}"
-        );
-        assert!(
-            !truncated.contains("omitted"),
-            "line omission marker should not appear when no lines were dropped: {truncated}"
-        );
-    }
-
-    #[test]
-    fn format_exec_output_returns_original_when_within_limits() {
-        let content = "example output\n".repeat(10);
-
-        assert_eq!(format_output_for_model_body(&content), content);
-    }
-
-    #[test]
-    fn format_exec_output_reports_omitted_lines_and_keeps_head_and_tail() {
-        let total_lines = MODEL_FORMAT_MAX_LINES + 100;
-        let content: String = (0..total_lines)
-            .map(|idx| format!("line-{idx}\n"))
-            .collect();
-
-        let truncated = format_output_for_model_body(&content);
-        let omitted = total_lines - MODEL_FORMAT_MAX_LINES;
-        let expected_marker = format!("[... omitted {omitted} of {total_lines} lines ...]");
-
-        assert!(
-            truncated.contains(&expected_marker),
-            "missing omitted marker: {truncated}"
-        );
-        assert!(
-            truncated.contains("line-0\n"),
-            "expected head line to remain: {truncated}"
-        );
-
-        let last_line = format!("line-{}\n", total_lines - 1);
-        assert!(
-            truncated.contains(&last_line),
-            "expected tail line to remain: {truncated}"
-        );
-    }
-
-    #[test]
-    fn format_exec_output_prefers_line_marker_when_both_limits_exceeded() {
-        let total_lines = MODEL_FORMAT_MAX_LINES + 42;
-        let long_line = "x".repeat(256);
-        let content: String = (0..total_lines)
-            .map(|idx| format!("line-{idx}-{long_line}\n"))
-            .collect();
-
-        let truncated = format_output_for_model_body(&content);
-
-        assert!(
-            truncated.contains("[... omitted 42 of 298 lines ...]"),
-            "expected omitted marker when line count exceeds limit: {truncated}"
-        );
-        assert!(
-            !truncated.contains("output truncated to fit"),
-            "line omission marker should take precedence over byte marker: {truncated}"
-        );
-    }
-
     //TODO(aibrahim): run CI in release mode.
     #[cfg(not(debug_assertions))]
     #[test]
@@ -868,7 +523,7 @@ mod tests {
                     call_id: "call-x".to_string(),
                     output: FunctionCallOutputPayload {
                         content: "aborted".to_string(),
-                        ..Default::default()
+                        success: None,
                     },
                 },
             ]
@@ -945,7 +600,7 @@ mod tests {
                     call_id: "shell-1".to_string(),
                     output: FunctionCallOutputPayload {
                         content: "aborted".to_string(),
-                        ..Default::default()
+                        success: None,
                     },
                 },
             ]
@@ -959,7 +614,7 @@ mod tests {
             call_id: "orphan-1".to_string(),
             output: FunctionCallOutputPayload {
                 content: "ok".to_string(),
-                ..Default::default()
+                success: None,
             },
         }];
         let mut h = create_history_with_items(items);
@@ -999,7 +654,7 @@ mod tests {
                 call_id: "c2".to_string(),
                 output: FunctionCallOutputPayload {
                     content: "ok".to_string(),
-                    ..Default::default()
+                    success: None,
                 },
             },
             // Will get an inserted custom tool output
@@ -1041,7 +696,7 @@ mod tests {
                     call_id: "c1".to_string(),
                     output: FunctionCallOutputPayload {
                         content: "aborted".to_string(),
-                        ..Default::default()
+                        success: None,
                     },
                 },
                 ResponseItem::CustomToolCall {
@@ -1071,7 +726,7 @@ mod tests {
                     call_id: "s1".to_string(),
                     output: FunctionCallOutputPayload {
                         content: "aborted".to_string(),
-                        ..Default::default()
+                        success: None,
                     },
                 },
             ]
@@ -1136,7 +791,7 @@ mod tests {
             call_id: "orphan-1".to_string(),
             output: FunctionCallOutputPayload {
                 content: "ok".to_string(),
-                ..Default::default()
+                success: None,
             },
         }];
         let mut h = create_history_with_items(items);
@@ -1170,7 +825,7 @@ mod tests {
                 call_id: "c2".to_string(),
                 output: FunctionCallOutputPayload {
                     content: "ok".to_string(),
-                    ..Default::default()
+                    success: None,
                 },
             },
             ResponseItem::CustomToolCall {

codex-rs/core/src/conversation_manager.rs

@@ -98,10 +98,7 @@ impl ConversationManager {
             }
         };
 
-        let conversation = Arc::new(CodexConversation::new(
-            codex,
-            session_configured.rollout_path.clone(),
-        ));
+        let conversation = Arc::new(CodexConversation::new(codex));
         self.conversations
             .write()
             .await

codex-rs/core/src/default_client.rs

@@ -1,13 +1,5 @@
 use crate::spawn::CODEX_SANDBOX_ENV_VAR;
-use http::Error as HttpError;
-use reqwest::IntoUrl;
-use reqwest::Method;
-use reqwest::Response;
-use reqwest::header::HeaderName;
 use reqwest::header::HeaderValue;
-use serde::Serialize;
-use std::collections::HashMap;
-use std::fmt::Display;
 use std::sync::LazyLock;
 use std::sync::Mutex;
 use std::sync::OnceLock;
@@ -30,130 +22,6 @@ use std::sync::OnceLock;
 pub static USER_AGENT_SUFFIX: LazyLock<Mutex<Option<String>>> = LazyLock::new(|| Mutex::new(None));
 pub const DEFAULT_ORIGINATOR: &str = "codex_cli_rs";
 pub const CODEX_INTERNAL_ORIGINATOR_OVERRIDE_ENV_VAR: &str = "CODEX_INTERNAL_ORIGINATOR_OVERRIDE";
-
-#[derive(Clone, Debug)]
-pub struct CodexHttpClient {
-    inner: reqwest::Client,
-}
-
-impl CodexHttpClient {
-    fn new(inner: reqwest::Client) -> Self {
-        Self { inner }
-    }
-
-    pub fn get<U>(&self, url: U) -> CodexRequestBuilder
-    where
-        U: IntoUrl,
-    {
-        self.request(Method::GET, url)
-    }
-
-    pub fn post<U>(&self, url: U) -> CodexRequestBuilder
-    where
-        U: IntoUrl,
-    {
-        self.request(Method::POST, url)
-    }
-
-    pub fn request<U>(&self, method: Method, url: U) -> CodexRequestBuilder
-    where
-        U: IntoUrl,
-    {
-        let url_str = url.as_str().to_string();
-        CodexRequestBuilder::new(self.inner.request(method.clone(), url), method, url_str)
-    }
-}
-
-#[must_use = "requests are not sent unless `send` is awaited"]
-#[derive(Debug)]
-pub struct CodexRequestBuilder {
-    builder: reqwest::RequestBuilder,
-    method: Method,
-    url: String,
-}
-
-impl CodexRequestBuilder {
-    fn new(builder: reqwest::RequestBuilder, method: Method, url: String) -> Self {
-        Self {
-            builder,
-            method,
-            url,
-        }
-    }
-
-    fn map(self, f: impl FnOnce(reqwest::RequestBuilder) -> reqwest::RequestBuilder) -> Self {
-        Self {
-            builder: f(self.builder),
-            method: self.method,
-            url: self.url,
-        }
-    }
-
-    pub fn header<K, V>(self, key: K, value: V) -> Self
-    where
-        HeaderName: TryFrom<K>,
-        <HeaderName as TryFrom<K>>::Error: Into<HttpError>,
-        HeaderValue: TryFrom<V>,
-        <HeaderValue as TryFrom<V>>::Error: Into<HttpError>,
-    {
-        self.map(|builder| builder.header(key, value))
-    }
-
-    pub fn bearer_auth<T>(self, token: T) -> Self
-    where
-        T: Display,
-    {
-        self.map(|builder| builder.bearer_auth(token))
-    }
-
-    pub fn json<T>(self, value: &T) -> Self
-    where
-        T: ?Sized + Serialize,
-    {
-        self.map(|builder| builder.json(value))
-    }
-
-    pub async fn send(self) -> Result<Response, reqwest::Error> {
-        match self.builder.send().await {
-            Ok(response) => {
-                let request_ids = Self::extract_request_ids(&response);
-                tracing::debug!(
-                    method = %self.method,
-                    url = %self.url,
-                    status = %response.status(),
-                    request_ids = ?request_ids,
-                    version = ?response.version(),
-                    "Request completed"
-                );
-
-                Ok(response)
-            }
-            Err(error) => {
-                let status = error.status();
-                tracing::debug!(
-                    method = %self.method,
-                    url = %self.url,
-                    status = status.map(|s| s.as_u16()),
-                    error = %error,
-                    "Request failed"
-                );
-                Err(error)
-            }
-        }
-    }
-
-    fn extract_request_ids(response: &Response) -> HashMap<String, String> {
-        ["cf-ray", "x-request-id", "x-oai-request-id"]
-            .iter()
-            .filter_map(|&name| {
-                let header_name = HeaderName::from_static(name);
-                let value = response.headers().get(header_name)?;
-                let value = value.to_str().ok()?.to_owned();
-                Some((name.to_owned(), value))
-            })
-            .collect()
-    }
-}
 #[derive(Debug, Clone)]
 pub struct Originator {
     pub value: String,
@@ -256,8 +124,8 @@ fn sanitize_user_agent(candidate: String, fallback: &str) -> String {
     }
 }
 
-/// Create an HTTP client with default `originator` and `User-Agent` headers set.
-pub fn create_client() -> CodexHttpClient {
+/// Create a reqwest client with default `originator` and `User-Agent` headers set.
+pub fn create_client() -> reqwest::Client {
     use reqwest::header::HeaderMap;
 
     let mut headers = HeaderMap::new();
@@ -272,8 +140,7 @@ pub fn create_client() -> CodexHttpClient {
         builder = builder.no_proxy();
     }
 
-    let inner = builder.build().unwrap_or_else(|_| reqwest::Client::new());
-    CodexHttpClient::new(inner)
+    builder.build().unwrap_or_else(|_| reqwest::Client::new())
 }
 
 fn is_sandboxed() -> bool {

codex-rs/core/src/error.rs

@@ -55,7 +55,7 @@ pub enum SandboxErr {
 #[derive(Error, Debug)]
 pub enum CodexErr {
     // todo(aibrahim): git rid of this error carrying the dangling artifacts
-    #[error("turn aborted. Something went wrong? Hit `/feedback` to report the issue.")]
+    #[error("turn aborted")]
     TurnAborted {
         dangling_artifacts: Vec<ProcessedResponseItem>,
     },
@@ -91,7 +91,7 @@ pub enum CodexErr {
 
     /// Returned by run_command_stream when the user pressed Ctrl‑C (SIGINT). Session uses this to
     /// surface a polite FunctionCallOutput back to the model instead of crashing the CLI.
-    #[error("interrupted (Ctrl-C). Something went wrong? Hit `/feedback` to report the issue.")]
+    #[error("interrupted (Ctrl-C)")]
     Interrupted,
 
     /// Unexpected HTTP status code.

codex-rs/core/src/features.rs

@@ -39,10 +39,6 @@ pub enum Feature {
     ViewImageTool,
     /// Allow the model to request web searches.
     WebSearchRequest,
-    /// Enable the model-based risk assessments for sandboxed commands.
-    SandboxCommandAssessment,
-    /// Create a ghost commit at each turn.
-    GhostCommit,
 }
 
 impl Feature {
@@ -77,7 +73,6 @@ pub struct FeatureOverrides {
     pub include_apply_patch_tool: Option<bool>,
     pub include_view_image_tool: Option<bool>,
     pub web_search_request: Option<bool>,
-    pub experimental_sandbox_command_assessment: Option<bool>,
 }
 
 impl FeatureOverrides {
@@ -142,7 +137,6 @@ impl Features {
         let mut features = Features::with_defaults();
 
         let base_legacy = LegacyFeatureToggles {
-            experimental_sandbox_command_assessment: cfg.experimental_sandbox_command_assessment,
             experimental_use_freeform_apply_patch: cfg.experimental_use_freeform_apply_patch,
             experimental_use_exec_command_tool: cfg.experimental_use_exec_command_tool,
             experimental_use_unified_exec_tool: cfg.experimental_use_unified_exec_tool,
@@ -160,8 +154,6 @@ impl Features {
         let profile_legacy = LegacyFeatureToggles {
             include_apply_patch_tool: config_profile.include_apply_patch_tool,
             include_view_image_tool: config_profile.include_view_image_tool,
-            experimental_sandbox_command_assessment: config_profile
-                .experimental_sandbox_command_assessment,
             experimental_use_freeform_apply_patch: config_profile
                 .experimental_use_freeform_apply_patch,
             experimental_use_exec_command_tool: config_profile.experimental_use_exec_command_tool,
@@ -191,11 +183,6 @@ fn feature_for_key(key: &str) -> Option<Feature> {
     legacy::feature_for_key(key)
 }
 
-/// Returns `true` if the provided string matches a known feature toggle key.
-pub fn is_known_feature_key(key: &str) -> bool {
-    feature_for_key(key).is_some()
-}
-
 /// Deserializable features table for TOML.
 #[derive(Deserialize, Debug, Clone, Default, PartialEq)]
 pub struct FeaturesToml {
@@ -249,16 +236,4 @@ pub const FEATURES: &[FeatureSpec] = &[
         stage: Stage::Stable,
         default_enabled: false,
     },
-    FeatureSpec {
-        id: Feature::SandboxCommandAssessment,
-        key: "experimental_sandbox_command_assessment",
-        stage: Stage::Experimental,
-        default_enabled: false,
-    },
-    FeatureSpec {
-        id: Feature::GhostCommit,
-        key: "ghost_commit",
-        stage: Stage::Experimental,
-        default_enabled: false,
-    },
 ];

codex-rs/core/src/features/legacy.rs

@@ -9,10 +9,6 @@ struct Alias {
 }
 
 const ALIASES: &[Alias] = &[
-    Alias {
-        legacy_key: "experimental_sandbox_command_assessment",
-        feature: Feature::SandboxCommandAssessment,
-    },
     Alias {
         legacy_key: "experimental_use_unified_exec_tool",
         feature: Feature::UnifiedExec,
@@ -57,7 +53,6 @@ pub(crate) fn feature_for_key(key: &str) -> Option<Feature> {
 pub struct LegacyFeatureToggles {
     pub include_apply_patch_tool: Option<bool>,
     pub include_view_image_tool: Option<bool>,
-    pub experimental_sandbox_command_assessment: Option<bool>,
     pub experimental_use_freeform_apply_patch: Option<bool>,
     pub experimental_use_exec_command_tool: Option<bool>,
     pub experimental_use_unified_exec_tool: Option<bool>,
@@ -74,12 +69,6 @@ impl LegacyFeatureToggles {
             self.include_apply_patch_tool,
             "include_apply_patch_tool",
         );
-        set_if_some(
-            features,
-            Feature::SandboxCommandAssessment,
-            self.experimental_sandbox_command_assessment,
-            "experimental_sandbox_command_assessment",
-        );
         set_if_some(
             features,
             Feature::ApplyPatchFreeform,

codex-rs/core/src/lib.rs

@@ -14,6 +14,7 @@ mod client_common;
 pub mod codex;
 mod codex_conversation;
 pub use codex_conversation::CodexConversation;
+mod codex_delegate;
 mod command_safety;
 pub mod config;
 pub mod config_edit;
@@ -77,7 +78,6 @@ pub use rollout::find_conversation_path_by_id_str;
 pub use rollout::list::ConversationItem;
 pub use rollout::list::ConversationsPage;
 pub use rollout::list::Cursor;
-pub use rollout::list::read_head_for_summary;
 mod function_tool;
 mod state;
 mod tasks;

codex-rs/core/src/mcp_connection_manager.rs

@@ -49,7 +49,7 @@ const MCP_TOOL_NAME_DELIMITER: &str = "__";
 const MAX_TOOL_NAME_LENGTH: usize = 64;
 
 /// Default timeout for initializing MCP server & initially listing tools.
-pub const DEFAULT_STARTUP_TIMEOUT: Duration = Duration::from_secs(10);
+const DEFAULT_STARTUP_TIMEOUT: Duration = Duration::from_secs(10);
 
 /// Default timeout for individual tool calls.
 const DEFAULT_TOOL_TIMEOUT: Duration = Duration::from_secs(60);

codex-rs/core/src/mcp_tool_call.rs

@@ -35,7 +35,6 @@ pub(crate) async fn handle_mcp_tool_call(
                     output: FunctionCallOutputPayload {
                         content: format!("err: {e}"),
                         success: Some(false),
-                        ..Default::default()
                     },
                 };
             }

codex-rs/core/src/model_family.rs

@@ -54,9 +54,6 @@ pub struct ModelFamily {
     /// This is applied when computing the effective context window seen by
     /// consumers.
     pub effective_context_window_percent: i64,
-
-    /// If the model family supports setting the verbosity level when using Responses API.
-    pub support_verbosity: bool,
 }
 
 macro_rules! model_family {
@@ -76,7 +73,6 @@ macro_rules! model_family {
             base_instructions: BASE_INSTRUCTIONS.to_string(),
             experimental_supported_tools: Vec::new(),
             effective_context_window_percent: 95,
-            support_verbosity: false,
         };
         // apply overrides
         $(
@@ -132,11 +128,10 @@ pub fn find_family_for_model(slug: &str) -> Option<ModelFamily> {
                 "test_sync_tool".to_string(),
             ],
             supports_parallel_tool_calls: true,
-            support_verbosity: true,
         )
 
     // Internal models.
-    } else if slug.starts_with("codex-exp-") {
+    } else if slug.starts_with("codex-") {
         model_family!(
             slug, slug,
             supports_reasoning_summaries: true,
@@ -149,25 +144,22 @@ pub fn find_family_for_model(slug: &str) -> Option<ModelFamily> {
                 "read_file".to_string(),
             ],
             supports_parallel_tool_calls: true,
-            support_verbosity: true,
         )
 
     // Production models.
-    } else if slug.starts_with("gpt-5-codex") || slug.starts_with("codex-") {
+    } else if slug.starts_with("gpt-5-codex") {
         model_family!(
             slug, slug,
             supports_reasoning_summaries: true,
             reasoning_summary_format: ReasoningSummaryFormat::Experimental,
             base_instructions: GPT_5_CODEX_INSTRUCTIONS.to_string(),
             apply_patch_tool_type: Some(ApplyPatchToolType::Freeform),
-            support_verbosity: true,
         )
     } else if slug.starts_with("gpt-5") {
         model_family!(
             slug, "gpt-5",
             supports_reasoning_summaries: true,
             needs_special_apply_patch_instructions: true,
-            support_verbosity: true,
         )
     } else {
         None
@@ -187,6 +179,5 @@ pub fn derive_default_model_family(model: &str) -> ModelFamily {
         base_instructions: BASE_INSTRUCTIONS.to_string(),
         experimental_supported_tools: Vec::new(),
         effective_context_window_percent: 95,
-        support_verbosity: false,
     }
 }

codex-rs/core/src/model_provider_info.rs

@@ -6,8 +6,6 @@
 //!      key. These override or extend the defaults at runtime.
 
 use crate::CodexAuth;
-use crate::default_client::CodexHttpClient;
-use crate::default_client::CodexRequestBuilder;
 use codex_app_server_protocol::AuthMode;
 use serde::Deserialize;
 use serde::Serialize;
@@ -97,7 +95,7 @@ pub struct ModelProviderInfo {
 
 impl ModelProviderInfo {
     /// Construct a `POST` RequestBuilder for the given URL using the provided
-    /// [`CodexHttpClient`] applying:
+    /// reqwest Client applying:
     ///   • provider-specific headers (static + env based)
     ///   • Bearer auth header when an API key is available.
     ///   • Auth token for OAuth.
@@ -106,9 +104,9 @@ impl ModelProviderInfo {
     /// one produced by [`ModelProviderInfo::api_key`].
     pub async fn create_request_builder<'a>(
         &'a self,
-        client: &'a CodexHttpClient,
+        client: &'a reqwest::Client,
         auth: &Option<CodexAuth>,
-    ) -> crate::error::Result<CodexRequestBuilder> {
+    ) -> crate::error::Result<reqwest::RequestBuilder> {
         let effective_auth = if let Some(secret_key) = &self.experimental_bearer_token {
             Some(CodexAuth::from_api_key(secret_key))
         } else {
@@ -189,9 +187,9 @@ impl ModelProviderInfo {
     }
 
     /// Apply provider-specific HTTP headers (both static and environment-based)
-    /// onto an existing [`CodexRequestBuilder`] and return the updated
+    /// onto an existing `reqwest::RequestBuilder` and return the updated
     /// builder.
-    fn apply_http_headers(&self, mut builder: CodexRequestBuilder) -> CodexRequestBuilder {
+    fn apply_http_headers(&self, mut builder: reqwest::RequestBuilder) -> reqwest::RequestBuilder {
         if let Some(extra) = &self.http_headers {
             for (k, v) in extra {
                 builder = builder.header(k, v);

codex-rs/core/src/openai_model_info.rs

@@ -37,10 +37,8 @@ impl ModelInfo {
 }
 
 pub(crate) fn get_model_info(model_family: &ModelFamily) -> Option<ModelInfo> {
-    let raw_slug = model_family.slug.as_str();
-    let slug = raw_slug.strip_prefix("openai/").unwrap_or(raw_slug);
-    let normalized_slug = slug.replace(':', "-");
-    match normalized_slug.as_str() {
+    let slug = model_family.slug.as_str();
+    match slug {
         // OSS models have a 128k shared token pool.
         // Arbitrarily splitting it: 3/4 input context, 1/4 output.
         // https://openai.com/index/gpt-oss-model-card/

codex-rs/core/src/response_processing.rs

@@ -1,6 +1,4 @@
 use crate::codex::Session;
-use crate::codex::TurnContext;
-use crate::conversation_history::ConversationHistory;
 use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ResponseItem;
@@ -11,10 +9,7 @@ use tracing::warn;
 /// - `ResponseInputItem`s to send back to the model on the next turn.
 pub(crate) async fn process_items(
     processed_items: Vec<crate::codex::ProcessedResponseItem>,
-    is_review_mode: bool,
-    review_thread_history: &mut ConversationHistory,
     sess: &Session,
-    turn_context: &TurnContext,
 ) -> (Vec<ResponseInputItem>, Vec<ResponseItem>) {
     let mut items_to_record_in_conversation_history = Vec::<ResponseItem>::new();
     let mut responses = Vec::<ResponseInputItem>::new();
@@ -61,11 +56,14 @@ pub(crate) async fn process_items(
             ) => {
                 items_to_record_in_conversation_history.push(item);
                 let output = match result {
-                    Ok(call_tool_result) => FunctionCallOutputPayload::from(call_tool_result),
+                    Ok(call_tool_result) => {
+                        crate::codex::convert_call_tool_result_to_function_call_output_payload(
+                            call_tool_result,
+                        )
+                    }
                     Err(err) => FunctionCallOutputPayload {
                         content: err.clone(),
                         success: Some(false),
-                        ..Default::default()
                     },
                 };
                 items_to_record_in_conversation_history.push(ResponseItem::FunctionCallOutput {
@@ -100,12 +98,8 @@ pub(crate) async fn process_items(
 
     // Only attempt to take the lock if there is something to record.
     if !items_to_record_in_conversation_history.is_empty() {
-        if is_review_mode {
-            review_thread_history.record_items(items_to_record_in_conversation_history.iter());
-        } else {
-            sess.record_conversation_items(turn_context, &items_to_record_in_conversation_history)
-                .await;
-        }
+        sess.record_conversation_items(&items_to_record_in_conversation_history)
+            .await;
     }
     (responses, items_to_record_in_conversation_history)
 }

codex-rs/core/src/rollout/list.rs

@@ -1,11 +1,12 @@
 use std::cmp::Reverse;
 use std::io::{self};
-use std::num::NonZero;
 use std::path::Path;
 use std::path::PathBuf;
+
+use codex_file_search as file_search;
+use std::num::NonZero;
 use std::sync::Arc;
 use std::sync::atomic::AtomicBool;
-
 use time::OffsetDateTime;
 use time::PrimitiveDateTime;
 use time::format_description::FormatItem;
@@ -14,7 +15,6 @@ use uuid::Uuid;
 
 use super::SESSIONS_SUBDIR;
 use crate::protocol::EventMsg;
-use codex_file_search as file_search;
 use codex_protocol::protocol::RolloutItem;
 use codex_protocol::protocol::RolloutLine;
 use codex_protocol::protocol::SessionSource;
@@ -54,7 +54,6 @@ struct HeadTailSummary {
     saw_session_meta: bool,
     saw_user_event: bool,
     source: Option<SessionSource>,
-    model_provider: Option<String>,
     created_at: Option<String>,
     updated_at: Option<String>,
 }
@@ -110,8 +109,6 @@ pub(crate) async fn get_conversations(
     page_size: usize,
     cursor: Option<&Cursor>,
     allowed_sources: &[SessionSource],
-    model_providers: Option<&[String]>,
-    default_provider: &str,
 ) -> io::Result<ConversationsPage> {
     let mut root = codex_home.to_path_buf();
     root.push(SESSIONS_SUBDIR);
@@ -127,17 +124,8 @@ pub(crate) async fn get_conversations(
 
     let anchor = cursor.cloned();
 
-    let provider_matcher =
-        model_providers.and_then(|filters| ProviderMatcher::new(filters, default_provider));
-
-    let result = traverse_directories_for_paths(
-        root.clone(),
-        page_size,
-        anchor,
-        allowed_sources,
-        provider_matcher.as_ref(),
-    )
-    .await?;
+    let result =
+        traverse_directories_for_paths(root.clone(), page_size, anchor, allowed_sources).await?;
     Ok(result)
 }
 
@@ -157,7 +145,6 @@ async fn traverse_directories_for_paths(
     page_size: usize,
     anchor: Option<Cursor>,
     allowed_sources: &[SessionSource],
-    provider_matcher: Option<&ProviderMatcher<'_>>,
 ) -> io::Result<ConversationsPage> {
     let mut items: Vec<ConversationItem> = Vec::with_capacity(page_size);
     let mut scanned_files = 0usize;
@@ -166,7 +153,6 @@ async fn traverse_directories_for_paths(
         Some(c) => (c.ts, c.id),
         None => (OffsetDateTime::UNIX_EPOCH, Uuid::nil()),
     };
-    let mut more_matches_available = false;
 
     let year_dirs = collect_dirs_desc(&root, |s| s.parse::<u16>().ok()).await?;
 
@@ -198,7 +184,6 @@ async fn traverse_directories_for_paths(
                 for (ts, sid, _name_str, path) in day_files.into_iter() {
                     scanned_files += 1;
                     if scanned_files >= MAX_SCAN_FILES && items.len() >= page_size {
-                        more_matches_available = true;
                         break 'outer;
                     }
                     if !anchor_passed {
@@ -209,7 +194,6 @@ async fn traverse_directories_for_paths(
                         }
                     }
                     if items.len() == page_size {
-                        more_matches_available = true;
                         break 'outer;
                     }
                     // Read head and simultaneously detect message events within the same
@@ -224,11 +208,6 @@ async fn traverse_directories_for_paths(
                     {
                         continue;
                     }
-                    if let Some(matcher) = provider_matcher
-                        && !matcher.matches(summary.model_provider.as_deref())
-                    {
-                        continue;
-                    }
                     // Apply filters: must have session meta and at least one user message event
                     if summary.saw_session_meta && summary.saw_user_event {
                         let HeadTailSummary {
@@ -252,21 +231,12 @@ async fn traverse_directories_for_paths(
         }
     }
 
-    let reached_scan_cap = scanned_files >= MAX_SCAN_FILES;
-    if reached_scan_cap && !items.is_empty() {
-        more_matches_available = true;
-    }
-
-    let next = if more_matches_available {
-        build_next_cursor(&items)
-    } else {
-        None
-    };
+    let next = build_next_cursor(&items);
     Ok(ConversationsPage {
         items,
         next_cursor: next,
         num_scanned_files: scanned_files,
-        reached_scan_cap,
+        reached_scan_cap: scanned_files >= MAX_SCAN_FILES,
     })
 }
 
@@ -358,32 +328,6 @@ fn parse_timestamp_uuid_from_filename(name: &str) -> Option<(OffsetDateTime, Uui
     Some((ts, uuid))
 }
 
-struct ProviderMatcher<'a> {
-    filters: &'a [String],
-    matches_default_provider: bool,
-}
-
-impl<'a> ProviderMatcher<'a> {
-    fn new(filters: &'a [String], default_provider: &'a str) -> Option<Self> {
-        if filters.is_empty() {
-            return None;
-        }
-
-        let matches_default_provider = filters.iter().any(|provider| provider == default_provider);
-        Some(Self {
-            filters,
-            matches_default_provider,
-        })
-    }
-
-    fn matches(&self, session_provider: Option<&str>) -> bool {
-        match session_provider {
-            Some(provider) => self.filters.iter().any(|candidate| candidate == provider),
-            None => self.matches_default_provider,
-        }
-    }
-}
-
 async fn read_head_and_tail(
     path: &Path,
     head_limit: usize,
@@ -410,7 +354,6 @@ async fn read_head_and_tail(
         match rollout_line.item {
             RolloutItem::SessionMeta(session_meta_line) => {
                 summary.source = Some(session_meta_line.meta.source);
-                summary.model_provider = session_meta_line.meta.model_provider.clone();
                 summary.created_at = summary
                     .created_at
                     .clone()
@@ -451,13 +394,6 @@ async fn read_head_and_tail(
     Ok(summary)
 }
 
-/// Read up to `HEAD_RECORD_LIMIT` records from the start of the rollout file at `path`.
-/// This should be enough to produce a summary including the session meta line.
-pub async fn read_head_for_summary(path: &Path) -> io::Result<Vec<serde_json::Value>> {
-    let summary = read_head_and_tail(path, HEAD_RECORD_LIMIT, 0).await?;
-    Ok(summary.head)
-}
-
 async fn read_tail_records(
     path: &Path,
     max_records: usize,
@@ -579,7 +515,6 @@ pub async fn find_conversation_path_by_id_str(
         threads,
         cancel,
         compute_indices,
-        false,
     )
     .map_err(|e| io::Error::other(format!("file search failed: {e}")))?;
 

codex-rs/core/src/rollout/policy.rs

@@ -26,8 +26,7 @@ pub(crate) fn should_persist_response_item(item: &ResponseItem) -> bool {
         | ResponseItem::FunctionCallOutput { .. }
         | ResponseItem::CustomToolCall { .. }
         | ResponseItem::CustomToolCallOutput { .. }
-        | ResponseItem::WebSearchCall { .. }
-        | ResponseItem::GhostSnapshot { .. } => true,
+        | ResponseItem::WebSearchCall { .. } => true,
         ResponseItem::Other => false,
     }
 }
@@ -43,7 +42,6 @@ pub(crate) fn should_persist_event_msg(ev: &EventMsg) -> bool {
         | EventMsg::TokenCount(_)
         | EventMsg::EnteredReviewMode(_)
         | EventMsg::ExitedReviewMode(_)
-        | EventMsg::UndoCompleted(_)
         | EventMsg::TurnAborted(_) => true,
         EventMsg::Error(_)
         | EventMsg::TaskStarted(_)
@@ -52,7 +50,6 @@ pub(crate) fn should_persist_event_msg(ev: &EventMsg) -> bool {
         | EventMsg::AgentReasoningDelta(_)
         | EventMsg::AgentReasoningRawContentDelta(_)
         | EventMsg::AgentReasoningSectionBreak(_)
-        | EventMsg::RawResponseItem(_)
         | EventMsg::SessionConfigured(_)
         | EventMsg::McpToolCallBegin(_)
         | EventMsg::McpToolCallEnd(_)
@@ -69,12 +66,12 @@ pub(crate) fn should_persist_event_msg(ev: &EventMsg) -> bool {
         | EventMsg::PatchApplyEnd(_)
         | EventMsg::TurnDiff(_)
         | EventMsg::GetHistoryEntryResponse(_)
-        | EventMsg::UndoStarted(_)
         | EventMsg::McpListToolsResponse(_)
         | EventMsg::ListCustomPromptsResponse(_)
         | EventMsg::PlanUpdate(_)
         | EventMsg::ShutdownComplete
         | EventMsg::ViewImageToolCall(_)
+        | EventMsg::ConversationPath(_)
         | EventMsg::ItemStarted(_)
         | EventMsg::ItemCompleted(_) => false,
     }

codex-rs/core/src/rollout/recorder.rs

@@ -97,18 +97,8 @@ impl RolloutRecorder {
         page_size: usize,
         cursor: Option<&Cursor>,
         allowed_sources: &[SessionSource],
-        model_providers: Option<&[String]>,
-        default_provider: &str,
     ) -> std::io::Result<ConversationsPage> {
-        get_conversations(
-            codex_home,
-            page_size,
-            cursor,
-            allowed_sources,
-            model_providers,
-            default_provider,
-        )
-        .await
+        get_conversations(codex_home, page_size, cursor, allowed_sources).await
     }
 
     /// Attempt to create a new [`RolloutRecorder`]. If the sessions directory
@@ -147,7 +137,6 @@ impl RolloutRecorder {
                         cli_version: env!("CARGO_PKG_VERSION").to_string(),
                         instructions,
                         source,
-                        model_provider: Some(config.model_provider_id.clone()),
                     }),
                 )
             }
@@ -278,6 +267,10 @@ impl RolloutRecorder {
         }))
     }
 
+    pub(crate) fn get_rollout_path(&self) -> PathBuf {
+        self.rollout_path.clone()
+    }
+
     pub async fn shutdown(&self) -> std::io::Result<()> {
         let (tx_done, rx_done) = oneshot::channel();
         match self.tx.send(RolloutCmd::Shutdown { ack: tx_done }).await {

codex-rs/core/src/rollout/tests.rs

@@ -32,14 +32,6 @@ use codex_protocol::protocol::SessionSource;
 use codex_protocol::protocol::UserMessageEvent;
 
 const NO_SOURCE_FILTER: &[SessionSource] = &[];
-const TEST_PROVIDER: &str = "test-provider";
-
-fn provider_vec(providers: &[&str]) -> Vec<String> {
-    providers
-        .iter()
-        .map(std::string::ToString::to_string)
-        .collect()
-}
 
 fn write_session_file(
     root: &Path,
@@ -47,24 +39,6 @@ fn write_session_file(
     uuid: Uuid,
     num_records: usize,
     source: Option<SessionSource>,
-) -> std::io::Result<(OffsetDateTime, Uuid)> {
-    write_session_file_with_provider(
-        root,
-        ts_str,
-        uuid,
-        num_records,
-        source,
-        Some("test-provider"),
-    )
-}
-
-fn write_session_file_with_provider(
-    root: &Path,
-    ts_str: &str,
-    uuid: Uuid,
-    num_records: usize,
-    source: Option<SessionSource>,
-    model_provider: Option<&str>,
 ) -> std::io::Result<(OffsetDateTime, Uuid)> {
     let format: &[FormatItem] =
         format_description!("[year]-[month]-[day]T[hour]-[minute]-[second]");
@@ -94,9 +68,6 @@ fn write_session_file_with_provider(
     if let Some(source) = source {
         payload["source"] = serde_json::to_value(source).unwrap();
     }
-    if let Some(provider) = model_provider {
-        payload["model_provider"] = serde_json::Value::String(provider.to_string());
-    }
 
     let meta = serde_json::json!({
         "timestamp": ts_str,
@@ -163,17 +134,9 @@ async fn test_list_conversations_latest_first() {
     )
     .unwrap();
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page = get_conversations(
-        home,
-        10,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await
-    .unwrap();
+    let page = get_conversations(home, 10, None, INTERACTIVE_SESSION_SOURCES)
+        .await
+        .unwrap();
 
     // Build expected objects
     let p1 = home
@@ -203,7 +166,6 @@ async fn test_list_conversations_latest_first() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
     let head_2 = vec![serde_json::json!({
         "id": u2,
@@ -213,7 +175,6 @@ async fn test_list_conversations_latest_first() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
     let head_1 = vec![serde_json::json!({
         "id": u1,
@@ -223,9 +184,11 @@ async fn test_list_conversations_latest_first() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
 
+    let expected_cursor: Cursor =
+        serde_json::from_str(&format!("\"2025-01-01T12-00-00|{u1}\"")).unwrap();
+
     let expected = ConversationsPage {
         items: vec![
             ConversationItem {
@@ -250,7 +213,7 @@ async fn test_list_conversations_latest_first() {
                 updated_at: Some("2025-01-01T12-00-00".into()),
             },
         ],
-        next_cursor: None,
+        next_cursor: Some(expected_cursor),
         num_scanned_files: 3,
         reached_scan_cap: false,
     };
@@ -312,17 +275,9 @@ async fn test_pagination_cursor() {
     )
     .unwrap();
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page1 = get_conversations(
-        home,
-        2,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await
-    .unwrap();
+    let page1 = get_conversations(home, 2, None, INTERACTIVE_SESSION_SOURCES)
+        .await
+        .unwrap();
     let p5 = home
         .join("sessions")
         .join("2025")
@@ -343,7 +298,6 @@ async fn test_pagination_cursor() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
     let head_4 = vec![serde_json::json!({
         "id": u4,
@@ -353,7 +307,6 @@ async fn test_pagination_cursor() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
     let expected_cursor1: Cursor =
         serde_json::from_str(&format!("\"2025-03-04T09-00-00|{u4}\"")).unwrap();
@@ -385,8 +338,6 @@ async fn test_pagination_cursor() {
         2,
         page1.next_cursor.as_ref(),
         INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
     )
     .await
     .unwrap();
@@ -410,7 +361,6 @@ async fn test_pagination_cursor() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
     let head_2 = vec![serde_json::json!({
         "id": u2,
@@ -420,7 +370,6 @@ async fn test_pagination_cursor() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
     let expected_cursor2: Cursor =
         serde_json::from_str(&format!("\"2025-03-02T09-00-00|{u2}\"")).unwrap();
@@ -452,8 +401,6 @@ async fn test_pagination_cursor() {
         2,
         page2.next_cursor.as_ref(),
         INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
     )
     .await
     .unwrap();
@@ -471,8 +418,9 @@ async fn test_pagination_cursor() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
+    let expected_cursor3: Cursor =
+        serde_json::from_str(&format!("\"2025-03-01T09-00-00|{u1}\"")).unwrap();
     let expected_page3 = ConversationsPage {
         items: vec![ConversationItem {
             path: p1,
@@ -481,7 +429,7 @@ async fn test_pagination_cursor() {
             created_at: Some("2025-03-01T09-00-00".into()),
             updated_at: Some("2025-03-01T09-00-00".into()),
         }],
-        next_cursor: None,
+        next_cursor: Some(expected_cursor3),
         num_scanned_files: 5, // scanned 05, 04 (anchor), 03, 02 (anchor), 01
         reached_scan_cap: false,
     };
@@ -497,17 +445,9 @@ async fn test_get_conversation_contents() {
     let ts = "2025-04-01T10-30-00";
     write_session_file(home, ts, uuid, 2, Some(SessionSource::VSCode)).unwrap();
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page = get_conversations(
-        home,
-        1,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await
-    .unwrap();
+    let page = get_conversations(home, 1, None, INTERACTIVE_SESSION_SOURCES)
+        .await
+        .unwrap();
     let path = &page.items[0].path;
 
     let content = get_conversation(path).await.unwrap();
@@ -527,8 +467,8 @@ async fn test_get_conversation_contents() {
         "originator": "test_originator",
         "cli_version": "test_version",
         "source": "vscode",
-        "model_provider": "test-provider",
     })];
+    let expected_cursor: Cursor = serde_json::from_str(&format!("\"{ts}|{uuid}\"")).unwrap();
     let expected_page = ConversationsPage {
         items: vec![ConversationItem {
             path: expected_path,
@@ -537,7 +477,7 @@ async fn test_get_conversation_contents() {
             created_at: Some(ts.into()),
             updated_at: Some(ts.into()),
         }],
-        next_cursor: None,
+        next_cursor: Some(expected_cursor),
         num_scanned_files: 1,
         reached_scan_cap: false,
     };
@@ -555,7 +495,6 @@ async fn test_get_conversation_contents() {
             "originator": "test_originator",
             "cli_version": "test_version",
             "source": "vscode",
-            "model_provider": "test-provider",
         }
     });
     let user_event = serde_json::json!({
@@ -593,7 +532,6 @@ async fn test_tail_includes_last_response_items() -> Result<()> {
                 originator: "test_originator".into(),
                 cli_version: "test_version".into(),
                 source: SessionSource::VSCode,
-                model_provider: Some("test-provider".into()),
             },
             git: None,
         }),
@@ -625,16 +563,7 @@ async fn test_tail_includes_last_response_items() -> Result<()> {
     }
     drop(file);
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page = get_conversations(
-        home,
-        1,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await?;
+    let page = get_conversations(home, 1, None, INTERACTIVE_SESSION_SOURCES).await?;
     let item = page.items.first().expect("conversation item");
     let tail_len = item.tail.len();
     assert_eq!(tail_len, 10usize.min(total_messages));
@@ -686,7 +615,6 @@ async fn test_tail_handles_short_sessions() -> Result<()> {
                 originator: "test_originator".into(),
                 cli_version: "test_version".into(),
                 source: SessionSource::VSCode,
-                model_provider: Some("test-provider".into()),
             },
             git: None,
         }),
@@ -717,16 +645,7 @@ async fn test_tail_handles_short_sessions() -> Result<()> {
     }
     drop(file);
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page = get_conversations(
-        home,
-        1,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await?;
+    let page = get_conversations(home, 1, None, INTERACTIVE_SESSION_SOURCES).await?;
     let tail = &page.items.first().expect("conversation item").tail;
 
     assert_eq!(tail.len(), 3);
@@ -780,7 +699,6 @@ async fn test_tail_skips_trailing_non_responses() -> Result<()> {
                 originator: "test_originator".into(),
                 cli_version: "test_version".into(),
                 source: SessionSource::VSCode,
-                model_provider: Some("test-provider".into()),
             },
             git: None,
         }),
@@ -825,16 +743,7 @@ async fn test_tail_skips_trailing_non_responses() -> Result<()> {
     writeln!(file, "{}", serde_json::to_string(&shutdown_event)?)?;
     drop(file);
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page = get_conversations(
-        home,
-        1,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await?;
+    let page = get_conversations(home, 1, None, INTERACTIVE_SESSION_SOURCES).await?;
     let tail = &page.items.first().expect("conversation item").tail;
 
     let expected: Vec<serde_json::Value> = (0..4)
@@ -876,17 +785,9 @@ async fn test_stable_ordering_same_second_pagination() {
     write_session_file(home, ts, u2, 0, Some(SessionSource::VSCode)).unwrap();
     write_session_file(home, ts, u3, 0, Some(SessionSource::VSCode)).unwrap();
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let page1 = get_conversations(
-        home,
-        2,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await
-    .unwrap();
+    let page1 = get_conversations(home, 2, None, INTERACTIVE_SESSION_SOURCES)
+        .await
+        .unwrap();
 
     let p3 = home
         .join("sessions")
@@ -909,7 +810,6 @@ async fn test_stable_ordering_same_second_pagination() {
             "originator": "test_originator",
             "cli_version": "test_version",
             "source": "vscode",
-            "model_provider": "test-provider",
         })]
     };
     let expected_cursor1: Cursor = serde_json::from_str(&format!("\"{ts}|{u2}\"")).unwrap();
@@ -941,8 +841,6 @@ async fn test_stable_ordering_same_second_pagination() {
         2,
         page1.next_cursor.as_ref(),
         INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
     )
     .await
     .unwrap();
@@ -952,6 +850,7 @@ async fn test_stable_ordering_same_second_pagination() {
         .join("07")
         .join("01")
         .join(format!("rollout-2025-07-01T00-00-00-{u1}.jsonl"));
+    let expected_cursor2: Cursor = serde_json::from_str(&format!("\"{ts}|{u1}\"")).unwrap();
     let expected_page2 = ConversationsPage {
         items: vec![ConversationItem {
             path: p1,
@@ -960,7 +859,7 @@ async fn test_stable_ordering_same_second_pagination() {
             created_at: Some(ts.to_string()),
             updated_at: Some(ts.to_string()),
         }],
-        next_cursor: None,
+        next_cursor: Some(expected_cursor2),
         num_scanned_files: 3, // scanned u3, u2 (anchor), u1
         reached_scan_cap: false,
     };
@@ -992,17 +891,9 @@ async fn test_source_filter_excludes_non_matching_sessions() {
     )
     .unwrap();
 
-    let provider_filter = provider_vec(&[TEST_PROVIDER]);
-    let interactive_only = get_conversations(
-        home,
-        10,
-        None,
-        INTERACTIVE_SESSION_SOURCES,
-        Some(provider_filter.as_slice()),
-        TEST_PROVIDER,
-    )
-    .await
-    .unwrap();
+    let interactive_only = get_conversations(home, 10, None, INTERACTIVE_SESSION_SOURCES)
+        .await
+        .unwrap();
     let paths: Vec<_> = interactive_only
         .items
         .iter()
@@ -1014,7 +905,7 @@ async fn test_source_filter_excludes_non_matching_sessions() {
         path.ends_with("rollout-2025-08-02T10-00-00-00000000-0000-0000-0000-00000000002a.jsonl")
     }));
 
-    let all_sessions = get_conversations(home, 10, None, NO_SOURCE_FILTER, None, TEST_PROVIDER)
+    let all_sessions = get_conversations(home, 10, None, NO_SOURCE_FILTER)
         .await
         .unwrap();
     let all_paths: Vec<_> = all_sessions
@@ -1030,102 +921,3 @@ async fn test_source_filter_excludes_non_matching_sessions() {
         path.ends_with("rollout-2025-08-01T10-00-00-00000000-0000-0000-0000-00000000004d.jsonl")
     }));
 }
-
-#[tokio::test]
-async fn test_model_provider_filter_selects_only_matching_sessions() -> Result<()> {
-    let temp = TempDir::new().unwrap();
-    let home = temp.path();
-
-    let openai_id = Uuid::from_u128(1);
-    let beta_id = Uuid::from_u128(2);
-    let none_id = Uuid::from_u128(3);
-
-    write_session_file_with_provider(
-        home,
-        "2025-09-01T12-00-00",
-        openai_id,
-        1,
-        Some(SessionSource::VSCode),
-        Some("openai"),
-    )?;
-    write_session_file_with_provider(
-        home,
-        "2025-09-01T11-00-00",
-        beta_id,
-        1,
-        Some(SessionSource::VSCode),
-        Some("beta"),
-    )?;
-    write_session_file_with_provider(
-        home,
-        "2025-09-01T10-00-00",
-        none_id,
-        1,
-        Some(SessionSource::VSCode),
-        None,
-    )?;
-
-    let openai_id_str = openai_id.to_string();
-    let none_id_str = none_id.to_string();
-    let openai_filter = provider_vec(&["openai"]);
-    let openai_sessions = get_conversations(
-        home,
-        10,
-        None,
-        NO_SOURCE_FILTER,
-        Some(openai_filter.as_slice()),
-        "openai",
-    )
-    .await?;
-    assert_eq!(openai_sessions.items.len(), 2);
-    let openai_ids: Vec<_> = openai_sessions
-        .items
-        .iter()
-        .filter_map(|item| {
-            item.head
-                .first()
-                .and_then(|value| value.get("id"))
-                .and_then(serde_json::Value::as_str)
-                .map(str::to_string)
-        })
-        .collect();
-    assert!(openai_ids.contains(&openai_id_str));
-    assert!(openai_ids.contains(&none_id_str));
-
-    let beta_filter = provider_vec(&["beta"]);
-    let beta_sessions = get_conversations(
-        home,
-        10,
-        None,
-        NO_SOURCE_FILTER,
-        Some(beta_filter.as_slice()),
-        "openai",
-    )
-    .await?;
-    assert_eq!(beta_sessions.items.len(), 1);
-    let beta_id_str = beta_id.to_string();
-    let beta_head = beta_sessions
-        .items
-        .first()
-        .and_then(|item| item.head.first())
-        .and_then(|value| value.get("id"))
-        .and_then(serde_json::Value::as_str);
-    assert_eq!(beta_head, Some(beta_id_str.as_str()));
-
-    let unknown_filter = provider_vec(&["unknown"]);
-    let unknown_sessions = get_conversations(
-        home,
-        10,
-        None,
-        NO_SOURCE_FILTER,
-        Some(unknown_filter.as_slice()),
-        "openai",
-    )
-    .await?;
-    assert!(unknown_sessions.items.is_empty());
-
-    let all_sessions = get_conversations(home, 10, None, NO_SOURCE_FILTER, None, "openai").await?;
-    assert_eq!(all_sessions.items.len(), 3);
-
-    Ok(())
-}

codex-rs/core/src/sandboxing/assessment.rs

@@ -1,275 +0,0 @@
-use std::path::Path;
-use std::path::PathBuf;
-use std::sync::Arc;
-use std::time::Duration;
-use std::time::Instant;
-
-use crate::AuthManager;
-use crate::ModelProviderInfo;
-use crate::client::ModelClient;
-use crate::client_common::Prompt;
-use crate::client_common::ResponseEvent;
-use crate::config::Config;
-use crate::protocol::SandboxPolicy;
-use askama::Template;
-use codex_otel::otel_event_manager::OtelEventManager;
-use codex_protocol::ConversationId;
-use codex_protocol::models::ContentItem;
-use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::SandboxCommandAssessment;
-use futures::StreamExt;
-use serde_json::json;
-use tokio::time::timeout;
-use tracing::warn;
-
-const SANDBOX_ASSESSMENT_TIMEOUT: Duration = Duration::from_secs(5);
-
-const SANDBOX_RISK_CATEGORY_VALUES: &[&str] = &[
-    "data_deletion",
-    "data_exfiltration",
-    "privilege_escalation",
-    "system_modification",
-    "network_access",
-    "resource_exhaustion",
-    "compliance",
-];
-
-#[derive(Template)]
-#[template(path = "sandboxing/assessment_prompt.md", escape = "none")]
-struct SandboxAssessmentPromptTemplate<'a> {
-    platform: &'a str,
-    sandbox_policy: &'a str,
-    filesystem_roots: Option<&'a str>,
-    working_directory: &'a str,
-    command_argv: &'a str,
-    command_joined: &'a str,
-    sandbox_failure_message: Option<&'a str>,
-}
-
-#[allow(clippy::too_many_arguments)]
-pub(crate) async fn assess_command(
-    config: Arc<Config>,
-    provider: ModelProviderInfo,
-    auth_manager: Arc<AuthManager>,
-    parent_otel: &OtelEventManager,
-    conversation_id: ConversationId,
-    call_id: &str,
-    command: &[String],
-    sandbox_policy: &SandboxPolicy,
-    cwd: &Path,
-    failure_message: Option<&str>,
-) -> Option<SandboxCommandAssessment> {
-    if !config.experimental_sandbox_command_assessment || command.is_empty() {
-        return None;
-    }
-
-    let command_json = serde_json::to_string(command).unwrap_or_else(|_| "[]".to_string());
-    let command_joined =
-        shlex::try_join(command.iter().map(String::as_str)).unwrap_or_else(|_| command.join(" "));
-    let failure = failure_message
-        .map(str::trim)
-        .filter(|msg| !msg.is_empty())
-        .map(str::to_string);
-
-    let cwd_str = cwd.to_string_lossy().to_string();
-    let sandbox_summary = summarize_sandbox_policy(sandbox_policy);
-    let mut roots = sandbox_roots_for_prompt(sandbox_policy, cwd);
-    roots.sort();
-    roots.dedup();
-
-    let platform = std::env::consts::OS;
-    let roots_formatted = roots.iter().map(|root| root.to_string_lossy().to_string());
-    let filesystem_roots = match roots_formatted.collect::<Vec<_>>() {
-        collected if collected.is_empty() => None,
-        collected => Some(collected.join(", ")),
-    };
-
-    let prompt_template = SandboxAssessmentPromptTemplate {
-        platform,
-        sandbox_policy: sandbox_summary.as_str(),
-        filesystem_roots: filesystem_roots.as_deref(),
-        working_directory: cwd_str.as_str(),
-        command_argv: command_json.as_str(),
-        command_joined: command_joined.as_str(),
-        sandbox_failure_message: failure.as_deref(),
-    };
-    let rendered_prompt = match prompt_template.render() {
-        Ok(rendered) => rendered,
-        Err(err) => {
-            warn!("failed to render sandbox assessment prompt: {err}");
-            return None;
-        }
-    };
-    let (system_prompt_section, user_prompt_section) = match rendered_prompt.split_once("\n---\n") {
-        Some(split) => split,
-        None => {
-            warn!("rendered sandbox assessment prompt missing separator");
-            return None;
-        }
-    };
-    let system_prompt = system_prompt_section
-        .strip_prefix("System Prompt:\n")
-        .unwrap_or(system_prompt_section)
-        .trim()
-        .to_string();
-    let user_prompt = user_prompt_section
-        .strip_prefix("User Prompt:\n")
-        .unwrap_or(user_prompt_section)
-        .trim()
-        .to_string();
-
-    let prompt = Prompt {
-        input: vec![ResponseItem::Message {
-            id: None,
-            role: "user".to_string(),
-            content: vec![ContentItem::InputText { text: user_prompt }],
-        }],
-        tools: Vec::new(),
-        parallel_tool_calls: false,
-        base_instructions_override: Some(system_prompt),
-        output_schema: Some(sandbox_assessment_schema()),
-    };
-
-    let child_otel =
-        parent_otel.with_model(config.model.as_str(), config.model_family.slug.as_str());
-
-    let client = ModelClient::new(
-        Arc::clone(&config),
-        Some(auth_manager),
-        child_otel,
-        provider,
-        config.model_reasoning_effort,
-        config.model_reasoning_summary,
-        conversation_id,
-    );
-
-    let start = Instant::now();
-    let assessment_result = timeout(SANDBOX_ASSESSMENT_TIMEOUT, async move {
-        let mut stream = client.stream(&prompt).await?;
-        let mut last_json: Option<String> = None;
-        while let Some(event) = stream.next().await {
-            match event {
-                Ok(ResponseEvent::OutputItemDone(item)) => {
-                    if let Some(text) = response_item_text(&item) {
-                        last_json = Some(text);
-                    }
-                }
-                Ok(ResponseEvent::RateLimits(_)) => {}
-                Ok(ResponseEvent::Completed { .. }) => break,
-                Ok(_) => continue,
-                Err(err) => return Err(err),
-            }
-        }
-        Ok(last_json)
-    })
-    .await;
-    let duration = start.elapsed();
-    parent_otel.sandbox_assessment_latency(call_id, duration);
-
-    match assessment_result {
-        Ok(Ok(Some(raw))) => match serde_json::from_str::<SandboxCommandAssessment>(raw.trim()) {
-            Ok(assessment) => {
-                parent_otel.sandbox_assessment(
-                    call_id,
-                    "success",
-                    Some(assessment.risk_level),
-                    &assessment.risk_categories,
-                    duration,
-                );
-                return Some(assessment);
-            }
-            Err(err) => {
-                warn!("failed to parse sandbox assessment JSON: {err}");
-                parent_otel.sandbox_assessment(call_id, "parse_error", None, &[], duration);
-            }
-        },
-        Ok(Ok(None)) => {
-            warn!("sandbox assessment response did not include any message");
-            parent_otel.sandbox_assessment(call_id, "no_output", None, &[], duration);
-        }
-        Ok(Err(err)) => {
-            warn!("sandbox assessment failed: {err}");
-            parent_otel.sandbox_assessment(call_id, "model_error", None, &[], duration);
-        }
-        Err(_) => {
-            warn!("sandbox assessment timed out");
-            parent_otel.sandbox_assessment(call_id, "timeout", None, &[], duration);
-        }
-    }
-
-    None
-}
-
-fn summarize_sandbox_policy(policy: &SandboxPolicy) -> String {
-    match policy {
-        SandboxPolicy::DangerFullAccess => "danger-full-access".to_string(),
-        SandboxPolicy::ReadOnly => "read-only".to_string(),
-        SandboxPolicy::WorkspaceWrite { network_access, .. } => {
-            let network = if *network_access {
-                "network"
-            } else {
-                "no-network"
-            };
-            format!("workspace-write (network_access={network})")
-        }
-    }
-}
-
-fn sandbox_roots_for_prompt(policy: &SandboxPolicy, cwd: &Path) -> Vec<PathBuf> {
-    let mut roots = vec![cwd.to_path_buf()];
-    if let SandboxPolicy::WorkspaceWrite { writable_roots, .. } = policy {
-        roots.extend(writable_roots.iter().cloned());
-    }
-    roots
-}
-
-fn sandbox_assessment_schema() -> serde_json::Value {
-    json!({
-        "type": "object",
-        "required": ["description", "risk_level", "risk_categories"],
-        "properties": {
-            "description": {
-                "type": "string",
-                "minLength": 1,
-                "maxLength": 500
-            },
-            "risk_level": {
-                "type": "string",
-                "enum": ["low", "medium", "high"]
-            },
-            "risk_categories": {
-                "type": "array",
-                "items": {
-                    "type": "string",
-                    "enum": SANDBOX_RISK_CATEGORY_VALUES
-                }
-            }
-        },
-        "additionalProperties": false
-    })
-}
-
-fn response_item_text(item: &ResponseItem) -> Option<String> {
-    match item {
-        ResponseItem::Message { content, .. } => {
-            let mut buffers: Vec<&str> = Vec::new();
-            for segment in content {
-                match segment {
-                    ContentItem::InputText { text } | ContentItem::OutputText { text } => {
-                        if !text.is_empty() {
-                            buffers.push(text);
-                        }
-                    }
-                    ContentItem::InputImage { .. } => {}
-                }
-            }
-            if buffers.is_empty() {
-                None
-            } else {
-                Some(buffers.join("\n"))
-            }
-        }
-        ResponseItem::FunctionCallOutput { output, .. } => Some(output.content.clone()),
-        _ => None,
-    }
-}

codex-rs/core/src/sandboxing/mod.rs

@@ -5,9 +5,6 @@ Build platform wrappers and produce ExecEnv for execution. Owns low‑level
 sandbox placement and transformation of portable CommandSpec into a
 ready‑to‑spawn environment.
 */
-
-pub mod assessment;
-
 use crate::exec::ExecToolCallOutput;
 use crate::exec::SandboxType;
 use crate::exec::StdoutStream;

codex-rs/core/src/state/session.rs

@@ -12,6 +12,7 @@ use crate::protocol::TokenUsageInfo;
 pub(crate) struct SessionState {
     pub(crate) session_configuration: SessionConfiguration,
     pub(crate) history: ConversationHistory,
+    pub(crate) token_info: Option<TokenUsageInfo>,
     pub(crate) latest_rate_limits: Option<RateLimitSnapshot>,
 }
 
@@ -21,6 +22,7 @@ impl SessionState {
         Self {
             session_configuration,
             history: ConversationHistory::new(),
+            token_info: None,
             latest_rate_limits: None,
         }
     }
@@ -52,11 +54,11 @@ impl SessionState {
         usage: &TokenUsage,
         model_context_window: Option<i64>,
     ) {
-        self.history.update_token_info(usage, model_context_window);
-    }
-
-    pub(crate) fn token_info(&self) -> Option<TokenUsageInfo> {
-        self.history.token_info()
+        self.token_info = TokenUsageInfo::new_or_append(
+            &self.token_info,
+            &Some(usage.clone()),
+            model_context_window,
+        );
     }
 
     pub(crate) fn set_rate_limits(&mut self, snapshot: RateLimitSnapshot) {
@@ -66,10 +68,17 @@ impl SessionState {
     pub(crate) fn token_info_and_rate_limits(
         &self,
     ) -> (Option<TokenUsageInfo>, Option<RateLimitSnapshot>) {
-        (self.token_info(), self.latest_rate_limits.clone())
+        (self.token_info.clone(), self.latest_rate_limits.clone())
     }
 
     pub(crate) fn set_token_usage_full(&mut self, context_window: i64) {
-        self.history.set_token_usage_full(context_window);
+        match &mut self.token_info {
+            Some(info) => info.fill_to_context_window(context_window),
+            None => {
+                self.token_info = Some(TokenUsageInfo::full_context_window(context_window));
+            }
+        }
     }
+
+    // Pending input/approval moved to TurnState.
 }

codex-rs/core/src/tasks/ghost_snapshot.rs

@@ -1,110 +0,0 @@
-use crate::codex::TurnContext;
-use crate::state::TaskKind;
-use crate::tasks::SessionTask;
-use crate::tasks::SessionTaskContext;
-use async_trait::async_trait;
-use codex_git_tooling::CreateGhostCommitOptions;
-use codex_git_tooling::GitToolingError;
-use codex_git_tooling::create_ghost_commit;
-use codex_protocol::models::ResponseItem;
-use codex_protocol::user_input::UserInput;
-use codex_utils_readiness::Readiness;
-use codex_utils_readiness::Token;
-use std::sync::Arc;
-use tokio_util::sync::CancellationToken;
-use tracing::info;
-use tracing::warn;
-
-pub(crate) struct GhostSnapshotTask {
-    token: Token,
-}
-
-#[async_trait]
-impl SessionTask for GhostSnapshotTask {
-    fn kind(&self) -> TaskKind {
-        TaskKind::Regular
-    }
-
-    async fn run(
-        self: Arc<Self>,
-        session: Arc<SessionTaskContext>,
-        ctx: Arc<TurnContext>,
-        _input: Vec<UserInput>,
-        cancellation_token: CancellationToken,
-    ) -> Option<String> {
-        tokio::task::spawn(async move {
-            let token = self.token;
-            let ctx_for_task = Arc::clone(&ctx);
-            let cancelled = tokio::select! {
-                _ = cancellation_token.cancelled() => true,
-                _ = async {
-                    let repo_path = ctx_for_task.cwd.clone();
-                    // Required to run in a dedicated blocking pool.
-                    match tokio::task::spawn_blocking(move || {
-                        let options = CreateGhostCommitOptions::new(&repo_path);
-                        create_ghost_commit(&options)
-                    })
-                    .await
-                    {
-                        Ok(Ok(ghost_commit)) => {
-                            info!("ghost snapshot blocking task finished");
-                            session
-                                .session
-                                .record_conversation_items(&ctx, &[ResponseItem::GhostSnapshot {
-                                    ghost_commit: ghost_commit.clone(),
-                                }])
-                                .await;
-                            info!("ghost commit captured: {}", ghost_commit.id());
-                        }
-                        Ok(Err(err)) => {
-                            warn!(
-                                sub_id = ctx_for_task.sub_id.as_str(),
-                                "failed to capture ghost snapshot: {err}"
-                            );
-                            let message = match err {
-                                GitToolingError::NotAGitRepository { .. } => {
-                                    "Snapshots disabled: current directory is not a Git repository."
-                                        .to_string()
-                                }
-                                _ => format!("Snapshots disabled after ghost snapshot error: {err}."),
-                            };
-                            session
-                                .session
-                                .notify_background_event(&ctx_for_task, message)
-                                .await;
-                        }
-                        Err(err) => {
-                            warn!(
-                                sub_id = ctx_for_task.sub_id.as_str(),
-                                "ghost snapshot task panicked: {err}"
-                            );
-                            let message =
-                                format!("Snapshots disabled after ghost snapshot panic: {err}.");
-                            session
-                                .session
-                                .notify_background_event(&ctx_for_task, message)
-                                .await;
-                        }
-                    }
-                } => false,
-            };
-
-            if cancelled {
-                info!("ghost snapshot task cancelled");
-            }
-
-            match ctx.tool_call_gate.mark_ready(token).await {
-                Ok(true) => info!("ghost snapshot gate marked ready"),
-                Ok(false) => warn!("ghost snapshot gate already ready"),
-                Err(err) => warn!("failed to mark ghost snapshot ready: {err}"),
-            }
-        });
-        None
-    }
-}
-
-impl GhostSnapshotTask {
-    pub(crate) fn new(token: Token) -> Self {
-        Self { token }
-    }
-}

codex-rs/core/src/tasks/mod.rs

@@ -1,8 +1,6 @@
 mod compact;
-mod ghost_snapshot;
 mod regular;
 mod review;
-mod undo;
 
 use std::sync::Arc;
 use std::time::Duration;
@@ -15,8 +13,10 @@ use tokio_util::task::AbortOnDropHandle;
 use tracing::trace;
 use tracing::warn;
 
+use crate::AuthManager;
 use crate::codex::Session;
 use crate::codex::TurnContext;
+use crate::config::Config;
 use crate::protocol::EventMsg;
 use crate::protocol::TaskCompleteEvent;
 use crate::protocol::TurnAbortReason;
@@ -27,10 +27,8 @@ use crate::state::TaskKind;
 use codex_protocol::user_input::UserInput;
 
 pub(crate) use compact::CompactTask;
-pub(crate) use ghost_snapshot::GhostSnapshotTask;
 pub(crate) use regular::RegularTask;
 pub(crate) use review::ReviewTask;
-pub(crate) use undo::UndoTask;
 
 const GRACEFULL_INTERRUPTION_TIMEOUT_MS: u64 = 100;
 
@@ -48,30 +46,20 @@ impl SessionTaskContext {
     pub(crate) fn clone_session(&self) -> Arc<Session> {
         Arc::clone(&self.session)
     }
+
+    pub(crate) fn auth_manager(&self) -> Arc<AuthManager> {
+        Arc::clone(&self.session.services.auth_manager)
+    }
+
+    pub(crate) async fn base_config(&self) -> Arc<Config> {
+        self.session.base_config().await
+    }
 }
 
-/// Async task that drives a [`Session`] turn.
-///
-/// Implementations encapsulate a specific Codex workflow (regular chat,
-/// reviews, ghost snapshots, etc.). Each task instance is owned by a
-/// [`Session`] and executed on a background Tokio task. The trait is
-/// intentionally small: implementers identify themselves via
-/// [`SessionTask::kind`], perform their work in [`SessionTask::run`], and may
-/// release resources in [`SessionTask::abort`].
 #[async_trait]
 pub(crate) trait SessionTask: Send + Sync + 'static {
-    /// Describes the type of work the task performs so the session can
-    /// surface it in telemetry and UI.
     fn kind(&self) -> TaskKind;
 
-    /// Executes the task until completion or cancellation.
-    ///
-    /// Implementations typically stream protocol events using `session` and
-    /// `ctx`, returning an optional final agent message when finished. The
-    /// provided `cancellation_token` is cancelled when the session requests an
-    /// abort; implementers should watch for it and terminate quickly once it
-    /// fires. Returning [`Some`] yields a final message that
-    /// [`Session::on_task_finished`] will emit to the client.
     async fn run(
         self: Arc<Self>,
         session: Arc<SessionTaskContext>,
@@ -80,11 +68,6 @@ pub(crate) trait SessionTask: Send + Sync + 'static {
         cancellation_token: CancellationToken,
     ) -> Option<String>;
 
-    /// Gives the task a chance to perform cleanup after an abort.
-    ///
-    /// The default implementation is a no-op; override this if additional
-    /// teardown or notifications are required once
-    /// [`Session::abort_all_tasks`] cancels the task.
     async fn abort(&self, session: Arc<SessionTaskContext>, ctx: Arc<TurnContext>) {
         let _ = (session, ctx);
     }

codex-rs/core/src/tasks/review.rs

@@ -1,11 +1,18 @@
 use std::sync::Arc;
 
 use async_trait::async_trait;
+use codex_protocol::models::ContentItem;
+use codex_protocol::models::ResponseItem;
+use codex_protocol::protocol::EventMsg;
+use codex_protocol::protocol::ReviewOutputEvent;
+use codex_protocol::protocol::TaskCompleteEvent;
 use tokio_util::sync::CancellationToken;
 
+use crate::codex::Session;
 use crate::codex::TurnContext;
-use crate::codex::exit_review_mode;
-use crate::codex::run_task;
+use crate::codex_delegate::run_codex_conversation;
+// use crate::config::Config; // no longer needed directly; use session.base_config()
+use crate::review_format::format_review_findings_block;
 use crate::state::TaskKind;
 use codex_protocol::user_input::UserInput;
 
@@ -28,11 +35,108 @@ impl SessionTask for ReviewTask {
         input: Vec<UserInput>,
         cancellation_token: CancellationToken,
     ) -> Option<String> {
-        let sess = session.clone_session();
-        run_task(sess, ctx, input, TaskKind::Review, cancellation_token).await
+        // let sess = session.clone_session();
+        // run_task(sess, ctx, input, TaskKind::Review, cancellation_token).await
+
+        let config = session.base_config().await.as_ref().clone();
+        let receiver =
+            match run_codex_conversation(config, session.auth_manager(), input, cancellation_token)
+                .await
+            {
+                Ok(r) => r,
+                Err(_) => return None,
+            };
+        while let Ok(event) = receiver.recv().await {
+            session
+                .clone_session()
+                .send_event(ctx.as_ref(), event.clone())
+                .await;
+            if let EventMsg::TaskComplete(TaskCompleteEvent { last_agent_message }) = event {
+                exit_review_mode(
+                    session.clone_session(),
+                    last_agent_message.as_deref().map(parse_review_output_event),
+                )
+                .await;
+            }
+        }
+
+        Some("".to_string())
     }
 
-    async fn abort(&self, session: Arc<SessionTaskContext>, ctx: Arc<TurnContext>) {
-        exit_review_mode(session.clone_session(), ctx, None).await;
+    async fn abort(&self, session: Arc<SessionTaskContext>, _ctx: Arc<TurnContext>) {
+        exit_review_mode(session.clone_session(), None).await;
+    }
+}
+
+/// Emits an ExitedReviewMode Event with optional ReviewOutput,
+/// and records a developer message with the review output.
+pub(crate) async fn exit_review_mode(
+    session: Arc<Session>,
+    review_output: Option<ReviewOutputEvent>,
+) {
+    // ExitedReviewMode event can be emitted by the caller if needed.
+
+    let mut user_message = String::new();
+    if let Some(out) = review_output {
+        let mut findings_str = String::new();
+        let text = out.overall_explanation.trim();
+        if !text.is_empty() {
+            findings_str.push_str(text);
+        }
+        if !out.findings.is_empty() {
+            let block = format_review_findings_block(&out.findings, None);
+            findings_str.push_str(&format!("\n{block}"));
+        }
+        user_message.push_str(&format!(
+            r#"<user_action>
+  <context>User initiated a review task. Here's the full review output from reviewer model. User may select one or more comments to resolve.</context>
+  <action>review</action>
+  <results>
+  {findings_str}
+  </results>
+</user_action>
+"#));
+    } else {
+        user_message.push_str(r#"<user_action>
+  <context>User initiated a review task, but was interrupted. If user asks about this, tell them to re-initiate a review with `/review` and wait for it to complete.</context>
+  <action>review</action>
+  <results>
+  None.
+  </results>
+</user_action>
+"#);
+    }
+
+    session
+        .record_conversation_items(&[ResponseItem::Message {
+            id: None,
+            role: "user".to_string(),
+            content: vec![ContentItem::InputText { text: user_message }],
+        }])
+        .await;
+}
+
+/// Parse the review output; when not valid JSON, build a structured
+/// fallback that carries the plain text as the overall explanation.
+///
+/// Returns: a ReviewOutputEvent parsed from JSON or a fallback populated from text.
+fn parse_review_output_event(text: &str) -> ReviewOutputEvent {
+    // Try direct parse first
+    if let Ok(ev) = serde_json::from_str::<ReviewOutputEvent>(text) {
+        return ev;
+    }
+    // If wrapped in markdown fences or extra prose, attempt to extract the first JSON object
+    if let (Some(start), Some(end)) = (text.find('{'), text.rfind('}'))
+        && start < end
+        && let Some(slice) = text.get(start..=end)
+        && let Ok(ev) = serde_json::from_str::<ReviewOutputEvent>(slice)
+    {
+        return ev;
+    }
+    // Not JSON – return a structured ReviewOutputEvent that carries
+    // the plain text as the overall explanation.
+    ReviewOutputEvent {
+        overall_explanation: text.to_string(),
+        ..Default::default()
     }
 }

codex-rs/core/src/tasks/undo.rs

@@ -1,117 +0,0 @@
-use std::sync::Arc;
-
-use crate::codex::TurnContext;
-use crate::protocol::EventMsg;
-use crate::protocol::UndoCompletedEvent;
-use crate::protocol::UndoStartedEvent;
-use crate::state::TaskKind;
-use crate::tasks::SessionTask;
-use crate::tasks::SessionTaskContext;
-use async_trait::async_trait;
-use codex_git_tooling::restore_ghost_commit;
-use codex_protocol::models::ResponseItem;
-use codex_protocol::user_input::UserInput;
-use tokio_util::sync::CancellationToken;
-use tracing::error;
-use tracing::info;
-use tracing::warn;
-
-pub(crate) struct UndoTask;
-
-impl UndoTask {
-    pub(crate) fn new() -> Self {
-        Self
-    }
-}
-
-#[async_trait]
-impl SessionTask for UndoTask {
-    fn kind(&self) -> TaskKind {
-        TaskKind::Regular
-    }
-
-    async fn run(
-        self: Arc<Self>,
-        session: Arc<SessionTaskContext>,
-        ctx: Arc<TurnContext>,
-        _input: Vec<UserInput>,
-        cancellation_token: CancellationToken,
-    ) -> Option<String> {
-        let sess = session.clone_session();
-        sess.send_event(
-            ctx.as_ref(),
-            EventMsg::UndoStarted(UndoStartedEvent {
-                message: Some("Undo in progress...".to_string()),
-            }),
-        )
-        .await;
-
-        if cancellation_token.is_cancelled() {
-            sess.send_event(
-                ctx.as_ref(),
-                EventMsg::UndoCompleted(UndoCompletedEvent {
-                    success: false,
-                    message: Some("Undo cancelled.".to_string()),
-                }),
-            )
-            .await;
-            return None;
-        }
-
-        let mut history = sess.clone_history().await;
-        let mut items = history.get_history();
-        let mut completed = UndoCompletedEvent {
-            success: false,
-            message: None,
-        };
-
-        let Some((idx, ghost_commit)) =
-            items
-                .iter()
-                .enumerate()
-                .rev()
-                .find_map(|(idx, item)| match item {
-                    ResponseItem::GhostSnapshot { ghost_commit } => {
-                        Some((idx, ghost_commit.clone()))
-                    }
-                    _ => None,
-                })
-        else {
-            completed.message = Some("No ghost snapshot available to undo.".to_string());
-            sess.send_event(ctx.as_ref(), EventMsg::UndoCompleted(completed))
-                .await;
-            return None;
-        };
-
-        let commit_id = ghost_commit.id().to_string();
-        let repo_path = ctx.cwd.clone();
-        let restore_result =
-            tokio::task::spawn_blocking(move || restore_ghost_commit(&repo_path, &ghost_commit))
-                .await;
-
-        match restore_result {
-            Ok(Ok(())) => {
-                items.remove(idx);
-                sess.replace_history(items).await;
-                let short_id: String = commit_id.chars().take(7).collect();
-                info!(commit_id = commit_id, "Undo restored ghost snapshot");
-                completed.success = true;
-                completed.message = Some(format!("Undo restored snapshot {short_id}."));
-            }
-            Ok(Err(err)) => {
-                let message = format!("Failed to restore snapshot {commit_id}: {err}");
-                warn!("{message}");
-                completed.message = Some(message);
-            }
-            Err(err) => {
-                let message = format!("Failed to restore snapshot {commit_id}: {err}");
-                error!("{message}");
-                completed.message = Some(message);
-            }
-        }
-
-        sess.send_event(ctx.as_ref(), EventMsg::UndoCompleted(completed))
-            .await;
-        None
-    }
-}

codex-rs/core/src/tools/context.rs

@@ -5,7 +5,6 @@ use crate::tools::TELEMETRY_PREVIEW_MAX_LINES;
 use crate::tools::TELEMETRY_PREVIEW_TRUNCATION_NOTICE;
 use crate::turn_diff_tracker::TurnDiffTracker;
 use codex_otel::otel_event_manager::OtelEventManager;
-use codex_protocol::models::FunctionCallOutputContentItem;
 use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ShellToolCallParams;
@@ -66,10 +65,7 @@ impl ToolPayload {
 #[derive(Clone)]
 pub enum ToolOutput {
     Function {
-        // Plain text representation of the tool output.
         content: String,
-        // Some tool calls such as MCP calls may return structured content that can get parsed into an array of polymorphic content items.
-        content_items: Option<Vec<FunctionCallOutputContentItem>>,
         success: Option<bool>,
     },
     Mcp {
@@ -94,11 +90,7 @@ impl ToolOutput {
 
     pub fn into_response(self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem {
         match self {
-            ToolOutput::Function {
-                content,
-                content_items,
-                success,
-            } => {
+            ToolOutput::Function { content, success } => {
                 if matches!(payload, ToolPayload::Custom { .. }) {
                     ResponseInputItem::CustomToolCallOutput {
                         call_id: call_id.to_string(),
@@ -107,11 +99,7 @@ impl ToolOutput {
                 } else {
                     ResponseInputItem::FunctionCallOutput {
                         call_id: call_id.to_string(),
-                        output: FunctionCallOutputPayload {
-                            content,
-                            content_items,
-                            success,
-                        },
+                        output: FunctionCallOutputPayload { content, success },
                     }
                 }
             }
@@ -175,7 +163,6 @@ mod tests {
         };
         let response = ToolOutput::Function {
             content: "patched".to_string(),
-            content_items: None,
             success: Some(true),
         }
         .into_response("call-42", &payload);
@@ -196,7 +183,6 @@ mod tests {
         };
         let response = ToolOutput::Function {
             content: "ok".to_string(),
-            content_items: None,
             success: Some(true),
         }
         .into_response("fn-1", &payload);
@@ -205,7 +191,6 @@ mod tests {
             ResponseInputItem::FunctionCallOutput { call_id, output } => {
                 assert_eq!(call_id, "fn-1");
                 assert_eq!(output.content, "ok");
-                assert!(output.content_items.is_none());
                 assert_eq!(output.success, Some(true));
             }
             other => panic!("expected FunctionCallOutput, got {other:?}"),

codex-rs/core/src/tools/events.rs

@@ -1,9 +1,6 @@
 use crate::codex::Session;
 use crate::codex::TurnContext;
-use crate::error::CodexErr;
-use crate::error::SandboxErr;
 use crate::exec::ExecToolCallOutput;
-use crate::function_tool::FunctionCallError;
 use crate::parse_command::parse_command;
 use crate::protocol::EventMsg;
 use crate::protocol::ExecCommandBeginEvent;
@@ -13,12 +10,12 @@ use crate::protocol::PatchApplyBeginEvent;
 use crate::protocol::PatchApplyEndEvent;
 use crate::protocol::TurnDiffEvent;
 use crate::tools::context::SharedTurnDiffTracker;
-use crate::tools::sandboxing::ToolError;
 use std::collections::HashMap;
 use std::path::Path;
 use std::path::PathBuf;
 use std::time::Duration;
 
+use super::format_exec_output;
 use super::format_exec_output_str;
 
 #[derive(Clone, Copy)]
@@ -145,7 +142,7 @@ impl ToolEmitter {
                     (*message).to_string(),
                     -1,
                     Duration::ZERO,
-                    message.clone(),
+                    format_exec_output(&message),
                 )
                 .await;
             }
@@ -199,103 +196,12 @@ impl ToolEmitter {
             ) => {
                 emit_patch_end(ctx, String::new(), (*message).to_string(), false).await;
             }
-            (Self::UnifiedExec { command, cwd, .. }, ToolEventStage::Begin) => {
+            (Self::UnifiedExec { command, cwd, .. }, _) => {
+                // TODO(jif) add end and failures.
                 emit_exec_command_begin(ctx, &[command.to_string()], cwd.as_path()).await;
             }
-            (Self::UnifiedExec { .. }, ToolEventStage::Success(output)) => {
-                emit_exec_end(
-                    ctx,
-                    output.stdout.text.clone(),
-                    output.stderr.text.clone(),
-                    output.aggregated_output.text.clone(),
-                    output.exit_code,
-                    output.duration,
-                    format_exec_output_str(&output),
-                )
-                .await;
-            }
-            (
-                Self::UnifiedExec { .. },
-                ToolEventStage::Failure(ToolEventFailure::Output(output)),
-            ) => {
-                emit_exec_end(
-                    ctx,
-                    output.stdout.text.clone(),
-                    output.stderr.text.clone(),
-                    output.aggregated_output.text.clone(),
-                    output.exit_code,
-                    output.duration,
-                    format_exec_output_str(&output),
-                )
-                .await;
-            }
-            (
-                Self::UnifiedExec { .. },
-                ToolEventStage::Failure(ToolEventFailure::Message(message)),
-            ) => {
-                emit_exec_end(
-                    ctx,
-                    String::new(),
-                    (*message).to_string(),
-                    (*message).to_string(),
-                    -1,
-                    Duration::ZERO,
-                    message.clone(),
-                )
-                .await;
-            }
         }
     }
-
-    pub async fn begin(&self, ctx: ToolEventCtx<'_>) {
-        self.emit(ctx, ToolEventStage::Begin).await;
-    }
-
-    pub async fn finish(
-        &self,
-        ctx: ToolEventCtx<'_>,
-        out: Result<ExecToolCallOutput, ToolError>,
-    ) -> Result<String, FunctionCallError> {
-        let event;
-        let result = match out {
-            Ok(output) => {
-                let content = super::format_exec_output_for_model(&output);
-                let exit_code = output.exit_code;
-                event = ToolEventStage::Success(output);
-                if exit_code == 0 {
-                    Ok(content)
-                } else {
-                    Err(FunctionCallError::RespondToModel(content))
-                }
-            }
-            Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Timeout { output })))
-            | Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output }))) => {
-                let response = super::format_exec_output_for_model(&output);
-                event = ToolEventStage::Failure(ToolEventFailure::Output(*output));
-                Err(FunctionCallError::RespondToModel(response))
-            }
-            Err(ToolError::Codex(err)) => {
-                let message = format!("execution error: {err:?}");
-                let response = message.clone();
-                event = ToolEventStage::Failure(ToolEventFailure::Message(message));
-                Err(FunctionCallError::RespondToModel(response))
-            }
-            Err(ToolError::Rejected(msg)) | Err(ToolError::SandboxDenied(msg)) => {
-                // Normalize common rejection messages for exec tools so tests and
-                // users see a clear, consistent phrase.
-                let normalized = if msg == "rejected by user" {
-                    "exec command rejected by user".to_string()
-                } else {
-                    msg
-                };
-                let response = &normalized;
-                event = ToolEventStage::Failure(ToolEventFailure::Message(normalized.clone()));
-                Err(FunctionCallError::RespondToModel(response.clone()))
-            }
-        };
-        self.emit(ctx, event).await;
-        result
-    }
 }
 
 async fn emit_exec_end(

codex-rs/core/src/tools/handlers/apply_patch.rs

@@ -1,24 +1,19 @@
 use std::collections::BTreeMap;
+use std::collections::HashMap;
+use std::sync::Arc;
 
-use crate::apply_patch;
-use crate::apply_patch::InternalApplyPatchInvocation;
-use crate::apply_patch::convert_apply_patch_to_protocol;
 use crate::client_common::tools::FreeformTool;
 use crate::client_common::tools::FreeformToolFormat;
 use crate::client_common::tools::ResponsesApiTool;
 use crate::client_common::tools::ToolSpec;
+use crate::exec::ExecParams;
 use crate::function_tool::FunctionCallError;
 use crate::tools::context::ToolInvocation;
 use crate::tools::context::ToolOutput;
 use crate::tools::context::ToolPayload;
-use crate::tools::events::ToolEmitter;
-use crate::tools::events::ToolEventCtx;
-use crate::tools::orchestrator::ToolOrchestrator;
+use crate::tools::handle_container_exec_with_params;
 use crate::tools::registry::ToolHandler;
 use crate::tools::registry::ToolKind;
-use crate::tools::runtimes::apply_patch::ApplyPatchRequest;
-use crate::tools::runtimes::apply_patch::ApplyPatchRuntime;
-use crate::tools::sandboxing::ToolCtx;
 use crate::tools::spec::ApplyPatchToolArgs;
 use crate::tools::spec::JsonSchema;
 use async_trait::async_trait;
@@ -69,87 +64,30 @@ impl ToolHandler for ApplyPatchHandler {
             }
         };
 
-        // Re-parse and verify the patch so we can compute changes and approval.
-        // Avoid building temporary ExecParams/command vectors; derive directly from inputs.
-        let cwd = turn.cwd.clone();
-        let command = vec!["apply_patch".to_string(), patch_input.clone()];
-        match codex_apply_patch::maybe_parse_apply_patch_verified(&command, &cwd) {
-            codex_apply_patch::MaybeApplyPatchVerified::Body(changes) => {
-                match apply_patch::apply_patch(session.as_ref(), turn.as_ref(), &call_id, changes)
-                    .await
-                {
-                    InternalApplyPatchInvocation::Output(item) => {
-                        let content = item?;
-                        Ok(ToolOutput::Function {
-                            content,
-                            content_items: None,
-                            success: Some(true),
-                        })
-                    }
-                    InternalApplyPatchInvocation::DelegateToExec(apply) => {
-                        let emitter = ToolEmitter::apply_patch(
-                            convert_apply_patch_to_protocol(&apply.action),
-                            !apply.user_explicitly_approved_this_action,
-                        );
-                        let event_ctx = ToolEventCtx::new(
-                            session.as_ref(),
-                            turn.as_ref(),
-                            &call_id,
-                            Some(&tracker),
-                        );
-                        emitter.begin(event_ctx).await;
+        let exec_params = ExecParams {
+            command: vec!["apply_patch".to_string(), patch_input.clone()],
+            cwd: turn.cwd.clone(),
+            timeout_ms: None,
+            env: HashMap::new(),
+            with_escalated_permissions: None,
+            justification: None,
+            arg0: None,
+        };
 
-                        let req = ApplyPatchRequest {
-                            patch: apply.action.patch.clone(),
-                            cwd: apply.action.cwd.clone(),
-                            timeout_ms: None,
-                            user_explicitly_approved: apply.user_explicitly_approved_this_action,
-                            codex_exe: turn.codex_linux_sandbox_exe.clone(),
-                        };
+        let content = handle_container_exec_with_params(
+            tool_name.as_str(),
+            exec_params,
+            Arc::clone(&session),
+            Arc::clone(&turn),
+            Arc::clone(&tracker),
+            call_id.clone(),
+        )
+        .await?;
 
-                        let mut orchestrator = ToolOrchestrator::new();
-                        let mut runtime = ApplyPatchRuntime::new();
-                        let tool_ctx = ToolCtx {
-                            session: session.as_ref(),
-                            turn: turn.as_ref(),
-                            call_id: call_id.clone(),
-                            tool_name: tool_name.to_string(),
-                        };
-                        let out = orchestrator
-                            .run(&mut runtime, &req, &tool_ctx, &turn, turn.approval_policy)
-                            .await;
-                        let event_ctx = ToolEventCtx::new(
-                            session.as_ref(),
-                            turn.as_ref(),
-                            &call_id,
-                            Some(&tracker),
-                        );
-                        let content = emitter.finish(event_ctx, out).await?;
-                        Ok(ToolOutput::Function {
-                            content,
-                            content_items: None,
-                            success: Some(true),
-                        })
-                    }
-                }
-            }
-            codex_apply_patch::MaybeApplyPatchVerified::CorrectnessError(parse_error) => {
-                Err(FunctionCallError::RespondToModel(format!(
-                    "apply_patch verification failed: {parse_error}"
-                )))
-            }
-            codex_apply_patch::MaybeApplyPatchVerified::ShellParseError(error) => {
-                tracing::trace!("Failed to parse apply_patch input, {error:?}");
-                Err(FunctionCallError::RespondToModel(
-                    "apply_patch handler received invalid patch input".to_string(),
-                ))
-            }
-            codex_apply_patch::MaybeApplyPatchVerified::NotApplyPatch => {
-                Err(FunctionCallError::RespondToModel(
-                    "apply_patch handler received non-apply_patch input".to_string(),
-                ))
-            }
-        }
+        Ok(ToolOutput::Function {
+            content,
+            success: Some(true),
+        })
     }
 }
 

codex-rs/core/src/tools/handlers/grep_files.rs

@@ -90,13 +90,11 @@ impl ToolHandler for GrepFilesHandler {
         if search_results.is_empty() {
             Ok(ToolOutput::Function {
                 content: "No matches found.".to_string(),
-                content_items: None,
                 success: Some(false),
             })
         } else {
             Ok(ToolOutput::Function {
                 content: search_results.join("\n"),
-                content_items: None,
                 success: Some(true),
             })
         }

codex-rs/core/src/tools/handlers/list_dir.rs

@@ -106,7 +106,6 @@ impl ToolHandler for ListDirHandler {
         output.extend(entries);
         Ok(ToolOutput::Function {
             content: output.join("\n"),
-            content_items: None,
             success: Some(true),
         })
     }

codex-rs/core/src/tools/handlers/mcp.rs

@@ -56,16 +56,8 @@ impl ToolHandler for McpHandler {
                 Ok(ToolOutput::Mcp { result })
             }
             codex_protocol::models::ResponseInputItem::FunctionCallOutput { output, .. } => {
-                let codex_protocol::models::FunctionCallOutputPayload {
-                    content,
-                    content_items,
-                    success,
-                } = output;
-                Ok(ToolOutput::Function {
-                    content,
-                    content_items,
-                    success,
-                })
+                let codex_protocol::models::FunctionCallOutputPayload { content, success } = output;
+                Ok(ToolOutput::Function { content, success })
             }
             _ => Err(FunctionCallError::RespondToModel(
                 "mcp handler received unexpected response variant".to_string(),

codex-rs/core/src/tools/handlers/mcp_resource.rs

@@ -297,10 +297,7 @@ async fn handle_list_resources(
     match payload_result {
         Ok(payload) => match serialize_function_output(payload) {
             Ok(output) => {
-                let ToolOutput::Function {
-                    content, success, ..
-                } = &output
-                else {
+                let ToolOutput::Function { content, success } = &output else {
                     unreachable!("MCP resource handler should return function output");
                 };
                 let duration = start.elapsed();
@@ -406,10 +403,7 @@ async fn handle_list_resource_templates(
     match payload_result {
         Ok(payload) => match serialize_function_output(payload) {
             Ok(output) => {
-                let ToolOutput::Function {
-                    content, success, ..
-                } = &output
-                else {
+                let ToolOutput::Function { content, success } = &output else {
                     unreachable!("MCP resource handler should return function output");
                 };
                 let duration = start.elapsed();
@@ -495,10 +489,7 @@ async fn handle_read_resource(
     match payload_result {
         Ok(payload) => match serialize_function_output(payload) {
             Ok(output) => {
-                let ToolOutput::Function {
-                    content, success, ..
-                } = &output
-                else {
+                let ToolOutput::Function { content, success } = &output else {
                     unreachable!("MCP resource handler should return function output");
                 };
                 let duration = start.elapsed();
@@ -627,7 +618,6 @@ where
 
     Ok(ToolOutput::Function {
         content,
-        content_items: None,
         success: Some(true),
     })
 }

codex-rs/core/src/tools/handlers/plan.rs

@@ -88,7 +88,6 @@ impl ToolHandler for PlanHandler {
 
         Ok(ToolOutput::Function {
             content,
-            content_items: None,
             success: Some(true),
         })
     }

codex-rs/core/src/tools/handlers/read_file.rs

@@ -149,7 +149,6 @@ impl ToolHandler for ReadFileHandler {
         };
         Ok(ToolOutput::Function {
             content: collected.join("\n"),
-            content_items: None,
             success: Some(true),
         })
     }

codex-rs/core/src/tools/handlers/shell.rs

@@ -2,9 +2,6 @@ use async_trait::async_trait;
 use codex_protocol::models::ShellToolCallParams;
 use std::sync::Arc;
 
-use crate::apply_patch;
-use crate::apply_patch::InternalApplyPatchInvocation;
-use crate::apply_patch::convert_apply_patch_to_protocol;
 use crate::codex::TurnContext;
 use crate::exec::ExecParams;
 use crate::exec_env::create_env;
@@ -12,16 +9,9 @@ use crate::function_tool::FunctionCallError;
 use crate::tools::context::ToolInvocation;
 use crate::tools::context::ToolOutput;
 use crate::tools::context::ToolPayload;
-use crate::tools::events::ToolEmitter;
-use crate::tools::events::ToolEventCtx;
-use crate::tools::orchestrator::ToolOrchestrator;
+use crate::tools::handle_container_exec_with_params;
 use crate::tools::registry::ToolHandler;
 use crate::tools::registry::ToolKind;
-use crate::tools::runtimes::apply_patch::ApplyPatchRequest;
-use crate::tools::runtimes::apply_patch::ApplyPatchRuntime;
-use crate::tools::runtimes::shell::ShellRequest;
-use crate::tools::runtimes::shell::ShellRuntime;
-use crate::tools::sandboxing::ToolCtx;
 
 pub struct ShellHandler;
 
@@ -71,27 +61,35 @@ impl ToolHandler for ShellHandler {
                         ))
                     })?;
                 let exec_params = Self::to_exec_params(params, turn.as_ref());
-                Self::run_exec_like(
+                let content = handle_container_exec_with_params(
                     tool_name.as_str(),
                     exec_params,
-                    session,
-                    turn,
-                    tracker,
-                    call_id,
+                    Arc::clone(&session),
+                    Arc::clone(&turn),
+                    Arc::clone(&tracker),
+                    call_id.clone(),
                 )
-                .await
+                .await?;
+                Ok(ToolOutput::Function {
+                    content,
+                    success: Some(true),
+                })
             }
             ToolPayload::LocalShell { params } => {
                 let exec_params = Self::to_exec_params(params, turn.as_ref());
-                Self::run_exec_like(
+                let content = handle_container_exec_with_params(
                     tool_name.as_str(),
                     exec_params,
-                    session,
-                    turn,
-                    tracker,
-                    call_id,
+                    Arc::clone(&session),
+                    Arc::clone(&turn),
+                    Arc::clone(&tracker),
+                    call_id.clone(),
                 )
-                .await
+                .await?;
+                Ok(ToolOutput::Function {
+                    content,
+                    success: Some(true),
+                })
             }
             _ => Err(FunctionCallError::RespondToModel(format!(
                 "unsupported payload for shell handler: {tool_name}"
@@ -99,137 +97,3 @@ impl ToolHandler for ShellHandler {
         }
     }
 }
-
-impl ShellHandler {
-    async fn run_exec_like(
-        tool_name: &str,
-        exec_params: ExecParams,
-        session: Arc<crate::codex::Session>,
-        turn: Arc<TurnContext>,
-        tracker: crate::tools::context::SharedTurnDiffTracker,
-        call_id: String,
-    ) -> Result<ToolOutput, FunctionCallError> {
-        // Approval policy guard for explicit escalation in non-OnRequest modes.
-        if exec_params.with_escalated_permissions.unwrap_or(false)
-            && !matches!(
-                turn.approval_policy,
-                codex_protocol::protocol::AskForApproval::OnRequest
-            )
-        {
-            return Err(FunctionCallError::RespondToModel(format!(
-                "approval policy is {policy:?}; reject command — you should not ask for escalated permissions if the approval policy is {policy:?}",
-                policy = turn.approval_policy
-            )));
-        }
-
-        // Intercept apply_patch if present.
-        match codex_apply_patch::maybe_parse_apply_patch_verified(
-            &exec_params.command,
-            &exec_params.cwd,
-        ) {
-            codex_apply_patch::MaybeApplyPatchVerified::Body(changes) => {
-                match apply_patch::apply_patch(session.as_ref(), turn.as_ref(), &call_id, changes)
-                    .await
-                {
-                    InternalApplyPatchInvocation::Output(item) => {
-                        // Programmatic apply_patch path; return its result.
-                        let content = item?;
-                        return Ok(ToolOutput::Function {
-                            content,
-                            content_items: None,
-                            success: Some(true),
-                        });
-                    }
-                    InternalApplyPatchInvocation::DelegateToExec(apply) => {
-                        let emitter = ToolEmitter::apply_patch(
-                            convert_apply_patch_to_protocol(&apply.action),
-                            !apply.user_explicitly_approved_this_action,
-                        );
-                        let event_ctx = ToolEventCtx::new(
-                            session.as_ref(),
-                            turn.as_ref(),
-                            &call_id,
-                            Some(&tracker),
-                        );
-                        emitter.begin(event_ctx).await;
-
-                        let req = ApplyPatchRequest {
-                            patch: apply.action.patch.clone(),
-                            cwd: apply.action.cwd.clone(),
-                            timeout_ms: exec_params.timeout_ms,
-                            user_explicitly_approved: apply.user_explicitly_approved_this_action,
-                            codex_exe: turn.codex_linux_sandbox_exe.clone(),
-                        };
-                        let mut orchestrator = ToolOrchestrator::new();
-                        let mut runtime = ApplyPatchRuntime::new();
-                        let tool_ctx = ToolCtx {
-                            session: session.as_ref(),
-                            turn: turn.as_ref(),
-                            call_id: call_id.clone(),
-                            tool_name: tool_name.to_string(),
-                        };
-                        let out = orchestrator
-                            .run(&mut runtime, &req, &tool_ctx, &turn, turn.approval_policy)
-                            .await;
-                        let event_ctx = ToolEventCtx::new(
-                            session.as_ref(),
-                            turn.as_ref(),
-                            &call_id,
-                            Some(&tracker),
-                        );
-                        let content = emitter.finish(event_ctx, out).await?;
-                        return Ok(ToolOutput::Function {
-                            content,
-                            content_items: None,
-                            success: Some(true),
-                        });
-                    }
-                }
-            }
-            codex_apply_patch::MaybeApplyPatchVerified::CorrectnessError(parse_error) => {
-                return Err(FunctionCallError::RespondToModel(format!(
-                    "apply_patch verification failed: {parse_error}"
-                )));
-            }
-            codex_apply_patch::MaybeApplyPatchVerified::ShellParseError(error) => {
-                tracing::trace!("Failed to parse shell command, {error:?}");
-                // Fall through to regular shell execution.
-            }
-            codex_apply_patch::MaybeApplyPatchVerified::NotApplyPatch => {
-                // Fall through to regular shell execution.
-            }
-        }
-
-        // Regular shell execution path.
-        let emitter = ToolEmitter::shell(exec_params.command.clone(), exec_params.cwd.clone());
-        let event_ctx = ToolEventCtx::new(session.as_ref(), turn.as_ref(), &call_id, None);
-        emitter.begin(event_ctx).await;
-
-        let req = ShellRequest {
-            command: exec_params.command.clone(),
-            cwd: exec_params.cwd.clone(),
-            timeout_ms: exec_params.timeout_ms,
-            env: exec_params.env.clone(),
-            with_escalated_permissions: exec_params.with_escalated_permissions,
-            justification: exec_params.justification.clone(),
-        };
-        let mut orchestrator = ToolOrchestrator::new();
-        let mut runtime = ShellRuntime::new();
-        let tool_ctx = ToolCtx {
-            session: session.as_ref(),
-            turn: turn.as_ref(),
-            call_id: call_id.clone(),
-            tool_name: tool_name.to_string(),
-        };
-        let out = orchestrator
-            .run(&mut runtime, &req, &tool_ctx, &turn, turn.approval_policy)
-            .await;
-        let event_ctx = ToolEventCtx::new(session.as_ref(), turn.as_ref(), &call_id, None);
-        let content = emitter.finish(event_ctx, out).await?;
-        Ok(ToolOutput::Function {
-            content,
-            content_items: None,
-            success: Some(true),
-        })
-    }
-}

codex-rs/core/src/tools/handlers/test_sync.rs

@@ -95,7 +95,6 @@ impl ToolHandler for TestSyncHandler {
 
         Ok(ToolOutput::Function {
             content: "ok".to_string(),
-            content_items: None,
             success: Some(true),
         })
     }

codex-rs/core/src/tools/handlers/unified_exec.rs

@@ -5,9 +5,6 @@ use serde::Deserialize;
 use serde::Serialize;
 
 use crate::function_tool::FunctionCallError;
-use crate::protocol::EventMsg;
-use crate::protocol::ExecCommandOutputDeltaEvent;
-use crate::protocol::ExecOutputStream;
 use crate::tools::context::ToolInvocation;
 use crate::tools::context::ToolOutput;
 use crate::tools::context::ToolPayload;
@@ -90,7 +87,11 @@ impl ToolHandler for UnifiedExecHandler {
         };
 
         let manager: &UnifiedExecSessionManager = &session.services.unified_exec_manager;
-        let context = UnifiedExecContext::new(session.clone(), turn.clone(), call_id.clone());
+        let context = UnifiedExecContext {
+            session: &session,
+            turn: turn.as_ref(),
+            call_id: &call_id,
+        };
 
         let response = match tool_name.as_str() {
             "exec_command" => {
@@ -100,12 +101,8 @@ impl ToolHandler for UnifiedExecHandler {
                     ))
                 })?;
 
-                let event_ctx = ToolEventCtx::new(
-                    context.session.as_ref(),
-                    context.turn.as_ref(),
-                    &context.call_id,
-                    None,
-                );
+                let event_ctx =
+                    ToolEventCtx::new(context.session, context.turn, context.call_id, None);
                 let emitter =
                     ToolEmitter::unified_exec(args.cmd.clone(), context.turn.cwd.clone(), true);
                 emitter.emit(event_ctx, ToolEventStage::Begin).await;
@@ -151,18 +148,6 @@ impl ToolHandler for UnifiedExecHandler {
             }
         };
 
-        // Emit a delta event with the chunk of output we just produced, if any.
-        if !response.output.is_empty() {
-            let delta = ExecCommandOutputDeltaEvent {
-                call_id: response.event_call_id.clone(),
-                stream: ExecOutputStream::Stdout,
-                chunk: response.output.as_bytes().to_vec(),
-            };
-            session
-                .send_event(turn.as_ref(), EventMsg::ExecCommandOutputDelta(delta))
-                .await;
-        }
-
         let content = serialize_response(&response).map_err(|err| {
             FunctionCallError::RespondToModel(format!(
                 "failed to serialize unified exec output: {err:?}"
@@ -171,7 +156,6 @@ impl ToolHandler for UnifiedExecHandler {
 
         Ok(ToolOutput::Function {
             content,
-            content_items: None,
             success: Some(true),
         })
     }

codex-rs/core/src/tools/handlers/view_image.rs

@@ -85,7 +85,6 @@ impl ToolHandler for ViewImageHandler {
 
         Ok(ToolOutput::Function {
             content: "attached local image path".to_string(),
-            content_items: None,
             success: Some(true),
         })
     }

codex-rs/core/src/tools/mod.rs

@@ -9,10 +9,44 @@ pub mod runtimes;
 pub mod sandboxing;
 pub mod spec;
 
-use crate::conversation_history::format_output_for_model_body;
+use crate::apply_patch;
+use crate::apply_patch::InternalApplyPatchInvocation;
+use crate::apply_patch::convert_apply_patch_to_protocol;
+use crate::codex::Session;
+use crate::codex::TurnContext;
+use crate::error::CodexErr;
+use crate::error::SandboxErr;
+use crate::exec::ExecParams;
 use crate::exec::ExecToolCallOutput;
+use crate::function_tool::FunctionCallError;
+use crate::tools::context::SharedTurnDiffTracker;
+use crate::tools::events::ToolEmitter;
+use crate::tools::events::ToolEventCtx;
+use crate::tools::events::ToolEventFailure;
+use crate::tools::events::ToolEventStage;
+use crate::tools::orchestrator::ToolOrchestrator;
+use crate::tools::runtimes::apply_patch::ApplyPatchRequest;
+use crate::tools::runtimes::apply_patch::ApplyPatchRuntime;
+use crate::tools::runtimes::shell::ShellRequest;
+use crate::tools::runtimes::shell::ShellRuntime;
+use crate::tools::sandboxing::ToolCtx;
+use crate::tools::sandboxing::ToolError;
+use codex_apply_patch::MaybeApplyPatchVerified;
+use codex_apply_patch::maybe_parse_apply_patch_verified;
+use codex_protocol::protocol::AskForApproval;
+use codex_utils_string::take_bytes_at_char_boundary;
+use codex_utils_string::take_last_bytes_at_char_boundary;
 pub use router::ToolRouter;
 use serde::Serialize;
+use std::sync::Arc;
+use tracing::trace;
+
+// Model-formatting limits: clients get full streams; only content sent to the model is truncated.
+pub(crate) const MODEL_FORMAT_MAX_BYTES: usize = 10 * 1024; // 10 KiB
+pub(crate) const MODEL_FORMAT_MAX_LINES: usize = 256; // lines
+pub(crate) const MODEL_FORMAT_HEAD_LINES: usize = MODEL_FORMAT_MAX_LINES / 2;
+pub(crate) const MODEL_FORMAT_TAIL_LINES: usize = MODEL_FORMAT_MAX_LINES - MODEL_FORMAT_HEAD_LINES; // 128
+pub(crate) const MODEL_FORMAT_HEAD_BYTES: usize = MODEL_FORMAT_MAX_BYTES / 2;
 
 // Telemetry preview limits: keep log events smaller than model budgets.
 pub(crate) const TELEMETRY_PREVIEW_MAX_BYTES: usize = 2 * 1024; // 2 KiB
@@ -20,6 +54,186 @@ pub(crate) const TELEMETRY_PREVIEW_MAX_LINES: usize = 64; // lines
 pub(crate) const TELEMETRY_PREVIEW_TRUNCATION_NOTICE: &str =
     "[... telemetry preview truncated ...]";
 
+// TODO(jif) break this down
+pub(crate) async fn handle_container_exec_with_params(
+    tool_name: &str,
+    params: ExecParams,
+    sess: Arc<Session>,
+    turn_context: Arc<TurnContext>,
+    turn_diff_tracker: SharedTurnDiffTracker,
+    call_id: String,
+) -> Result<String, FunctionCallError> {
+    let _otel_event_manager = turn_context.client.get_otel_event_manager();
+
+    if params.with_escalated_permissions.unwrap_or(false)
+        && !matches!(turn_context.approval_policy, AskForApproval::OnRequest)
+    {
+        return Err(FunctionCallError::RespondToModel(format!(
+            "approval policy is {policy:?}; reject command — you should not ask for escalated permissions if the approval policy is {policy:?}",
+            policy = turn_context.approval_policy
+        )));
+    }
+
+    // check if this was a patch, and apply it if so
+    let apply_patch_exec = match maybe_parse_apply_patch_verified(&params.command, &params.cwd) {
+        MaybeApplyPatchVerified::Body(changes) => {
+            match apply_patch::apply_patch(sess.as_ref(), turn_context.as_ref(), &call_id, changes)
+                .await
+            {
+                InternalApplyPatchInvocation::Output(item) => return item,
+                InternalApplyPatchInvocation::DelegateToExec(apply_patch_exec) => {
+                    Some(apply_patch_exec)
+                }
+            }
+        }
+        MaybeApplyPatchVerified::CorrectnessError(parse_error) => {
+            // It looks like an invocation of `apply_patch`, but we
+            // could not resolve it into a patch that would apply
+            // cleanly. Return to model for resample.
+            return Err(FunctionCallError::RespondToModel(format!(
+                "apply_patch verification failed: {parse_error}"
+            )));
+        }
+        MaybeApplyPatchVerified::ShellParseError(error) => {
+            trace!("Failed to parse shell command, {error:?}");
+            None
+        }
+        MaybeApplyPatchVerified::NotApplyPatch => None,
+    };
+
+    let (event_emitter, diff_opt) = match apply_patch_exec.as_ref() {
+        Some(exec) => (
+            ToolEmitter::apply_patch(
+                convert_apply_patch_to_protocol(&exec.action),
+                !exec.user_explicitly_approved_this_action,
+            ),
+            Some(&turn_diff_tracker),
+        ),
+        None => (
+            ToolEmitter::shell(params.command.clone(), params.cwd.clone()),
+            None,
+        ),
+    };
+
+    let event_ctx = ToolEventCtx::new(sess.as_ref(), turn_context.as_ref(), &call_id, diff_opt);
+    event_emitter.emit(event_ctx, ToolEventStage::Begin).await;
+
+    // Build runtime contexts only when needed (shell/apply_patch below).
+
+    if let Some(exec) = apply_patch_exec {
+        // Route apply_patch execution through the new orchestrator/runtime.
+        let req = ApplyPatchRequest {
+            patch: exec.action.patch.clone(),
+            cwd: params.cwd.clone(),
+            timeout_ms: params.timeout_ms,
+            user_explicitly_approved: exec.user_explicitly_approved_this_action,
+            codex_exe: turn_context.codex_linux_sandbox_exe.clone(),
+        };
+
+        let mut orchestrator = ToolOrchestrator::new();
+        let mut runtime = ApplyPatchRuntime::new();
+        let tool_ctx = ToolCtx {
+            session: sess.as_ref(),
+            turn: turn_context.as_ref(),
+            call_id: call_id.clone(),
+            tool_name: tool_name.to_string(),
+        };
+
+        let out = orchestrator
+            .run(
+                &mut runtime,
+                &req,
+                &tool_ctx,
+                &turn_context,
+                turn_context.approval_policy,
+            )
+            .await;
+
+        handle_exec_outcome(&event_emitter, event_ctx, out).await
+    } else {
+        // Route shell execution through the new orchestrator/runtime.
+        let req = ShellRequest {
+            command: params.command.clone(),
+            cwd: params.cwd.clone(),
+            timeout_ms: params.timeout_ms,
+            env: params.env.clone(),
+            with_escalated_permissions: params.with_escalated_permissions,
+            justification: params.justification.clone(),
+        };
+
+        let mut orchestrator = ToolOrchestrator::new();
+        let mut runtime = ShellRuntime::new();
+        let tool_ctx = ToolCtx {
+            session: sess.as_ref(),
+            turn: turn_context.as_ref(),
+            call_id: call_id.clone(),
+            tool_name: tool_name.to_string(),
+        };
+
+        let out = orchestrator
+            .run(
+                &mut runtime,
+                &req,
+                &tool_ctx,
+                &turn_context,
+                turn_context.approval_policy,
+            )
+            .await;
+
+        handle_exec_outcome(&event_emitter, event_ctx, out).await
+    }
+}
+
+async fn handle_exec_outcome(
+    event_emitter: &ToolEmitter,
+    event_ctx: ToolEventCtx<'_>,
+    out: Result<ExecToolCallOutput, ToolError>,
+) -> Result<String, FunctionCallError> {
+    let event;
+    let result = match out {
+        Ok(output) => {
+            let content = format_exec_output_for_model(&output);
+            let exit_code = output.exit_code;
+            event = ToolEventStage::Success(output);
+            if exit_code == 0 {
+                Ok(content)
+            } else {
+                Err(FunctionCallError::RespondToModel(content))
+            }
+        }
+        Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Timeout { output })))
+        | Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output }))) => {
+            let response = format_exec_output_for_model(&output);
+            event = ToolEventStage::Failure(ToolEventFailure::Output(*output));
+            Err(FunctionCallError::RespondToModel(response))
+        }
+        Err(ToolError::Codex(err)) => {
+            let message = format!("execution error: {err:?}");
+            let response = format_exec_output(&message);
+            event = ToolEventStage::Failure(ToolEventFailure::Message(message));
+            Err(FunctionCallError::RespondToModel(format_exec_output(
+                &response,
+            )))
+        }
+        Err(ToolError::Rejected(msg)) | Err(ToolError::SandboxDenied(msg)) => {
+            // Normalize common rejection messages for exec tools so tests and
+            // users see a clear, consistent phrase.
+            let normalized = if msg == "rejected by user" {
+                "exec command rejected by user".to_string()
+            } else {
+                msg
+            };
+            let response = format_exec_output(&normalized);
+            event = ToolEventStage::Failure(ToolEventFailure::Message(normalized));
+            Err(FunctionCallError::RespondToModel(format_exec_output(
+                &response,
+            )))
+        }
+    };
+    event_emitter.emit(event_ctx, event).await;
+    result
+}
+
 /// Format the combined exec output for sending back to the model.
 /// Includes exit code and duration metadata; truncates large bodies safely.
 pub fn format_exec_output_for_model(exec_output: &ExecToolCallOutput) -> String {
@@ -65,15 +279,248 @@ pub fn format_exec_output_str(exec_output: &ExecToolCallOutput) -> String {
 
     let content = aggregated_output.text.as_str();
 
-    let body = if exec_output.timed_out {
-        format!(
+    if exec_output.timed_out {
+        let prefixed = format!(
             "command timed out after {} milliseconds\n{content}",
             exec_output.duration.as_millis()
-        )
+        );
+        return format_exec_output(&prefixed);
+    }
+
+    format_exec_output(content)
+}
+
+pub(super) fn format_exec_output(content: &str) -> String {
+    // Head+tail truncation for the model: show the beginning and end with an elision.
+    // Clients still receive full streams; only this formatted summary is capped.
+    let total_lines = content.lines().count();
+    if content.len() <= MODEL_FORMAT_MAX_BYTES && total_lines <= MODEL_FORMAT_MAX_LINES {
+        return content.to_string();
+    }
+    let output = truncate_formatted_exec_output(content, total_lines);
+    format!("Total output lines: {total_lines}\n\n{output}")
+}
+
+fn truncate_formatted_exec_output(content: &str, total_lines: usize) -> String {
+    let segments: Vec<&str> = content.split_inclusive('\n').collect();
+    let head_take = MODEL_FORMAT_HEAD_LINES.min(segments.len());
+    let tail_take = MODEL_FORMAT_TAIL_LINES.min(segments.len().saturating_sub(head_take));
+    let omitted = segments.len().saturating_sub(head_take + tail_take);
+
+    let head_slice_end: usize = segments
+        .iter()
+        .take(head_take)
+        .map(|segment| segment.len())
+        .sum();
+    let tail_slice_start: usize = if tail_take == 0 {
+        content.len()
     } else {
-        content.to_string()
+        content.len()
+            - segments
+                .iter()
+                .rev()
+                .take(tail_take)
+                .map(|segment| segment.len())
+                .sum::<usize>()
+    };
+    let head_slice = &content[..head_slice_end];
+    let tail_slice = &content[tail_slice_start..];
+    let truncated_by_bytes = content.len() > MODEL_FORMAT_MAX_BYTES;
+    let marker = if omitted > 0 {
+        Some(format!(
+            "\n[... omitted {omitted} of {total_lines} lines ...]\n\n"
+        ))
+    } else if truncated_by_bytes {
+        Some(format!(
+            "\n[... output truncated to fit {MODEL_FORMAT_MAX_BYTES} bytes ...]\n\n"
+        ))
+    } else {
+        None
     };
 
-    // Truncate for model consumption before serialization.
-    format_output_for_model_body(&body)
+    let marker_len = marker.as_ref().map_or(0, String::len);
+    let base_head_budget = MODEL_FORMAT_HEAD_BYTES.min(MODEL_FORMAT_MAX_BYTES);
+    let head_budget = base_head_budget.min(MODEL_FORMAT_MAX_BYTES.saturating_sub(marker_len));
+    let head_part = take_bytes_at_char_boundary(head_slice, head_budget);
+    let mut result = String::with_capacity(MODEL_FORMAT_MAX_BYTES.min(content.len()));
+
+    result.push_str(head_part);
+    if let Some(marker_text) = marker.as_ref() {
+        result.push_str(marker_text);
+    }
+
+    let remaining = MODEL_FORMAT_MAX_BYTES.saturating_sub(result.len());
+    if remaining == 0 {
+        return result;
+    }
+
+    let tail_part = take_last_bytes_at_char_boundary(tail_slice, remaining);
+    result.push_str(tail_part);
+
+    result
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use regex_lite::Regex;
+
+    fn truncate_function_error(err: FunctionCallError) -> FunctionCallError {
+        match err {
+            FunctionCallError::RespondToModel(msg) => {
+                FunctionCallError::RespondToModel(format_exec_output(&msg))
+            }
+            FunctionCallError::Denied(msg) => FunctionCallError::Denied(format_exec_output(&msg)),
+            FunctionCallError::Fatal(msg) => FunctionCallError::Fatal(format_exec_output(&msg)),
+            other => other,
+        }
+    }
+
+    fn assert_truncated_message_matches(message: &str, line: &str, total_lines: usize) {
+        let pattern = truncated_message_pattern(line, total_lines);
+        let regex = Regex::new(&pattern).unwrap_or_else(|err| {
+            panic!("failed to compile regex {pattern}: {err}");
+        });
+        let captures = regex
+            .captures(message)
+            .unwrap_or_else(|| panic!("message failed to match pattern {pattern}: {message}"));
+        let body = captures
+            .name("body")
+            .expect("missing body capture")
+            .as_str();
+        assert!(
+            body.len() <= MODEL_FORMAT_MAX_BYTES,
+            "body exceeds byte limit: {} bytes",
+            body.len()
+        );
+    }
+
+    fn truncated_message_pattern(line: &str, total_lines: usize) -> String {
+        let head_take = MODEL_FORMAT_HEAD_LINES.min(total_lines);
+        let tail_take = MODEL_FORMAT_TAIL_LINES.min(total_lines.saturating_sub(head_take));
+        let omitted = total_lines.saturating_sub(head_take + tail_take);
+        let escaped_line = regex_lite::escape(line);
+        if omitted == 0 {
+            return format!(
+                r"(?s)^Total output lines: {total_lines}\n\n(?P<body>{escaped_line}.*\n\[\.{{3}} output truncated to fit {MODEL_FORMAT_MAX_BYTES} bytes \.{{3}}]\n\n.*)$",
+            );
+        }
+        format!(
+            r"(?s)^Total output lines: {total_lines}\n\n(?P<body>{escaped_line}.*\n\[\.{{3}} omitted {omitted} of {total_lines} lines \.{{3}}]\n\n.*)$",
+        )
+    }
+
+    #[test]
+    fn truncate_formatted_exec_output_truncates_large_error() {
+        let line = "very long execution error line that should trigger truncation\n";
+        let large_error = line.repeat(2_500); // way beyond both byte and line limits
+
+        let truncated = format_exec_output(&large_error);
+
+        let total_lines = large_error.lines().count();
+        assert_truncated_message_matches(&truncated, line, total_lines);
+        assert_ne!(truncated, large_error);
+    }
+
+    #[test]
+    fn truncate_function_error_trims_respond_to_model() {
+        let line = "respond-to-model error that should be truncated\n";
+        let huge = line.repeat(3_000);
+        let total_lines = huge.lines().count();
+
+        let err = truncate_function_error(FunctionCallError::RespondToModel(huge));
+        match err {
+            FunctionCallError::RespondToModel(message) => {
+                assert_truncated_message_matches(&message, line, total_lines);
+            }
+            other => panic!("unexpected error variant: {other:?}"),
+        }
+    }
+
+    #[test]
+    fn truncate_function_error_trims_fatal() {
+        let line = "fatal error output that should be truncated\n";
+        let huge = line.repeat(3_000);
+        let total_lines = huge.lines().count();
+
+        let err = truncate_function_error(FunctionCallError::Fatal(huge));
+        match err {
+            FunctionCallError::Fatal(message) => {
+                assert_truncated_message_matches(&message, line, total_lines);
+            }
+            other => panic!("unexpected error variant: {other:?}"),
+        }
+    }
+
+    #[test]
+    fn truncate_formatted_exec_output_marks_byte_truncation_without_omitted_lines() {
+        let long_line = "a".repeat(MODEL_FORMAT_MAX_BYTES + 50);
+        let truncated = format_exec_output(&long_line);
+
+        assert_ne!(truncated, long_line);
+        let marker_line =
+            format!("[... output truncated to fit {MODEL_FORMAT_MAX_BYTES} bytes ...]");
+        assert!(
+            truncated.contains(&marker_line),
+            "missing byte truncation marker: {truncated}"
+        );
+        assert!(
+            !truncated.contains("omitted"),
+            "line omission marker should not appear when no lines were dropped: {truncated}"
+        );
+    }
+
+    #[test]
+    fn truncate_formatted_exec_output_returns_original_when_within_limits() {
+        let content = "example output\n".repeat(10);
+
+        assert_eq!(format_exec_output(&content), content);
+    }
+
+    #[test]
+    fn truncate_formatted_exec_output_reports_omitted_lines_and_keeps_head_and_tail() {
+        let total_lines = MODEL_FORMAT_MAX_LINES + 100;
+        let content: String = (0..total_lines)
+            .map(|idx| format!("line-{idx}\n"))
+            .collect();
+
+        let truncated = format_exec_output(&content);
+        let omitted = total_lines - MODEL_FORMAT_MAX_LINES;
+        let expected_marker = format!("[... omitted {omitted} of {total_lines} lines ...]");
+
+        assert!(
+            truncated.contains(&expected_marker),
+            "missing omitted marker: {truncated}"
+        );
+        assert!(
+            truncated.contains("line-0\n"),
+            "expected head line to remain: {truncated}"
+        );
+
+        let last_line = format!("line-{}\n", total_lines - 1);
+        assert!(
+            truncated.contains(&last_line),
+            "expected tail line to remain: {truncated}"
+        );
+    }
+
+    #[test]
+    fn truncate_formatted_exec_output_prefers_line_marker_when_both_limits_exceeded() {
+        let total_lines = MODEL_FORMAT_MAX_LINES + 42;
+        let long_line = "x".repeat(256);
+        let content: String = (0..total_lines)
+            .map(|idx| format!("line-{idx}-{long_line}\n"))
+            .collect();
+
+        let truncated = format_exec_output(&content);
+
+        assert!(
+            truncated.contains("[... omitted 42 of 298 lines ...]"),
+            "expected omitted marker when line count exceeds limit: {truncated}"
+        );
+        assert!(
+            !truncated.contains("output truncated to fit"),
+            "line omission marker should take precedence over byte marker: {truncated}"
+        );
+    }
 }

codex-rs/core/src/tools/orchestrator.rs

@@ -7,11 +7,9 @@ retry without sandbox on denial (no re‑approval thanks to caching).
 */
 use crate::error::CodexErr;
 use crate::error::SandboxErr;
-use crate::error::get_error_message_ui;
 use crate::exec::ExecToolCallOutput;
 use crate::sandboxing::SandboxManager;
 use crate::tools::sandboxing::ApprovalCtx;
-use crate::tools::sandboxing::ProvidesSandboxRetryData;
 use crate::tools::sandboxing::SandboxAttempt;
 use crate::tools::sandboxing::ToolCtx;
 use crate::tools::sandboxing::ToolError;
@@ -40,7 +38,6 @@ impl ToolOrchestrator {
     ) -> Result<Out, ToolError>
     where
         T: ToolRuntime<Rq, Out>,
-        Rq: ProvidesSandboxRetryData,
     {
         let otel = turn_ctx.client.get_otel_event_manager();
         let otel_tn = &tool_ctx.tool_name;
@@ -59,7 +56,6 @@ impl ToolOrchestrator {
                 turn: turn_ctx,
                 call_id: &tool_ctx.call_id,
                 retry_reason: None,
-                risk: None,
             };
             let decision = tool.start_approval_async(req, approval_ctx).await;
 
@@ -102,42 +98,21 @@ impl ToolOrchestrator {
                         "sandbox denied and no retry".to_string(),
                     ));
                 }
-                // Under `Never` or `OnRequest`, do not retry without sandbox; surface a concise message
+                // Under `Never`, do not retry without sandbox; surface a concise message
                 // derived from the actual output (platform-agnostic).
-                if !tool.wants_no_sandbox_approval(approval_policy) {
+                if matches!(approval_policy, AskForApproval::Never) {
                     let msg = build_never_denied_message_from_output(output.as_ref());
                     return Err(ToolError::SandboxDenied(msg));
                 }
 
                 // Ask for approval before retrying without sandbox.
                 if !tool.should_bypass_approval(approval_policy, already_approved) {
-                    let mut risk = None;
-
-                    if let Some(metadata) = req.sandbox_retry_data() {
-                        let err = SandboxErr::Denied {
-                            output: output.clone(),
-                        };
-                        let friendly = get_error_message_ui(&CodexErr::Sandbox(err));
-                        let failure_summary = format!("failed in sandbox: {friendly}");
-
-                        risk = tool_ctx
-                            .session
-                            .assess_sandbox_command(
-                                turn_ctx,
-                                &tool_ctx.call_id,
-                                &metadata.command,
-                                Some(failure_summary.as_str()),
-                            )
-                            .await;
-                    }
-
                     let reason_msg = build_denial_reason_from_output(output.as_ref());
                     let approval_ctx = ApprovalCtx {
                         session: tool_ctx.session,
                         turn: turn_ctx,
                         call_id: &tool_ctx.call_id,
                         retry_reason: Some(reason_msg),
-                        risk,
                     };
 
                     let decision = tool.start_approval_async(req, approval_ctx).await;

codex-rs/core/src/tools/parallel.rs

@@ -15,7 +15,6 @@ use crate::tools::router::ToolCall;
 use crate::tools::router::ToolRouter;
 use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseInputItem;
-use codex_utils_readiness::Readiness;
 
 pub(crate) struct ToolCallRuntime {
     router: Arc<ToolRouter>,
@@ -54,16 +53,12 @@ impl ToolCallRuntime {
         let tracker = Arc::clone(&self.tracker);
         let lock = Arc::clone(&self.parallel_execution);
         let aborted_response = Self::aborted_response(&call);
-        let readiness = self.turn_context.tool_call_gate.clone();
 
         let handle: AbortOnDropHandle<Result<ResponseInputItem, FunctionCallError>> =
             AbortOnDropHandle::new(tokio::spawn(async move {
                 tokio::select! {
                     _ = cancellation_token.cancelled() => Ok(aborted_response),
                     res = async {
-                        tracing::info!("waiting for tool gate");
-                        readiness.wait_ready().await;
-                        tracing::info!("tool gate released");
                         let _guard = if supports_parallel {
                             Either::Left(lock.read().await)
                         } else {
@@ -105,7 +100,7 @@ impl ToolCallRuntime {
                 call_id: call.call_id.clone(),
                 output: FunctionCallOutputPayload {
                     content: "aborted".to_string(),
-                    ..Default::default()
+                    success: None,
                 },
             },
         }

codex-rs/core/src/tools/router.rs

@@ -181,7 +181,6 @@ impl ToolRouter {
                 output: codex_protocol::models::FunctionCallOutputPayload {
                     content: message,
                     success: Some(false),
-                    ..Default::default()
                 },
             }
         }

codex-rs/core/src/tools/runtimes/apply_patch.rs

@@ -10,16 +10,13 @@ use crate::sandboxing::CommandSpec;
 use crate::sandboxing::execute_env;
 use crate::tools::sandboxing::Approvable;
 use crate::tools::sandboxing::ApprovalCtx;
-use crate::tools::sandboxing::ProvidesSandboxRetryData;
 use crate::tools::sandboxing::SandboxAttempt;
-use crate::tools::sandboxing::SandboxRetryData;
 use crate::tools::sandboxing::Sandboxable;
 use crate::tools::sandboxing::SandboxablePreference;
 use crate::tools::sandboxing::ToolCtx;
 use crate::tools::sandboxing::ToolError;
 use crate::tools::sandboxing::ToolRuntime;
 use crate::tools::sandboxing::with_cached_approval;
-use codex_protocol::protocol::AskForApproval;
 use codex_protocol::protocol::ReviewDecision;
 use futures::future::BoxFuture;
 use std::collections::HashMap;
@@ -34,12 +31,6 @@ pub struct ApplyPatchRequest {
     pub codex_exe: Option<PathBuf>,
 }
 
-impl ProvidesSandboxRetryData for ApplyPatchRequest {
-    fn sandbox_retry_data(&self) -> Option<SandboxRetryData> {
-        None
-    }
-}
-
 #[derive(Default)]
 pub struct ApplyPatchRuntime;
 
@@ -114,10 +105,9 @@ impl Approvable<ApplyPatchRequest> for ApplyPatchRuntime {
         let call_id = ctx.call_id.to_string();
         let cwd = req.cwd.clone();
         let retry_reason = ctx.retry_reason.clone();
-        let risk = ctx.risk.clone();
         let user_explicitly_approved = req.user_explicitly_approved;
         Box::pin(async move {
-            with_cached_approval(&session.services, key, move || async move {
+            with_cached_approval(&session.services, key, || async move {
                 if let Some(reason) = retry_reason {
                     session
                         .request_command_approval(
@@ -126,7 +116,6 @@ impl Approvable<ApplyPatchRequest> for ApplyPatchRuntime {
                             vec!["apply_patch".to_string()],
                             cwd,
                             Some(reason),
-                            risk,
                         )
                         .await
                 } else if user_explicitly_approved {
@@ -138,10 +127,6 @@ impl Approvable<ApplyPatchRequest> for ApplyPatchRuntime {
             .await
         })
     }
-
-    fn wants_no_sandbox_approval(&self, policy: AskForApproval) -> bool {
-        !matches!(policy, AskForApproval::Never)
-    }
 }
 
 impl ToolRuntime<ApplyPatchRequest, ExecToolCallOutput> for ApplyPatchRuntime {

codex-rs/core/src/tools/runtimes/shell.rs

@@ -12,9 +12,7 @@ use crate::sandboxing::execute_env;
 use crate::tools::runtimes::build_command_spec;
 use crate::tools::sandboxing::Approvable;
 use crate::tools::sandboxing::ApprovalCtx;
-use crate::tools::sandboxing::ProvidesSandboxRetryData;
 use crate::tools::sandboxing::SandboxAttempt;
-use crate::tools::sandboxing::SandboxRetryData;
 use crate::tools::sandboxing::Sandboxable;
 use crate::tools::sandboxing::SandboxablePreference;
 use crate::tools::sandboxing::ToolCtx;
@@ -36,15 +34,6 @@ pub struct ShellRequest {
     pub justification: Option<String>,
 }
 
-impl ProvidesSandboxRetryData for ShellRequest {
-    fn sandbox_retry_data(&self) -> Option<SandboxRetryData> {
-        Some(SandboxRetryData {
-            command: self.command.clone(),
-            cwd: self.cwd.clone(),
-        })
-    }
-}
-
 #[derive(Default)]
 pub struct ShellRuntime;
 
@@ -101,14 +90,13 @@ impl Approvable<ShellRequest> for ShellRuntime {
             .retry_reason
             .clone()
             .or_else(|| req.justification.clone());
-        let risk = ctx.risk.clone();
         let session = ctx.session;
         let turn = ctx.turn;
         let call_id = ctx.call_id.to_string();
         Box::pin(async move {
-            with_cached_approval(&session.services, key, move || async move {
+            with_cached_approval(&session.services, key, || async move {
                 session
-                    .request_command_approval(turn, call_id, command, cwd, reason, risk)
+                    .request_command_approval(turn, call_id, command, cwd, reason)
                     .await
             })
             .await

codex-rs/core/src/tools/runtimes/unified_exec.rs

@@ -9,9 +9,7 @@ use crate::error::SandboxErr;
 use crate::tools::runtimes::build_command_spec;
 use crate::tools::sandboxing::Approvable;
 use crate::tools::sandboxing::ApprovalCtx;
-use crate::tools::sandboxing::ProvidesSandboxRetryData;
 use crate::tools::sandboxing::SandboxAttempt;
-use crate::tools::sandboxing::SandboxRetryData;
 use crate::tools::sandboxing::Sandboxable;
 use crate::tools::sandboxing::SandboxablePreference;
 use crate::tools::sandboxing::ToolCtx;
@@ -33,15 +31,6 @@ pub struct UnifiedExecRequest {
     pub env: HashMap<String, String>,
 }
 
-impl ProvidesSandboxRetryData for UnifiedExecRequest {
-    fn sandbox_retry_data(&self) -> Option<SandboxRetryData> {
-        Some(SandboxRetryData {
-            command: self.command.clone(),
-            cwd: self.cwd.clone(),
-        })
-    }
-}
-
 #[derive(serde::Serialize, Clone, Debug, Eq, PartialEq, Hash)]
 pub struct UnifiedExecApprovalKey {
     pub command: Vec<String>,
@@ -96,11 +85,10 @@ impl Approvable<UnifiedExecRequest> for UnifiedExecRuntime<'_> {
         let command = req.command.clone();
         let cwd = req.cwd.clone();
         let reason = ctx.retry_reason.clone();
-        let risk = ctx.risk.clone();
         Box::pin(async move {
             with_cached_approval(&session.services, key, || async move {
                 session
-                    .request_command_approval(turn, call_id, command, cwd, reason, risk)
+                    .request_command_approval(turn, call_id, command, cwd, reason)
                     .await
             })
             .await

codex-rs/core/src/tools/sandboxing.rs

@@ -7,7 +7,6 @@
 use crate::codex::Session;
 use crate::codex::TurnContext;
 use crate::error::CodexErr;
-use crate::protocol::SandboxCommandAssessment;
 use crate::protocol::SandboxPolicy;
 use crate::sandboxing::CommandSpec;
 use crate::sandboxing::SandboxManager;
@@ -19,7 +18,6 @@ use std::collections::HashMap;
 use std::fmt::Debug;
 use std::hash::Hash;
 use std::path::Path;
-use std::path::PathBuf;
 
 use futures::Future;
 use futures::future::BoxFuture;
@@ -83,7 +81,6 @@ pub(crate) struct ApprovalCtx<'a> {
     pub turn: &'a TurnContext,
     pub call_id: &'a str,
     pub retry_reason: Option<String>,
-    pub risk: Option<SandboxCommandAssessment>,
 }
 
 pub(crate) trait Approvable<Req> {
@@ -124,11 +121,6 @@ pub(crate) trait Approvable<Req> {
         }
     }
 
-    /// Decide we can request an approval for no-sandbox execution.
-    fn wants_no_sandbox_approval(&self, policy: AskForApproval) -> bool {
-        !matches!(policy, AskForApproval::Never | AskForApproval::OnRequest)
-    }
-
     fn start_approval_async<'a>(
         &'a mut self,
         req: &'a Req,
@@ -159,17 +151,6 @@ pub(crate) struct ToolCtx<'a> {
     pub tool_name: String,
 }
 
-/// Captures the command metadata needed to re-run a tool request without sandboxing.
-#[derive(Clone, Debug, PartialEq, Eq)]
-pub(crate) struct SandboxRetryData {
-    pub command: Vec<String>,
-    pub cwd: PathBuf,
-}
-
-pub(crate) trait ProvidesSandboxRetryData {
-    fn sandbox_retry_data(&self) -> Option<SandboxRetryData>;
-}
-
 #[derive(Debug)]
 pub(crate) enum ToolError {
     Rejected(String),

codex-rs/core/src/truncate.rs

@@ -1,35 +1,18 @@
 //! Utilities for truncating large chunks of output while preserving a prefix
 //! and suffix on UTF-8 boundaries.
 
-use codex_utils_tokenizer::Tokenizer;
-
 /// Truncate the middle of a UTF-8 string to at most `max_bytes` bytes,
 /// preserving the beginning and the end. Returns the possibly truncated
-/// string and `Some(original_token_count)` (counted with the local tokenizer;
-/// falls back to a 4-bytes-per-token estimate if the tokenizer cannot load)
+/// string and `Some(original_token_count)` (estimated at 4 bytes/token)
 /// if truncation occurred; otherwise returns the original string and `None`.
 pub(crate) fn truncate_middle(s: &str, max_bytes: usize) -> (String, Option<u64>) {
     if s.len() <= max_bytes {
         return (s.to_string(), None);
     }
 
-    // Build a tokenizer for counting (default to o200k_base; fall back to cl100k_base).
-    // If both fail, fall back to a 4-bytes-per-token estimate.
-    let tok = Tokenizer::try_default().ok();
-    let token_count = |text: &str| -> u64 {
-        if let Some(ref t) = tok {
-            t.count(text) as u64
-        } else {
-            (text.len() as u64).div_ceil(4)
-        }
-    };
-
-    let total_tokens = token_count(s);
+    let est_tokens = (s.len() as u64).div_ceil(4);
     if max_bytes == 0 {
-        return (
-            format!("…{total_tokens} tokens truncated…"),
-            Some(total_tokens),
-        );
+        return (format!("…{est_tokens} tokens truncated…"), Some(est_tokens));
     }
 
     fn truncate_on_boundary(input: &str, max_len: usize) -> &str {
@@ -67,17 +50,13 @@ pub(crate) fn truncate_middle(s: &str, max_bytes: usize) -> (String, Option<u64>
         idx
     }
 
-    // Iterate to stabilize marker length → keep budget → boundaries.
-    let mut guess_tokens: u64 = 1;
+    let mut guess_tokens = est_tokens;
     for _ in 0..4 {
         let marker = format!("…{guess_tokens} tokens truncated…");
         let marker_len = marker.len();
         let keep_budget = max_bytes.saturating_sub(marker_len);
         if keep_budget == 0 {
-            return (
-                format!("…{total_tokens} tokens truncated…"),
-                Some(total_tokens),
-            );
+            return (format!("…{est_tokens} tokens truncated…"), Some(est_tokens));
         }
 
         let left_budget = keep_budget / 2;
@@ -88,72 +67,59 @@ pub(crate) fn truncate_middle(s: &str, max_bytes: usize) -> (String, Option<u64>
             suffix_start = prefix_end;
         }
 
-        // Tokens actually removed (middle slice) using the real tokenizer.
-        let removed_tokens = token_count(&s[prefix_end..suffix_start]);
+        let kept_content_bytes = prefix_end + (s.len() - suffix_start);
+        let truncated_content_bytes = s.len().saturating_sub(kept_content_bytes);
+        let new_tokens = (truncated_content_bytes as u64).div_ceil(4);
 
-        // If the number of digits in the token count does not change the marker length,
-        // we can finalize output.
-        let final_marker = format!("…{removed_tokens} tokens truncated…");
-        if final_marker.len() == marker_len {
-            let kept_content_bytes = prefix_end + (s.len() - suffix_start);
-            let mut out = String::with_capacity(final_marker.len() + kept_content_bytes + 1);
+        if new_tokens == guess_tokens {
+            let mut out = String::with_capacity(marker_len + kept_content_bytes + 1);
             out.push_str(&s[..prefix_end]);
-            out.push_str(&final_marker);
+            out.push_str(&marker);
             out.push('\n');
             out.push_str(&s[suffix_start..]);
-            return (out, Some(total_tokens));
+            return (out, Some(est_tokens));
         }
 
-        guess_tokens = removed_tokens;
+        guess_tokens = new_tokens;
     }
 
-    // Fallback build after iterations: compute with the last guess.
     let marker = format!("…{guess_tokens} tokens truncated…");
     let marker_len = marker.len();
     let keep_budget = max_bytes.saturating_sub(marker_len);
     if keep_budget == 0 {
-        return (
-            format!("…{total_tokens} tokens truncated…"),
-            Some(total_tokens),
-        );
+        return (format!("…{est_tokens} tokens truncated…"), Some(est_tokens));
     }
 
     let left_budget = keep_budget / 2;
     let right_budget = keep_budget - left_budget;
     let prefix_end = pick_prefix_end(s, left_budget);
-    let mut suffix_start = pick_suffix_start(s, right_budget);
-    if suffix_start < prefix_end {
-        suffix_start = prefix_end;
-    }
+    let suffix_start = pick_suffix_start(s, right_budget);
 
     let mut out = String::with_capacity(marker_len + prefix_end + (s.len() - suffix_start) + 1);
     out.push_str(&s[..prefix_end]);
     out.push_str(&marker);
     out.push('\n');
     out.push_str(&s[suffix_start..]);
-    (out, Some(total_tokens))
+    (out, Some(est_tokens))
 }
 
 #[cfg(test)]
 mod tests {
     use super::truncate_middle;
-    use codex_utils_tokenizer::Tokenizer;
 
     #[test]
     fn truncate_middle_no_newlines_fallback() {
-        let tok = Tokenizer::try_default().expect("load tokenizer");
         let s = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ*";
         let max_bytes = 32;
         let (out, original) = truncate_middle(s, max_bytes);
         assert!(out.starts_with("abc"));
         assert!(out.contains("tokens truncated"));
         assert!(out.ends_with("XYZ*"));
-        assert_eq!(original, Some(tok.count(s) as u64));
+        assert_eq!(original, Some((s.len() as u64).div_ceil(4)));
     }
 
     #[test]
     fn truncate_middle_prefers_newline_boundaries() {
-        let tok = Tokenizer::try_default().expect("load tokenizer");
         let mut s = String::new();
         for i in 1..=20 {
             s.push_str(&format!("{i:03}\n"));
@@ -165,36 +131,50 @@ mod tests {
         assert!(out.starts_with("001\n002\n003\n004\n"));
         assert!(out.contains("tokens truncated"));
         assert!(out.ends_with("017\n018\n019\n020\n"));
-        assert_eq!(tokens, Some(tok.count(&s) as u64));
+        assert_eq!(tokens, Some(20));
     }
 
     #[test]
     fn truncate_middle_handles_utf8_content() {
-        let tok = Tokenizer::try_default().expect("load tokenizer");
         let s = "😀😀😀😀😀😀😀😀😀😀\nsecond line with ascii text\n";
         let max_bytes = 32;
         let (out, tokens) = truncate_middle(s, max_bytes);
 
         assert!(out.contains("tokens truncated"));
         assert!(!out.contains('\u{fffd}'));
-        assert_eq!(tokens, Some(tok.count(s) as u64));
+        assert_eq!(tokens, Some((s.len() as u64).div_ceil(4)));
     }
 
     #[test]
     fn truncate_middle_prefers_newline_boundaries_2() {
-        let tok = Tokenizer::try_default().expect("load tokenizer");
         // Build a multi-line string of 20 numbered lines (each "NNN\n").
         let mut s = String::new();
         for i in 1..=20 {
             s.push_str(&format!("{i:03}\n"));
         }
+        // Total length: 20 lines * 4 bytes per line = 80 bytes.
         assert_eq!(s.len(), 80);
 
+        // Choose a cap that forces truncation while leaving room for
+        // a few lines on each side after accounting for the marker.
         let max_bytes = 64;
-        let (out, total) = truncate_middle(&s, max_bytes);
-        assert!(out.starts_with("001\n002\n003\n004\n"));
-        assert!(out.contains("tokens truncated"));
-        assert!(out.ends_with("017\n018\n019\n020\n"));
-        assert_eq!(total, Some(tok.count(&s) as u64));
+        // Expect exact output: first 4 lines, marker, last 4 lines, and correct token estimate (80/4 = 20).
+        assert_eq!(
+            truncate_middle(&s, max_bytes),
+            (
+                r#"001
+002
+003
+004
+…12 tokens truncated…
+017
+018
+019
+020
+"#
+                .to_string(),
+                Some(20)
+            )
+        );
     }
 }

codex-rs/core/src/unified_exec/mod.rs

@@ -22,8 +22,6 @@
 //! - `session_manager.rs`: orchestration (approvals, sandboxing, reuse) and request handling.
 
 use std::collections::HashMap;
-use std::path::PathBuf;
-use std::sync::Arc;
 use std::sync::atomic::AtomicI32;
 use std::time::Duration;
 
@@ -47,20 +45,10 @@ pub(crate) const MAX_YIELD_TIME_MS: u64 = 30_000;
 pub(crate) const DEFAULT_MAX_OUTPUT_TOKENS: usize = 10_000;
 pub(crate) const UNIFIED_EXEC_OUTPUT_MAX_BYTES: usize = 1024 * 1024; // 1 MiB
 
-pub(crate) struct UnifiedExecContext {
-    pub session: Arc<Session>,
-    pub turn: Arc<TurnContext>,
-    pub call_id: String,
-}
-
-impl UnifiedExecContext {
-    pub fn new(session: Arc<Session>, turn: Arc<TurnContext>, call_id: String) -> Self {
-        Self {
-            session,
-            turn,
-            call_id,
-        }
-    }
+pub(crate) struct UnifiedExecContext<'a> {
+    pub session: &'a Session,
+    pub turn: &'a TurnContext,
+    pub call_id: &'a str,
 }
 
 #[derive(Debug)]
@@ -82,7 +70,6 @@ pub(crate) struct WriteStdinRequest<'a> {
 
 #[derive(Debug, Clone, PartialEq)]
 pub(crate) struct UnifiedExecResponse {
-    pub event_call_id: String,
     pub chunk_id: String,
     pub wall_time: Duration,
     pub output: String,
@@ -91,20 +78,10 @@ pub(crate) struct UnifiedExecResponse {
     pub original_token_count: Option<usize>,
 }
 
-#[derive(Default)]
+#[derive(Debug, Default)]
 pub(crate) struct UnifiedExecSessionManager {
     next_session_id: AtomicI32,
-    sessions: Mutex<HashMap<i32, SessionEntry>>,
-}
-
-struct SessionEntry {
-    session: session::UnifiedExecSession,
-    session_ref: Arc<Session>,
-    turn_ref: Arc<TurnContext>,
-    call_id: String,
-    command: String,
-    cwd: PathBuf,
-    started_at: tokio::time::Instant,
+    sessions: Mutex<HashMap<i32, session::UnifiedExecSession>>,
 }
 
 pub(crate) fn clamp_yield_time(yield_time_ms: Option<u64>) -> u64 {
@@ -186,8 +163,11 @@ mod tests {
         cmd: &str,
         yield_time_ms: Option<u64>,
     ) -> Result<UnifiedExecResponse, UnifiedExecError> {
-        let context =
-            UnifiedExecContext::new(Arc::clone(session), Arc::clone(turn), "call".to_string());
+        let context = UnifiedExecContext {
+            session,
+            turn: turn.as_ref(),
+            call_id: "call",
+        };
 
         session
             .services

codex-rs/core/src/unified_exec/session_manager.rs

@@ -5,13 +5,8 @@ use tokio::sync::mpsc;
 use tokio::time::Duration;
 use tokio::time::Instant;
 
-use crate::exec::ExecToolCallOutput;
-use crate::exec::StreamOutput;
 use crate::exec_env::create_env;
 use crate::sandboxing::ExecEnv;
-use crate::tools::events::ToolEmitter;
-use crate::tools::events::ToolEventCtx;
-use crate::tools::events::ToolEventStage;
 use crate::tools::orchestrator::ToolOrchestrator;
 use crate::tools::runtimes::unified_exec::UnifiedExecRequest as UnifiedExecToolRequest;
 use crate::tools::runtimes::unified_exec::UnifiedExecRuntime;
@@ -19,7 +14,6 @@ use crate::tools::sandboxing::ToolCtx;
 
 use super::ExecCommandRequest;
 use super::MIN_YIELD_TIME_MS;
-use super::SessionEntry;
 use super::UnifiedExecContext;
 use super::UnifiedExecError;
 use super::UnifiedExecResponse;
@@ -36,7 +30,7 @@ impl UnifiedExecSessionManager {
     pub(crate) async fn exec_command(
         &self,
         request: ExecCommandRequest<'_>,
-        context: &UnifiedExecContext,
+        context: &UnifiedExecContext<'_>,
     ) -> Result<UnifiedExecResponse, UnifiedExecError> {
         let shell_flag = if request.login { "-lc" } else { "-c" };
         let command = vec![
@@ -65,36 +59,17 @@ impl UnifiedExecSessionManager {
         let session_id = if session.has_exited() {
             None
         } else {
-            Some(
-                self.store_session(session, context, request.command, start)
-                    .await,
-            )
+            Some(self.store_session(session).await)
         };
 
-        let response = UnifiedExecResponse {
-            event_call_id: context.call_id.clone(),
+        Ok(UnifiedExecResponse {
             chunk_id,
             wall_time,
             output,
             session_id,
             exit_code,
             original_token_count,
-        };
-
-        // If the command completed during this call, emit an ExecCommandEnd via the emitter.
-        if response.session_id.is_none() {
-            let exit = response.exit_code.unwrap_or(-1);
-            Self::emit_exec_end_from_context(
-                context,
-                request.command.to_string(),
-                response.output.clone(),
-                exit,
-                response.wall_time,
-            )
-            .await;
-        }
-
-        Ok(response)
+        })
     }
 
     pub(crate) async fn write_stdin(
@@ -123,60 +98,37 @@ impl UnifiedExecSessionManager {
         let (output, original_token_count) = truncate_output_to_tokens(&text, max_tokens);
         let chunk_id = generate_chunk_id();
 
-        let status = self.refresh_session_state(session_id).await;
-        let (session_id, exit_code, completion_entry, event_call_id) = match status {
-            SessionStatus::Alive { exit_code, call_id } => {
-                (Some(session_id), exit_code, None, call_id)
-            }
-            SessionStatus::Exited { exit_code, entry } => {
-                let call_id = entry.call_id.clone();
-                (None, exit_code, Some(*entry), call_id)
-            }
-            SessionStatus::Unknown => {
-                return Err(UnifiedExecError::UnknownSessionId { session_id });
-            }
-        };
+        let (session_id, exit_code) = self.refresh_session_state(session_id).await;
 
-        let response = UnifiedExecResponse {
-            event_call_id,
+        Ok(UnifiedExecResponse {
             chunk_id,
             wall_time,
             output,
             session_id,
             exit_code,
             original_token_count,
-        };
-
-        if let (Some(exit), Some(entry)) = (response.exit_code, completion_entry) {
-            let total_duration = Instant::now().saturating_duration_since(entry.started_at);
-            Self::emit_exec_end_from_entry(entry, response.output.clone(), exit, total_duration)
-                .await;
-        }
-
-        Ok(response)
+        })
     }
 
-    async fn refresh_session_state(&self, session_id: i32) -> SessionStatus {
+    async fn refresh_session_state(&self, session_id: i32) -> (Option<i32>, Option<i32>) {
         let mut sessions = self.sessions.lock().await;
-        let Some(entry) = sessions.get(&session_id) else {
-            return SessionStatus::Unknown;
-        };
+        if !sessions.contains_key(&session_id) {
+            return (None, None);
+        }
 
-        let exit_code = entry.session.exit_code();
+        let has_exited = sessions
+            .get(&session_id)
+            .map(UnifiedExecSession::has_exited)
+            .unwrap_or(false);
+        let exit_code = sessions
+            .get(&session_id)
+            .and_then(UnifiedExecSession::exit_code);
 
-        if entry.session.has_exited() {
-            let Some(entry) = sessions.remove(&session_id) else {
-                return SessionStatus::Unknown;
-            };
-            SessionStatus::Exited {
-                exit_code,
-                entry: Box::new(entry),
-            }
+        if has_exited {
+            sessions.remove(&session_id);
+            (None, exit_code)
         } else {
-            SessionStatus::Alive {
-                exit_code,
-                call_id: entry.call_id.clone(),
-            }
+            (Some(session_id), exit_code)
         }
     }
 
@@ -186,9 +138,9 @@ impl UnifiedExecSessionManager {
     ) -> Result<(mpsc::Sender<Vec<u8>>, OutputBuffer, Arc<Notify>), UnifiedExecError> {
         let sessions = self.sessions.lock().await;
         let (output_buffer, output_notify, writer_tx) =
-            if let Some(entry) = sessions.get(&session_id) {
-                let (buffer, notify) = entry.session.output_handles();
-                (buffer, notify, entry.session.writer_sender())
+            if let Some(session) = sessions.get(&session_id) {
+                let (buffer, notify) = session.output_handles();
+                (buffer, notify, session.writer_sender())
             } else {
                 return Err(UnifiedExecError::UnknownSessionId { session_id });
             };
@@ -206,82 +158,14 @@ impl UnifiedExecSessionManager {
             .map_err(|_| UnifiedExecError::WriteToStdin)
     }
 
-    async fn store_session(
-        &self,
-        session: UnifiedExecSession,
-        context: &UnifiedExecContext,
-        command: &str,
-        started_at: Instant,
-    ) -> i32 {
+    async fn store_session(&self, session: UnifiedExecSession) -> i32 {
         let session_id = self
             .next_session_id
             .fetch_add(1, std::sync::atomic::Ordering::SeqCst);
-        let entry = SessionEntry {
-            session,
-            session_ref: Arc::clone(&context.session),
-            turn_ref: Arc::clone(&context.turn),
-            call_id: context.call_id.clone(),
-            command: command.to_string(),
-            cwd: context.turn.cwd.clone(),
-            started_at,
-        };
-        self.sessions.lock().await.insert(session_id, entry);
+        self.sessions.lock().await.insert(session_id, session);
         session_id
     }
 
-    async fn emit_exec_end_from_entry(
-        entry: SessionEntry,
-        aggregated_output: String,
-        exit_code: i32,
-        duration: Duration,
-    ) {
-        let output = ExecToolCallOutput {
-            exit_code,
-            stdout: StreamOutput::new(aggregated_output.clone()),
-            stderr: StreamOutput::new(String::new()),
-            aggregated_output: StreamOutput::new(aggregated_output),
-            duration,
-            timed_out: false,
-        };
-        let event_ctx = ToolEventCtx::new(
-            entry.session_ref.as_ref(),
-            entry.turn_ref.as_ref(),
-            &entry.call_id,
-            None,
-        );
-        let emitter = ToolEmitter::unified_exec(entry.command, entry.cwd, true);
-        emitter
-            .emit(event_ctx, ToolEventStage::Success(output))
-            .await;
-    }
-
-    async fn emit_exec_end_from_context(
-        context: &UnifiedExecContext,
-        command: String,
-        aggregated_output: String,
-        exit_code: i32,
-        duration: Duration,
-    ) {
-        let output = ExecToolCallOutput {
-            exit_code,
-            stdout: StreamOutput::new(aggregated_output.clone()),
-            stderr: StreamOutput::new(String::new()),
-            aggregated_output: StreamOutput::new(aggregated_output),
-            duration,
-            timed_out: false,
-        };
-        let event_ctx = ToolEventCtx::new(
-            context.session.as_ref(),
-            context.turn.as_ref(),
-            &context.call_id,
-            None,
-        );
-        let emitter = ToolEmitter::unified_exec(command, context.turn.cwd.clone(), true);
-        emitter
-            .emit(event_ctx, ToolEventStage::Success(output))
-            .await;
-    }
-
     pub(crate) async fn open_session_with_exec_env(
         &self,
         env: &ExecEnv,
@@ -300,7 +184,7 @@ impl UnifiedExecSessionManager {
     pub(super) async fn open_session_with_sandbox(
         &self,
         command: Vec<String>,
-        context: &UnifiedExecContext,
+        context: &UnifiedExecContext<'_>,
     ) -> Result<UnifiedExecSession, UnifiedExecError> {
         let mut orchestrator = ToolOrchestrator::new();
         let mut runtime = UnifiedExecRuntime::new(self);
@@ -310,9 +194,9 @@ impl UnifiedExecSessionManager {
             create_env(&context.turn.shell_environment_policy),
         );
         let tool_ctx = ToolCtx {
-            session: context.session.as_ref(),
-            turn: context.turn.as_ref(),
-            call_id: context.call_id.clone(),
+            session: context.session,
+            turn: context.turn,
+            call_id: context.call_id.to_string(),
             tool_name: "exec_command".to_string(),
         };
         orchestrator
@@ -320,7 +204,7 @@ impl UnifiedExecSessionManager {
                 &mut runtime,
                 &req,
                 &tool_ctx,
-                context.turn.as_ref(),
+                context.turn,
                 context.turn.approval_policy,
             )
             .await
@@ -371,15 +255,3 @@ impl UnifiedExecSessionManager {
         collected
     }
 }
-
-enum SessionStatus {
-    Alive {
-        exit_code: Option<i32>,
-        call_id: String,
-    },
-    Exited {
-        exit_code: Option<i32>,
-        entry: Box<SessionEntry>,
-    },
-    Unknown,
-}

codex-rs/core/templates/sandboxing/assessment_prompt.md

@@ -1,27 +0,0 @@
-You are a security analyst evaluating shell commands that were blocked by a sandbox. Given the provided metadata, summarize the command's likely intent and assess the risk. Return strictly valid JSON with the keys:
-- description (concise summary, at most two sentences)
-- risk_level ("low", "medium", or "high")
-- risk_categories (optional array of zero or more category strings)
-Risk level examples:
-- low: read-only inspections, listing files, printing configuration
-- medium: modifying project files, installing dependencies, fetching artifacts from trusted sources
-- high: deleting or overwriting data, exfiltrating secrets, escalating privileges, or disabling security controls
-Recognized risk_categories: data_deletion, data_exfiltration, privilege_escalation, system_modification, network_access, resource_exhaustion, compliance.
-Use multiple categories when appropriate.
-If information is insufficient, choose the most cautious risk level supported by the evidence.
-Respond with JSON only, without markdown code fences or extra commentary.
-
----
-
-Command metadata:
-Platform: {{ platform }}
-Sandbox policy: {{ sandbox_policy }}
-{% if let Some(roots) = filesystem_roots %}
-Filesystem roots: {{ roots }}
-{% endif %}
-Working directory: {{ working_directory }}
-Command argv: {{ command_argv }}
-Command (joined): {{ command_joined }}
-{% if let Some(message) = sandbox_failure_message %}
-Sandbox failure message: {{ message }}
-{% endif %}

codex-rs/core/tests/chat_completions_sse.rs

@@ -185,49 +185,6 @@ async fn streams_text_without_reasoning() {
     assert_matches!(events[2], ResponseEvent::Completed { .. });
 }
 
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn completed_event_includes_usage_estimate() {
-    if network_disabled() {
-        println!(
-            "Skipping test because it cannot execute when network is disabled in a Codex sandbox."
-        );
-        return;
-    }
-
-    let sse = concat!(
-        "data: {\"choices\":[{\"delta\":{\"content\":\"hi\"}}]}\n\n",
-        "data: {\"choices\":[{\"delta\":{}}]}\n\n",
-        "data: [DONE]\n\n",
-    );
-
-    let events = run_stream(sse).await;
-    assert_eq!(events.len(), 3, "unexpected events: {events:?}");
-
-    let usage = events
-        .iter()
-        .find_map(|event| match event {
-            ResponseEvent::Completed {
-                token_usage: Some(usage),
-                ..
-            } => Some(usage.clone()),
-            _ => None,
-        })
-        .expect("missing usage estimate on Completed event");
-
-    assert!(
-        usage.input_tokens > 0,
-        "expected input tokens > 0, got {usage:?}"
-    );
-    assert!(
-        usage.output_tokens > 0,
-        "expected output tokens > 0, got {usage:?}"
-    );
-    assert!(
-        usage.total_tokens >= usage.input_tokens + usage.output_tokens,
-        "expected total tokens to cover input + output, got {usage:?}"
-    );
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn streams_reasoning_from_string_delta() {
     if network_disabled() {

codex-rs/core/tests/common/Cargo.toml

@@ -10,7 +10,6 @@ path = "lib.rs"
 anyhow = { workspace = true }
 assert_cmd = { workspace = true }
 codex-core = { workspace = true }
-codex-protocol = { workspace = true }
 notify = { workspace = true }
 regex-lite = { workspace = true }
 serde_json = { workspace = true }

codex-rs/core/tests/common/test_codex.rs

@@ -1,30 +1,17 @@
 use std::mem::swap;
-use std::path::Path;
 use std::path::PathBuf;
 use std::sync::Arc;
 
-use anyhow::Result;
 use codex_core::CodexAuth;
 use codex_core::CodexConversation;
 use codex_core::ConversationManager;
 use codex_core::ModelProviderInfo;
 use codex_core::built_in_model_providers;
 use codex_core::config::Config;
-use codex_core::features::Feature;
-use codex_core::protocol::AskForApproval;
-use codex_core::protocol::EventMsg;
-use codex_core::protocol::Op;
-use codex_core::protocol::SandboxPolicy;
 use codex_core::protocol::SessionConfiguredEvent;
-use codex_protocol::config_types::ReasoningSummary;
-use codex_protocol::user_input::UserInput;
-use serde_json::Value;
 use tempfile::TempDir;
-use wiremock::MockServer;
 
 use crate::load_default_config_for_test;
-use crate::responses::start_mock_server;
-use crate::wait_for_event;
 
 type ConfigMutator = dyn FnOnce(&mut Config) + Send;
 
@@ -109,12 +96,6 @@ impl TestCodexBuilder {
             mutator(&mut config);
         }
 
-        if config.include_apply_patch_tool {
-            config.features.enable(Feature::ApplyPatchFreeform);
-        } else {
-            config.features.disable(Feature::ApplyPatchFreeform);
-        }
-
         Ok((config, cwd))
     }
 }
@@ -126,139 +107,6 @@ pub struct TestCodex {
     pub session_configured: SessionConfiguredEvent,
 }
 
-impl TestCodex {
-    pub fn cwd_path(&self) -> &Path {
-        self.cwd.path()
-    }
-
-    pub fn workspace_path(&self, rel: impl AsRef<Path>) -> PathBuf {
-        self.cwd_path().join(rel)
-    }
-
-    pub async fn submit_turn(&self, prompt: &str) -> Result<()> {
-        self.submit_turn_with_policy(prompt, SandboxPolicy::DangerFullAccess)
-            .await
-    }
-
-    pub async fn submit_turn_with_policy(
-        &self,
-        prompt: &str,
-        sandbox_policy: SandboxPolicy,
-    ) -> Result<()> {
-        let session_model = self.session_configured.model.clone();
-        self.codex
-            .submit(Op::UserTurn {
-                items: vec![UserInput::Text {
-                    text: prompt.into(),
-                }],
-                final_output_json_schema: None,
-                cwd: self.cwd.path().to_path_buf(),
-                approval_policy: AskForApproval::Never,
-                sandbox_policy,
-                model: session_model,
-                effort: None,
-                summary: ReasoningSummary::Auto,
-            })
-            .await?;
-
-        wait_for_event(&self.codex, |event| {
-            matches!(event, EventMsg::TaskComplete(_))
-        })
-        .await;
-        Ok(())
-    }
-}
-
-pub struct TestCodexHarness {
-    server: MockServer,
-    test: TestCodex,
-}
-
-impl TestCodexHarness {
-    pub async fn new() -> Result<Self> {
-        Self::with_builder(test_codex()).await
-    }
-
-    pub async fn with_config(mutator: impl FnOnce(&mut Config) + Send + 'static) -> Result<Self> {
-        Self::with_builder(test_codex().with_config(mutator)).await
-    }
-
-    pub async fn with_builder(mut builder: TestCodexBuilder) -> Result<Self> {
-        let server = start_mock_server().await;
-        let test = builder.build(&server).await?;
-        Ok(Self { server, test })
-    }
-
-    pub fn server(&self) -> &MockServer {
-        &self.server
-    }
-
-    pub fn test(&self) -> &TestCodex {
-        &self.test
-    }
-
-    pub fn cwd(&self) -> &Path {
-        self.test.cwd_path()
-    }
-
-    pub fn path(&self, rel: impl AsRef<Path>) -> PathBuf {
-        self.test.workspace_path(rel)
-    }
-
-    pub async fn submit(&self, prompt: &str) -> Result<()> {
-        self.test.submit_turn(prompt).await
-    }
-
-    pub async fn submit_with_policy(
-        &self,
-        prompt: &str,
-        sandbox_policy: SandboxPolicy,
-    ) -> Result<()> {
-        self.test
-            .submit_turn_with_policy(prompt, sandbox_policy)
-            .await
-    }
-
-    pub async fn request_bodies(&self) -> Vec<Value> {
-        self.server
-            .received_requests()
-            .await
-            .expect("requests")
-            .into_iter()
-            .map(|req| serde_json::from_slice(&req.body).expect("request body json"))
-            .collect()
-    }
-
-    pub async fn function_call_output_value(&self, call_id: &str) -> Value {
-        let bodies = self.request_bodies().await;
-        function_call_output(&bodies, call_id).clone()
-    }
-
-    pub async fn function_call_stdout(&self, call_id: &str) -> String {
-        self.function_call_output_value(call_id)
-            .await
-            .get("output")
-            .and_then(Value::as_str)
-            .expect("output string")
-            .to_string()
-    }
-}
-
-fn function_call_output<'a>(bodies: &'a [Value], call_id: &str) -> &'a Value {
-    for body in bodies {
-        if let Some(items) = body.get("input").and_then(Value::as_array) {
-            for item in items {
-                if item.get("type").and_then(Value::as_str) == Some("function_call_output")
-                    && item.get("call_id").and_then(Value::as_str) == Some(call_id)
-                {
-                    return item;
-                }
-            }
-        }
-    }
-    panic!("function_call_output {call_id} not found");
-}
-
 pub fn test_codex() -> TestCodexBuilder {
     TestCodexBuilder {
         config_mutators: vec![],

codex-rs/core/tests/suite/cli_stream.rs

@@ -75,17 +75,9 @@ async fn chat_mode_stream_cli() {
     server.verify().await;
 
     // Verify a new session rollout was created and is discoverable via list_conversations
-    let provider_filter = vec!["mock".to_string()];
-    let page = RolloutRecorder::list_conversations(
-        home.path(),
-        10,
-        None,
-        &[],
-        Some(provider_filter.as_slice()),
-        "mock",
-    )
-    .await
-    .expect("list conversations");
+    let page = RolloutRecorder::list_conversations(home.path(), 10, None, &[])
+        .await
+        .expect("list conversations");
     assert!(
         !page.items.is_empty(),
         "expected at least one session to be listed"

codex-rs/core/tests/suite/client.rs

@@ -154,8 +154,7 @@ async fn resume_includes_initial_messages_and_sends_prior_items() {
                 "instructions": "be nice",
                 "cwd": ".",
                 "originator": "test_originator",
-                "cli_version": "test_version",
-                "model_provider": "test-provider"
+                "cli_version": "test_version"
             }
         })
     )
@@ -525,7 +524,7 @@ async fn prefers_apikey_when_config_prefers_apikey_even_with_chatgpt_tokens() {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
 
-    let auth_manager = match CodexAuth::from_auth_storage(codex_home.path()) {
+    let auth_manager = match CodexAuth::from_codex_home(codex_home.path()) {
         Ok(Some(auth)) => codex_core::AuthManager::from_auth_for_testing(auth),
         Ok(None) => panic!("No CodexAuth found in codex_home"),
         Err(e) => panic!("Failed to load CodexAuth: {e}"),

codex-rs/core/tests/suite/compact_resume_fork.rs

@@ -18,6 +18,7 @@ use codex_core::built_in_model_providers;
 use codex_core::codex::compact::SUMMARIZATION_PROMPT;
 use codex_core::config::Config;
 use codex_core::config::OPENAI_DEFAULT_MODEL;
+use codex_core::protocol::ConversationPathResponseEvent;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::Op;
 use codex_core::spawn::CODEX_SANDBOX_NETWORK_DISABLED_ENV_VAR;
@@ -41,29 +42,6 @@ fn network_disabled() -> bool {
     std::env::var(CODEX_SANDBOX_NETWORK_DISABLED_ENV_VAR).is_ok()
 }
 
-fn filter_out_ghost_snapshot_entries(items: &[Value]) -> Vec<Value> {
-    items
-        .iter()
-        .filter(|item| !is_ghost_snapshot_message(item))
-        .cloned()
-        .collect()
-}
-
-fn is_ghost_snapshot_message(item: &Value) -> bool {
-    if item.get("type").and_then(Value::as_str) != Some("message") {
-        return false;
-    }
-    if item.get("role").and_then(Value::as_str) != Some("user") {
-        return false;
-    }
-    item.get("content")
-        .and_then(Value::as_array)
-        .and_then(|content| content.first())
-        .and_then(|entry| entry.get("text"))
-        .and_then(Value::as_str)
-        .is_some_and(|text| text.trim_start().starts_with("<ghost_snapshot>"))
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 /// Scenario: compact an initial conversation, resume it, fork one turn back, and
 /// ensure the model-visible history matches expectations at each request.
@@ -83,7 +61,7 @@ async fn compact_resume_and_fork_preserve_model_history_view() {
     user_turn(&base, "hello world").await;
     compact_conversation(&base).await;
     user_turn(&base, "AFTER_COMPACT").await;
-    let base_path = fetch_conversation_path(&base).await;
+    let base_path = fetch_conversation_path(&base, "base conversation").await;
     assert!(
         base_path.exists(),
         "compact+resume test expects base path {base_path:?} to exist",
@@ -91,7 +69,7 @@ async fn compact_resume_and_fork_preserve_model_history_view() {
 
     let resumed = resume_conversation(&manager, &config, base_path).await;
     user_turn(&resumed, "AFTER_RESUME").await;
-    let resumed_path = fetch_conversation_path(&resumed).await;
+    let resumed_path = fetch_conversation_path(&resumed, "resumed conversation").await;
     assert!(
         resumed_path.exists(),
         "compact+resume test expects resumed path {resumed_path:?} to exist",
@@ -540,7 +518,7 @@ async fn compact_resume_after_second_compaction_preserves_history() {
     user_turn(&base, "hello world").await;
     compact_conversation(&base).await;
     user_turn(&base, "AFTER_COMPACT").await;
-    let base_path = fetch_conversation_path(&base).await;
+    let base_path = fetch_conversation_path(&base, "base conversation").await;
     assert!(
         base_path.exists(),
         "second compact test expects base path {base_path:?} to exist",
@@ -548,7 +526,7 @@ async fn compact_resume_after_second_compaction_preserves_history() {
 
     let resumed = resume_conversation(&manager, &config, base_path).await;
     user_turn(&resumed, "AFTER_RESUME").await;
-    let resumed_path = fetch_conversation_path(&resumed).await;
+    let resumed_path = fetch_conversation_path(&resumed, "resumed conversation").await;
     assert!(
         resumed_path.exists(),
         "second compact test expects resumed path {resumed_path:?} to exist",
@@ -559,7 +537,7 @@ async fn compact_resume_after_second_compaction_preserves_history() {
 
     compact_conversation(&forked).await;
     user_turn(&forked, "AFTER_COMPACT_2").await;
-    let forked_path = fetch_conversation_path(&forked).await;
+    let forked_path = fetch_conversation_path(&forked, "forked conversation").await;
     assert!(
         forked_path.exists(),
         "second compact test expects forked path {forked_path:?} to exist",
@@ -579,15 +557,13 @@ async fn compact_resume_after_second_compaction_preserves_history() {
     let resume_input_array = input_after_resume
         .as_array()
         .expect("input after resume should be an array");
-    let compact_filtered = filter_out_ghost_snapshot_entries(compact_input_array);
-    let resume_filtered = filter_out_ghost_snapshot_entries(resume_input_array);
     assert!(
-        compact_filtered.len() <= resume_filtered.len(),
+        compact_input_array.len() <= resume_input_array.len(),
         "after-resume input should have at least as many items as after-compact"
     );
     assert_eq!(
-        compact_filtered.as_slice(),
-        &resume_filtered[..compact_filtered.len()]
+        compact_input_array.as_slice(),
+        &resume_input_array[..compact_input_array.len()]
     );
     // hard coded test
     let prompt = requests[0]["instructions"]
@@ -816,8 +792,22 @@ async fn compact_conversation(conversation: &Arc<CodexConversation>) {
     wait_for_event(conversation, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
 }
 
-async fn fetch_conversation_path(conversation: &Arc<CodexConversation>) -> std::path::PathBuf {
-    conversation.rollout_path()
+async fn fetch_conversation_path(
+    conversation: &Arc<CodexConversation>,
+    context: &str,
+) -> std::path::PathBuf {
+    conversation
+        .submit(Op::GetPath)
+        .await
+        .expect("request conversation path");
+    match wait_for_event(conversation, |ev| {
+        matches!(ev, EventMsg::ConversationPath(_))
+    })
+    .await
+    {
+        EventMsg::ConversationPath(ConversationPathResponseEvent { path, .. }) => path,
+        _ => panic!("expected ConversationPath event for {context}"),
+    }
 }
 
 async fn resume_conversation(

codex-rs/core/tests/suite/fork_conversation.rs

@@ -4,6 +4,7 @@ use codex_core::ModelProviderInfo;
 use codex_core::NewConversation;
 use codex_core::built_in_model_providers;
 use codex_core::parse_turn_item;
+use codex_core::protocol::ConversationPathResponseEvent;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::Op;
 use codex_core::protocol::RolloutItem;
@@ -78,7 +79,13 @@ async fn fork_conversation_twice_drops_to_first_message() {
     }
 
     // Request history from the base conversation to obtain rollout path.
-    let base_path = codex.rollout_path();
+    codex.submit(Op::GetPath).await.unwrap();
+    let base_history =
+        wait_for_event(&codex, |ev| matches!(ev, EventMsg::ConversationPath(_))).await;
+    let base_path = match &base_history {
+        EventMsg::ConversationPath(ConversationPathResponseEvent { path, .. }) => path.clone(),
+        _ => panic!("expected ConversationHistory event"),
+    };
 
     // GetHistory flushes before returning the path; no wait needed.
 
@@ -133,7 +140,15 @@ async fn fork_conversation_twice_drops_to_first_message() {
         .await
         .expect("fork 1");
 
-    let fork1_path = codex_fork1.rollout_path();
+    codex_fork1.submit(Op::GetPath).await.unwrap();
+    let fork1_history = wait_for_event(&codex_fork1, |ev| {
+        matches!(ev, EventMsg::ConversationPath(_))
+    })
+    .await;
+    let fork1_path = match &fork1_history {
+        EventMsg::ConversationPath(ConversationPathResponseEvent { path, .. }) => path.clone(),
+        _ => panic!("expected ConversationHistory event after first fork"),
+    };
 
     // GetHistory on fork1 flushed; the file is ready.
     let fork1_items = read_items(&fork1_path);
@@ -151,7 +166,15 @@ async fn fork_conversation_twice_drops_to_first_message() {
         .await
         .expect("fork 2");
 
-    let fork2_path = codex_fork2.rollout_path();
+    codex_fork2.submit(Op::GetPath).await.unwrap();
+    let fork2_history = wait_for_event(&codex_fork2, |ev| {
+        matches!(ev, EventMsg::ConversationPath(_))
+    })
+    .await;
+    let fork2_path = match &fork2_history {
+        EventMsg::ConversationPath(ConversationPathResponseEvent { path, .. }) => path.clone(),
+        _ => panic!("expected ConversationHistory event after second fork"),
+    };
     // GetHistory on fork2 flushed; the file is ready.
     let fork1_items = read_items(&fork1_path);
     let fork1_user_inputs = find_user_input_positions(&fork1_items);

codex-rs/core/tests/suite/mod.rs

@@ -3,8 +3,6 @@
 #[cfg(not(target_os = "windows"))]
 mod abort_tasks;
 #[cfg(not(target_os = "windows"))]
-mod apply_patch_cli;
-#[cfg(not(target_os = "windows"))]
 mod approvals;
 mod cli_stream;
 mod client;
@@ -33,7 +31,6 @@ mod stream_no_completed;
 mod tool_harness;
 mod tool_parallelism;
 mod tools;
-mod truncation;
 mod unified_exec;
 mod user_notification;
 mod view_image;

codex-rs/core/tests/suite/review.rs

@@ -7,6 +7,7 @@ use codex_core::REVIEW_PROMPT;
 use codex_core::ResponseItem;
 use codex_core::built_in_model_providers;
 use codex_core::config::Config;
+use codex_core::protocol::ConversationPathResponseEvent;
 use codex_core::protocol::ENVIRONMENT_CONTEXT_OPEN_TAG;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::ExitedReviewModeEvent;
@@ -119,7 +120,13 @@ async fn review_op_emits_lifecycle_and_review_output() {
 
     // Also verify that a user message with the header and a formatted finding
     // was recorded back in the parent session's rollout.
-    let path = codex.rollout_path();
+    codex.submit(Op::GetPath).await.unwrap();
+    let history_event =
+        wait_for_event(&codex, |ev| matches!(ev, EventMsg::ConversationPath(_))).await;
+    let path = match history_event {
+        EventMsg::ConversationPath(ConversationPathResponseEvent { path, .. }) => path,
+        other => panic!("expected ConversationPath event, got {other:?}"),
+    };
     let text = std::fs::read_to_string(&path).expect("read rollout file");
 
     let mut saw_header = false;
@@ -368,8 +375,7 @@ async fn review_input_isolated_from_parent_history() {
                 "instructions": null,
                 "cwd": ".",
                 "originator": "test_originator",
-                "cli_version": "test_version",
-                "model_provider": "test-provider"
+                "cli_version": "test_version"
             }
         });
         f.write_all(format!("{meta_line}\n").as_bytes())
@@ -476,7 +482,13 @@ async fn review_input_isolated_from_parent_history() {
     assert_eq!(instructions, REVIEW_PROMPT);
 
     // Also verify that a user interruption note was recorded in the rollout.
-    let path = codex.rollout_path();
+    codex.submit(Op::GetPath).await.unwrap();
+    let history_event =
+        wait_for_event(&codex, |ev| matches!(ev, EventMsg::ConversationPath(_))).await;
+    let path = match history_event {
+        EventMsg::ConversationPath(ConversationPathResponseEvent { path, .. }) => path,
+        other => panic!("expected ConversationPath event, got {other:?}"),
+    };
     let text = std::fs::read_to_string(&path).expect("read rollout file");
     let mut saw_interruption_message = false;
     for line in text.lines() {

codex-rs/core/tests/suite/rmcp_client.rs

@@ -14,8 +14,6 @@ use codex_core::features::Feature;
 
 use codex_core::protocol::AskForApproval;
 use codex_core::protocol::EventMsg;
-use codex_core::protocol::McpInvocation;
-use codex_core::protocol::McpToolCallBeginEvent;
 use codex_core::protocol::Op;
 use codex_core::protocol::SandboxPolicy;
 use codex_protocol::config_types::ReasoningSummary;
@@ -27,9 +25,7 @@ use core_test_support::test_codex::test_codex;
 use core_test_support::wait_for_event;
 use core_test_support::wait_for_event_with_timeout;
 use escargot::CargoBuild;
-use mcp_types::ContentBlock;
 use serde_json::Value;
-use serde_json::json;
 use serial_test::serial;
 use tempfile::tempdir;
 use tokio::net::TcpStream;
@@ -39,8 +35,6 @@ use tokio::time::Instant;
 use tokio::time::sleep;
 use wiremock::matchers::any;
 
-static OPENAI_PNG: &str = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAD0AAAA9CAYAAAAeYmHpAAAE6klEQVR4Aeyau44UVxCGx1fZsmRLlm3Zoe0XcGQ5cUiCCIgJeS9CHgAhMkISQnIuGQgJEkBcxLW+nqnZ6uqqc+nuWRC7q/P3qetf9e+MtOwyX25O4Nep6JPyop++0qev9HrfgZ+F6r2DuB/vHOrt/UIkqdDHYvujOW6fO7h/CNEI+a5jc+pBR8uy0jVFsziYu5HtfSUk+Io34q921hLNctFSX0gwww+S8wce8K1LfCU+cYW4888aov8NxqvQILUPPReLOrm6zyLxa4i+6VZuFbJo8d1MOHZm+7VUtB/aIvhPWc/3SWg49JcwFLlHxuXKjtyloo+YNhuW3VS+WPBuUEMvCFKjEDVgFBQHXrnazpqiSxNZCkQ1kYiozsbm9Oz7l4i2Il7vGccGNWAc3XosDrZe/9P3ZnMmzHNEQw4smf8RQ87XEAMsC7Az0Au+dgXerfH4+sHvEc0SYGic8WBBUGqFH2gN7yDrazy7m2pbRTeRmU3+MjZmr1h6LJgPbGy23SI6GlYT0brQ71IY8Us4PNQCm+zepSbaD2BY9xCaAsD9IIj/IzFmKMSdHHonwdZATbTnYREf6/VZGER98N9yCWIvXQwXDoDdhZJoT8jwLnJXDB9w4Sb3e6nK5ndzlkTLnP3JBu4LKkbrYrU69gCVceV0JvpyuW1xlsUVngzhwMetn/XamtTORF9IO5YnWNiyeF9zCAfqR3fUW+vZZKLtgP+ts8BmQRBREAdRDhH3o8QuRh/YucNFz2BEjxbRN6LGzphfKmvP6v6QhqIQyZ8XNJ0W0X83MR1PEcJBNO2KC2Z1TW/v244scp9FwRViZxIOBF0Lctk7ZVSavdLvRlV1hz/ysUi9sr8CIcB3nvWBwA93ykTz18eAYxQ6N/K2DkPA1lv3iXCwmDUT7YkjIby9siXueIJj9H+pzSqJ9oIuJWTUgSSt4WO7o/9GGg0viR4VinNRUDoIj34xoCd6pxD3aK3zfdbnx5v1J3ZNNEJsE0sBG7N27ReDrJc4sFxz7dI/ZAbOmmiKvHBitQXpAdR6+F7v+/ol/tOouUV01EeMZQF2BoQDn6dP4XNr+j9GZEtEK1/L8pFw7bd3a53tsTa7WD+054jOFmPg1XBKPQgnqFfmFcy32ZRvjmiIIQTYFvyDxQ8nH8WIwwGwlyDjDznnilYyFr6njrlZwsKkBpO59A7OwgdzPEWRm+G+oeb7IfyNuzjEEVLrOVxJsxvxwF8kmCM6I2QYmJunz4u4TrADpfl7mlbRTWQ7VmrBzh3+C9f6Grc3YoGN9dg/SXFthpRsT6vobfXRs2VBlgBHXVMLHjDNbIZv1sZ9+X3hB09cXdH1JKViyG0+W9bWZDa/r2f9zAFR71sTzGpMSWz2iI4YssWjWo3REy1MDGjdwe5e0dFSiAC1JakBvu4/CUS8Eh6dqHdU0Or0ioY3W5ClSqDXAy7/6SRfgw8vt4I+tbvvNtFT2kVDhY5+IGb1rCqYaXNF08vSALsXCPmt0kQNqJT1p5eI1mkIV/BxCY1z85lOzeFbPBQHURkkPTlwTYK9gTVE25l84IbFFN+YJDHjdpn0gq6mrHht0dkcjbM4UL9283O5p77GN+SPW/QwVB4IUYg7Or+Kp7naR6qktP98LNF2UxWo9yObPIT9KYg+hK4i56no4rfnM0qeyFf6AwAAAP//trwR3wAAAAZJREFUAwBZ0sR75itw5gAAAABJRU5ErkJggg==";
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 1)]
 #[serial(mcp_test_value)]
 async fn stdio_server_round_trip() -> anyhow::Result<()> {
@@ -181,352 +175,6 @@ async fn stdio_server_round_trip() -> anyhow::Result<()> {
     Ok(())
 }
 
-#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
-#[serial(mcp_test_value)]
-async fn stdio_image_responses_round_trip() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    let call_id = "img-1";
-    let server_name = "rmcp";
-    let tool_name = format!("mcp__{server_name}__image");
-
-    // First stream: model decides to call the image tool.
-    mount_sse_once_match(
-        &server,
-        any(),
-        responses::sse(vec![
-            responses::ev_response_created("resp-1"),
-            responses::ev_function_call(call_id, &tool_name, "{}"),
-            responses::ev_completed("resp-1"),
-        ]),
-    )
-    .await;
-    // Second stream: after tool execution, assistant emits a message and completes.
-    let final_mock = mount_sse_once_match(
-        &server,
-        any(),
-        responses::sse(vec![
-            responses::ev_assistant_message("msg-1", "rmcp image tool completed successfully."),
-            responses::ev_completed("resp-2"),
-        ]),
-    )
-    .await;
-
-    // Build the stdio rmcp server and pass the image as data URL so it can construct ImageContent.
-    let rmcp_test_server_bin = CargoBuild::new()
-        .package("codex-rmcp-client")
-        .bin("test_stdio_server")
-        .run()?
-        .path()
-        .to_string_lossy()
-        .into_owned();
-
-    let fixture = test_codex()
-        .with_config(move |config| {
-            config.features.enable(Feature::RmcpClient);
-            config.mcp_servers.insert(
-                server_name.to_string(),
-                McpServerConfig {
-                    transport: McpServerTransportConfig::Stdio {
-                        command: rmcp_test_server_bin,
-                        args: Vec::new(),
-                        env: Some(HashMap::from([(
-                            "MCP_TEST_IMAGE_DATA_URL".to_string(),
-                            OPENAI_PNG.to_string(),
-                        )])),
-                        env_vars: Vec::new(),
-                        cwd: None,
-                    },
-                    enabled: true,
-                    startup_timeout_sec: Some(Duration::from_secs(10)),
-                    tool_timeout_sec: None,
-                    enabled_tools: None,
-                    disabled_tools: None,
-                },
-            );
-        })
-        .build(&server)
-        .await?;
-    let session_model = fixture.session_configured.model.clone();
-
-    fixture
-        .codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::Text {
-                text: "call the rmcp image tool".into(),
-            }],
-            final_output_json_schema: None,
-            cwd: fixture.cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::ReadOnly,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    // Wait for tool begin/end and final completion.
-    let begin_event = wait_for_event_with_timeout(
-        &fixture.codex,
-        |ev| matches!(ev, EventMsg::McpToolCallBegin(_)),
-        Duration::from_secs(10),
-    )
-    .await;
-    let EventMsg::McpToolCallBegin(begin) = begin_event else {
-        unreachable!("begin");
-    };
-    assert_eq!(
-        begin,
-        McpToolCallBeginEvent {
-            call_id: call_id.to_string(),
-            invocation: McpInvocation {
-                server: server_name.to_string(),
-                tool: "image".to_string(),
-                arguments: Some(json!({})),
-            },
-        },
-    );
-
-    let end_event = wait_for_event(&fixture.codex, |ev| {
-        matches!(ev, EventMsg::McpToolCallEnd(_))
-    })
-    .await;
-    let EventMsg::McpToolCallEnd(end) = end_event else {
-        unreachable!("end");
-    };
-    assert_eq!(end.call_id, call_id);
-    assert_eq!(
-        end.invocation,
-        McpInvocation {
-            server: server_name.to_string(),
-            tool: "image".to_string(),
-            arguments: Some(json!({})),
-        }
-    );
-    let result = end.result.expect("rmcp image tool should return success");
-    assert_eq!(result.is_error, Some(false));
-    assert_eq!(result.content.len(), 1);
-    let base64_only = OPENAI_PNG
-        .strip_prefix("data:image/png;base64,")
-        .expect("data url prefix");
-    match &result.content[0] {
-        ContentBlock::ImageContent(img) => {
-            assert_eq!(img.mime_type, "image/png");
-            assert_eq!(img.r#type, "image");
-            assert_eq!(img.data, base64_only);
-        }
-        other => panic!("expected image content, got {other:?}"),
-    }
-
-    wait_for_event(&fixture.codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
-
-    let output_item = final_mock.single_request().function_call_output(call_id);
-    assert_eq!(
-        output_item,
-        json!({
-            "type": "function_call_output",
-            "call_id": call_id,
-            "output": [{
-                "type": "input_image",
-                "image_url": OPENAI_PNG
-            }]
-        })
-    );
-    server.verify().await;
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
-#[serial(mcp_test_value)]
-async fn stdio_image_completions_round_trip() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    let call_id = "img-cc-1";
-    let server_name = "rmcp";
-    let tool_name = format!("mcp__{server_name}__image");
-
-    let tool_call = json!({
-        "choices": [
-            {
-                "delta": {
-                    "tool_calls": [
-                        {
-                            "id": call_id,
-                            "type": "function",
-                            "function": {"name": tool_name, "arguments": "{}"}
-                        }
-                    ]
-                },
-                "finish_reason": "tool_calls"
-            }
-        ]
-    });
-    let sse_tool_call = format!(
-        "data: {}\n\ndata: [DONE]\n\n",
-        serde_json::to_string(&tool_call)?
-    );
-
-    let final_assistant = json!({
-        "choices": [
-            {
-                "delta": {"content": "rmcp image tool completed successfully."},
-                "finish_reason": "stop"
-            }
-        ]
-    });
-    let sse_final = format!(
-        "data: {}\n\ndata: [DONE]\n\n",
-        serde_json::to_string(&final_assistant)?
-    );
-
-    use std::sync::atomic::AtomicUsize;
-    use std::sync::atomic::Ordering;
-    struct ChatSeqResponder {
-        num_calls: AtomicUsize,
-        bodies: Vec<String>,
-    }
-    impl wiremock::Respond for ChatSeqResponder {
-        fn respond(&self, _: &wiremock::Request) -> wiremock::ResponseTemplate {
-            let idx = self.num_calls.fetch_add(1, Ordering::SeqCst);
-            match self.bodies.get(idx) {
-                Some(body) => wiremock::ResponseTemplate::new(200)
-                    .insert_header("content-type", "text/event-stream")
-                    .set_body_string(body.clone()),
-                None => panic!("no chat completion response for index {idx}"),
-            }
-        }
-    }
-
-    let chat_seq = ChatSeqResponder {
-        num_calls: AtomicUsize::new(0),
-        bodies: vec![sse_tool_call, sse_final],
-    };
-    wiremock::Mock::given(wiremock::matchers::method("POST"))
-        .and(wiremock::matchers::path("/v1/chat/completions"))
-        .respond_with(chat_seq)
-        .expect(2)
-        .mount(&server)
-        .await;
-
-    let rmcp_test_server_bin = CargoBuild::new()
-        .package("codex-rmcp-client")
-        .bin("test_stdio_server")
-        .run()?
-        .path()
-        .to_string_lossy()
-        .into_owned();
-
-    let fixture = test_codex()
-        .with_config(move |config| {
-            config.model_provider.wire_api = codex_core::WireApi::Chat;
-            config.features.enable(Feature::RmcpClient);
-            config.mcp_servers.insert(
-                server_name.to_string(),
-                McpServerConfig {
-                    transport: McpServerTransportConfig::Stdio {
-                        command: rmcp_test_server_bin,
-                        args: Vec::new(),
-                        env: Some(HashMap::from([(
-                            "MCP_TEST_IMAGE_DATA_URL".to_string(),
-                            OPENAI_PNG.to_string(),
-                        )])),
-                        env_vars: Vec::new(),
-                        cwd: None,
-                    },
-                    enabled: true,
-                    startup_timeout_sec: Some(Duration::from_secs(10)),
-                    tool_timeout_sec: None,
-                    enabled_tools: None,
-                    disabled_tools: None,
-                },
-            );
-        })
-        .build(&server)
-        .await?;
-    let session_model = fixture.session_configured.model.clone();
-
-    fixture
-        .codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::Text {
-                text: "call the rmcp image tool".into(),
-            }],
-            final_output_json_schema: None,
-            cwd: fixture.cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::ReadOnly,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    let begin_event = wait_for_event_with_timeout(
-        &fixture.codex,
-        |ev| matches!(ev, EventMsg::McpToolCallBegin(_)),
-        Duration::from_secs(10),
-    )
-    .await;
-    let EventMsg::McpToolCallBegin(begin) = begin_event else {
-        unreachable!("begin");
-    };
-    assert_eq!(
-        begin,
-        McpToolCallBeginEvent {
-            call_id: call_id.to_string(),
-            invocation: McpInvocation {
-                server: server_name.to_string(),
-                tool: "image".to_string(),
-                arguments: Some(json!({})),
-            },
-        },
-    );
-
-    let end_event = wait_for_event(&fixture.codex, |ev| {
-        matches!(ev, EventMsg::McpToolCallEnd(_))
-    })
-    .await;
-    let EventMsg::McpToolCallEnd(end) = end_event else {
-        unreachable!("end");
-    };
-    assert!(end.result.as_ref().is_ok(), "tool call should succeed");
-
-    wait_for_event(&fixture.codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
-
-    // Chat Completions assertion: the second POST should include a tool role message
-    // with an array `content` containing an item with the expected data URL.
-    let requests = server.received_requests().await.expect("requests captured");
-    assert!(requests.len() >= 2, "expected two chat completion calls");
-    let second = &requests[1];
-    let body: Value = serde_json::from_slice(&second.body)?;
-    let messages = body
-        .get("messages")
-        .and_then(Value::as_array)
-        .cloned()
-        .expect("messages array");
-    let tool_msg = messages
-        .iter()
-        .find(|m| {
-            m.get("role") == Some(&json!("tool")) && m.get("tool_call_id") == Some(&json!(call_id))
-        })
-        .cloned()
-        .expect("tool message present");
-    assert_eq!(
-        tool_msg,
-        json!({
-            "role": "tool",
-            "tool_call_id": call_id,
-            "content": [{"type": "image_url", "image_url": {"url": OPENAI_PNG}}]
-        })
-    );
-
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 1)]
 #[serial(mcp_test_value)]
 async fn stdio_server_propagates_whitelisted_env_vars() -> anyhow::Result<()> {

codex-rs/core/tests/suite/rollout_list_find.rs

@@ -1,6 +1,5 @@
 #![allow(clippy::unwrap_used, clippy::expect_used)]
 use std::io::Write;
-use std::path::Path;
 use std::path::PathBuf;
 
 use codex_core::find_conversation_path_by_id_str;
@@ -9,8 +8,8 @@ use uuid::Uuid;
 
 /// Create sessions/YYYY/MM/DD and write a minimal rollout file containing the
 /// provided conversation id in the SessionMeta line. Returns the absolute path.
-fn write_minimal_rollout_with_id(codex_home: &Path, id: Uuid) -> PathBuf {
-    let sessions = codex_home.join("sessions/2024/01/01");
+fn write_minimal_rollout_with_id(codex_home: &TempDir, id: Uuid) -> PathBuf {
+    let sessions = codex_home.path().join("sessions/2024/01/01");
     std::fs::create_dir_all(&sessions).unwrap();
 
     let file = sessions.join(format!("rollout-2024-01-01T00-00-00-{id}.jsonl"));
@@ -28,8 +27,7 @@ fn write_minimal_rollout_with_id(codex_home: &Path, id: Uuid) -> PathBuf {
                 "instructions": null,
                 "cwd": ".",
                 "originator": "test",
-                "cli_version": "test",
-                "model_provider": "test-provider"
+                "cli_version": "test"
             }
         })
     )
@@ -42,7 +40,7 @@ fn write_minimal_rollout_with_id(codex_home: &Path, id: Uuid) -> PathBuf {
 async fn find_locates_rollout_file_by_id() {
     let home = TempDir::new().unwrap();
     let id = Uuid::new_v4();
-    let expected = write_minimal_rollout_with_id(home.path(), id);
+    let expected = write_minimal_rollout_with_id(&home, id);
 
     let found = find_conversation_path_by_id_str(home.path(), &id.to_string())
         .await
@@ -50,33 +48,3 @@ async fn find_locates_rollout_file_by_id() {
 
     assert_eq!(found.unwrap(), expected);
 }
-
-#[tokio::test]
-async fn find_handles_gitignore_covering_codex_home_directory() {
-    let repo = TempDir::new().unwrap();
-    let codex_home = repo.path().join(".codex");
-    std::fs::create_dir_all(&codex_home).unwrap();
-    std::fs::write(repo.path().join(".gitignore"), ".codex/**\n").unwrap();
-    let id = Uuid::new_v4();
-    let expected = write_minimal_rollout_with_id(&codex_home, id);
-
-    let found = find_conversation_path_by_id_str(&codex_home, &id.to_string())
-        .await
-        .unwrap();
-
-    assert_eq!(found, Some(expected));
-}
-
-#[tokio::test]
-async fn find_ignores_granular_gitignore_rules() {
-    let home = TempDir::new().unwrap();
-    let id = Uuid::new_v4();
-    let expected = write_minimal_rollout_with_id(home.path(), id);
-    std::fs::write(home.path().join("sessions/.gitignore"), "*.jsonl\n").unwrap();
-
-    let found = find_conversation_path_by_id_str(home.path(), &id.to_string())
-        .await
-        .unwrap();
-
-    assert_eq!(found, Some(expected));
-}

codex-rs/core/tests/suite/truncation.rs

@@ -1,270 +0,0 @@
-#![cfg(not(target_os = "windows"))]
-#![allow(clippy::unwrap_used, clippy::expect_used)]
-
-use anyhow::Context;
-use anyhow::Result;
-use codex_core::features::Feature;
-use codex_core::model_family::find_family_for_model;
-use codex_core::protocol::SandboxPolicy;
-use core_test_support::assert_regex_match;
-use core_test_support::responses;
-use core_test_support::responses::ev_assistant_message;
-use core_test_support::responses::ev_completed;
-use core_test_support::responses::ev_function_call;
-use core_test_support::responses::ev_response_created;
-use core_test_support::responses::mount_sse_once_match;
-use core_test_support::responses::mount_sse_sequence;
-use core_test_support::responses::sse;
-use core_test_support::responses::start_mock_server;
-use core_test_support::skip_if_no_network;
-use core_test_support::test_codex::test_codex;
-use escargot::CargoBuild;
-use regex_lite::Regex;
-use serde_json::Value;
-use serde_json::json;
-use wiremock::matchers::any;
-
-// Verifies byte-truncation formatting for function error output (RespondToModel errors)
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn truncate_function_error_trims_respond_to_model() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = start_mock_server().await;
-    let mut builder = test_codex().with_config(|config| {
-        // Use the test model that wires function tools like grep_files
-        config.model = "test-gpt-5-codex".to_string();
-        config.model_family =
-            find_family_for_model("test-gpt-5-codex").expect("model family for test model");
-    });
-    let test = builder.build(&server).await?;
-
-    // Construct a very long, non-existent path to force a RespondToModel error with a large message
-    let long_path = "a".repeat(20_000);
-    let call_id = "grep-huge-error";
-    let args = json!({
-        "pattern": "alpha",
-        "path": long_path,
-        "limit": 10
-    });
-    let responses = vec![
-        sse(vec![
-            ev_response_created("resp-1"),
-            ev_function_call(call_id, "grep_files", &serde_json::to_string(&args)?),
-            ev_completed("resp-1"),
-        ]),
-        sse(vec![
-            ev_assistant_message("msg-1", "done"),
-            ev_completed("resp-2"),
-        ]),
-    ];
-    let mock = mount_sse_sequence(&server, responses).await;
-
-    test.submit_turn_with_policy(
-        "trigger grep_files with long path to test truncation",
-        SandboxPolicy::DangerFullAccess,
-    )
-    .await?;
-
-    let output = mock
-        .function_call_output_text(call_id)
-        .context("function error output present")?;
-
-    tracing::debug!(output = %output, "truncated function error output");
-
-    // Expect plaintext with byte-truncation marker and no omitted-lines marker
-    assert!(
-        serde_json::from_str::<serde_json::Value>(&output).is_err(),
-        "expected error output to be plain text",
-    );
-    let truncated_pattern = r#"(?s)^Total output lines: 1\s+.*\[\.\.\. output truncated to fit 10240 bytes \.\.\.\]\s*$"#;
-    assert_regex_match(truncated_pattern, &output);
-    assert!(
-        !output.contains("omitted"),
-        "line omission marker should not appear when no lines were dropped: {output}"
-    );
-
-    Ok(())
-}
-
-// Verifies that a standard tool call (shell) exceeding the model formatting
-// limits is truncated before being sent back to the model.
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn tool_call_output_exceeds_limit_truncated_for_model() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    // Use a model that exposes the generic shell tool.
-    let mut builder = test_codex().with_config(|config| {
-        config.model = "gpt-5-codex".to_string();
-        config.model_family =
-            find_family_for_model("gpt-5-codex").expect("gpt-5-codex is a model family");
-    });
-    let fixture = builder.build(&server).await?;
-
-    let call_id = "shell-too-large";
-    let args = serde_json::json!({
-        "command": ["/bin/sh", "-c", "seq 1 400"],
-        "timeout_ms": 5_000,
-    });
-
-    // First response: model tells us to run the tool; second: complete the turn.
-    mount_sse_once_match(
-        &server,
-        any(),
-        sse(vec![
-            responses::ev_response_created("resp-1"),
-            responses::ev_function_call(call_id, "shell", &serde_json::to_string(&args)?),
-            responses::ev_completed("resp-1"),
-        ]),
-    )
-    .await;
-    let mock2 = mount_sse_once_match(
-        &server,
-        any(),
-        sse(vec![
-            responses::ev_assistant_message("msg-1", "done"),
-            responses::ev_completed("resp-2"),
-        ]),
-    )
-    .await;
-
-    fixture
-        .submit_turn_with_policy("trigger big shell output", SandboxPolicy::DangerFullAccess)
-        .await?;
-
-    // Inspect what we sent back to the model; it should contain a truncated
-    // function_call_output for the shell call.
-    let output = mock2
-        .single_request()
-        .function_call_output_text(call_id)
-        .context("function_call_output present for shell call")?;
-
-    // Expect plain text (not JSON) with truncation markers and line elision.
-    assert!(
-        serde_json::from_str::<Value>(&output).is_err(),
-        "expected truncated shell output to be plain text"
-    );
-    let truncated_pattern = r#"(?s)^Exit code: 0
-Wall time: .* seconds
-Total output lines: 400
-Output:
-1
-2
-3
-4
-5
-6
-.*
-\[\.{3} omitted 144 of 400 lines \.{3}\]
-
-.*
-396
-397
-398
-399
-400
-$"#;
-    assert_regex_match(truncated_pattern, &output);
-
-    Ok(())
-}
-
-// Verifies that an MCP tool call result exceeding the model formatting limits
-// is truncated before being sent back to the model.
-#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
-async fn mcp_tool_call_output_exceeds_limit_truncated_for_model() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    let call_id = "rmcp-truncated";
-    let server_name = "rmcp";
-    let tool_name = format!("mcp__{server_name}__echo");
-
-    // Build a very large message to exceed 10KiB once serialized.
-    let large_msg = "long-message-with-newlines-".repeat(600);
-    let args_json = serde_json::json!({ "message": large_msg });
-
-    mount_sse_once_match(
-        &server,
-        any(),
-        sse(vec![
-            responses::ev_response_created("resp-1"),
-            responses::ev_function_call(call_id, &tool_name, &args_json.to_string()),
-            responses::ev_completed("resp-1"),
-        ]),
-    )
-    .await;
-    let mock2 = mount_sse_once_match(
-        &server,
-        any(),
-        sse(vec![
-            responses::ev_assistant_message("msg-1", "rmcp echo tool completed."),
-            responses::ev_completed("resp-2"),
-        ]),
-    )
-    .await;
-
-    // Compile the rmcp stdio test server and configure it.
-    let rmcp_test_server_bin = CargoBuild::new()
-        .package("codex-rmcp-client")
-        .bin("test_stdio_server")
-        .run()?
-        .path()
-        .to_string_lossy()
-        .into_owned();
-
-    let mut builder = test_codex().with_config(move |config| {
-        config.features.enable(Feature::RmcpClient);
-        config.mcp_servers.insert(
-            server_name.to_string(),
-            codex_core::config_types::McpServerConfig {
-                transport: codex_core::config_types::McpServerTransportConfig::Stdio {
-                    command: rmcp_test_server_bin,
-                    args: Vec::new(),
-                    env: None,
-                    env_vars: Vec::new(),
-                    cwd: None,
-                },
-                enabled: true,
-                startup_timeout_sec: Some(std::time::Duration::from_secs(10)),
-                tool_timeout_sec: None,
-                enabled_tools: None,
-                disabled_tools: None,
-            },
-        );
-    });
-    let fixture = builder.build(&server).await?;
-
-    fixture
-        .submit_turn_with_policy(
-            "call the rmcp echo tool with a very large message",
-            SandboxPolicy::ReadOnly,
-        )
-        .await?;
-
-    // The MCP tool call output is converted to a function_call_output for the model.
-    let output = mock2
-        .single_request()
-        .function_call_output_text(call_id)
-        .context("function_call_output present for rmcp call")?;
-
-    // Expect plain text with byte-based truncation marker.
-    assert!(
-        serde_json::from_str::<Value>(&output).is_err(),
-        "expected truncated MCP output to be plain text"
-    );
-    assert!(
-        output.starts_with("Total output lines: 1\n\n{"),
-        "expected total line header and JSON head, got: {output}"
-    );
-    let byte_marker = Regex::new(r"\[\.\.\. output truncated to fit 10240 bytes \.\.\.\]")
-        .expect("compile regex");
-    assert!(
-        byte_marker.is_match(&output),
-        "expected byte truncation marker, got: {output}"
-    );
-
-    Ok(())
-}

codex-rs/core/tests/suite/unified_exec.rs

@@ -133,262 +133,6 @@ async fn unified_exec_emits_exec_command_begin_event() -> Result<()> {
     Ok(())
 }
 
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn unified_exec_emits_exec_command_end_event() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-    skip_if_sandbox!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    let mut builder = test_codex().with_config(|config| {
-        config.use_experimental_unified_exec_tool = true;
-        config.features.enable(Feature::UnifiedExec);
-    });
-    let TestCodex {
-        codex,
-        cwd,
-        session_configured,
-        ..
-    } = builder.build(&server).await?;
-
-    let call_id = "uexec-end-event";
-    let args = json!({
-        "cmd": "/bin/echo END-EVENT".to_string(),
-        "yield_time_ms": 250,
-    });
-    let poll_call_id = "uexec-end-event-poll";
-    let poll_args = json!({
-        "chars": "",
-        "session_id": 0,
-        "yield_time_ms": 250,
-    });
-
-    let responses = vec![
-        sse(vec![
-            ev_response_created("resp-1"),
-            ev_function_call(call_id, "exec_command", &serde_json::to_string(&args)?),
-            ev_completed("resp-1"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-2"),
-            ev_function_call(
-                poll_call_id,
-                "write_stdin",
-                &serde_json::to_string(&poll_args)?,
-            ),
-            ev_completed("resp-2"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-3"),
-            ev_assistant_message("msg-1", "finished"),
-            ev_completed("resp-3"),
-        ]),
-    ];
-    mount_sse_sequence(&server, responses).await;
-
-    let session_model = session_configured.model.clone();
-
-    codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::Text {
-                text: "emit end event".into(),
-            }],
-            final_output_json_schema: None,
-            cwd: cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::DangerFullAccess,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    let end_event = wait_for_event_match(&codex, |msg| match msg {
-        EventMsg::ExecCommandEnd(ev) if ev.call_id == call_id => Some(ev.clone()),
-        _ => None,
-    })
-    .await;
-
-    assert_eq!(end_event.exit_code, 0);
-    assert!(
-        end_event.aggregated_output.contains("END-EVENT"),
-        "expected aggregated output to contain marker"
-    );
-
-    wait_for_event(&codex, |event| matches!(event, EventMsg::TaskComplete(_))).await;
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn unified_exec_emits_output_delta_for_exec_command() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-    skip_if_sandbox!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    let mut builder = test_codex().with_config(|config| {
-        config.use_experimental_unified_exec_tool = true;
-        config.features.enable(Feature::UnifiedExec);
-    });
-    let TestCodex {
-        codex,
-        cwd,
-        session_configured,
-        ..
-    } = builder.build(&server).await?;
-
-    let call_id = "uexec-delta-1";
-    let args = json!({
-        "cmd": "printf 'HELLO-UEXEC'",
-        "yield_time_ms": 1000,
-    });
-
-    let responses = vec![
-        sse(vec![
-            ev_response_created("resp-1"),
-            ev_function_call(call_id, "exec_command", &serde_json::to_string(&args)?),
-            ev_completed("resp-1"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-2"),
-            ev_assistant_message("msg-1", "finished"),
-            ev_completed("resp-2"),
-        ]),
-    ];
-    mount_sse_sequence(&server, responses).await;
-
-    let session_model = session_configured.model.clone();
-
-    codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::Text {
-                text: "emit delta".into(),
-            }],
-            final_output_json_schema: None,
-            cwd: cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::DangerFullAccess,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    let delta = wait_for_event_match(&codex, |msg| match msg {
-        EventMsg::ExecCommandOutputDelta(ev) if ev.call_id == call_id => Some(ev.clone()),
-        _ => None,
-    })
-    .await;
-
-    let text = String::from_utf8_lossy(&delta.chunk).to_string();
-    assert!(
-        text.contains("HELLO-UEXEC"),
-        "delta chunk missing expected text: {text:?}"
-    );
-
-    wait_for_event(&codex, |event| matches!(event, EventMsg::TaskComplete(_))).await;
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn unified_exec_emits_output_delta_for_write_stdin() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-    skip_if_sandbox!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    let mut builder = test_codex().with_config(|config| {
-        config.use_experimental_unified_exec_tool = true;
-        config.features.enable(Feature::UnifiedExec);
-    });
-    let TestCodex {
-        codex,
-        cwd,
-        session_configured,
-        ..
-    } = builder.build(&server).await?;
-
-    let open_call_id = "uexec-open";
-    let open_args = json!({
-        "cmd": "/bin/bash -i",
-        "yield_time_ms": 200,
-    });
-
-    let stdin_call_id = "uexec-stdin-delta";
-    let stdin_args = json!({
-        "chars": "echo WSTDIN-MARK\\n",
-        "session_id": 0,
-        "yield_time_ms": 800,
-    });
-
-    let responses = vec![
-        sse(vec![
-            ev_response_created("resp-1"),
-            ev_function_call(
-                open_call_id,
-                "exec_command",
-                &serde_json::to_string(&open_args)?,
-            ),
-            ev_completed("resp-1"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-2"),
-            ev_function_call(
-                stdin_call_id,
-                "write_stdin",
-                &serde_json::to_string(&stdin_args)?,
-            ),
-            ev_completed("resp-2"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-3"),
-            ev_assistant_message("msg-1", "done"),
-            ev_completed("resp-3"),
-        ]),
-    ];
-    mount_sse_sequence(&server, responses).await;
-
-    let session_model = session_configured.model.clone();
-
-    codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::Text {
-                text: "stdin delta".into(),
-            }],
-            final_output_json_schema: None,
-            cwd: cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::DangerFullAccess,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    // Expect a delta event corresponding to the write_stdin call.
-    let delta = wait_for_event_match(&codex, |msg| match msg {
-        EventMsg::ExecCommandOutputDelta(ev) if ev.call_id == open_call_id => {
-            let text = String::from_utf8_lossy(&ev.chunk);
-            if text.contains("WSTDIN-MARK") {
-                Some(ev.clone())
-            } else {
-                None
-            }
-        }
-        _ => None,
-    })
-    .await;
-
-    let text = String::from_utf8_lossy(&delta.chunk).to_string();
-    assert!(
-        text.contains("WSTDIN-MARK"),
-        "stdin delta chunk missing expected text: {text:?}"
-    );
-
-    wait_for_event(&codex, |event| matches!(event, EventMsg::TaskComplete(_))).await;
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn unified_exec_skips_begin_event_for_empty_input() -> Result<()> {
     use tokio::time::Duration;
@@ -772,110 +516,6 @@ async fn write_stdin_returns_exit_metadata_and_clears_session() -> Result<()> {
     Ok(())
 }
 
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn unified_exec_emits_end_event_when_session_dies_via_stdin() -> Result<()> {
-    skip_if_no_network!(Ok(()));
-    skip_if_sandbox!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    let mut builder = test_codex().with_config(|config| {
-        config.use_experimental_unified_exec_tool = true;
-        config.features.enable(Feature::UnifiedExec);
-    });
-    let TestCodex {
-        codex,
-        cwd,
-        session_configured,
-        ..
-    } = builder.build(&server).await?;
-
-    let start_call_id = "uexec-end-on-exit-start";
-    let start_args = serde_json::json!({
-        "cmd": "/bin/cat",
-        "yield_time_ms": 200,
-    });
-
-    let echo_call_id = "uexec-end-on-exit-echo";
-    let echo_args = serde_json::json!({
-        "chars": "bye-END\n",
-        "session_id": 0,
-        "yield_time_ms": 300,
-    });
-
-    let exit_call_id = "uexec-end-on-exit";
-    let exit_args = serde_json::json!({
-        "chars": "\u{0004}",
-        "session_id": 0,
-        "yield_time_ms": 500,
-    });
-
-    let responses = vec![
-        sse(vec![
-            ev_response_created("resp-1"),
-            ev_function_call(
-                start_call_id,
-                "exec_command",
-                &serde_json::to_string(&start_args)?,
-            ),
-            ev_completed("resp-1"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-2"),
-            ev_function_call(
-                echo_call_id,
-                "write_stdin",
-                &serde_json::to_string(&echo_args)?,
-            ),
-            ev_completed("resp-2"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-3"),
-            ev_function_call(
-                exit_call_id,
-                "write_stdin",
-                &serde_json::to_string(&exit_args)?,
-            ),
-            ev_completed("resp-3"),
-        ]),
-        sse(vec![
-            ev_response_created("resp-4"),
-            ev_assistant_message("msg-1", "done"),
-            ev_completed("resp-4"),
-        ]),
-    ];
-    mount_sse_sequence(&server, responses).await;
-
-    let session_model = session_configured.model.clone();
-
-    codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::Text {
-                text: "end on exit".into(),
-            }],
-            final_output_json_schema: None,
-            cwd: cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::DangerFullAccess,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    // We expect the ExecCommandEnd event to match the initial exec_command call_id.
-    let end_event = wait_for_event_match(&codex, |msg| match msg {
-        EventMsg::ExecCommandEnd(ev) if ev.call_id == start_call_id => Some(ev.clone()),
-        _ => None,
-    })
-    .await;
-
-    assert_eq!(end_event.exit_code, 0);
-
-    wait_for_event(&codex, |event| matches!(event, EventMsg::TaskComplete(_))).await;
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn unified_exec_reuses_session_via_stdin() -> Result<()> {
     skip_if_no_network!(Ok(()));

codex-rs/core/tests/suite/view_image.rs

@@ -19,10 +19,6 @@ use core_test_support::skip_if_no_network;
 use core_test_support::test_codex::TestCodex;
 use core_test_support::test_codex::test_codex;
 use core_test_support::wait_for_event;
-use image::GenericImageView;
-use image::ImageBuffer;
-use image::Rgba;
-use image::load_from_memory;
 use serde_json::Value;
 use wiremock::matchers::any;
 
@@ -53,88 +49,6 @@ fn extract_output_text(item: &Value) -> Option<&str> {
     })
 }
 
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn user_turn_with_local_image_attaches_image() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = start_mock_server().await;
-
-    let TestCodex {
-        codex,
-        cwd,
-        session_configured,
-        ..
-    } = test_codex().build(&server).await?;
-
-    let rel_path = "user-turn/example.png";
-    let abs_path = cwd.path().join(rel_path);
-    if let Some(parent) = abs_path.parent() {
-        std::fs::create_dir_all(parent)?;
-    }
-    let image = ImageBuffer::from_pixel(4096, 1024, Rgba([20u8, 40, 60, 255]));
-    image.save(&abs_path)?;
-
-    let response = sse(vec![
-        ev_response_created("resp-1"),
-        ev_assistant_message("msg-1", "done"),
-        ev_completed("resp-1"),
-    ]);
-    let mock = responses::mount_sse_once_match(&server, any(), response).await;
-
-    let session_model = session_configured.model.clone();
-
-    codex
-        .submit(Op::UserTurn {
-            items: vec![UserInput::LocalImage {
-                path: abs_path.clone(),
-            }],
-            final_output_json_schema: None,
-            cwd: cwd.path().to_path_buf(),
-            approval_policy: AskForApproval::Never,
-            sandbox_policy: SandboxPolicy::DangerFullAccess,
-            model: session_model,
-            effort: None,
-            summary: ReasoningSummary::Auto,
-        })
-        .await?;
-
-    wait_for_event(&codex, |event| matches!(event, EventMsg::TaskComplete(_))).await;
-
-    let body = mock.single_request().body_json();
-    let image_message =
-        find_image_message(&body).expect("pending input image message not included in request");
-    let image_url = image_message
-        .get("content")
-        .and_then(Value::as_array)
-        .and_then(|content| {
-            content.iter().find_map(|span| {
-                if span.get("type").and_then(Value::as_str) == Some("input_image") {
-                    span.get("image_url").and_then(Value::as_str)
-                } else {
-                    None
-                }
-            })
-        })
-        .expect("image_url present");
-
-    let (prefix, encoded) = image_url
-        .split_once(',')
-        .expect("image url contains data prefix");
-    assert_eq!(prefix, "data:image/png;base64");
-
-    let decoded = BASE64_STANDARD
-        .decode(encoded)
-        .expect("image data decodes from base64 for request");
-    let resized = load_from_memory(&decoded).expect("load resized image");
-    let (width, height) = resized.dimensions();
-    assert!(width <= 2048);
-    assert!(height <= 768);
-    assert!(width < 4096);
-    assert!(height < 1024);
-
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn view_image_tool_attaches_local_image() -> anyhow::Result<()> {
     skip_if_no_network!(Ok(()));
@@ -153,8 +67,8 @@ async fn view_image_tool_attaches_local_image() -> anyhow::Result<()> {
     if let Some(parent) = abs_path.parent() {
         std::fs::create_dir_all(parent)?;
     }
-    let image = ImageBuffer::from_pixel(4096, 1024, Rgba([255u8, 0, 0, 255]));
-    image.save(&abs_path)?;
+    let image_bytes = b"fake_png_bytes".to_vec();
+    std::fs::write(&abs_path, &image_bytes)?;
 
     let call_id = "view-image-call";
     let arguments = serde_json::json!({ "path": rel_path }).to_string();
@@ -229,20 +143,11 @@ async fn view_image_tool_attaches_local_image() -> anyhow::Result<()> {
         })
         .expect("image_url present");
 
-    let (prefix, encoded) = image_url
-        .split_once(',')
-        .expect("image url contains data prefix");
-    assert_eq!(prefix, "data:image/png;base64");
-
-    let decoded = BASE64_STANDARD
-        .decode(encoded)
-        .expect("image data decodes from base64 for request");
-    let resized = load_from_memory(&decoded).expect("load resized image");
-    let (resized_width, resized_height) = resized.dimensions();
-    assert!(resized_width <= 2048);
-    assert!(resized_height <= 768);
-    assert!(resized_width < 4096);
-    assert!(resized_height < 1024);
+    let expected_image_url = format!(
+        "data:image/png;base64,{}",
+        BASE64_STANDARD.encode(&image_bytes)
+    );
+    assert_eq!(image_url, expected_image_url);
 
     Ok(())
 }