mirror of https://github.com/openai/codex.git synced 2026-02-01 22:47:52 +00:00

Files

Skylar Graika 9008a0eff9 core: prevent shell_snapshot from inheriting stdin (#9735 )

Fixes #9559.

When `shell_snapshot` runs, it may execute user startup files (e.g.
`.bashrc`). If those files read from stdin (or if stdin is an
interactive TTY under job control), the snapshot subprocess can block or
receive `SIGTTIN` (as reported over SSH).

This change explicitly sets `stdin` to `Stdio::null()` for the snapshot
subprocess, so it can't read from the terminal.

Regression test added that would hang/timeout without this change.
Tests: `ulimit -n 4096 && cargo test -p codex-core`.

cc @dongdongbh @etraut-openai

---------

Co-authored-by: Skylar Graika <sgraika127@gmail.com>

2026-01-30 13:47:10 -08:00

src

core: prevent shell_snapshot from inheriting stdin (#9735 )

2026-01-30 13:47:10 -08:00

templates

plan prompt (#10255 )

2026-01-30 12:22:37 -08:00

tests

chore: rename ChatGpt -> Chatgpt in type names (#10244 )

2026-01-30 11:18:39 -08:00

BUILD.bazel

merge remote models (#9547 )

2026-01-20 14:02:07 -08:00

Cargo.toml

feat: sqlite 1 (#10004 )

2026-01-28 15:29:14 +01:00

config.schema.json

feat(app-server): support external auth mode (#10012 )

2026-01-29 23:46:04 +00:00

gpt_5_1_prompt.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

gpt_5_2_prompt.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

gpt_5_codex_prompt.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

gpt-5.1-codex-max_prompt.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

gpt-5.2-codex_prompt.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

hierarchical_agents_message.md

Add hierarchical agent prompt (#8996 )

2026-01-09 13:47:37 -08:00

models.json

Update models.json (#9726 )

2026-01-23 00:44:47 +00:00

prompt_with_apply_patch_instructions.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

prompt.md

Assemble sandbox/approval/network prompts dynamically (#8961 )

2026-01-12 23:12:59 +00:00

README.md

feat: add support for read-only bind mounts in the linux sandbox (#9112 )

2026-01-14 08:30:46 -08:00

review_prompt.md

docs: Fix markdown list item spacing in codex-rs/core/review_prompt.md (#4144 )

2025-10-30 17:39:21 -07:00

README.md

codex-core

This crate implements the business logic for Codex. It is designed to be used by the various Codex UIs written in Rust.

Dependencies

Note that codex-core makes some assumptions about certain helper utilities being available in the environment. Currently, this support matrix is:

macOS

Expects /usr/bin/sandbox-exec to be present.

When using the workspace-write sandbox policy, the Seatbelt profile allows writes under the configured writable roots while keeping .git (directory or pointer file), the resolved gitdir: target, and .codex read-only.

Linux

Expects the binary containing codex-core to run the equivalent of codex sandbox linux (legacy alias: codex debug landlock) when arg0 is codex-linux-sandbox. See the codex-arg0 crate for details.

All Platforms

Expects the binary containing codex-core to simulate the virtual apply_patch CLI when arg1 is --codex-run-as-apply-patch. See the codex-arg0 crate for details.