Skip to content

fix(desktop): surface codex config-parse failures and -32603 internal errors clearly#1745

Merged
wpfleger96 merged 2 commits into
mainfrom
duncan/codex-config-errors
Jul 11, 2026
Merged

fix(desktop): surface codex config-parse failures and -32603 internal errors clearly#1745
wpfleger96 merged 2 commits into
mainfrom
duncan/codex-config-errors

Conversation

@wpfleger96

Copy link
Copy Markdown
Collaborator

Problem

A Codex desktop upgrade overwrites the shared ~/.codex/config.toml with fields the older brew codex-acp core rejects. Buzz surfaced this two confusing ways:

  1. The readiness probe reported "run codex login" for what was really a config-PARSE error (unknown variant 'ultra').
  2. The resulting turn error was an opaque -32603 Internal error with no guidance.

Fix #1 — distinguish config-parse failure from logged-out

login_probe_succeeds returned a bare bool, so a nonzero exit from a config-parse error was indistinguishable from "not authenticated."

  • cli_probe.rs: login_probe now returns ProbeOutcome (LoggedIn | LoggedOut | ConfigInvalid). ConfigInvalid fires only when stderr contains BOTH "error loading configuration" AND "unknown variant" — the real codex parse-error format — preventing false positives.
  • readiness.rs: new CliConfigInvalid Requirement variant carries probe_args, setup_copy, and a one-line stderr diagnostic. cli_login_requirements emits it on ConfigInvalid probe outcomes.
  • runtime.rs: serializes CliConfigInvalid into the setup payload JSON.
  • setup_mode.rs (buzz-acp): mirrors CliConfigInvalid in RequirementPayload with instruction() copy naming ~/.{cli}/config.toml.
  • configNudge.ts: adds cli_config_invalid to ConfigNudgeRequirement type and type guard.
  • config-nudge-attachment.tsx: renders cli_config_invalid rows as informational only — no Doctor or Edit Agent CTA (neither can repair an external config file). All-config-invalid cards have no trigger/pointer affordance, same as auth-only cards.

AcpAvailabilityStatus remains a flat unit enum — no payload-bearing variant that would poison the runtime catalog type.

Fix #2 — actionable hint for -32603 CLI-ACP internal errors

-32603 (standard JSON-RPC "Internal error") was shown verbatim with no guidance.

  • friendlyAgentLastError.ts: maps code -32603 to a generic-severity hint. Copy uses "For Codex agents" conditional phrasing so it is truthful for all ACP runtimes without false-claiming the model is always the cause.
  • -32001/-32002 handling is unchanged (regression-guarded by existing tests).

Gates

  • cargo fmt + cargo clippy (desktop-tauri + buzz-acp): ✅
  • just desktop-tauri-test: ✅ 1274 passed, 0 failed
  • just desktop-typecheck: ✅
  • just desktop-build: ✅
  • just desktop-test: ✅ 2497 passed, 0 failed
  • just desktop-check (biome lint+format + file-size gate): ✅

@wpfleger96 wpfleger96 requested a review from a team as a code owner July 10, 2026 23:51
@wpfleger96 wpfleger96 force-pushed the duncan/codex-config-errors branch 2 times, most recently from 5e55991 to 255fdae Compare July 11, 2026 00:02
…ures

The codex login probe returned a bare bool, so a nonzero exit from a
config-parse error (e.g. unknown variant `ultra` in config.toml) was
indistinguishable from 'not authenticated'. The user was sent to run
`codex login` for a problem login cannot fix.

Changes:
- cli_probe.rs: login_probe_succeeds -> login_probe() returning a
  three-way ProbeOutcome (LoggedIn | LoggedOut | ConfigInvalid).
  ConfigInvalid fires only when stderr contains BOTH 'error loading
  configuration' AND 'unknown variant' (the real codex parse-error
  format), preventing false positives from unrelated exits.
- readiness.rs: new CliConfigInvalid Requirement variant carries the
  probe_args, setup_copy, and a one-line stderr excerpt (diagnostic).
  cli_login_requirements emits it on ConfigInvalid probe outcomes.
- runtime.rs: serializes CliConfigInvalid to the setup payload JSON.
- setup_mode.rs (buzz-acp): mirrors CliConfigInvalid in RequirementPayload
  with instruction() copy naming ~/.{cli}/config.toml.
- configNudge.ts: adds cli_config_invalid to ConfigNudgeRequirement type
  and the isConfigNudgeRequirement type guard.
- config-nudge-attachment.tsx: renders cli_config_invalid rows as
  informational only -- no Doctor or Edit Agent CTA (neither can repair
  an external config file). All-config-invalid cards are treated as
  informational-only (no trigger, no pointer affordance), same as
  auth-only cards.
- check-file-sizes.mjs: bumps readiness.rs limit by +18 lines.

AcpAvailabilityStatus is left as a flat unit enum so the runtime
catalog type and wire shape are unaffected.

Co-authored-by: Will Pfleger <pfleger.will@gmail.com>
Signed-off-by: Will Pfleger <pfleger.will@gmail.com>
@wpfleger96 wpfleger96 force-pushed the duncan/codex-config-errors branch from 255fdae to ced4fb3 Compare July 11, 2026 00:13
When a codex-acp turn fails with JSON-RPC code -32603 (standard
'Internal error'), the raw 'Internal error' string was shown with no
guidance. This typically means the configured model isn't supported by
the installed codex-acp version.

Map code -32603 to a generic-severity hint in friendlyAgentLastError.
Severity stays 'generic' (never 'denied') because -32603 can come from
any ACP harness for any reason -- we can't prove the cause.

Copy uses conditional 'For Codex agents' phrasing so it is truthful for
all ACP runtimes without false-claiming the model is always the cause.

-32001 and -32002 handling is unchanged (regression-guarded by existing
tests). New tests cover -32603 direct, -32603 embedded in the message
string, and regression against the two recognized codes.

Co-authored-by: Will Pfleger <pfleger.will@gmail.com>
Signed-off-by: Will Pfleger <pfleger.will@gmail.com>
@wpfleger96 wpfleger96 force-pushed the duncan/codex-config-errors branch from ced4fb3 to 218a604 Compare July 11, 2026 00:23
@wpfleger96 wpfleger96 merged commit ec37625 into main Jul 11, 2026
29 checks passed
@wpfleger96 wpfleger96 deleted the duncan/codex-config-errors branch July 11, 2026 01:25
wpfleger96 added a commit that referenced this pull request Jul 11, 2026
…ted adapter

The @zed-industries/codex-acp package is deprecated (0.16.0, frozen 2026-06-08);
its README redirects to @agentclientprotocol/codex-acp (1.1.2, 2026-07-09).

The 1.x adapter changed config injection: the old adapter accepted `-c key=value`
CLI args; the 1.x arg dispatch only handles `--version`, `login`, and `cli` —
all other args fall through to startAcpServer(), which reads config exclusively
from `process.env["CODEX_CONFIG"]` (a JSON blob). Our three `-c` flags were
silently dropped, breaking relay connectivity (buzz-cli MCP subprocess blocked by
the Seatbelt sandbox). `network_proxy.mode` and `network_proxy.domains` are gone
from the 1.x schema; only `sandbox_workspace_write.network_access` is needed.

Without a version gate, users with the old 0.16.x adapter still on PATH would see
it as Available, receive the new CODEX_CONFIG spawn contract, and get silently
broken relay connectivity (0.16.x reads -c args, ignores env vars). Added
AdapterOutdated: version-probe (codex-acp --version) in discover_acp_runtimes and
cli_login_requirements blocks the old adapter and surfaces the reinstall nudge.

Note: #1745's config-parse classifier keys on codex's `error loading configuration`
+ `unknown variant` stderr wording. 1.x bundles @openai/codex@0.144.0; the wording
comes from that layer. Likely unchanged, noted as a dependency, not fixed here.

Co-authored-by: Will Pfleger <pfleger.will@gmail.com>
Signed-off-by: Will Pfleger <pfleger.will@gmail.com>
wpfleger96 added a commit that referenced this pull request Jul 11, 2026
…ted adapter

The @zed-industries/codex-acp package is deprecated (0.16.0, frozen 2026-06-08);
its README redirects to @agentclientprotocol/codex-acp (1.1.2, 2026-07-09).

The 1.x adapter changed config injection: the old adapter accepted `-c key=value`
CLI args; the 1.x arg dispatch only handles `--version`, `login`, and `cli` —
all other args fall through to startAcpServer(), which reads config exclusively
from `process.env["CODEX_CONFIG"]` (a JSON blob). Our three `-c` flags were
silently dropped, breaking relay connectivity (buzz-cli MCP subprocess blocked by
the Seatbelt sandbox). `network_proxy.mode` and `network_proxy.domains` are gone
from the 1.x schema; only `sandbox_workspace_write.network_access` is needed.

Without a version gate, users with the old 0.16.x adapter still on PATH would see
it as Available, receive the new CODEX_CONFIG spawn contract, and get silently
broken relay connectivity (0.16.x reads -c args, ignores env vars). Added
AdapterOutdated: version-probe (codex-acp --version) in discover_acp_runtimes and
cli_login_requirements blocks the old adapter and surfaces the reinstall nudge.

Note: #1745's config-parse classifier keys on codex's `error loading configuration`
+ `unknown variant` stderr wording. 1.x bundles @openai/codex@0.144.0; the wording
comes from that layer. Likely unchanged, noted as a dependency, not fixed here.

Co-authored-by: Will Pfleger <pfleger.will@gmail.com>
Signed-off-by: Will Pfleger <pfleger.will@gmail.com>
wpfleger96 added a commit that referenced this pull request Jul 11, 2026
…ted adapter

The @zed-industries/codex-acp package is deprecated (0.16.0, frozen 2026-06-08);
its README redirects to @agentclientprotocol/codex-acp (1.1.2, 2026-07-09).

The 1.x adapter changed config injection: the old adapter accepted `-c key=value`
CLI args; the 1.x arg dispatch only handles `--version`, `login`, and `cli` —
all other args fall through to startAcpServer(), which reads config exclusively
from `process.env["CODEX_CONFIG"]` (a JSON blob). Our three `-c` flags were
silently dropped, breaking relay connectivity (buzz-cli MCP subprocess blocked by
the Seatbelt sandbox). `network_proxy.mode` and `network_proxy.domains` are gone
from the 1.x schema; only `sandbox_workspace_write.network_access` is needed.

Without a version gate, users with the old 0.16.x adapter still on PATH would see
it as Available, receive the new CODEX_CONFIG spawn contract, and get silently
broken relay connectivity (0.16.x reads -c args, ignores env vars). Added
AdapterOutdated: version-probe (codex-acp --version) in discover_acp_runtimes and
cli_login_requirements blocks the old adapter and surfaces the reinstall nudge.

Note: #1745's config-parse classifier keys on codex's `error loading configuration`
+ `unknown variant` stderr wording. 1.x bundles @openai/codex@0.144.0; the wording
comes from that layer. Likely unchanged, noted as a dependency, not fixed here.

Co-authored-by: Will Pfleger <pfleger.will@gmail.com>
Signed-off-by: Will Pfleger <pfleger.will@gmail.com>
wpfleger96 added a commit that referenced this pull request Jul 11, 2026
…ted adapter

The @zed-industries/codex-acp package is deprecated (0.16.0, frozen 2026-06-08);
its README redirects to @agentclientprotocol/codex-acp (1.1.2, 2026-07-09).

The 1.x adapter changed config injection: the old adapter accepted `-c key=value`
CLI args; the 1.x arg dispatch only handles `--version`, `login`, and `cli` —
all other args fall through to startAcpServer(), which reads config exclusively
from `process.env["CODEX_CONFIG"]` (a JSON blob). Our three `-c` flags were
silently dropped, breaking relay connectivity (buzz-cli MCP subprocess blocked by
the Seatbelt sandbox). `network_proxy.mode` and `network_proxy.domains` are gone
from the 1.x schema; only `sandbox_workspace_write.network_access` is needed.

Without a version gate, users with the old 0.16.x adapter still on PATH would see
it as Available, receive the new CODEX_CONFIG spawn contract, and get silently
broken relay connectivity (0.16.x reads -c args, ignores env vars). Added
AdapterOutdated: version-probe (codex-acp --version) in discover_acp_runtimes and
cli_login_requirements blocks the old adapter and surfaces the reinstall nudge.

Note: #1745's config-parse classifier keys on codex's `error loading configuration`
+ `unknown variant` stderr wording. 1.x bundles @openai/codex@0.144.0; the wording
comes from that layer. Likely unchanged, noted as a dependency, not fixed here.

Co-authored-by: Will Pfleger <pfleger.will@gmail.com>
Signed-off-by: Will Pfleger <pfleger.will@gmail.com>
tlongwell-block pushed a commit that referenced this pull request Jul 11, 2026
Co-authored-by: Tyler Longwell <tlongwell@block.xyz>

Signed-off-by: Tyler Longwell <tlongwell@block.xyz>

* origin/main:
  fix(desktop): preserve archived observer history (#1752)
  fix(dev): install Lefthook hooks into shared .git/hooks dir (#1751)
  fix(desktop): surface codex config-parse failures and -32603 internal errors clearly (#1745)
  fix(desktop): fix workspace rail badge disappearance and persist mark-as-unread (#1747)
  chore(desktop): remove container-only npm-preflight E2E harness (#1749)
  fix(desktop): preflight npm prefix writability in doctor installs (#1732)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Dependency Dashboard

1 participant