diff --git a/.bazelrc b/.bazelrc index e39a3aff228..c58667b46e7 100644 --- a/.bazelrc +++ b/.bazelrc @@ -105,9 +105,9 @@ common:ci --disk_cache= # Shared config for the main Bazel CI workflow. common:ci-bazel --config=ci common:ci-bazel --build_metadata=TAG_workflow=bazel -# Bazel CI cross-compiles in several legs, and the V8-backed code-mode tests -# are not stable in that setup yet. Keep running the rest of the Rust -# integration suites through the workspace-root launcher. +# Keep code-mode integration cases out of ordinary Bazel legs. The +# Windows-cross config below re-enables them after generating its Windows V8 +# snapshot on the Windows runner. common:ci-bazel --test_env=CODEX_BAZEL_TEST_SKIP_FILTERS=suite::code_mode:: # Shared config for Bazel-backed Rust linting. @@ -186,12 +186,16 @@ common:ci-windows-cross --config=ci-windows common:ci-windows-cross --build_metadata=TAG_windows_cross_compile=true common:ci-windows-cross --host_platform=//:rbe common:ci-windows-cross --strategy=TestRunner=local +# V8 embeds IsolateData offsets in snapshot builtins; Windows snapshots must be +# generated by a Windows mksnapshot binary rather than the Linux RBE host tool. +common:ci-windows-cross --strategy=V8Mksnapshot=local common:ci-windows-cross --local_test_jobs=4 common:ci-windows-cross --test_env=RUST_TEST_THREADS=1 # Native Windows CI still covers the PowerShell tests. The cross-built gnullvm # binaries currently hang in PowerShell AST parser tests when those binaries are -# run on the Windows runner. -common:ci-windows-cross --test_env=CODEX_BAZEL_TEST_SKIP_FILTERS=suite::code_mode::,powershell +# run on the Windows runner. Keep V8-backed code-mode tests enabled except for +# the hidden dynamic-tool callback test, which currently times out on Windows. +common:ci-windows-cross --test_env=CODEX_BAZEL_TEST_SKIP_FILTERS=powershell,suite::code_mode::code_mode_can_call_hidden_dynamic_tools common:ci-windows-cross --platforms=//:windows_x86_64_gnullvm common:ci-windows-cross --extra_execution_platforms=//:rbe,//:windows_x86_64_msvc common:ci-windows-cross --extra_toolchains=//:windows_gnullvm_tests_on_msvc_host_toolchain @@ -210,6 +214,8 @@ common --@v8//:v8_enable_sandbox=True # artifact migration ships matching Rust feature selection for Cargo consumers. common:v8-release-compat --@v8//:v8_enable_pointer_compression=False common:v8-release-compat --@v8//:v8_enable_sandbox=False +common:v8-target-x64 --@v8//bazel/config:v8_target_cpu=x64 +common:v8-target-arm64 --@v8//bazel/config:v8_target_cpu=arm64 # Match rusty_v8's upstream GN release contract for published artifacts: every # target object uses Chromium's custom libc++ headers and the archive folds in diff --git a/.codex/skills/babysit-pr/SKILL.md b/.codex/skills/babysit-pr/SKILL.md index 1b95144297c..36c6bd093a1 100644 --- a/.codex/skills/babysit-pr/SKILL.md +++ b/.codex/skills/babysit-pr/SKILL.md @@ -28,8 +28,8 @@ Accept any of the following: 3. Inspect the `actions` list in the JSON response. 4. If `diagnose_ci_failure` is present, inspect failed run logs and classify the failure. 5. If the failure is likely caused by the current branch, patch code locally, commit, and push. Do not patch random flaky tests, CI infrastructure, dependency outages, runner issues, or other failures that are unrelated to the branch. -6. If `process_review_comment` is present, inspect surfaced review items and decide whether to address them. -7. If a review item is actionable and correct, patch code locally, commit, push, and then mark the associated review thread/comment as resolved once the fix is on GitHub. +6. If `process_review_comment` is present, inspect surfaced published review items and decide whether to address them. +7. If a review item is actionable and correct, patch code locally, commit, push, and then resolve the associated review thread only when allowed by the GitHub state mutation policy below. 8. Do not post replies to human-authored review comments/threads unless the user explicitly confirms the exact response. If a human review item is non-actionable, already addressed, or not valid, surface the item and recommended response to the user instead of replying on GitHub. 9. If the failure is likely flaky/unrelated and `retry_failed_checks` is present, rerun failed jobs with `--retry-failed-now`. 10. If both actionable review feedback and `retry_failed_checks` are present, prioritize review feedback first; a new commit will retrigger CI, so avoid rerunning flaky checks on the old SHA unless you intentionally defer the review change. @@ -92,16 +92,20 @@ The watcher surfaces review items from: - Inline review comments - Review submissions (COMMENT / APPROVED / CHANGES_REQUESTED) +Only act on published feedback. Ignore review submissions in GitHub's `PENDING` state and inline +comments attached to those pending reviews. Do not mark pending review feedback as seen; it should +be eligible to surface after the reviewer submits the review. + It intentionally surfaces Codex reviewer bot feedback (for example comments/reviews from `chatgpt-codex-connector[bot]`) in addition to human reviewer feedback. Most unrelated bot noise should still be ignored. For safety, the watcher only auto-surfaces trusted human review authors (for example repo OWNER/MEMBER/COLLABORATOR, plus the authenticated operator) and approved review bots such as Codex. -On a fresh watcher state file, existing pending review feedback may be surfaced immediately (not only comments that arrive after monitoring starts). This is intentional so already-open review comments are not missed. +On a fresh watcher state file, existing unaddressed published review feedback may be surfaced immediately (not only comments that arrive after monitoring starts). This is intentional so already-open review comments are not missed. When you agree with a comment and it is actionable: 1. Patch code locally. 2. Commit with `codex: address PR review feedback (#)`. 3. Push to the PR head branch. -4. After the push succeeds, mark the associated GitHub review thread/comment as resolved. +4. After the push succeeds, resolve the associated GitHub review thread only when allowed by the GitHub state mutation policy below. 5. Resume watching on the new SHA immediately (do not stop after reporting the push). 6. If monitoring was running in `--watch` mode, restart `--watch` immediately after the push in the same turn; do not wait for the user to ask again. @@ -109,6 +113,31 @@ Do not post replies to human-authored GitHub review comments/threads automatical If the watcher later surfaces your own approved reply because the authenticated operator is treated as a trusted review author, treat that self-authored item as already handled and do not reply again. If a code review comment/thread is already marked as resolved in GitHub, treat it as non-actionable and safely ignore it unless new unresolved follow-up feedback appears. +## GitHub State Mutation Policy + +You can read any PR state you need for monitoring. Writes must comply with this policy. + +You can push PRs to update the code under review or to force CI re-runs as described above. + +You can resolve review comment threads from the human who requested babysitting or from the Codex +review bot. When resolving, leave a comment prefixed with `[from Codex]: ` and explain what changes +you made and which commit includes them. Don't touch review threads if other humans other than the +user who requested babysitting have participated. + +Before making any changes, fetch the PR state yourself instead of relying on the PR watcher script's +output. + +Unless explicitly asked, do not: + +* comment on other humans' review threads, communicate with the user in chat instead +* resolve review threads from humans other than the user +* interact with humans other than the user +* mark PRs as drafts or ready for review +* close or reopen PRs + +In general, never act on GitHub in ways that would make it hard to tell whether you or the user did +something visible to other humans. When in doubt, ask the user for clarification in chat. + ## Git Safety Rules - Work only on the PR head branch. @@ -133,10 +162,10 @@ Use this loop in a live Codex session: 3. First check whether the PR is now merged or otherwise closed; if so, report that terminal state and stop polling immediately. 4. Check CI summary, new review items, and mergeability/conflict status. 5. Diagnose CI failures and classify branch-related vs flaky/unrelated. If the overall run is still pending but `failed_jobs` already includes a failed job, fetch that job's logs and diagnose immediately instead of waiting for the whole workflow run to finish. Patch only when the failure is branch-related. -6. For each surfaced review item from another author, patch/commit/push and then resolve it if it is actionable. If it is non-actionable, already addressed, or requires a written answer, surface it to the user with a suggested response instead of posting automatically. If a later snapshot surfaces your own approved reply, treat it as informational and continue without responding again. +6. For each surfaced review item from another author, patch/commit/push if it is actionable, then resolve it only when allowed by the GitHub state mutation policy above. If it is non-actionable, already addressed, or requires a written answer, surface it to the user with a suggested response instead of posting automatically. If a later snapshot surfaces your own approved reply, treat it as informational and continue without responding again. 7. Process actionable review comments before flaky reruns when both are present; if a review fix requires a commit, push it and skip rerunning failed checks on the old SHA. 8. Retry failed checks only when `retry_failed_checks` is present and you are not about to replace the current SHA with a review/CI fix commit. Do not make code changes for unrelated flakes or infrastructure failures just to get CI green. -9. If you pushed a commit, resolved a review thread, or triggered a rerun, report the action briefly and continue polling (do not stop). If a human review comment needs a written GitHub response, stop and ask for confirmation before posting. +9. If you pushed a commit, resolved an eligible review thread, or triggered a rerun, report the action briefly and continue polling (do not stop). If a human review comment needs a written GitHub response, stop and ask for confirmation before posting. 10. After a review-fix push, proactively restart continuous monitoring (`--watch`) in the same turn unless a strict stop condition has already been reached. 11. If everything is passing, mergeable, not blocked on required review approval, and there are no unaddressed review items, report that the PR is currently ready to merge but keep the watcher running so new review comments are surfaced quickly while the PR remains open. 12. If blocked on a user-help-required issue (infra outage, exhausted flaky retries, unclear reviewer request, permissions), report the blocker and stop. diff --git a/.codex/skills/babysit-pr/agents/openai.yaml b/.codex/skills/babysit-pr/agents/openai.yaml index c6946cf8c0e..e07637b903c 100644 --- a/.codex/skills/babysit-pr/agents/openai.yaml +++ b/.codex/skills/babysit-pr/agents/openai.yaml @@ -1,4 +1,4 @@ interface: display_name: "PR Babysitter" short_description: "Watch PR review comments, CI, and merge conflicts" - default_prompt: "Babysit the current PR: monitor reviewer comments, CI, and merge-conflict status (prefer the watcher’s --watch mode for live monitoring); surface new review feedback before acting on CI or mergeability work, fix valid issues, push updates, and rerun flaky failures up to 3 times. Do not post replies to human-authored review comments unless the user explicitly confirms the exact response. Do not patch unrelated flaky tests, CI infrastructure, dependency outages, runner issues, or other failures that are not caused by the branch. Keep exactly one watcher session active for the PR (do not leave duplicate --watch terminals running). If you pause monitoring to patch review/CI feedback, restart --watch yourself immediately after the push in the same turn. If a watcher is still running and no strict stop condition has been reached, the task is still in progress: keep consuming watcher output and sending progress updates instead of ending the turn. Do not treat a green + mergeable PR as a terminal stop while it is still open; continue polling autonomously after any push/rerun so newly posted review comments are surfaced until a strict terminal stop condition is reached or the user interrupts." + default_prompt: "Babysit the current PR: monitor published reviewer comments, CI, and merge-conflict status (prefer the watcher’s --watch mode for live monitoring); ignore unpublished comments in pending GitHub reviews; surface new published review feedback before acting on CI or mergeability work, fix valid issues, push updates, and rerun flaky failures up to 3 times. Do not post replies to human-authored review comments unless the user explicitly confirms the exact response. Do not patch unrelated flaky tests, CI infrastructure, dependency outages, runner issues, or other failures that are not caused by the branch. Keep exactly one watcher session active for the PR (do not leave duplicate --watch terminals running). If you pause monitoring to patch review/CI feedback, restart --watch yourself immediately after the push in the same turn. If a watcher is still running and no strict stop condition has been reached, the task is still in progress: keep consuming watcher output and sending progress updates instead of ending the turn. Do not treat a green + mergeable PR as a terminal stop while it is still open; continue polling autonomously after any push/rerun so newly posted review comments are surfaced until a strict terminal stop condition is reached or the user interrupts." diff --git a/.codex/skills/babysit-pr/references/github-api-notes.md b/.codex/skills/babysit-pr/references/github-api-notes.md index 8c0a7c8a540..645e7453c1c 100644 --- a/.codex/skills/babysit-pr/references/github-api-notes.md +++ b/.codex/skills/babysit-pr/references/github-api-notes.md @@ -44,6 +44,9 @@ Reruns only failed jobs (and dependencies) for a workflow run. - Review submissions: - `gh api repos/{owner}/{repo}/pulls//reviews?per_page=100` +Use each inline comment's `pull_request_review_id` to find its parent review. Ignore parent reviews +whose `state` is `PENDING`, along with their inline comments, until the review is submitted. + ## JSON fields consumed by the watcher ### `gh pr view` diff --git a/.codex/skills/babysit-pr/scripts/gh_pr_watch.py b/.codex/skills/babysit-pr/scripts/gh_pr_watch.py index face4e6981a..f6398373b71 100755 --- a/.codex/skills/babysit-pr/scripts/gh_pr_watch.py +++ b/.codex/skills/babysit-pr/scripts/gh_pr_watch.py @@ -452,11 +452,14 @@ def normalize_issue_comments(items): return out -def normalize_review_comments(items): +def normalize_review_comments(items, review_states): out = [] for item in items: if not isinstance(item, dict): continue + review_id = str(item.get("pull_request_review_id") or "") + if review_states.get(review_id) == "PENDING": + continue line = item.get("line") if line is None: line = item.get("original_line") @@ -481,6 +484,8 @@ def normalize_reviews(items): for item in items: if not isinstance(item, dict): continue + if str(item.get("state") or "").upper() == "PENDING": + continue out.append( { "kind": "review", @@ -534,16 +539,33 @@ def fetch_new_review_items(pr, state, fresh_state, authenticated_login=None): review_payload = gh_api_list_paginated(endpoints["review"], repo=repo) issue_items = normalize_issue_comments(issue_payload) - review_comment_items = normalize_review_comments(review_comment_payload) + review_states = { + str(item.get("id")): str(item.get("state") or "").upper() + for item in review_payload + if isinstance(item, dict) and item.get("id") not in (None, "") + } + pending_review_ids = { + review_id for review_id, review_state in review_states.items() if review_state == "PENDING" + } + pending_review_comment_ids = { + str(item.get("id")) + for item in review_comment_payload + if isinstance(item, dict) + and item.get("id") not in (None, "") + and str(item.get("pull_request_review_id") or "") in pending_review_ids + } + review_comment_items = normalize_review_comments(review_comment_payload, review_states) review_items = normalize_reviews(review_payload) all_items = issue_items + review_comment_items + review_items seen_issue = {str(x) for x in state.get("seen_issue_comment_ids") or []} seen_review_comment = {str(x) for x in state.get("seen_review_comment_ids") or []} seen_review = {str(x) for x in state.get("seen_review_ids") or []} + seen_review_comment.difference_update(pending_review_comment_ids) + seen_review.difference_update(pending_review_ids) # On a brand-new state file, surface existing review activity instead of - # silently treating it as seen. This avoids missing already-pending review + # silently treating it as seen. This avoids missing already-published review # feedback when monitoring starts after comments were posted. new_items = [] diff --git a/.codex/skills/babysit-pr/scripts/test_gh_pr_watch.py b/.codex/skills/babysit-pr/scripts/test_gh_pr_watch.py index b636ee4c557..76293b56f82 100644 --- a/.codex/skills/babysit-pr/scripts/test_gh_pr_watch.py +++ b/.codex/skills/babysit-pr/scripts/test_gh_pr_watch.py @@ -118,6 +118,74 @@ def test_recommend_actions_prioritizes_review_comments(): ] +def test_pending_review_feedback_surfaces_only_after_publication(monkeypatch): + state = { + "seen_review_comment_ids": ["20"], + "seen_review_ids": ["10"], + } + review = { + "id": 10, + "user": {"login": "octocat"}, + "author_association": "MEMBER", + "state": "PENDING", + "body": "Please rename this.", + "created_at": "2026-06-08T10:00:00Z", + "submitted_at": None, + "html_url": "https://github.com/openai/codex/pull/123#pullrequestreview-10", + } + review_comment = { + "id": 20, + "pull_request_review_id": 10, + "user": {"login": "octocat"}, + "author_association": "MEMBER", + "body": "Please rename this.", + "created_at": "2026-06-08T10:00:00Z", + "path": "src/example.rs", + "line": 7, + "html_url": "https://github.com/openai/codex/pull/123#discussion_r20", + } + + def fake_list(endpoint, **kwargs): + if endpoint.endswith("/issues/123/comments"): + return [] + if endpoint.endswith("/pulls/123/comments"): + return [review_comment] + if endpoint.endswith("/pulls/123/reviews"): + return [review] + raise AssertionError(f"unexpected endpoint: {endpoint}") + + monkeypatch.setattr(gh_pr_watch, "gh_api_list_paginated", fake_list) + + assert ( + gh_pr_watch.fetch_new_review_items( + sample_pr(), + state, + fresh_state=True, + authenticated_login="octocat", + ) + == [] + ) + assert state["seen_review_comment_ids"] == [] + assert state["seen_review_ids"] == [] + + review["state"] = "COMMENTED" + review["submitted_at"] = "2026-06-08T10:05:00Z" + + published_items = gh_pr_watch.fetch_new_review_items( + sample_pr(), + state, + fresh_state=False, + authenticated_login="octocat", + ) + + assert {(item["kind"], item["id"]) for item in published_items} == { + ("review", "10"), + ("review_comment", "20"), + } + assert state["seen_review_comment_ids"] == ["20"] + assert state["seen_review_ids"] == ["10"] + + def test_run_watch_keeps_polling_open_ready_to_merge_pr(monkeypatch): sleeps = [] events = [] diff --git a/.codex/skills/pushing-ci-changes/SKILL.md b/.codex/skills/pushing-ci-changes/SKILL.md new file mode 100644 index 00000000000..cb91bdd981d --- /dev/null +++ b/.codex/skills/pushing-ci-changes/SKILL.md @@ -0,0 +1,17 @@ +--- +name: pushing-ci-changes +description: Pushing GitHub Actions changes, resolving push rejection, requesting upload exceptions. +--- + +The Codex repository prevents anyone from uploading changes to its CI configuration unless they've +been granted a temporary role. + +In order to push changes to `.github/**/*.yml` and related files you'll need the user to read +go/workflow-approvals and request an approval through that flow. It is not possible for you to +make progress by requesting an exemption yourself. + +If you know you're about to push changes that would fail due to these restrictions you should still +try to push anyways to confirm the user's account doesn't already have the necessary approval. + +If you encounter a failed push due to these restrictions, share the go/workflow-approvals link with +the user and ask them to return control to you once the approval has propagated to GitHub. diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d29c06e6f05..322aad46f45 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,12 +1,6 @@ # Core crate ownership. /codex-rs/core/ @openai/codex-core-agent-team /codex-rs/ext/extension-api/ @openai/codex-core-agent-team -/codex-rs/prompts/ @openai/codex-core-agent-team - -# Keep macOS AKV signing changes reviewed by Codex maintainers. -/.github/actions/setup-akv-pkcs11-codesigning/ @openai/codex-core-agent-team -/.github/scripts/macos-signing/ @openai/codex-core-agent-team -/.github/workflows/rust-release.yml @openai/codex-core-agent-team # Keep ownership changes reviewed by the same team. /.github/CODEOWNERS @openai/codex-core-agent-team diff --git a/.github/actions/macos-code-sign/action.yml b/.github/actions/macos-code-sign/action.yml new file mode 100644 index 00000000000..0e19fa11d0a --- /dev/null +++ b/.github/actions/macos-code-sign/action.yml @@ -0,0 +1,259 @@ +name: macos-code-sign +description: Configure, sign, notarize, and clean up macOS code signing artifacts. +inputs: + target: + description: Rust compilation target triple (e.g. aarch64-apple-darwin). + required: true + binaries: + description: Space-delimited binary basenames to sign and notarize. + default: "codex codex-responses-api-proxy" + sign-binaries: + description: Whether to sign and notarize the macOS binaries. + required: false + default: "true" + sign-dmg: + description: Whether to sign and notarize the macOS dmg. + required: false + default: "true" + apple-certificate: + description: Base64-encoded Apple signing certificate (P12). + required: true + apple-certificate-password: + description: Password for the signing certificate. + required: true + apple-notarization-key-p8: + description: Base64-encoded Apple notarization key (P8). + required: true + apple-notarization-key-id: + description: Apple notarization key ID. + required: true + apple-notarization-issuer-id: + description: Apple notarization issuer ID. + required: true +runs: + using: composite + steps: + - name: Configure Apple code signing + shell: bash + env: + KEYCHAIN_PASSWORD: actions + APPLE_CERTIFICATE: ${{ inputs.apple-certificate }} + APPLE_CERTIFICATE_PASSWORD: ${{ inputs.apple-certificate-password }} + run: | + set -euo pipefail + + if [[ -z "${APPLE_CERTIFICATE:-}" ]]; then + echo "APPLE_CERTIFICATE is required for macOS signing" + exit 1 + fi + + if [[ -z "${APPLE_CERTIFICATE_PASSWORD:-}" ]]; then + echo "APPLE_CERTIFICATE_PASSWORD is required for macOS signing" + exit 1 + fi + + cert_path="${RUNNER_TEMP}/apple_signing_certificate.p12" + echo "$APPLE_CERTIFICATE" | base64 -d > "$cert_path" + + keychain_path="${RUNNER_TEMP}/codex-signing.keychain-db" + security create-keychain -p "$KEYCHAIN_PASSWORD" "$keychain_path" + security set-keychain-settings -lut 21600 "$keychain_path" + security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$keychain_path" + + keychain_args=() + cleanup_keychain() { + if ((${#keychain_args[@]} > 0)); then + security list-keychains -s "${keychain_args[@]}" || true + security default-keychain -s "${keychain_args[0]}" || true + else + security list-keychains -s || true + fi + if [[ -f "$keychain_path" ]]; then + security delete-keychain "$keychain_path" || true + fi + } + + while IFS= read -r keychain; do + [[ -n "$keychain" ]] && keychain_args+=("$keychain") + done < <(security list-keychains | sed 's/^[[:space:]]*//;s/[[:space:]]*$//;s/"//g') + + if ((${#keychain_args[@]} > 0)); then + security list-keychains -s "$keychain_path" "${keychain_args[@]}" + else + security list-keychains -s "$keychain_path" + fi + + security default-keychain -s "$keychain_path" + security import "$cert_path" -k "$keychain_path" -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign -T /usr/bin/security + security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PASSWORD" "$keychain_path" > /dev/null + + codesign_hashes=() + while IFS= read -r hash; do + [[ -n "$hash" ]] && codesign_hashes+=("$hash") + done < <(security find-identity -v -p codesigning "$keychain_path" \ + | sed -n 's/.*\([0-9A-F]\{40\}\).*/\1/p' \ + | sort -u) + + if ((${#codesign_hashes[@]} == 0)); then + echo "No signing identities found in $keychain_path" + cleanup_keychain + rm -f "$cert_path" + exit 1 + fi + + if ((${#codesign_hashes[@]} > 1)); then + echo "Multiple signing identities found in $keychain_path:" + printf ' %s\n' "${codesign_hashes[@]}" + cleanup_keychain + rm -f "$cert_path" + exit 1 + fi + + APPLE_CODESIGN_IDENTITY="${codesign_hashes[0]}" + + rm -f "$cert_path" + + echo "APPLE_CODESIGN_IDENTITY=$APPLE_CODESIGN_IDENTITY" >> "$GITHUB_ENV" + echo "APPLE_CODESIGN_KEYCHAIN=$keychain_path" >> "$GITHUB_ENV" + echo "::add-mask::$APPLE_CODESIGN_IDENTITY" + + - name: Sign macOS binaries + if: ${{ inputs.sign-binaries == 'true' }} + shell: bash + env: + TARGET: ${{ inputs.target }} + BINARIES: ${{ inputs.binaries }} + run: | + set -euo pipefail + + if [[ -z "${APPLE_CODESIGN_IDENTITY:-}" ]]; then + echo "APPLE_CODESIGN_IDENTITY is required for macOS signing" + exit 1 + fi + + keychain_args=() + if [[ -n "${APPLE_CODESIGN_KEYCHAIN:-}" && -f "${APPLE_CODESIGN_KEYCHAIN}" ]]; then + keychain_args+=(--keychain "${APPLE_CODESIGN_KEYCHAIN}") + fi + + entitlements_path="$GITHUB_ACTION_PATH/codex.entitlements.plist" + + for binary in ${BINARIES}; do + path="codex-rs/target/${TARGET}/release/${binary}" + codesign --force --options runtime --timestamp --entitlements "$entitlements_path" --sign "$APPLE_CODESIGN_IDENTITY" "${keychain_args[@]}" "$path" + done + + - name: Notarize macOS binaries + if: ${{ inputs.sign-binaries == 'true' }} + shell: bash + env: + TARGET: ${{ inputs.target }} + BINARIES: ${{ inputs.binaries }} + APPLE_NOTARIZATION_KEY_P8: ${{ inputs.apple-notarization-key-p8 }} + APPLE_NOTARIZATION_KEY_ID: ${{ inputs.apple-notarization-key-id }} + APPLE_NOTARIZATION_ISSUER_ID: ${{ inputs.apple-notarization-issuer-id }} + run: | + set -euo pipefail + + for var in APPLE_NOTARIZATION_KEY_P8 APPLE_NOTARIZATION_KEY_ID APPLE_NOTARIZATION_ISSUER_ID; do + if [[ -z "${!var:-}" ]]; then + echo "$var is required for notarization" + exit 1 + fi + done + + notary_key_path="${RUNNER_TEMP}/notarytool.key.p8" + echo "$APPLE_NOTARIZATION_KEY_P8" | base64 -d > "$notary_key_path" + cleanup_notary() { + rm -f "$notary_key_path" + } + trap cleanup_notary EXIT + + source "$GITHUB_ACTION_PATH/notary_helpers.sh" + + notarize_binary() { + local binary="$1" + local source_path="codex-rs/target/${TARGET}/release/${binary}" + local archive_path="${RUNNER_TEMP}/${binary}.zip" + + if [[ ! -f "$source_path" ]]; then + echo "Binary $source_path not found" + exit 1 + fi + + rm -f "$archive_path" + ditto -c -k --keepParent "$source_path" "$archive_path" + + notarize_submission "$binary" "$archive_path" "$notary_key_path" + } + + for binary in ${BINARIES}; do + notarize_binary "${binary}" + done + + - name: Sign and notarize macOS dmg + if: ${{ inputs.sign-dmg == 'true' }} + shell: bash + env: + TARGET: ${{ inputs.target }} + APPLE_NOTARIZATION_KEY_P8: ${{ inputs.apple-notarization-key-p8 }} + APPLE_NOTARIZATION_KEY_ID: ${{ inputs.apple-notarization-key-id }} + APPLE_NOTARIZATION_ISSUER_ID: ${{ inputs.apple-notarization-issuer-id }} + run: | + set -euo pipefail + + for var in APPLE_CODESIGN_IDENTITY APPLE_NOTARIZATION_KEY_P8 APPLE_NOTARIZATION_KEY_ID APPLE_NOTARIZATION_ISSUER_ID; do + if [[ -z "${!var:-}" ]]; then + echo "$var is required" + exit 1 + fi + done + + notary_key_path="${RUNNER_TEMP}/notarytool.key.p8" + echo "$APPLE_NOTARIZATION_KEY_P8" | base64 -d > "$notary_key_path" + cleanup_notary() { + rm -f "$notary_key_path" + } + trap cleanup_notary EXIT + + source "$GITHUB_ACTION_PATH/notary_helpers.sh" + + dmg_name="codex-${TARGET}.dmg" + dmg_path="codex-rs/target/${TARGET}/release/${dmg_name}" + + if [[ ! -f "$dmg_path" ]]; then + echo "dmg $dmg_path not found" + exit 1 + fi + + keychain_args=() + if [[ -n "${APPLE_CODESIGN_KEYCHAIN:-}" && -f "${APPLE_CODESIGN_KEYCHAIN}" ]]; then + keychain_args+=(--keychain "${APPLE_CODESIGN_KEYCHAIN}") + fi + + codesign --force --timestamp --sign "$APPLE_CODESIGN_IDENTITY" "${keychain_args[@]}" "$dmg_path" + notarize_submission "$dmg_name" "$dmg_path" "$notary_key_path" + xcrun stapler staple "$dmg_path" + + - name: Remove signing keychain + if: ${{ always() }} + shell: bash + env: + APPLE_CODESIGN_KEYCHAIN: ${{ env.APPLE_CODESIGN_KEYCHAIN }} + run: | + set -euo pipefail + if [[ -n "${APPLE_CODESIGN_KEYCHAIN:-}" ]]; then + keychain_args=() + while IFS= read -r keychain; do + [[ "$keychain" == "$APPLE_CODESIGN_KEYCHAIN" ]] && continue + [[ -n "$keychain" ]] && keychain_args+=("$keychain") + done < <(security list-keychains | sed 's/^[[:space:]]*//;s/[[:space:]]*$//;s/"//g') + if ((${#keychain_args[@]} > 0)); then + security list-keychains -s "${keychain_args[@]}" + security default-keychain -s "${keychain_args[0]}" + fi + + if [[ -f "$APPLE_CODESIGN_KEYCHAIN" ]]; then + security delete-keychain "$APPLE_CODESIGN_KEYCHAIN" + fi + fi diff --git a/.github/scripts/macos-signing/codex.entitlements.plist b/.github/actions/macos-code-sign/codex.entitlements.plist similarity index 100% rename from .github/scripts/macos-signing/codex.entitlements.plist rename to .github/actions/macos-code-sign/codex.entitlements.plist diff --git a/.github/actions/macos-code-sign/notary_helpers.sh b/.github/actions/macos-code-sign/notary_helpers.sh new file mode 100644 index 00000000000..ad9757fe3cb --- /dev/null +++ b/.github/actions/macos-code-sign/notary_helpers.sh @@ -0,0 +1,46 @@ +#!/usr/bin/env bash + +notarize_submission() { + local label="$1" + local path="$2" + local notary_key_path="$3" + + if [[ -z "${APPLE_NOTARIZATION_KEY_ID:-}" || -z "${APPLE_NOTARIZATION_ISSUER_ID:-}" ]]; then + echo "APPLE_NOTARIZATION_KEY_ID and APPLE_NOTARIZATION_ISSUER_ID are required for notarization" + exit 1 + fi + + if [[ -z "$notary_key_path" || ! -f "$notary_key_path" ]]; then + echo "Notary key file $notary_key_path not found" + exit 1 + fi + + if [[ ! -f "$path" ]]; then + echo "Notarization payload $path not found" + exit 1 + fi + + local submission_json + submission_json=$(xcrun notarytool submit "$path" \ + --key "$notary_key_path" \ + --key-id "$APPLE_NOTARIZATION_KEY_ID" \ + --issuer "$APPLE_NOTARIZATION_ISSUER_ID" \ + --output-format json \ + --wait) + + local status submission_id + status=$(printf '%s\n' "$submission_json" | jq -r '.status // "Unknown"') + submission_id=$(printf '%s\n' "$submission_json" | jq -r '.id // ""') + + if [[ -z "$submission_id" ]]; then + echo "Failed to retrieve submission ID for $label" + exit 1 + fi + + echo "::notice title=Notarization::$label submission ${submission_id} completed with status ${status}" + + if [[ "$status" != "Accepted" ]]; then + echo "Notarization failed for ${label} (submission ${submission_id}, status ${status})" + exit 1 + fi +} diff --git a/.github/actions/setup-akv-pkcs11-codesigning/action.yaml b/.github/actions/setup-akv-pkcs11-codesigning/action.yaml deleted file mode 100644 index 4d79cab42ef..00000000000 --- a/.github/actions/setup-akv-pkcs11-codesigning/action.yaml +++ /dev/null @@ -1,349 +0,0 @@ -name: Set up AKV PKCS11 code signing -description: Download prebuilt rcodesign and Azure Key Vault PKCS11 provider artifacts, then export macOS signing environment. - -inputs: - setup-mode: - description: signing configures Azure and exports signing env vars; tools-only only downloads signing tools. - required: false - default: signing - rcodesign-blob-uri: - description: Azure Blob URI for the prebuilt Linux/amd64 rcodesign binary. - required: true - rcodesign-sha256: - description: Expected SHA-256 digest for the prebuilt rcodesign binary. - required: true - akv-pkcs11-library-blob-uri: - description: Azure Blob URI for the prebuilt Linux/amd64 AKV PKCS11 provider library. - required: true - akv-pkcs11-library-sha256: - description: Expected SHA-256 digest for the prebuilt AKV PKCS11 provider library. - required: true - azure-client-id: - description: GitHub OIDC client ID for the Azure signer application. - required: true - azure-tenant-id: - description: Azure tenant ID for the signer application. - required: true - azure-subscription-id: - description: Azure subscription ID that owns the signing vault. - required: true - key-vault-name: - description: Azure Key Vault name containing the certificate-backed signing key. - required: true - key-name: - description: Key Vault certificate/key name used as the PKCS11 key label. - required: true - key-version: - description: Optional Key Vault key version to pin while signing. - required: false - default: "" - certificate-sha256: - description: Optional expected SHA-256 fingerprint for the downloaded public certificate. - required: false - default: "" - -outputs: - pkcs11-library: - description: Path to the downloaded AKV PKCS11 provider library. - value: ${{ steps.paths.outputs.pkcs11_library }} - signing-certificate-pem: - description: Path to the downloaded public signing certificate. - value: ${{ steps.paths.outputs.signing_certificate_pem }} - rcodesign: - description: Path to the downloaded rcodesign binary. - value: ${{ steps.paths.outputs.rcodesign }} - -runs: - using: composite - steps: - - name: Validate pinned signing artifacts - shell: bash - env: - SETUP_MODE: ${{ inputs.setup-mode }} - RCODESIGN_BLOB_URI: ${{ inputs.rcodesign-blob-uri }} - RCODESIGN_SHA256: ${{ inputs.rcodesign-sha256 }} - AKV_PKCS11_LIBRARY_BLOB_URI: ${{ inputs.akv-pkcs11-library-blob-uri }} - AKV_PKCS11_LIBRARY_SHA256: ${{ inputs.akv-pkcs11-library-sha256 }} - KEY_VAULT_NAME: ${{ inputs.key-vault-name }} - KEY_NAME: ${{ inputs.key-name }} - run: | - set -euo pipefail - - case "$SETUP_MODE" in - signing|tools-only) - ;; - *) - echo "setup-mode must be 'signing' or 'tools-only', got '$SETUP_MODE'." >&2 - exit 1 - ;; - esac - - for variable_name in RCODESIGN_SHA256 AKV_PKCS11_LIBRARY_SHA256; do - value="${!variable_name}" - if [[ ! "$value" =~ ^[0-9a-f]{64}$ ]]; then - echo "$variable_name must be a lowercase SHA-256 digest." >&2 - exit 1 - fi - done - - for variable_name in RCODESIGN_BLOB_URI AKV_PKCS11_LIBRARY_BLOB_URI; do - value="${!variable_name}" - if [[ ! "$value" =~ ^az://[^/]+/[^/]+/.+ ]]; then - echo "$variable_name must use az:////." >&2 - exit 1 - fi - done - - if [[ "$SETUP_MODE" == "signing" ]]; then - for variable_name in \ - KEY_VAULT_NAME \ - KEY_NAME; do - if [[ -z "${!variable_name}" ]]; then - echo "$variable_name is required for AKV PKCS11 signing." >&2 - exit 1 - fi - done - fi - - - name: Resolve signing tool paths - id: paths - shell: bash - run: | - set -euo pipefail - - if [[ "${RUNNER_OS}" != "Linux" ]]; then - echo "Prebuilt AKV PKCS11 signing tools are only vendored for Linux runners, got ${RUNNER_OS}." >&2 - exit 1 - fi - - if [[ "${RUNNER_ARCH}" != "X64" && "${RUNNER_ARCH}" != "AMD64" ]]; then - echo "Prebuilt AKV PKCS11 signing tools are only vendored for amd64 runners, got ${RUNNER_ARCH}." >&2 - exit 1 - fi - - provider_root="${RUNNER_TEMP}/akv-pkcs11-provider" - rcodesign_root="${RUNNER_TEMP}/rcodesign-root" - signing_certificate_pem="${RUNNER_TEMP}/akv-signing-cert.pem" - library_name="libakv_pkcs_11.so" - - mkdir -p "$provider_root" "$rcodesign_root/bin" - - { - echo "pkcs11_library=$provider_root/$library_name" - echo "pkcs11_manifest=$provider_root/akv-pkcs11-provider.manifest" - echo "rcodesign_root=$rcodesign_root" - echo "rcodesign=$rcodesign_root/bin/rcodesign" - echo "signing_certificate_pem=$signing_certificate_pem" - } >> "$GITHUB_OUTPUT" - - - name: Validate Azure credentials for private signing artifacts - shell: bash - env: - AZURE_CLIENT_ID: ${{ inputs.azure-client-id }} - AZURE_TENANT_ID: ${{ inputs.azure-tenant-id }} - AZURE_SUBSCRIPTION_ID: ${{ inputs.azure-subscription-id }} - run: | - set -euo pipefail - - for variable_name in AZURE_CLIENT_ID AZURE_TENANT_ID AZURE_SUBSCRIPTION_ID; do - if [[ -z "${!variable_name}" ]]; then - echo "$variable_name is required for private AKV PKCS11 signing artifacts." >&2 - exit 1 - fi - done - - - name: Log in to Azure with GitHub OIDC - uses: azure/login@532459ea530d8321f2fb9bb10d1e0bcf23869a43 # v3.0.0 - with: - client-id: ${{ inputs.azure-client-id }} - tenant-id: ${{ inputs.azure-tenant-id }} - subscription-id: ${{ inputs.azure-subscription-id }} - - - name: Install prebuilt signing tools - shell: bash - env: - RCODESIGN_BLOB_URI: ${{ inputs.rcodesign-blob-uri }} - RCODESIGN_SHA256: ${{ inputs.rcodesign-sha256 }} - RCODESIGN: ${{ steps.paths.outputs.rcodesign }} - AKV_PKCS11_LIBRARY_BLOB_URI: ${{ inputs.akv-pkcs11-library-blob-uri }} - AKV_PKCS11_LIBRARY_SHA256: ${{ inputs.akv-pkcs11-library-sha256 }} - PKCS11_LIBRARY: ${{ steps.paths.outputs.pkcs11_library }} - PKCS11_MANIFEST: ${{ steps.paths.outputs.pkcs11_manifest }} - run: | - set -euo pipefail - - download_az_blob_uri() { - local uri="$1" - local destination="$2" - local rest account container blob - - rest="${uri#az://}" - account="${rest%%/*}" - rest="${rest#*/}" - container="${rest%%/*}" - blob="${rest#*/}" - - if [[ -z "$account" || -z "$container" || -z "$blob" || "$blob" == "$rest" ]]; then - echo "Invalid Azure Blob URI. Expected az:////." >&2 - exit 1 - fi - - mkdir -p "$(dirname "$destination")" - rm -f "$destination" - if ! az storage blob download \ - --account-name "$account" \ - --container-name "$container" \ - --name "$blob" \ - --file "$destination" \ - --auth-mode login \ - --only-show-errors \ - >/dev/null 2>&1; then - echo "Failed to download a private signing artifact from Azure Blob Storage." >&2 - exit 1 - fi - } - - verify_sha256() { - local path="$1" - local expected="$2" - local actual - - actual="$(shasum -a 256 "$path" | awk '{ print $1 }')" - if [[ "$actual" != "$expected" ]]; then - echo "SHA-256 verification failed for '$path'." >&2 - exit 1 - fi - } - - echo "Downloading prebuilt rcodesign." - download_az_blob_uri "$RCODESIGN_BLOB_URI" "$RCODESIGN" - verify_sha256 "$RCODESIGN" "$RCODESIGN_SHA256" - chmod 0755 "$RCODESIGN" - - echo "Downloading prebuilt AKV PKCS11 provider." - download_az_blob_uri "$AKV_PKCS11_LIBRARY_BLOB_URI" "$PKCS11_LIBRARY" - verify_sha256 "$PKCS11_LIBRARY" "$AKV_PKCS11_LIBRARY_SHA256" - chmod 0644 "$PKCS11_LIBRARY" - - { - echo "runner_os=$RUNNER_OS" - echo "runner_arch=$RUNNER_ARCH" - echo "library_name=$(basename "$PKCS11_LIBRARY")" - } > "$PKCS11_MANIFEST" - - - name: Verify downloaded signing tools - shell: bash - env: - RCODESIGN: ${{ steps.paths.outputs.rcodesign }} - RCODESIGN_SHA256: ${{ inputs.rcodesign-sha256 }} - PKCS11_LIBRARY: ${{ steps.paths.outputs.pkcs11_library }} - AKV_PKCS11_LIBRARY_SHA256: ${{ inputs.akv-pkcs11-library-sha256 }} - PKCS11_MANIFEST: ${{ steps.paths.outputs.pkcs11_manifest }} - run: | - set -euo pipefail - - verify_sha256() { - local path="$1" - local expected="$2" - local actual - - actual="$(shasum -a 256 "$path" | awk '{ print $1 }')" - if [[ "$actual" != "$expected" ]]; then - echo "SHA-256 verification failed for '$path'." >&2 - exit 1 - fi - } - - if [[ ! -x "$RCODESIGN" ]]; then - echo "rcodesign is missing or not executable at '$RCODESIGN'." >&2 - exit 1 - fi - - if [[ ! -f "$PKCS11_LIBRARY" ]]; then - echo "AKV PKCS11 provider library is missing at '$PKCS11_LIBRARY'." >&2 - exit 1 - fi - - verify_sha256 "$RCODESIGN" "$RCODESIGN_SHA256" - verify_sha256 "$PKCS11_LIBRARY" "$AKV_PKCS11_LIBRARY_SHA256" - - "$RCODESIGN" --version - "$RCODESIGN" notarize --help > /dev/null - - if [[ -f "$PKCS11_MANIFEST" ]]; then - echo "AKV PKCS11 provider artifact manifest is present." - else - echo "AKV PKCS11 provider artifact manifest is absent." >&2 - exit 1 - fi - - - name: Download signing certificate from Key Vault - if: ${{ inputs.setup-mode == 'signing' }} - shell: bash - env: - KEY_VAULT_NAME: ${{ inputs.key-vault-name }} - KEY_NAME: ${{ inputs.key-name }} - KEY_VERSION: ${{ inputs.key-version }} - CERTIFICATE_SHA256: ${{ inputs.certificate-sha256 }} - SIGNING_CERTIFICATE_PEM: ${{ steps.paths.outputs.signing_certificate_pem }} - run: | - set -euo pipefail - - certificate_version_args=() - if [[ -n "$KEY_VERSION" ]]; then - certificate_version_args+=(--version "$KEY_VERSION") - fi - - if ! az keyvault certificate download \ - --vault-name "$KEY_VAULT_NAME" \ - --name "$KEY_NAME" \ - "${certificate_version_args[@]}" \ - --file "$SIGNING_CERTIFICATE_PEM" \ - --encoding PEM \ - --only-show-errors \ - >/dev/null 2>&1; then - echo "Failed to download the public signing certificate from Azure Key Vault." >&2 - exit 1 - fi - - if [[ -n "$CERTIFICATE_SHA256" ]]; then - actual_sha256="$( - openssl x509 -in "$SIGNING_CERTIFICATE_PEM" -noout -fingerprint -sha256 | - awk -F= '{ print toupper($2) }' | - tr -d ':\r\n' - )" - expected_sha256="$(printf '%s' "$CERTIFICATE_SHA256" | tr '[:lower:]' '[:upper:]' | tr -d ':\r\n ')" - if [[ "$actual_sha256" != "$expected_sha256" ]]; then - echo "Downloaded signing certificate SHA-256 did not match the expected fingerprint." >&2 - exit 1 - fi - fi - - - name: Export AKV PKCS11 signing environment - if: ${{ inputs.setup-mode == 'signing' }} - shell: bash - env: - RCODESIGN_ROOT: ${{ steps.paths.outputs.rcodesign_root }} - PKCS11_LIBRARY: ${{ steps.paths.outputs.pkcs11_library }} - SIGNING_CERTIFICATE_PEM: ${{ steps.paths.outputs.signing_certificate_pem }} - KEY_VAULT_NAME: ${{ inputs.key-vault-name }} - KEY_NAME: ${{ inputs.key-name }} - KEY_VERSION: ${{ inputs.key-version }} - run: | - set -euo pipefail - - { - echo "$RCODESIGN_ROOT/bin" - } >> "$GITHUB_PATH" - - { - echo "OAI_CODESIGN_BACKEND=akv-pkcs11" - echo "OAI_AKV_PKCS11_LIBRARY=$PKCS11_LIBRARY" - echo "OAI_AKV_SIGNING_CERTIFICATE_PEM=$SIGNING_CERTIFICATE_PEM" - echo "OAI_AKV_KEY_LABEL=$KEY_NAME" - echo "AZURE_CREDENTIAL_KIND=azurecli" - echo "AZURE_KEYVAULT_NAME=$KEY_VAULT_NAME" - if [[ -n "$KEY_VERSION" ]]; then - echo "AZURE_KEYVAULT_KEY_VERSION=$KEY_VERSION" - fi - } >> "$GITHUB_ENV" diff --git a/.github/actions/setup-rusty-v8/action.yml b/.github/actions/setup-rusty-v8-musl/action.yml similarity index 71% rename from .github/actions/setup-rusty-v8/action.yml rename to .github/actions/setup-rusty-v8-musl/action.yml index d9c4484657c..fbec1feb463 100644 --- a/.github/actions/setup-rusty-v8/action.yml +++ b/.github/actions/setup-rusty-v8-musl/action.yml @@ -1,20 +1,29 @@ -name: setup-rusty-v8 -description: Download and verify Codex-built rusty_v8 artifacts for Cargo builds. +name: setup-rusty-v8-musl +description: Download and verify musl rusty_v8 artifacts for Cargo builds. inputs: target: - description: Rust target triple with Codex-built V8 release artifacts. + description: Rust musl target triple. required: true runs: using: composite steps: - - name: Configure rusty_v8 artifact overrides and verify checksums + - name: Configure musl rusty_v8 artifact overrides and verify checksums shell: bash env: TARGET: ${{ inputs.target }} run: | set -euo pipefail + case "${TARGET}" in + x86_64-unknown-linux-musl|aarch64-unknown-linux-musl) + ;; + *) + echo "Unsupported musl rusty_v8 target: ${TARGET}" >&2 + exit 1 + ;; + esac + version="$(python3 "${GITHUB_WORKSPACE}/.github/scripts/rusty_v8_bazel.py" resolved-v8-crate-version)" release_tag="rusty-v8-v${version}" base_url="https://github.com/openai/codex/releases/download/${release_tag}" @@ -33,10 +42,6 @@ runs: exit 1 fi - if command -v sha256sum >/dev/null 2>&1; then - (cd "${binding_dir}" && sha256sum -c "${checksums_path}") - else - (cd "${binding_dir}" && shasum -a 256 -c "${checksums_path}") - fi + (cd "${binding_dir}" && sha256sum -c "${checksums_path}") echo "RUSTY_V8_ARCHIVE=${archive_path}" >> "${GITHUB_ENV}" echo "RUSTY_V8_SRC_BINDING_PATH=${binding_path}" >> "${GITHUB_ENV}" diff --git a/.github/dotslash-config.json b/.github/dotslash-config.json index 78ea6b37e6f..a0297c269a8 100644 --- a/.github/dotslash-config.json +++ b/.github/dotslash-config.json @@ -3,56 +3,56 @@ "codex": { "platforms": { "macos-aarch64": { - "regex": "^codex-package-aarch64-apple-darwin\\.tar\\.zst$", - "path": "bin/codex" + "regex": "^codex-aarch64-apple-darwin\\.zst$", + "path": "codex" }, "macos-x86_64": { - "regex": "^codex-package-x86_64-apple-darwin\\.tar\\.zst$", - "path": "bin/codex" + "regex": "^codex-x86_64-apple-darwin\\.zst$", + "path": "codex" }, "linux-x86_64": { - "regex": "^codex-package-x86_64-unknown-linux-musl\\.tar\\.zst$", - "path": "bin/codex" + "regex": "^codex-x86_64-unknown-linux-musl-bundle\\.tar\\.zst$", + "path": "codex" }, "linux-aarch64": { - "regex": "^codex-package-aarch64-unknown-linux-musl\\.tar\\.zst$", - "path": "bin/codex" + "regex": "^codex-aarch64-unknown-linux-musl-bundle\\.tar\\.zst$", + "path": "codex" }, "windows-x86_64": { - "regex": "^codex-package-x86_64-pc-windows-msvc\\.tar\\.zst$", - "path": "bin/codex.exe" + "regex": "^codex-x86_64-pc-windows-msvc\\.exe\\.zst$", + "path": "codex.exe" }, "windows-aarch64": { - "regex": "^codex-package-aarch64-pc-windows-msvc\\.tar\\.zst$", - "path": "bin/codex.exe" + "regex": "^codex-aarch64-pc-windows-msvc\\.exe\\.zst$", + "path": "codex.exe" } } }, "codex-app-server": { "platforms": { "macos-aarch64": { - "regex": "^codex-app-server-package-aarch64-apple-darwin\\.tar\\.zst$", - "path": "bin/codex-app-server" + "regex": "^codex-app-server-aarch64-apple-darwin\\.zst$", + "path": "codex-app-server" }, "macos-x86_64": { - "regex": "^codex-app-server-package-x86_64-apple-darwin\\.tar\\.zst$", - "path": "bin/codex-app-server" + "regex": "^codex-app-server-x86_64-apple-darwin\\.zst$", + "path": "codex-app-server" }, "linux-x86_64": { - "regex": "^codex-app-server-package-x86_64-unknown-linux-musl\\.tar\\.zst$", - "path": "bin/codex-app-server" + "regex": "^codex-app-server-x86_64-unknown-linux-musl\\.zst$", + "path": "codex-app-server" }, "linux-aarch64": { - "regex": "^codex-app-server-package-aarch64-unknown-linux-musl\\.tar\\.zst$", - "path": "bin/codex-app-server" + "regex": "^codex-app-server-aarch64-unknown-linux-musl\\.zst$", + "path": "codex-app-server" }, "windows-x86_64": { - "regex": "^codex-app-server-package-x86_64-pc-windows-msvc\\.tar\\.zst$", - "path": "bin/codex-app-server.exe" + "regex": "^codex-app-server-x86_64-pc-windows-msvc\\.exe\\.zst$", + "path": "codex-app-server.exe" }, "windows-aarch64": { - "regex": "^codex-app-server-package-aarch64-pc-windows-msvc\\.tar\\.zst$", - "path": "bin/codex-app-server.exe" + "regex": "^codex-app-server-aarch64-pc-windows-msvc\\.exe\\.zst$", + "path": "codex-app-server.exe" } } }, diff --git a/.github/dotslash-zsh-config.json b/.github/dotslash-zsh-config.json index 37285f19e24..db2c4164015 100644 --- a/.github/dotslash-zsh-config.json +++ b/.github/dotslash-zsh-config.json @@ -7,11 +7,6 @@ "format": "tar.gz", "path": "codex-zsh/bin/zsh" }, - "macos-x86_64": { - "name": "codex-zsh-x86_64-apple-darwin.tar.gz", - "format": "tar.gz", - "path": "codex-zsh/bin/zsh" - }, "linux-x86_64": { "name": "codex-zsh-x86_64-unknown-linux-musl.tar.gz", "format": "tar.gz", diff --git a/.github/scripts/build-codex-package-archive.sh b/.github/scripts/build-codex-package-archive.sh index 80da4cf20c9..90eae12ef07 100644 --- a/.github/scripts/build-codex-package-archive.sh +++ b/.github/scripts/build-codex-package-archive.sh @@ -8,9 +8,6 @@ Usage: build-codex-package-archive.sh \ --bundle \ --entrypoint-dir \ --archive-dir \ - [--bwrap-bin ] \ - [--codex-command-runner-bin ] \ - [--codex-windows-sandbox-setup-bin ] \ [--target-suffixed-entrypoint] EOF } @@ -20,10 +17,6 @@ bundle="" entrypoint_dir="" archive_dir="" target_suffixed_entrypoint="false" -resource_args=() -bwrap_bin_provided="false" -command_runner_bin_provided="false" -sandbox_setup_bin_provided="false" while [[ $# -gt 0 ]]; do case "$1" in @@ -43,27 +36,6 @@ while [[ $# -gt 0 ]]; do archive_dir="${2:?--archive-dir requires a value}" shift 2 ;; - --bwrap-bin) - resource_args+=(--bwrap-bin "${2:?--bwrap-bin requires a value}") - bwrap_bin_provided="true" - shift 2 - ;; - --codex-command-runner-bin) - resource_args+=( - --codex-command-runner-bin - "${2:?--codex-command-runner-bin requires a value}" - ) - command_runner_bin_provided="true" - shift 2 - ;; - --codex-windows-sandbox-setup-bin) - resource_args+=( - --codex-windows-sandbox-setup-bin - "${2:?--codex-windows-sandbox-setup-bin requires a value}" - ) - sandbox_setup_bin_provided="true" - shift 2 - ;; --target-suffixed-entrypoint) target_suffixed_entrypoint="true" shift @@ -114,25 +86,6 @@ if [[ "$target_suffixed_entrypoint" == "true" ]]; then entrypoint_name="${entrypoint_name}-${target}" fi -case "$target" in - *linux*) - bwrap_bin="${entrypoint_dir%/}/bwrap" - if [[ "$bwrap_bin_provided" == "false" && -f "$bwrap_bin" ]]; then - resource_args+=(--bwrap-bin "$bwrap_bin") - fi - ;; - *windows*) - command_runner_bin="${entrypoint_dir%/}/codex-command-runner.exe" - sandbox_setup_bin="${entrypoint_dir%/}/codex-windows-sandbox-setup.exe" - if [[ "$command_runner_bin_provided" == "false" && -f "$command_runner_bin" ]]; then - resource_args+=(--codex-command-runner-bin "$command_runner_bin") - fi - if [[ "$sandbox_setup_bin_provided" == "false" && -f "$sandbox_setup_bin" ]]; then - resource_args+=(--codex-windows-sandbox-setup-bin "$sandbox_setup_bin") - fi - ;; -esac - repo_root="${GITHUB_WORKSPACE:-}" if [[ -z "$repo_root" ]]; then repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" @@ -144,29 +97,16 @@ else python_bin="python" fi -if ! command -v zstd >/dev/null 2>&1 && [[ -x "${repo_root}/.github/workflows/zstd" ]]; then - export PATH="${repo_root}/.github/workflows:${PATH}" -fi - mkdir -p "$archive_dir" package_dir="${RUNNER_TEMP:-/tmp}/${archive_stem}-${target}" -gzip_archive_path="${archive_dir}/${archive_stem}-${target}.tar.gz" -zstd_archive_path="${archive_dir}/${archive_stem}-${target}.tar.zst" +archive_path="${archive_dir}/${archive_stem}-${target}.tar.gz" rm -rf "$package_dir" -python_args=( - "${repo_root}/scripts/build_codex_package.py" - --target "$target" - --variant "$variant" - --entrypoint-bin "${entrypoint_dir%/}/${entrypoint_name}${exe_suffix}" - --cargo-profile release - --package-dir "$package_dir" - --archive-output "$gzip_archive_path" - --archive-output "$zstd_archive_path" -) -if ((${#resource_args[@]} > 0)); then - python_args+=("${resource_args[@]}") -fi -python_args+=(--force) - -"$python_bin" "${python_args[@]}" +"$python_bin" "${repo_root}/scripts/build_codex_package.py" \ + --target "$target" \ + --variant "$variant" \ + --entrypoint-bin "${entrypoint_dir%/}/${entrypoint_name}${exe_suffix}" \ + --cargo-profile release \ + --package-dir "$package_dir" \ + --archive-output "$archive_path" \ + --force diff --git a/.github/scripts/install-musl-build-tools.sh b/.github/scripts/install-musl-build-tools.sh index 49035f53911..e4c6683d0e6 100644 --- a/.github/scripts/install-musl-build-tools.sh +++ b/.github/scripts/install-musl-build-tools.sh @@ -150,9 +150,7 @@ for arg in "\$@"; do args+=("\${arg}") done -# Zig enables UBSan for debug C builds by default. Rust links these objects -# without Zig's sanitizer runtime, so keep native dependencies uninstrumented. -exec "${zig_bin}" cc -target "${zig_target}" "\${args[@]}" -fno-sanitize=undefined +exec "${zig_bin}" cc -target "${zig_target}" "\${args[@]}" EOF cat >"${cxx}" <> "$GITHUB_ENV" pkg_config_path_var="PKG_CONFIG_PATH_${TARGET}" pkg_config_path_var="${pkg_config_path_var//-/_}" echo "${pkg_config_path_var}=${libcap_pkgconfig_dir}" >> "$GITHUB_ENV" -pkg_config_libdir_var="PKG_CONFIG_LIBDIR_${TARGET}" -pkg_config_libdir_var="${pkg_config_libdir_var//-/_}" -# Do not let musl cross-builds resolve native libraries from the host glibc -# pkg-config directories. libcap is the only target package provided here. -echo "${pkg_config_libdir_var}=${libcap_pkgconfig_dir}" >> "$GITHUB_ENV" if [[ -n "${sysroot}" && "${sysroot}" != "/" ]]; then echo "PKG_CONFIG_SYSROOT_DIR=${sysroot}" >> "$GITHUB_ENV" diff --git a/.github/scripts/macos-signing/notarize_macos_binary_with_rcodesign.sh b/.github/scripts/macos-signing/notarize_macos_binary_with_rcodesign.sh deleted file mode 100755 index 8ebe490d41e..00000000000 --- a/.github/scripts/macos-signing/notarize_macos_binary_with_rcodesign.sh +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/env bash - -# Submits a signed standalone macOS binary to Apple notarization through -# rcodesign. Standalone binaries cannot carry a stapled ticket, so the binary -# is submitted in a ZIP and the successful notarization log is retained. - -set -euo pipefail - -usage() { - cat >&2 <<'EOF' -Usage: notarize_macos_binary_with_rcodesign.sh --binary PATH [--report-dir PATH] [--max-wait-seconds SECONDS] - -Options: - --binary PATH Signed standalone macOS binary to notarize. - --report-dir PATH Directory for notarization logs. - --max-wait-seconds SECONDS Maximum rcodesign notarization wait time. -EOF -} - -binary_path="" -report_dir="${RUNNER_TEMP:-/tmp}/macos-binary-notarization-verification" -max_wait_seconds="600" - -while [[ $# -gt 0 ]]; do - case "$1" in - --binary) - binary_path="${2:-}" - shift 2 - ;; - --report-dir) - report_dir="${2:-}" - shift 2 - ;; - --max-wait-seconds) - max_wait_seconds="${2:-}" - shift 2 - ;; - -h|--help) - usage - exit 0 - ;; - *) - echo "Unknown notarization argument: $1" >&2 - usage - exit 2 - ;; - esac -done - -if [[ -z "$binary_path" ]]; then - echo "--binary is required." >&2 - usage - exit 2 -fi - -if [[ ! -f "$binary_path" ]]; then - echo "Binary does not exist: $binary_path" >&2 - exit 1 -fi - -if [[ ! "$max_wait_seconds" =~ ^[0-9]+$ ]]; then - echo "--max-wait-seconds must be a non-negative integer." >&2 - exit 2 -fi - -for command_name in rcodesign zip; do - if ! command -v "$command_name" >/dev/null 2>&1; then - echo "$command_name was not found on PATH." >&2 - exit 1 - fi -done - -missing_environment=0 -for variable_name in \ - APPLE_NOTARIZATION_ISSUER_ID \ - APPLE_NOTARIZATION_KEY_ID \ - APPLE_NOTARIZATION_KEY_P8 -do - if [[ -z "${!variable_name:-}" ]]; then - echo "$variable_name must be set from CI secrets before notarizing a binary." >&2 - missing_environment=1 - fi -done - -if [[ "$missing_environment" -ne 0 ]]; then - exit 2 -fi - -mkdir -p "$report_dir" - -notarization_temp_dir="$(mktemp -d)" -trap 'rm -rf "$notarization_temp_dir" >/dev/null' EXIT - -private_key_path="$notarization_temp_dir/AuthKey_${APPLE_NOTARIZATION_KEY_ID}.p8" -if ! printf '%s' "$APPLE_NOTARIZATION_KEY_P8" | base64 --decode >"$private_key_path" 2>/dev/null; then - if ! printf '%s' "$APPLE_NOTARIZATION_KEY_P8" | base64 -D >"$private_key_path" 2>/dev/null; then - echo "APPLE_NOTARIZATION_KEY_P8 must be a base64-encoded .p8 private key." >&2 - exit 2 - fi -fi -chmod 600 "$private_key_path" - -api_key_path="$notarization_temp_dir/app-store-connect-api-key.json" -rcodesign encode-app-store-connect-api-key \ - --output-path "$api_key_path" \ - "$APPLE_NOTARIZATION_ISSUER_ID" \ - "$APPLE_NOTARIZATION_KEY_ID" \ - "$private_key_path" \ - >"$report_dir/encode-app-store-connect-api-key.log" 2>&1 - -binary_name="$(basename "$binary_path")" -archive_path="$notarization_temp_dir/${binary_name}.zip" -( - cd "$(dirname "$binary_path")" - zip -q "$archive_path" "$binary_name" -) - -notarization_log="$report_dir/${binary_name}-notarization.log" -rcodesign notarize \ - --api-key-file "$api_key_path" \ - --max-wait-seconds "$max_wait_seconds" \ - --wait \ - "$archive_path" \ - 2>&1 | tee "$notarization_log" - -{ - echo "binary_name=$binary_name" - echo "max_wait_seconds=$max_wait_seconds" - echo "binary_sha256=$(shasum -a 256 "$binary_path" | awk '{ print $1 }')" - echo "rcodesign_notarize=completed" -} >"$report_dir/${binary_name}-notarization-summary.txt" diff --git a/.github/scripts/macos-signing/notarize_macos_dmg_with_rcodesign.sh b/.github/scripts/macos-signing/notarize_macos_dmg_with_rcodesign.sh deleted file mode 100755 index a1125d436aa..00000000000 --- a/.github/scripts/macos-signing/notarize_macos_dmg_with_rcodesign.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/usr/bin/env bash - -# Notarizes and staples a signed macOS DMG through rcodesign. -# -# This is the Linux-compatible notarization path for the AKV/PKCS#11 signing -# flow. It records notarization inputs and logs so workflow artifacts can be -# audited without exposing the App Store Connect private key. - -set -euo pipefail - -usage() { - cat >&2 <<'EOF' -Usage: notarize_macos_dmg_with_rcodesign.sh --dmg PATH [--report-dir PATH] [--max-wait-seconds SECONDS] - -Options: - --dmg PATH Signed DMG to submit to Apple notarization. - --report-dir PATH Directory for notarization logs. - --max-wait-seconds SECONDS Maximum rcodesign notarization wait time. -EOF -} - -dmg_path="" -report_dir="${RUNNER_TEMP:-/tmp}/macos-notarization-verification" -max_wait_seconds="600" - -while [[ $# -gt 0 ]]; do - case "$1" in - --dmg) - dmg_path="${2:-}" - shift 2 - ;; - --report-dir) - report_dir="${2:-}" - shift 2 - ;; - --max-wait-seconds) - max_wait_seconds="${2:-}" - shift 2 - ;; - -h|--help) - usage - exit 0 - ;; - *) - echo "Unknown notarization argument: $1" >&2 - usage - exit 2 - ;; - esac -done - -if [[ -z "$dmg_path" ]]; then - echo "--dmg is required." >&2 - usage - exit 2 -fi - -if [[ ! -f "$dmg_path" ]]; then - echo "DMG does not exist: $dmg_path" >&2 - exit 1 -fi - -if [[ ! "$max_wait_seconds" =~ ^[0-9]+$ ]]; then - echo "--max-wait-seconds must be a non-negative integer." >&2 - exit 2 -fi - -if ! command -v rcodesign > /dev/null 2>&1; then - echo "rcodesign was not found on PATH." >&2 - exit 1 -fi - -missing_environment=0 -for variable_name in \ - APPLE_NOTARIZATION_ISSUER_ID \ - APPLE_NOTARIZATION_KEY_ID \ - APPLE_NOTARIZATION_KEY_P8 -do - if [[ -z "${!variable_name:-}" ]]; then - echo "$variable_name must be set from CI secrets before notarizing a DMG." >&2 - missing_environment=1 - fi -done - -if [[ "$missing_environment" -ne 0 ]]; then - exit 2 -fi - -mkdir -p "$report_dir" - -notarization_temp_dir="$(mktemp -d)" -trap 'rm -rf "$notarization_temp_dir" > /dev/null' EXIT - -private_key_path="$notarization_temp_dir/AuthKey_${APPLE_NOTARIZATION_KEY_ID}.p8" -if ! printf '%s' "$APPLE_NOTARIZATION_KEY_P8" | base64 --decode > "$private_key_path" 2> /dev/null; then - if ! printf '%s' "$APPLE_NOTARIZATION_KEY_P8" | base64 -D > "$private_key_path" 2> /dev/null; then - echo "APPLE_NOTARIZATION_KEY_P8 must be a base64-encoded .p8 private key." >&2 - exit 2 - fi -fi -chmod 600 "$private_key_path" - -api_key_path="$notarization_temp_dir/app-store-connect-api-key.json" -rcodesign encode-app-store-connect-api-key \ - --output-path "$api_key_path" \ - "$APPLE_NOTARIZATION_ISSUER_ID" \ - "$APPLE_NOTARIZATION_KEY_ID" \ - "$private_key_path" \ - > "$report_dir/encode-app-store-connect-api-key.log" 2>&1 - -notarization_log="$report_dir/dmg-notarization.log" -rcodesign notarize \ - --api-key-file "$api_key_path" \ - --max-wait-seconds "$max_wait_seconds" \ - --staple \ - "$dmg_path" \ - 2>&1 | tee "$notarization_log" - -{ - echo "dmg_path=$dmg_path" - echo "max_wait_seconds=$max_wait_seconds" - echo "dmg_sha256=$(shasum -a 256 "$dmg_path" | awk '{ print $1 }')" - echo "rcodesign_notarize_staple=completed" -} > "$report_dir/dmg-notarization-summary.txt" diff --git a/.github/scripts/macos-signing/sign_macos_code.sh b/.github/scripts/macos-signing/sign_macos_code.sh deleted file mode 100755 index 9f86741410d..00000000000 --- a/.github/scripts/macos-signing/sign_macos_code.sh +++ /dev/null @@ -1,245 +0,0 @@ -#!/usr/bin/env bash - -# Small compatibility wrapper around native codesign and rcodesign. -# -# Existing packaging scripts call this instead of choosing a signing backend -# directly. OAI_CODESIGN_BACKEND=akv-pkcs11 routes signing through rcodesign -# while preserving the option, entitlement, identifier, timestamp, and deep -# signing surface used by the native codesign path. - -set -euo pipefail - -usage() { - cat >&2 <<'EOF' -Usage: sign_macos_code.sh --target PATH --identity IDENTITY [options] - -Options: - --deep true|false - --entitlements PATH - --identifier IDENTIFIER - --identity IDENTITY - --options FLAGS - --target PATH - --timestamp true|false|none -EOF -} - -target="" -identity="" -options="" -entitlements_file="" -identifier="" -deep="false" -timestamp="true" - -while [[ $# -gt 0 ]]; do - case "$1" in - --deep) - deep="${2:-}" - shift 2 - ;; - --entitlements) - entitlements_file="${2:-}" - shift 2 - ;; - --identifier) - identifier="${2:-}" - shift 2 - ;; - --identity) - identity="${2:-}" - shift 2 - ;; - --options) - options="${2:-}" - shift 2 - ;; - --target) - target="${2:-}" - shift 2 - ;; - --timestamp) - timestamp="${2:-}" - shift 2 - ;; - -h|--help) - usage - exit 0 - ;; - *) - echo "Unknown signing argument: $1" >&2 - usage - exit 2 - ;; - esac -done - -if [[ -z "$target" ]]; then - echo "--target is required." >&2 - usage - exit 2 -fi - -if [[ ! -e "$target" ]]; then - echo "Signing target does not exist: $target" >&2 - exit 1 -fi - -case "$deep" in - true|false) ;; - *) - echo "--deep must be true or false, got '$deep'." >&2 - exit 2 - ;; -esac - -case "$timestamp" in - true|false|none) ;; - *) - echo "--timestamp must be true, false, or none, got '$timestamp'." >&2 - exit 2 - ;; -esac - -sign_with_codesign() { - if [[ -z "$identity" ]]; then - echo "Native codesign requires --identity." >&2 - exit 2 - fi - - local -a args - args=(--force) - - if [[ "$deep" == "true" ]]; then - args+=(--deep) - fi - - if [[ -n "$options" ]]; then - args+=(--options "$options") - fi - - case "$timestamp" in - true) - args+=(--timestamp) - ;; - false|none) - args+=(--timestamp=none) - ;; - esac - - if [[ -n "$entitlements_file" ]]; then - args+=(--entitlements "$entitlements_file") - fi - - if [[ -n "$identifier" ]]; then - args+=(--identifier "$identifier") - fi - - args+=(--sign "$identity" "$target") - codesign "${args[@]}" -} - -append_rcodesign_flags() { - local raw_options="$1" - local option="" - - if [[ -z "$raw_options" ]]; then - return 0 - fi - - IFS=',' read -ra split_options <<< "$raw_options" - for option in "${split_options[@]}"; do - option="${option//[[:space:]]/}" - [[ -z "$option" ]] && continue - - case "$option" in - host|hard|kill|expires|restrict|library|runtime|linker-signed) - rcodesign_args+=(--code-signature-flags "$option") - ;; - *) - echo "Unsupported rcodesign code signature option: $option" >&2 - exit 2 - ;; - esac - done -} - -rcodesign_options_require_notarization() { - local raw_options="$1" - local option="" - - if [[ -z "$raw_options" || "$timestamp" != "true" ]]; then - return 1 - fi - - IFS=',' read -ra split_options <<< "$raw_options" - for option in "${split_options[@]}"; do - option="${option//[[:space:]]/}" - if [[ "$option" == "runtime" ]]; then - return 0 - fi - done - - return 1 -} - -sign_with_rcodesign() { - : "${OAI_AKV_PKCS11_LIBRARY:?OAI_AKV_PKCS11_LIBRARY is required for AKV PKCS11 signing.}" - : "${OAI_AKV_SIGNING_CERTIFICATE_PEM:?OAI_AKV_SIGNING_CERTIFICATE_PEM is required for AKV PKCS11 signing.}" - : "${OAI_AKV_KEY_LABEL:?OAI_AKV_KEY_LABEL is required for AKV PKCS11 signing.}" - - if ! command -v rcodesign >/dev/null 2>&1; then - echo "rcodesign was not found on PATH." >&2 - exit 1 - fi - - local -a rcodesign_args - rcodesign_args=( - sign - --config-file /dev/null - --pkcs11-library "$OAI_AKV_PKCS11_LIBRARY" - --pkcs11-certificate-file "$OAI_AKV_SIGNING_CERTIFICATE_PEM" - --pkcs11-key-label "$OAI_AKV_KEY_LABEL" - ) - - if [[ "$deep" == "false" ]]; then - rcodesign_args+=(--shallow) - fi - - case "$timestamp" in - true) - ;; - false|none) - rcodesign_args+=(--timestamp-url none) - ;; - esac - - append_rcodesign_flags "$options" - if rcodesign_options_require_notarization "$options"; then - rcodesign_args+=(--for-notarization) - fi - - if [[ -n "$entitlements_file" ]]; then - rcodesign_args+=(--entitlements-xml-file "$entitlements_file") - fi - - if [[ -n "$identifier" ]]; then - rcodesign_args+=(--binary-identifier "$identifier") - fi - - rcodesign_args+=("$target") - rcodesign "${rcodesign_args[@]}" -} - -case "${OAI_CODESIGN_BACKEND:-codesign}" in - codesign|"") - sign_with_codesign - ;; - akv-pkcs11) - sign_with_rcodesign - ;; - *) - echo "Unsupported OAI_CODESIGN_BACKEND: ${OAI_CODESIGN_BACKEND}" >&2 - exit 2 - ;; -esac diff --git a/.github/scripts/run-bazel-ci.sh b/.github/scripts/run-bazel-ci.sh index 89f937a998b..f98e4d8cb99 100755 --- a/.github/scripts/run-bazel-ci.sh +++ b/.github/scripts/run-bazel-ci.sh @@ -53,20 +53,11 @@ fi run_bazel() { if [[ "${RUNNER_OS:-}" == "Windows" ]]; then - MSYS2_ARG_CONV_EXCL='*' "$(dirname "${BASH_SOURCE[0]}")/run_bazel_with_buildbuddy.py" "$@" + MSYS2_ARG_CONV_EXCL='*' bazel "$@" return fi - "$(dirname "${BASH_SOURCE[0]}")/run_bazel_with_buildbuddy.py" "$@" -} - -run_bazel_with_startup_args() { - if (( ${#bazel_startup_args[@]} > 0 )); then - run_bazel "${bazel_startup_args[@]}" "$@" - return - fi - - run_bazel "$@" + bazel "$@" } ci_config=ci-linux @@ -86,16 +77,23 @@ esac print_bazel_test_log_tails() { local console_log="$1" local testlogs_dir - + local -a bazel_info_cmd=(bazel) local -a bazel_info_args=(info) - if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then - # `bazel info` needs the same CI config as the failed test invocation so - # platform-specific output roots match. On Windows, omitting `ci-windows` - # would point at `local_windows-fastbuild` even when the test ran with the - # MSVC host platform under `local_windows_msvc-fastbuild`. - bazel_info_args+=("--config=${ci_config}") + + if (( ${#bazel_startup_args[@]} > 0 )); then + bazel_info_cmd+=("${bazel_startup_args[@]}") fi + # `bazel info` needs the same CI config as the failed test invocation so + # platform-specific output roots match. On Windows, omitting `ci-windows` + # would point at `local_windows-fastbuild` even when the test ran with the + # MSVC host platform under `local_windows_msvc-fastbuild`. + if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then + bazel_info_args+=( + "--config=${ci_config}" + "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}" + ) + fi # Only pass flags that affect Bazel's output-root selection or repository # lookup. Test/build-only flags such as execution logs or remote download # mode can make `bazel info` fail, which would hide the real test log path. @@ -107,7 +105,7 @@ print_bazel_test_log_tails() { esac done - testlogs_dir="$(run_bazel_with_startup_args \ + testlogs_dir="$(run_bazel "${bazel_info_cmd[@]:1}" \ --noexperimental_remote_repo_contents_cache \ "${bazel_info_args[@]}" \ bazel-testlogs 2>/dev/null || echo bazel-testlogs)" @@ -256,9 +254,8 @@ if [[ ${#bazel_args[@]} -eq 0 || ${#bazel_targets[@]} -eq 0 ]]; then fi if [[ "${RUNNER_OS:-}" == "Windows" && $windows_cross_compile -eq 1 && -z "${BUILDBUDDY_API_KEY:-}" ]]; then - # Windows cross-compilation depends on authenticated RBE. Preserve the local - # Windows build shape when credentials are unavailable. - ci_config=ci-windows + # Fork PRs do not receive the BuildBuddy secret needed for the remote + # cross-compile config. Preserve the previous local Windows build shape. windows_msvc_host_platform=1 fi @@ -300,9 +297,9 @@ if [[ "${RUNNER_OS:-}" == "Windows" && $windows_cross_compile -eq 1 && -n "${BUI fi if [[ "${RUNNER_OS:-}" == "Windows" && $windows_cross_compile -eq 1 && -z "${BUILDBUDDY_API_KEY:-}" ]]; then - # The Windows cross-compile config depends on authenticated remote - # execution. When credentials are unavailable, keep the local build shape - # and its lower concurrency cap. + # The Windows cross-compile config depends on remote execution. Fork PRs do + # not receive the BuildBuddy secret, so fall back to the existing local build + # shape and keep its lower concurrency cap. post_config_bazel_args+=(--jobs=8) fi @@ -380,31 +377,70 @@ fi bazel_console_log="$(mktemp)" trap 'rm -f "$bazel_console_log"' EXIT -bazel_run_args=( - "${bazel_args[@]}" -) +bazel_cmd=(bazel) +if (( ${#bazel_startup_args[@]} > 0 )); then + bazel_cmd+=("${bazel_startup_args[@]}") +fi + if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then echo "BuildBuddy API key is available; using remote Bazel configuration." - bazel_run_args+=("--config=${ci_config}") + # Work around Bazel 9 remote repo contents cache / overlay materialization failures + # seen in CI (for example "is not a symlink" or permission errors while + # materializing external repos such as rules_perl). We still use BuildBuddy for + # remote execution/cache; this only disables the startup-level repo contents cache. + bazel_run_args=( + "${bazel_args[@]}" + "--config=${ci_config}" + "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}" + ) + if (( ${#post_config_bazel_args[@]} > 0 )); then + bazel_run_args+=("${post_config_bazel_args[@]}") + fi + set +e + run_bazel "${bazel_cmd[@]:1}" \ + --noexperimental_remote_repo_contents_cache \ + "${bazel_run_args[@]}" \ + -- \ + "${bazel_targets[@]}" \ + 2>&1 | tee "$bazel_console_log" + bazel_status=${PIPESTATUS[0]} + set -e else echo "BuildBuddy API key is not available; using local Bazel configuration." + # Keep fork/community PRs on Bazel but disable remote services that are + # configured in .bazelrc and require auth. + # + # Flag docs: + # - Command-line reference: https://bazel.build/reference/command-line-reference + # - Remote caching overview: https://bazel.build/remote/caching + # - Remote execution overview: https://bazel.build/remote/rbe + # - Build Event Protocol overview: https://bazel.build/remote/bep + # + # --noexperimental_remote_repo_contents_cache: + # disable remote repo contents cache enabled in .bazelrc startup options. + # https://bazel.build/reference/command-line-reference#startup_options-flag--experimental_remote_repo_contents_cache + # --remote_cache= and --remote_executor=: + # clear remote cache/execution endpoints configured in .bazelrc. + # https://bazel.build/reference/command-line-reference#common_options-flag--remote_cache + # https://bazel.build/reference/command-line-reference#common_options-flag--remote_executor + bazel_run_args=( + "${bazel_args[@]}" + --remote_cache= + --remote_executor= + ) + if (( ${#post_config_bazel_args[@]} > 0 )); then + bazel_run_args+=("${post_config_bazel_args[@]}") + fi + set +e + run_bazel "${bazel_cmd[@]:1}" \ + --noexperimental_remote_repo_contents_cache \ + "${bazel_run_args[@]}" \ + -- \ + "${bazel_targets[@]}" \ + 2>&1 | tee "$bazel_console_log" + bazel_status=${PIPESTATUS[0]} + set -e fi -if (( ${#post_config_bazel_args[@]} > 0 )); then - bazel_run_args+=("${post_config_bazel_args[@]}") -fi -set +e -# Work around Bazel 9 remote repo contents cache / overlay materialization -# failures seen in CI (for example "is not a symlink" or permission errors -# while materializing external repos such as rules_perl). This only disables -# the startup-level repo contents cache; keyed runs still use BuildBuddy. -run_bazel_with_startup_args \ - --noexperimental_remote_repo_contents_cache \ - "${bazel_run_args[@]}" \ - -- \ - "${bazel_targets[@]}" \ - 2>&1 | tee "$bazel_console_log" -bazel_status=${PIPESTATUS[0]} -set -e if [[ ${bazel_status:-0} -ne 0 ]]; then if [[ $print_failed_bazel_action_summary -eq 1 ]]; then diff --git a/.github/scripts/run-bazel-query-ci.sh b/.github/scripts/run-bazel-query-ci.sh index f5d4f56f49c..dd03b671692 100755 --- a/.github/scripts/run-bazel-query-ci.sh +++ b/.github/scripts/run-bazel-query-ci.sh @@ -2,17 +2,48 @@ set -euo pipefail -# Run target-discovery queries with the same startup settings as the main -# build/test invocation so they can reuse the same Bazel server. Queries only -# enumerate labels, so they intentionally do not select CI or remote configs. +# Run Bazel queries with the same CI startup settings as the main build/test +# invocation so target-discovery queries can reuse the same Bazel server. -if [[ $# -lt 2 || "${@: -2:1}" != "--" ]]; then - echo "Usage: $0 [...] -- " >&2 +query_args=() +windows_cross_compile=0 +while [[ $# -gt 0 ]]; do + case "$1" in + --windows-cross-compile) + windows_cross_compile=1 + shift + ;; + --) + shift + break + ;; + *) + query_args+=("$1") + shift + ;; + esac +done + +if [[ $# -ne 1 ]]; then + echo "Usage: $0 [--windows-cross-compile] [...] -- " >&2 exit 1 fi -query_args=("${@:1:$#-2}") -query_expression="${@: -1}" +query_expression="$1" + +ci_config=ci-linux +case "${RUNNER_OS:-}" in + macOS) + ci_config=ci-macos + ;; + Windows) + if [[ $windows_cross_compile -eq 1 ]]; then + ci_config=ci-windows-cross + else + ci_config=ci-windows + fi + ;; +esac bazel_startup_args=() if [[ -n "${BAZEL_OUTPUT_USER_ROOT:-}" ]]; then @@ -29,6 +60,12 @@ run_bazel() { } bazel_query_args=(--noexperimental_remote_repo_contents_cache query) +if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then + bazel_query_args+=( + "--config=${ci_config}" + "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}" + ) +fi if [[ -n "${BAZEL_REPO_CONTENTS_CACHE:-}" ]]; then bazel_query_args+=("--repo_contents_cache=${BAZEL_REPO_CONTENTS_CACHE}") @@ -38,10 +75,7 @@ if [[ -n "${BAZEL_REPOSITORY_CACHE:-}" ]]; then bazel_query_args+=("--repository_cache=${BAZEL_REPOSITORY_CACHE}") fi -if (( ${#query_args[@]} > 0 )); then - bazel_query_args+=("${query_args[@]}") -fi -bazel_query_args+=("$query_expression") +bazel_query_args+=("${query_args[@]}" "$query_expression") if (( ${#bazel_startup_args[@]} > 0 )); then run_bazel "${bazel_startup_args[@]}" "${bazel_query_args[@]}" diff --git a/.github/scripts/run_bazel_with_buildbuddy.py b/.github/scripts/run_bazel_with_buildbuddy.py deleted file mode 100755 index f9f329d6869..00000000000 --- a/.github/scripts/run_bazel_with_buildbuddy.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/env python3 - -import json -import os -import subprocess -import sys -from collections.abc import Mapping -from collections.abc import Sequence -from pathlib import Path - - -OPENAI_REPOSITORY = "openai/codex" -# Remote configurations select cache/BES/download endpoints. Their -rbe forms -# also select the matching remote executor endpoint. -GENERIC_REMOTE_CONFIG = "buildbuddy-generic" -OPENAI_REMOTE_CONFIG = "buildbuddy-openai" -# These CI configurations require remote build execution. The wrapper supplies -# an RBE configuration, which also includes the common `remote` settings. -REMOTE_EXECUTION_CONFIGS = { - "--config=ci-linux", - "--config=ci-macos", - "--config=ci-v8", - "--config=ci-windows-cross", -} -# Only authenticated workflow runs executing trusted upstream code may use the -# OpenAI BuildBuddy host. A pull request event without proof that its head is -# in the upstream repository fails closed to the generic host. -def is_trusted_upstream_run(env: Mapping[str, str]) -> bool: - # `GITHUB_REPOSITORY` is easy to set locally. Requiring GitHub's workflow - # marker prevents a local command from opting itself into the OpenAI host. - if ( - env.get("GITHUB_ACTIONS") != "true" - or env.get("GITHUB_REPOSITORY") != OPENAI_REPOSITORY - ): - return False - # Non-PR workflow runs in `openai/codex` execute upstream refs, so they are - # trusted. Fork code reaches these workflows only through pull requests. - if env.get("GITHUB_EVENT_NAME") != "pull_request": - return True - - event_path = env.get("GITHUB_EVENT_PATH") - if not event_path: - return False - try: - event = json.loads(Path(event_path).read_text(encoding="utf-8")) - except (OSError, json.JSONDecodeError): - return False - - try: - return event["pull_request"]["head"]["repo"]["fork"] is False - except (KeyError, TypeError): - return False - - -def uses_openai_host(env: Mapping[str, str]) -> bool: - return bool(env.get("BUILDBUDDY_API_KEY")) and is_trusted_upstream_run(env) - - -def uses_remote_execution(args: Sequence[str]) -> bool: - try: - separator_idx = args.index("--") - except ValueError: - separator_idx = len(args) - return any(arg in REMOTE_EXECUTION_CONFIGS for arg in args[:separator_idx]) - - -def remote_config(args: Sequence[str], env: Mapping[str, str]) -> str | None: - if not env.get("BUILDBUDDY_API_KEY"): - return None - - config = OPENAI_REMOTE_CONFIG if uses_openai_host(env) else GENERIC_REMOTE_CONFIG - if uses_remote_execution(args): - config += "-rbe" - return config - - -def bazel_args_without_remote_execution(args: Sequence[str]) -> list[str]: - # Remote CI configs require BuildBuddy credentials. Removing them preserves - # the local fallback used for fork pull requests. - try: - separator_idx = args.index("--") - except ValueError: - separator_idx = len(args) - return [ - *(arg for arg in args[:separator_idx] if arg not in REMOTE_EXECUTION_CONFIGS), - *args[separator_idx:], - ] - - -def bazel_args_with_remote_config( - args: Sequence[str], env: Mapping[str, str] -) -> list[str]: - config = remote_config(args, env) - if config is None: - return bazel_args_without_remote_execution(args) - - # `remote_config()` returns a configuration only when this key is present. - api_key = env["BUILDBUDDY_API_KEY"] - remote_args = [ - f"--config={config}", - f"--remote_header=x-buildbuddy-api-key={api_key}", - ] - - # Insert immediately after the Bazel command. This keeps wrapper-added - # options out of positional payloads and lets later CI configs override - # shared RBE defaults such as the Windows cross-compilation exec platforms. - insertion_idx = next( - (idx + 1 for idx, arg in enumerate(args) if not arg.startswith("-")), - len(args), - ) - return [*args[:insertion_idx], *remote_args, *args[insertion_idx:]] - - -def bazel_command(*args: str, env: Mapping[str, str] | None = None) -> list[str]: - env = os.environ if env is None else env - bazel = env.get("CODEX_BAZEL_BIN", "bazel") - return [bazel, *bazel_args_with_remote_config(args, env)] - - -def main() -> None: - config = remote_config(sys.argv[1:], os.environ) - if config is None: - print( - "BuildBuddy key unavailable; using local Bazel configuration.", - file=sys.stderr, - ) - else: - host_description = ( - "OpenAI tenant" if uses_openai_host(os.environ) else "generic" - ) - print( - f"Using {host_description} BuildBuddy configuration: {config}.", - file=sys.stderr, - ) - - command = bazel_command(*sys.argv[1:]) - if os.name == "nt": - # Windows CRT exec can split arguments containing spaces and lose the - # eventual child exit status. Wait for Bazel and propagate its status. - result = subprocess.run(command, check=False) - raise SystemExit(result.returncode) - - os.execvp(command[0], command) - - -if __name__ == "__main__": - main() diff --git a/.github/scripts/rusty_v8_bazel.py b/.github/scripts/rusty_v8_bazel.py index 329d3f6c54a..2f46daf45eb 100644 --- a/.github/scripts/rusty_v8_bazel.py +++ b/.github/scripts/rusty_v8_bazel.py @@ -5,6 +5,7 @@ import argparse import gzip import hashlib +import os import re import shutil import subprocess @@ -12,7 +13,6 @@ import tomllib from pathlib import Path -from run_bazel_with_buildbuddy import bazel_command from rusty_v8_module_bazel import ( RustyV8ChecksumError, check_module_bazel, @@ -29,22 +29,33 @@ ARTIFACT_BAZEL_CONFIGS = ["rusty-v8-upstream-libcxx"] +def bazel_remote_args() -> list[str]: + buildbuddy_api_key = os.environ.get("BUILDBUDDY_API_KEY") + if not buildbuddy_api_key: + return [] + return [f"--remote_header=x-buildbuddy-api-key={buildbuddy_api_key}"] + + def bazel_execroot() -> Path: - output = subprocess.check_output( - bazel_command("info", "execution_root"), + result = subprocess.run( + ["bazel", "info", "execution_root"], cwd=ROOT, + check=True, + capture_output=True, text=True, ) - return Path(output.strip()) + return Path(result.stdout.strip()) def bazel_output_base() -> Path: - output = subprocess.check_output( - bazel_command("info", "output_base"), + result = subprocess.run( + ["bazel", "info", "output_base"], cwd=ROOT, + check=True, + capture_output=True, text=True, ) - return Path(output.strip()) + return Path(result.stdout.strip()) def bazel_output_path(path: str) -> Path: @@ -61,22 +72,24 @@ def bazel_output_files( ) -> list[Path]: expression = "set(" + " ".join(labels) + ")" bazel_configs = bazel_configs or [] - output = subprocess.check_output( - bazel_command( + result = subprocess.run( + [ + "bazel", "cquery", "-c", compilation_mode, f"--platforms=@llvm//platforms:{platform}", *[f"--config={config}" for config in bazel_configs], + *bazel_remote_args(), "--output=files", expression, - ), + ], cwd=ROOT, + check=True, + capture_output=True, text=True, ) - return [ - bazel_output_path(line.strip()) for line in output.splitlines() if line.strip() - ] + return [bazel_output_path(line.strip()) for line in result.stdout.splitlines() if line.strip()] def bazel_build( @@ -89,15 +102,17 @@ def bazel_build( bazel_configs = bazel_configs or [] download_args = ["--remote_download_toplevel"] if download_toplevel else [] subprocess.run( - bazel_command( + [ + "bazel", "build", "-c", compilation_mode, f"--platforms=@llvm//platforms:{platform}", *[f"--config={config}" for config in bazel_configs], + *bazel_remote_args(), *download_args, *labels, - ), + ], cwd=ROOT, check=True, ) @@ -157,7 +172,7 @@ def resolved_v8_crate_version() -> str: matches = sorted( set( re.findall( - r"https://static\.crates\.io/crates/v8/v8-([0-9]+\.[0-9]+\.[0-9]+)\.crate", + r'https://static\.crates\.io/crates/v8/v8-([0-9]+\.[0-9]+\.[0-9]+)\.crate', module_bazel, ) ) @@ -219,17 +234,13 @@ def stage_artifacts( output_dir: Path, sandbox: bool, ) -> None: - missing_paths = [ - str(path) for path in [lib_path, binding_path] if not path.exists() - ] + missing_paths = [str(path) for path in [lib_path, binding_path] if not path.exists()] if missing_paths: raise SystemExit(f"missing release outputs for {target}: {missing_paths}") output_dir.mkdir(parents=True, exist_ok=True) artifact_profile = SANDBOX_ARTIFACT_PROFILE if sandbox else RELEASE_ARTIFACT_PROFILE - staged_library = output_dir / staged_archive_name( - target, lib_path, artifact_profile - ) + staged_library = output_dir / staged_archive_name(target, lib_path, artifact_profile) staged_binding = output_dir / staged_binding_name(target, artifact_profile) with lib_path.open("rb") as src, staged_library.open("wb") as dst: @@ -259,9 +270,7 @@ def stage_artifacts( def upstream_release_pair_paths(source_root: Path, target: str) -> tuple[Path, Path]: - lib_name = ( - "rusty_v8.lib" if target.endswith("-pc-windows-msvc") else "librusty_v8.a" - ) + lib_name = "rusty_v8.lib" if target.endswith("-pc-windows-msvc") else "librusty_v8.a" gn_out = source_root / "target" / target / "release" / "gn_out" return gn_out / "obj" / lib_name, gn_out / "src_binding.rs" @@ -329,9 +338,7 @@ def parse_args() -> argparse.Namespace: stage_upstream_release_pair_parser = subparsers.add_parser( "stage-upstream-release-pair" ) - stage_upstream_release_pair_parser.add_argument( - "--source-root", type=Path, required=True - ) + stage_upstream_release_pair_parser.add_argument("--source-root", type=Path, required=True) stage_upstream_release_pair_parser.add_argument("--target", required=True) stage_upstream_release_pair_parser.add_argument("--output-dir", required=True) stage_upstream_release_pair_parser.add_argument("--sandbox", action="store_true") diff --git a/.github/scripts/test_run_bazel_with_buildbuddy.py b/.github/scripts/test_run_bazel_with_buildbuddy.py deleted file mode 100644 index 0f594b7947e..00000000000 --- a/.github/scripts/test_run_bazel_with_buildbuddy.py +++ /dev/null @@ -1,214 +0,0 @@ -#!/usr/bin/env python3 - -import json -import os -import subprocess -import sys -import unittest -from pathlib import Path -from tempfile import TemporaryDirectory - -import run_bazel_with_buildbuddy - - -class RunBazelWithBuildBuddyTest(unittest.TestCase): - def github_env( - self, - temp_dir: str, - *, - repository: str = "openai/codex", - fork: bool = False, - event_name: str = "pull_request", - ) -> dict[str, str]: - event_path = Path(temp_dir) / "event.json" - event_path.write_text( - json.dumps({"pull_request": {"head": {"repo": {"fork": fork}}}}), - encoding="utf-8", - ) - return { - "BUILDBUDDY_API_KEY": "token", - "GITHUB_ACTIONS": "true", - "GITHUB_EVENT_NAME": event_name, - "GITHUB_EVENT_PATH": str(event_path), - "GITHUB_REPOSITORY": repository, - } - - def test_keyless_invocation_drops_remote_ci_configuration(self) -> None: - self.assertIsNone( - run_bazel_with_buildbuddy.remote_config( - ["build", "--config=ci-linux", "//codex-rs/cli:codex"], - {}, - ) - ) - self.assertEqual( - run_bazel_with_buildbuddy.bazel_args_with_remote_config( - ["build", "--config=ci-linux", "--", "//codex-rs/cli:codex"], - {}, - ), - ["build", "--", "//codex-rs/cli:codex"], - ) - - def test_program_arguments_after_separator_do_not_select_or_lose_rbe(self) -> None: - args = ["run", "//codex-rs/cli:codex", "--", "--config=remote"] - - self.assertEqual( - run_bazel_with_buildbuddy.bazel_args_with_remote_config(args, {}), - args, - ) - self.assertEqual( - run_bazel_with_buildbuddy.remote_config( - args, {"BUILDBUDDY_API_KEY": "fork-token"} - ), - "buildbuddy-generic", - ) - - def test_upstream_push_selects_openai_rbe_before_target_separator(self) -> None: - with TemporaryDirectory() as temp_dir: - env = self.github_env(temp_dir, event_name="push") - - self.assertEqual( - run_bazel_with_buildbuddy.bazel_args_with_remote_config( - ["build", "--config=ci-linux", "--", "//codex-rs/cli:codex"], - env, - ), - [ - "build", - "--config=buildbuddy-openai-rbe", - "--remote_header=x-buildbuddy-api-key=token", - "--config=ci-linux", - "--", - "//codex-rs/cli:codex", - ], - ) - - def test_windows_cross_ci_configuration_follows_remote_configuration(self) -> None: - env = {"BUILDBUDDY_API_KEY": "fork-token"} - - self.assertEqual( - run_bazel_with_buildbuddy.bazel_args_with_remote_config( - ["build", "--config=ci-windows-cross", "//codex-rs/cli:codex"], - env, - ), - [ - "build", - "--config=buildbuddy-generic-rbe", - "--remote_header=x-buildbuddy-api-key=fork-token", - "--config=ci-windows-cross", - "//codex-rs/cli:codex", - ], - ) - - def test_query_remote_configuration_is_inserted_before_expression(self) -> None: - expression = 'kind("rust_library rule", //codex-rs/...)' - env = {"BUILDBUDDY_API_KEY": "fork-token"} - - for command in ("query", "cquery", "aquery"): - with self.subTest(command=command): - self.assertEqual( - run_bazel_with_buildbuddy.bazel_args_with_remote_config( - [ - command, - "--config=ci-windows-cross", - "--output=label", - expression, - ], - env, - ), - [ - command, - "--config=buildbuddy-generic-rbe", - "--remote_header=x-buildbuddy-api-key=fork-token", - "--config=ci-windows-cross", - "--output=label", - expression, - ], - ) - - def test_same_repository_pull_request_selects_openai_host(self) -> None: - with TemporaryDirectory() as temp_dir: - self.assertEqual( - run_bazel_with_buildbuddy.remote_config( - ["build", "--config=ci-v8"], self.github_env(temp_dir) - ), - "buildbuddy-openai-rbe", - ) - - def test_fork_pull_request_cannot_select_openai_host(self) -> None: - with TemporaryDirectory() as temp_dir: - env = self.github_env(temp_dir, fork=True) - - self.assertEqual( - run_bazel_with_buildbuddy.remote_config( - ["build", "--config=ci-v8"], env - ), - "buildbuddy-generic-rbe", - ) - - def test_run_in_fork_repository_cannot_select_openai_host(self) -> None: - with TemporaryDirectory() as temp_dir: - env = self.github_env(temp_dir, repository="contributor/codex") - - self.assertEqual( - run_bazel_with_buildbuddy.remote_config( - ["build", "--config=ci-v8"], env - ), - "buildbuddy-generic-rbe", - ) - - def test_pull_request_without_readable_event_payload_fails_closed(self) -> None: - for event_path in (None, "missing-event.json"): - env = { - "BUILDBUDDY_API_KEY": "token", - "GITHUB_ACTIONS": "true", - "GITHUB_EVENT_NAME": "pull_request", - "GITHUB_REPOSITORY": "openai/codex", - } - if event_path is not None: - env["GITHUB_EVENT_PATH"] = event_path - - with self.subTest(event_path=event_path): - self.assertEqual( - run_bazel_with_buildbuddy.remote_config(["build"], env), - "buildbuddy-generic", - ) - - def test_bazel_command_uses_configured_binary_locally(self) -> None: - self.assertEqual( - run_bazel_with_buildbuddy.bazel_command( - "info", - "execution_root", - env={"CODEX_BAZEL_BIN": "fake-bazel"}, - ), - ["fake-bazel", "info", "execution_root"], - ) - - def test_main_preserves_spaced_argument_and_child_exit_status(self) -> None: - spaced_arg = ( - r"--test_env=PATH=C:\Program Files\PowerShell\7;C:\Program Files\Git\bin" - ) - child_code = ( - f"import sys; sys.exit(37 if sys.argv[1] == {spaced_arg!r} else 91)" - ) - env = os.environ.copy() - env["CODEX_BAZEL_BIN"] = sys.executable - env.pop("BUILDBUDDY_API_KEY", None) - - result = subprocess.run( - [ - sys.executable, - str(Path(run_bazel_with_buildbuddy.__file__)), - "-c", - child_code, - spaced_arg, - ], - env=env, - check=False, - capture_output=True, - text=True, - ) - - self.assertEqual(result.returncode, 37, result.stderr) - - -if __name__ == "__main__": - unittest.main() diff --git a/.github/scripts/test_rusty_v8_bazel.py b/.github/scripts/test_rusty_v8_bazel.py index 0b5c03f4366..19690dbece4 100644 --- a/.github/scripts/test_rusty_v8_bazel.py +++ b/.github/scripts/test_rusty_v8_bazel.py @@ -88,49 +88,24 @@ def test_artifact_bazel_configs_always_enable_upstream_libcxx(self) -> None: ), ) - def test_bazel_commands_use_shared_buildbuddy_remote_config_library(self) -> None: - with patch.dict(environ, {}, clear=True): - self.assertEqual( - [ - "bazel", - "build", - "//third_party/v8:release", - ], - rusty_v8_bazel.bazel_command( - "build", - "--config=ci-v8", - "//third_party/v8:release", - ), - ) - with patch.dict(environ, {"BUILDBUDDY_API_KEY": "token"}, clear=True): + def test_bazel_remote_args_include_buildbuddy_header_when_present(self) -> None: + with patch.dict(environ, {"BUILDBUDDY_API_KEY": "token"}, clear=False): self.assertEqual( - [ - "bazel", - "build", - "--config=buildbuddy-generic-rbe", - "--remote_header=x-buildbuddy-api-key=token", - "--config=ci-v8", - "//third_party/v8:release", - ], - rusty_v8_bazel.bazel_command( - "build", - "--config=ci-v8", - "//third_party/v8:release", - ), + ["--remote_header=x-buildbuddy-api-key=token"], + rusty_v8_bazel.bazel_remote_args(), ) - def test_release_pair_labels_and_staged_names_distinguish_sandbox_artifacts( - self, - ) -> None: + with patch.dict(environ, {}, clear=True): + self.assertEqual([], rusty_v8_bazel.bazel_remote_args()) + + def test_release_pair_labels_and_staged_names_distinguish_sandbox_artifacts(self) -> None: self.assertEqual( "//third_party/v8:rusty_v8_release_pair_x86_64_unknown_linux_musl", rusty_v8_bazel.release_pair_label("x86_64-unknown-linux-musl"), ) self.assertEqual( "//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_unknown_linux_musl", - rusty_v8_bazel.release_pair_label( - "x86_64-unknown-linux-musl", sandbox=True - ), + rusty_v8_bazel.release_pair_label("x86_64-unknown-linux-musl", sandbox=True), ) self.assertEqual( "//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_apple_darwin", @@ -230,7 +205,11 @@ def test_stage_upstream_release_pair(self) -> None: with TemporaryDirectory() as source_dir, TemporaryDirectory() as output_dir: source_root = Path(source_dir) gn_out = ( - source_root / "target" / "x86_64-pc-windows-msvc" / "release" / "gn_out" + source_root + / "target" + / "x86_64-pc-windows-msvc" + / "release" + / "gn_out" ) (gn_out / "obj").mkdir(parents=True) (gn_out / "obj" / "rusty_v8.lib").write_bytes(b"archive") diff --git a/.github/workflows/bazel.yml b/.github/workflows/bazel.yml index c6dfd60231d..11c0988ceb3 100644 --- a/.github/workflows/bazel.yml +++ b/.github/workflows/bazel.yml @@ -15,7 +15,6 @@ concurrency: # See https://docs.github.com/en/actions/using-jobs/using-concurrency and https://docs.github.com/en/actions/learn-github-actions/contexts for more info. group: concurrency-group::${{ github.workflow }}::${{ github.event.pull_request.number > 0 && format('pr-{0}', github.event.pull_request.number) || github.ref_name }}${{ github.ref_name == 'main' && format('::{0}', github.run_id) || ''}} cancel-in-progress: ${{ github.ref_name != 'main' }} - jobs: test: # PRs use the sharded Windows cross-compiled test jobs below. Post-merge @@ -56,17 +55,12 @@ jobs: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} persist-credentials: false - - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49 - if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu' - with: - tool: just - - name: Check rusty_v8 MODULE.bazel checksums if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu' shell: bash run: | python3 .github/scripts/rusty_v8_bazel.py check-module-bazel - just test-github-scripts + python3 -m unittest discover -s .github/scripts -p test_rusty_v8_bazel.py - name: Prepare Bazel CI id: prepare_bazel @@ -147,9 +141,7 @@ jobs: - 2 - 3 - 4 - runs-on: - group: codex-runners - labels: codex-windows-x64 + runs-on: windows-latest name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm shard ${{ matrix.shard }}/4 steps: @@ -158,11 +150,6 @@ jobs: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} persist-credentials: false - - name: Test BuildBuddy Bazel wrapper - if: matrix.shard == 1 - shell: pwsh - run: python .github/scripts/test_run_bazel_with_buildbuddy.py - - name: Prepare Bazel CI id: prepare_bazel uses: ./.github/actions/prepare-bazel-ci @@ -259,9 +246,7 @@ jobs: # it a larger timeout. if: github.event_name == 'push' && github.ref == 'refs/heads/main' timeout-minutes: 40 - runs-on: - group: codex-runners - labels: codex-windows-x64 + runs-on: windows-latest name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm (native main) steps: @@ -347,10 +332,7 @@ jobs: target: aarch64-apple-darwin - os: windows-latest target: x86_64-pc-windows-gnullvm - runs_on: - group: codex-runners - labels: codex-windows-x64 - runs-on: ${{ matrix.runs_on || matrix.os }} + runs-on: ${{ matrix.os }} name: Bazel clippy on ${{ matrix.os }} for ${{ matrix.target }} steps: @@ -440,10 +422,7 @@ jobs: target: aarch64-apple-darwin - os: windows-latest target: x86_64-pc-windows-gnullvm - runs_on: - group: codex-runners - labels: codex-windows-x64 - runs-on: ${{ matrix.runs_on || matrix.os }} + runs-on: ${{ matrix.os }} name: Verify release build on ${{ matrix.os }} for ${{ matrix.target }} steps: diff --git a/.github/workflows/cargo-deny.yml b/.github/workflows/cargo-deny.yml index bbadb57f943..f20d09e112e 100644 --- a/.github/workflows/cargo-deny.yml +++ b/.github/workflows/cargo-deny.yml @@ -6,11 +6,6 @@ on: branches: - main -# Cargo's libgit2 transport has been flaky when fetching git dependencies with -# nested submodules. Prefer the system git CLI across every Cargo invocation. -env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - jobs: cargo-deny: runs-on: ubuntu-latest @@ -25,10 +20,10 @@ jobs: persist-credentials: false - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 - name: Run cargo-deny uses: EmbarkStudios/cargo-deny-action@82eb9f621fbc699dd0918f3ea06864c14cc84246 # v2 with: - rust-version: 1.95.0 + rust-version: 1.93.0 manifest-path: ./codex-rs/Cargo.toml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 63c6ffe5206..a1c60acc26d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,9 +26,6 @@ jobs: - name: Verify Bazel clippy flags match Cargo workspace lints run: python3 .github/scripts/verify_bazel_clippy_lints.py - - name: Test Codex package builder - run: python3 -m unittest discover -s scripts/codex_package -p 'test_*.py' - - name: Setup pnpm uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5 with: @@ -42,6 +39,9 @@ jobs: - name: Install dependencies run: pnpm install --frozen-lockfile + # stage_npm_packages.py requires DotSlash when staging releases. + - uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2 + - name: Stage npm package id: stage_npm_package env: @@ -52,13 +52,15 @@ jobs: # cross-platform native payload required by the npm package layout. # Passing the workflow URL directly avoids relying on old rust-v* # branches remaining discoverable via `gh run list --branch ...`. - CODEX_VERSION=0.133.0-alpha.4 - WORKFLOW_URL="https://github.com/openai/codex/actions/runs/26201494185" + CODEX_VERSION=0.125.0 + WORKFLOW_URL="https://github.com/openai/codex/actions/runs/24901475298" OUTPUT_DIR="${RUNNER_TEMP}" + # This reused workflow predates the standalone bwrap artifact. python3 ./scripts/stage_npm_packages.py \ --release-version "$CODEX_VERSION" \ --workflow-url "$WORKFLOW_URL" \ --package codex \ + --allow-missing-native-component bwrap \ --output-dir "$OUTPUT_DIR" PACK_OUTPUT="${OUTPUT_DIR}/codex-npm-${CODEX_VERSION}.tgz" echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT" @@ -74,15 +76,5 @@ jobs: - name: Check root README ToC run: python3 scripts/readme_toc.py README.md - - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49 - with: - tool: just@1.51.0 - - name: Install uv - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 - with: - version: "0.11.3" - - name: Check formatting (run `just fmt` to fix) - run: just fmt-check - - name: Prettier (run `pnpm run format:fix` to fix) run: pnpm run format diff --git a/.github/workflows/issue-deduplicator.yml b/.github/workflows/issue-deduplicator.yml index fea6348c46a..f15c1901025 100644 --- a/.github/workflows/issue-deduplicator.yml +++ b/.github/workflows/issue-deduplicator.yml @@ -12,7 +12,6 @@ jobs: # Prevent runs on forks (requires OpenAI API key, wastes Actions minutes) if: github.repository == 'openai/codex' && (github.event.action == 'opened' || (github.event.action == 'labeled' && github.event.label.name == 'codex-deduplicate')) runs-on: ubuntu-latest - environment: issue-triage permissions: contents: read outputs: @@ -158,7 +157,6 @@ jobs: needs: normalize-duplicates-all if: ${{ needs.normalize-duplicates-all.result == 'success' && needs.normalize-duplicates-all.outputs.has_matches != 'true' }} runs-on: ubuntu-latest - environment: issue-triage permissions: contents: read outputs: diff --git a/.github/workflows/issue-labeler.yml b/.github/workflows/issue-labeler.yml index 2c4eb6aa683..77fe5d07c88 100644 --- a/.github/workflows/issue-labeler.yml +++ b/.github/workflows/issue-labeler.yml @@ -12,7 +12,6 @@ jobs: # Prevent runs on forks (requires OpenAI API key, wastes Actions minutes) if: github.repository == 'openai/codex' && (github.event.action == 'opened' || (github.event.action == 'labeled' && github.event.label.name == 'codex-label')) runs-on: ubuntu-latest - environment: issue-triage permissions: contents: read outputs: diff --git a/.github/workflows/python-runtime-build.yml b/.github/workflows/python-runtime-build.yml deleted file mode 100644 index 1b91ab56927..00000000000 --- a/.github/workflows/python-runtime-build.yml +++ /dev/null @@ -1,121 +0,0 @@ -name: python-runtime-build - -on: - workflow_call: - inputs: - runtime_version: - description: "Runtime version to build, for example 0.136.0 or 0.136.0a2." - required: true - type: string - -jobs: - build-python-runtime: - if: github.repository == 'openai/codex' - name: build-python-runtime - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Validate and resolve Python runtime release - id: python_runtime - shell: bash - env: - REQUESTED_RUNTIME_VERSION: ${{ inputs.runtime_version }} - run: | - set -euo pipefail - python3 - <<'PY' - import os - import re - from pathlib import Path - - python_version = os.environ["REQUESTED_RUNTIME_VERSION"] - if match := re.fullmatch(r"([0-9]+\.[0-9]+\.[0-9]+)a([0-9]+)", python_version): - release_version = f"{match.group(1)}-alpha.{match.group(2)}" - elif re.fullmatch(r"[0-9]+\.[0-9]+\.[0-9]+", python_version): - release_version = python_version - else: - raise SystemExit( - "Python runtime version must be stable or a numbered alpha, " - f"for example 0.136.0 or 0.136.0a2; found {python_version}" - ) - - with Path(os.environ["GITHUB_OUTPUT"]).open("a") as output: - print(f"python_version={python_version}", file=output) - print(f"release_tag=rust-v{release_version}", file=output) - PY - - - name: Download Python runtime release artifacts - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PYTHON_RUNTIME_VERSION: ${{ steps.python_runtime.outputs.python_version }} - RELEASE_TAG: ${{ steps.python_runtime.outputs.release_tag }} - run: | - set -euo pipefail - mkdir -p dist/python-runtime dist/python-runtime-packages - gh release download "$RELEASE_TAG" \ - --repo "${GITHUB_REPOSITORY}" \ - --pattern "openai_codex_cli_bin-${PYTHON_RUNTIME_VERSION}-*.whl" \ - --dir dist/python-runtime - gh release download "$RELEASE_TAG" \ - --repo "${GITHUB_REPOSITORY}" \ - --pattern "codex-package-*-unknown-linux-musl.tar.gz" \ - --dir dist/python-runtime-packages - - shopt -s nullglob - wheels=(dist/python-runtime/*.whl) - if [[ "${#wheels[@]}" -ne 6 ]]; then - echo "Expected 6 Python runtime wheels for ${PYTHON_RUNTIME_VERSION}, found ${#wheels[@]}." - exit 1 - fi - packages=(dist/python-runtime-packages/*.tar.gz) - if [[ "${#packages[@]}" -ne 2 ]]; then - echo "Expected 2 Linux package archives for ${PYTHON_RUNTIME_VERSION}, found ${#packages[@]}." - exit 1 - fi - - - name: Build musllinux Python runtime wheels - env: - RELEASE_TAG: ${{ steps.python_runtime.outputs.release_tag }} - run: | - set -euo pipefail - - python3 -m venv "${RUNNER_TEMP}/python-runtime-build-venv" - "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m pip install build - - while read -r target platform_tag; do - stage_dir="${RUNNER_TEMP}/openai-codex-cli-bin-${target}-${platform_tag}" - python3 sdk/python/scripts/update_sdk_artifacts.py \ - stage-runtime \ - "$stage_dir" \ - "dist/python-runtime-packages/codex-package-${target}.tar.gz" \ - --codex-version "$RELEASE_TAG" \ - --platform-tag "$platform_tag" - "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m build \ - --wheel \ - --outdir dist/python-runtime \ - "$stage_dir" - done <<'EOF' - aarch64-unknown-linux-musl musllinux_1_1_aarch64 - x86_64-unknown-linux-musl musllinux_1_1_x86_64 - EOF - - shopt -s nullglob - wheels=(dist/python-runtime/*.whl) - if [[ "${#wheels[@]}" -ne 8 ]]; then - echo "Expected 8 Python runtime wheels, found ${#wheels[@]}." - exit 1 - fi - ls -lh dist/python-runtime - - - name: Upload Python runtime wheels - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: python-runtime-wheels - path: dist/python-runtime/* - if-no-files-found: error diff --git a/.github/workflows/python-runtime-release.yml b/.github/workflows/python-runtime-release.yml deleted file mode 100644 index 4068786f319..00000000000 --- a/.github/workflows/python-runtime-release.yml +++ /dev/null @@ -1,100 +0,0 @@ -name: python-runtime-release - -on: - workflow_dispatch: - inputs: - runtime_version: - description: "Runtime version to publish before updating the SDK pin, for example 0.136.0 or 0.136.0a2." - required: true - type: string - -concurrency: - group: python-runtime-release-${{ inputs.runtime_version }} - cancel-in-progress: false - -jobs: - prepare-python-runtime: - name: prepare-python-runtime - permissions: - contents: read - uses: ./.github/workflows/python-runtime-build.yml - with: - runtime_version: ${{ inputs.runtime_version }} - - # PyPI must trust this top-level workflow for manual runtime publication. - publish-python-runtime: - if: github.repository == 'openai/codex' - name: publish-python-runtime - needs: prepare-python-runtime - runs-on: ubuntu-latest - environment: pypi - permissions: - contents: read - id-token: write # Required for PyPI trusted publishing. - - steps: - - name: Download Python runtime wheels - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: python-runtime-wheels - path: dist/python-runtime - - - name: Publish Python runtime wheels to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 - with: - packages-dir: dist/python-runtime - skip-existing: true - - - name: Verify Python runtime wheels are available on PyPI - env: - PYTHON_RUNTIME_VERSION: ${{ inputs.runtime_version }} - run: | - set -euo pipefail - for attempt in {1..30}; do - if python3 - <<'PY' - import json - import os - import urllib.error - import urllib.request - - version = os.environ["PYTHON_RUNTIME_VERSION"] - tags = { - "macosx_10_9_x86_64", - "macosx_11_0_arm64", - "manylinux_2_17_aarch64", - "manylinux_2_17_x86_64", - "musllinux_1_1_aarch64", - "musllinux_1_1_x86_64", - "win_amd64", - "win_arm64", - } - expected = { - f"openai_codex_cli_bin-{version}-py3-none-{tag}.whl" - for tag in tags - } - - try: - with urllib.request.urlopen( - f"https://pypi.org/pypi/openai-codex-cli-bin/{version}/json", - timeout=30, - ) as response: - payload = json.load(response) - except urllib.error.URLError as error: - print(f"Could not read runtime {version} from PyPI: {error}.") - raise SystemExit(1) from error - - actual = {file["filename"] for file in payload["urls"]} - if actual != expected: - print(f"Missing runtime wheels: {sorted(expected - actual)}") - print(f"Unexpected runtime files: {sorted(actual - expected)}") - raise SystemExit(1) - PY - then - exit 0 - fi - echo "Runtime wheels are not available on PyPI yet; retrying (${attempt}/30)." - sleep 10 - done - - echo "Runtime wheels did not become available on PyPI." - exit 1 diff --git a/.github/workflows/python-sdk-release.yml b/.github/workflows/python-sdk-release.yml deleted file mode 100644 index 3ca930daa97..00000000000 --- a/.github/workflows/python-sdk-release.yml +++ /dev/null @@ -1,232 +0,0 @@ -name: python-sdk-release - -on: - push: - tags: - - "python-v*" - -concurrency: - group: ${{ github.workflow }} - cancel-in-progress: false - -jobs: - resolve-python-release: - if: github.repository == 'openai/codex' - name: resolve-python-release - runs-on: ubuntu-latest - permissions: - contents: read - outputs: - runtime_version: ${{ steps.python_release.outputs.runtime_version }} - sdk_version: ${{ steps.python_release.outputs.sdk_version }} - - steps: - - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Validate SDK tag and resolve pinned runtime - id: python_release - shell: bash - run: | - set -euo pipefail - python3 - <<'PY' - import os - import re - import tomllib - from pathlib import Path - - sdk_version = os.environ["GITHUB_REF_NAME"].removeprefix("python-v") - if not re.fullmatch(r"[0-9]+\.[0-9]+\.[0-9]+b[0-9]+", sdk_version): - raise SystemExit( - "Python SDK release tags must identify a beta release, " - "for example python-v0.1.0b1." - ) - - pyproject = tomllib.loads(Path("sdk/python/pyproject.toml").read_text()) - prefix = "openai-codex-cli-bin==" - runtime_versions = [ - dependency.removeprefix(prefix) - for dependency in pyproject["project"]["dependencies"] - if dependency.startswith(prefix) - ] - if len(runtime_versions) != 1: - raise SystemExit( - f"Expected exactly one pinned {prefix} dependency, found {runtime_versions}" - ) - - with Path(os.environ["GITHUB_OUTPUT"]).open("a") as output: - print(f"runtime_version={runtime_versions[0]}", file=output) - print(f"sdk_version={sdk_version}", file=output) - PY - - prepare-python-runtime: - name: prepare-python-runtime - needs: resolve-python-release - permissions: - contents: read - uses: ./.github/workflows/python-runtime-build.yml - with: - runtime_version: ${{ needs.resolve-python-release.outputs.runtime_version }} - - # Always publish the exact pinned runtime from this top-level workflow before - # building the SDK package. PyPI does not support reusable workflows as - # Trusted Publishers. - publish-python-runtime: - if: github.repository == 'openai/codex' - name: publish-python-runtime - needs: - - prepare-python-runtime - - resolve-python-release - runs-on: ubuntu-latest - environment: pypi - permissions: - contents: read - id-token: write # Required for PyPI trusted publishing. - - steps: - - name: Download Python runtime wheels - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: python-runtime-wheels - path: dist/python-runtime - - - name: Publish Python runtime wheels to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 - with: - packages-dir: dist/python-runtime - skip-existing: true - - - name: Verify Python runtime wheels are available on PyPI - env: - PYTHON_RUNTIME_VERSION: ${{ needs.resolve-python-release.outputs.runtime_version }} - run: | - set -euo pipefail - for attempt in {1..30}; do - if python3 - <<'PY' - import json - import os - import urllib.error - import urllib.request - - version = os.environ["PYTHON_RUNTIME_VERSION"] - tags = { - "macosx_10_9_x86_64", - "macosx_11_0_arm64", - "manylinux_2_17_aarch64", - "manylinux_2_17_x86_64", - "musllinux_1_1_aarch64", - "musllinux_1_1_x86_64", - "win_amd64", - "win_arm64", - } - expected = { - f"openai_codex_cli_bin-{version}-py3-none-{tag}.whl" - for tag in tags - } - - try: - with urllib.request.urlopen( - f"https://pypi.org/pypi/openai-codex-cli-bin/{version}/json", - timeout=30, - ) as response: - payload = json.load(response) - except urllib.error.URLError as error: - print(f"Could not read runtime {version} from PyPI: {error}.") - raise SystemExit(1) from error - - actual = {file["filename"] for file in payload["urls"]} - if actual != expected: - print(f"Missing runtime wheels: {sorted(expected - actual)}") - print(f"Unexpected runtime files: {sorted(actual - expected)}") - raise SystemExit(1) - PY - then - exit 0 - fi - echo "Runtime wheels are not available on PyPI yet; retrying (${attempt}/30)." - sleep 10 - done - - echo "Runtime wheels did not become available on PyPI." - exit 1 - - build-python-sdk: - if: github.repository == 'openai/codex' - name: build-python-sdk - needs: - - publish-python-runtime - - resolve-python-release - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Build Python SDK package - shell: bash - env: - SDK_VERSION: ${{ needs.resolve-python-release.outputs.sdk_version }} - run: | - set -euo pipefail - - # Build in a glibc Linux image so release type generation installs - # the pinned manylinux runtime wheel. - docker run --rm \ - --user "$(id -u):$(id -g)" \ - -e HOME=/tmp/codex-python-sdk-home \ - -e UV_LINK_MODE=copy \ - -e SDK_VERSION \ - -e SDK_STAGE_DIR="${RUNNER_TEMP}/openai-codex" \ - -e SDK_DIST_DIR="${GITHUB_WORKSPACE}/dist/python-sdk" \ - -v "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}" \ - -v "${RUNNER_TEMP}:${RUNNER_TEMP}" \ - -w "${GITHUB_WORKSPACE}/sdk/python" \ - python:3.12-slim \ - sh -euxc ' - python -m venv /tmp/release-tools - /tmp/release-tools/bin/python -m pip install build twine uv==0.11.3 - /tmp/release-tools/bin/uv sync --extra dev --frozen - /tmp/release-tools/bin/uv run --extra dev --frozen python scripts/update_sdk_artifacts.py \ - stage-sdk "${SDK_STAGE_DIR}" \ - --sdk-version "${SDK_VERSION}" - /tmp/release-tools/bin/python -m build \ - --wheel \ - --sdist \ - --outdir "${SDK_DIST_DIR}" \ - "${SDK_STAGE_DIR}" - /tmp/release-tools/bin/python -m twine check --strict "${SDK_DIST_DIR}/"* - ' - - - name: Upload Python SDK package - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: python-sdk-package - path: dist/python-sdk/* - if-no-files-found: error - - publish-python-sdk: - name: publish-python-sdk - needs: build-python-sdk - runs-on: ubuntu-latest - environment: pypi - permissions: - contents: read - id-token: write # Required for PyPI trusted publishing. - - steps: - - name: Download Python SDK package - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: python-sdk-package - path: dist/python-sdk - - - name: Publish Python SDK to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 - with: - packages-dir: dist/python-sdk diff --git a/.github/workflows/rust-ci-full-nextest-platform.yml b/.github/workflows/rust-ci-full-nextest-platform.yml index 3fdf7b51eec..7dc39d33edf 100644 --- a/.github/workflows/rust-ci-full-nextest-platform.yml +++ b/.github/workflows/rust-ci-full-nextest-platform.yml @@ -94,7 +94,7 @@ jobs: - name: Install DotSlash uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2 - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: targets: ${{ inputs.target }} @@ -319,7 +319,7 @@ jobs: - name: Install DotSlash uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2 - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: targets: ${{ inputs.target }} diff --git a/.github/workflows/rust-ci-full.yml b/.github/workflows/rust-ci-full.yml index 60d508b21d7..08e0709e170 100644 --- a/.github/workflows/rust-ci-full.yml +++ b/.github/workflows/rust-ci-full.yml @@ -25,16 +25,11 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: components: rustfmt - - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49 - with: - tool: just - name: cargo fmt run: cargo fmt -- --config imports_granularity=Item --check - - name: Rust benchmark smoke test - run: just bench-smoke cargo_shear: name: cargo shear @@ -46,7 +41,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49 with: tool: cargo-shear@1.11.2 @@ -63,7 +58,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: toolchain: nightly-2025-09-18 components: llvm-tools-preview, rustc-dev, rust-src @@ -260,9 +255,13 @@ jobs: set -euo pipefail if command -v apt-get >/dev/null 2>&1; then sudo apt-get update -y - sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev + packages=(pkg-config libcap-dev) + if [[ "${{ matrix.target }}" == 'x86_64-unknown-linux-musl' || "${{ matrix.target }}" == 'aarch64-unknown-linux-musl' ]]; then + packages+=(libubsan1) + fi + sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends "${packages[@]}" fi - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: targets: ${{ matrix.target }} components: clippy @@ -344,6 +343,14 @@ jobs: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}- sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}- + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}} + name: Disable sccache wrapper (musl) + shell: bash + run: | + set -euo pipefail + echo "RUSTC_WRAPPER=" >> "$GITHUB_ENV" + echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV" + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}} name: Prepare APT cache directories (musl) shell: bash @@ -377,9 +384,61 @@ jobs: shell: bash run: bash "${GITHUB_WORKSPACE}/.github/scripts/install-musl-build-tools.sh" - - if: ${{ !contains(matrix.target, 'windows') }} - name: Configure rusty_v8 artifact overrides and verify checksums - uses: ./.github/actions/setup-rusty-v8 + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}} + name: Configure rustc UBSan wrapper (musl host) + shell: bash + run: | + set -euo pipefail + ubsan="" + if command -v ldconfig >/dev/null 2>&1; then + ubsan="$(ldconfig -p | grep -m1 'libubsan\.so\.1' | sed -E 's/.*=> (.*)$/\1/')" + fi + wrapper_root="${RUNNER_TEMP:-/tmp}" + wrapper="${wrapper_root}/rustc-ubsan-wrapper" + cat > "${wrapper}" <> "$GITHUB_ENV" + echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV" + + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}} + name: Clear sanitizer flags (musl) + shell: bash + run: | + set -euo pipefail + # Clear global Rust flags so host/proc-macro builds don't pull in UBSan. + echo "RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_ENCODED_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "RUSTDOCFLAGS=" >> "$GITHUB_ENV" + # Override any runner-level Cargo config rustflags as well. + echo "CARGO_BUILD_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV" + + sanitize_flags() { + local input="$1" + input="${input//-fsanitize=undefined/}" + input="${input//-fno-sanitize-recover=undefined/}" + input="${input//-fno-sanitize-trap=undefined/}" + echo "$input" + } + + cflags="$(sanitize_flags "${CFLAGS-}")" + cxxflags="$(sanitize_flags "${CXXFLAGS-}")" + echo "CFLAGS=${cflags}" >> "$GITHUB_ENV" + echo "CXXFLAGS=${cxxflags}" >> "$GITHUB_ENV" + + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl' }} + name: Configure musl rusty_v8 artifact overrides and verify checksums + uses: ./.github/actions/setup-rusty-v8-musl with: target: ${{ matrix.target }} diff --git a/.github/workflows/rust-ci.yml b/.github/workflows/rust-ci.yml index 9b50ae40326..75c5c336012 100644 --- a/.github/workflows/rust-ci.yml +++ b/.github/workflows/rust-ci.yml @@ -3,11 +3,6 @@ on: pull_request: {} workflow_dispatch: -# Cargo's libgit2 transport has been flaky when fetching git dependencies with -# nested submodules. Prefer the system git CLI across every Cargo invocation. -env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - jobs: # --- Detect what changed so the fast PR workflow only runs relevant jobs ---- changed: @@ -72,16 +67,11 @@ jobs: with: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: components: rustfmt - - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49 - with: - tool: just - name: cargo fmt run: cargo fmt -- --config imports_granularity=Item --check - - name: Rust benchmark smoke test - run: just bench-smoke cargo_shear: name: cargo shear @@ -96,7 +86,7 @@ jobs: with: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49 with: tool: cargo-shear@1.11.2 @@ -116,7 +106,7 @@ jobs: with: ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 - name: Install nightly argument-comment-lint toolchain shell: bash run: | diff --git a/.github/workflows/rust-release-argument-comment-lint.yml b/.github/workflows/rust-release-argument-comment-lint.yml index 7f5ad01aa52..f654bd9dd72 100644 --- a/.github/workflows/rust-release-argument-comment-lint.yml +++ b/.github/workflows/rust-release-argument-comment-lint.yml @@ -7,11 +7,6 @@ on: required: true type: boolean -# Cargo's libgit2 transport has been flaky when fetching git dependencies with -# nested submodules. Prefer the system git CLI across every Cargo invocation. -env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - jobs: skip: if: ${{ !inputs.publish }} @@ -65,7 +60,7 @@ jobs: with: persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: toolchain: nightly-2025-09-18 targets: ${{ matrix.target }} diff --git a/.github/workflows/rust-release-windows.yml b/.github/workflows/rust-release-windows.yml index 89bcd33ea1f..ac28b7855a1 100644 --- a/.github/workflows/rust-release-windows.yml +++ b/.github/workflows/rust-release-windows.yml @@ -20,11 +20,6 @@ on: AZURE_TRUSTED_SIGNING_CERTIFICATE_PROFILE_NAME: required: true -# Cargo's libgit2 transport has been flaky when fetching git dependencies with -# nested submodules. Prefer the system git CLI across every Cargo invocation. -env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - jobs: build-windows-binaries: name: Build Windows binaries - ${{ matrix.runner }} - ${{ matrix.target }} - ${{ matrix.bundle }} @@ -105,22 +100,18 @@ jobs: Write-Host "Total RAM: $ramGiB GiB" Write-Host "Disk usage:" Get-PSDrive -PSProvider FileSystem | Format-Table -AutoSize Name, @{Name='Size(GB)';Expression={[math]::Round(($_.Used + $_.Free) / 1GB, 1)}}, @{Name='Free(GB)';Expression={[math]::Round($_.Free / 1GB, 1)}} - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: targets: ${{ matrix.target }} - name: Cargo build (Windows binaries) shell: bash run: | - target="${{ matrix.target }}" - if [[ "$target" == "x86_64-pc-windows-msvc" ]]; then - export LIBSQLITE3_FLAGS=SQLITE_DISABLE_INTRINSIC - fi build_args=() for binary in ${{ matrix.binaries }}; do build_args+=(--bin "$binary") done - cargo build --target "$target" --release --timings "${build_args[@]}" + cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}" - name: Upload Cargo timings uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 @@ -229,9 +220,6 @@ jobs: "$dest/${binary}-${{ matrix.target }}.exe" done - - name: Install DotSlash - uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2 - - name: Build Codex package archives shell: bash run: | @@ -267,12 +255,16 @@ jobs: stage_dir="${RUNNER_TEMP}/openai-codex-cli-bin-${{ matrix.target }}" wheel_dir="${GITHUB_WORKSPACE}/python-runtime-dist/${{ matrix.target }}" + # Keep the helpers next to codex.exe in the runtime wheel so Windows + # sandbox/elevation lookup matches the standalone release zip. python "${GITHUB_WORKSPACE}/sdk/python/scripts/update_sdk_artifacts.py" \ stage-runtime \ "$stage_dir" \ - "dist/${{ matrix.target }}/codex-package-${{ matrix.target }}.tar.gz" \ + "${GITHUB_WORKSPACE}/codex-rs/target/${{ matrix.target }}/release/codex.exe" \ --codex-version "${GITHUB_REF_NAME}" \ - --platform-tag "$platform_tag" + --platform-tag "$platform_tag" \ + --resource-binary "${GITHUB_WORKSPACE}/codex-rs/target/${{ matrix.target }}/release/codex-command-runner.exe" \ + --resource-binary "${GITHUB_WORKSPACE}/codex-rs/target/${{ matrix.target }}/release/codex-windows-sandbox-setup.exe" "${RUNNER_TEMP}/python-runtime-build-venv/Scripts/python.exe" -m build --wheel --outdir "$wheel_dir" "$stage_dir" - name: Upload Python runtime wheel @@ -282,6 +274,9 @@ jobs: path: python-runtime-dist/${{ matrix.target }}/*.whl if-no-files-found: error + - name: Install DotSlash + uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2 + - name: Compress artifacts shell: bash run: | @@ -300,7 +295,7 @@ jobs: base="$(basename "$f")" # Skip files that are already archives (shouldn't happen, but be # safe). - if [[ "$base" == *.tar.gz || "$base" == *.tar.zst || "$base" == *.zip || "$base" == *.dmg ]]; then + if [[ "$base" == *.tar.gz || "$base" == *.zip || "$base" == *.dmg ]]; then continue fi diff --git a/.github/workflows/rust-release-zsh.yml b/.github/workflows/rust-release-zsh.yml index b55d2e714bc..492b8dc5e75 100644 --- a/.github/workflows/rust-release-zsh.yml +++ b/.github/workflows/rust-release-zsh.yml @@ -69,10 +69,6 @@ jobs: fail-fast: false matrix: include: - - runner: macos-15-large - target: x86_64-apple-darwin - variant: macos-15 - archive_name: codex-zsh-x86_64-apple-darwin.tar.gz - runner: macos-15-xlarge target: aarch64-apple-darwin variant: macos-15 diff --git a/.github/workflows/rust-release.yml b/.github/workflows/rust-release.yml index 5e3b263ed03..c55337ecfe6 100644 --- a/.github/workflows/rust-release.yml +++ b/.github/workflows/rust-release.yml @@ -5,9 +5,6 @@ # git push origin rust-v0.1.0 # ``` # -# Tag releases sign macOS binaries and DMGs through the protected `codesigning` -# GitHub environment and Azure Key Vault before final verification on macOS. -# # To use external macOS signing, manually dispatch `release_mode=build_unsigned`, # sign the unsigned macOS artifacts in a secure enclave, upload the signed handoff # archive as a GitHub Release asset, then manually dispatch @@ -59,7 +56,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 - name: Validate tag matches Cargo.toml version shell: bash env: @@ -116,18 +113,18 @@ jobs: echo "::warning title=Deprecated sign_macos input ignored::Use release_mode=build_unsigned or release_mode=promote_signed instead." fi - # All release modes must run from a tag. + # 1. Must be a tag and match the regex [[ "${GITHUB_REF_TYPE}" == "tag" ]] \ - || { echo "❌ Not a tag ref"; exit 1; } - - # Release tags must match the version in Cargo.toml. + || { echo "❌ Not a tag push"; exit 1; } [[ "${GITHUB_REF_NAME}" =~ ^rust-v[0-9]+\.[0-9]+\.[0-9]+(-(alpha|beta)(\.[0-9]+)?)?$ ]] \ || { echo "❌ Tag '${GITHUB_REF_NAME}' doesn't match expected format"; exit 1; } + # 2. Extract versions tag_ver="${GITHUB_REF_NAME#rust-v}" cargo_ver="$(grep -m1 '^version' codex-rs/Cargo.toml \ | sed -E 's/version *= *"([^"]+)".*/\1/')" + # 3. Compare [[ "${tag_ver}" == "${cargo_ver}" ]] \ || { echo "❌ Tag ${tag_ver} ≠ Cargo.toml ${cargo_ver}"; exit 1; } @@ -152,11 +149,7 @@ jobs: # 2026-03-04: temporarily change releases to use thin LTO because # Ubuntu ARM is timing out at 60 minutes. CARGO_PROFILE_RELEASE_LTO: ${{ contains(github.ref_name, '-alpha') && 'thin' || 'thin' }} - # Use the git CLI instead of Cargo's libgit2 path for git dependencies. - # macOS release runners have intermittently failed to fetch nested - # submodules through SecureTransport/libgit2, especially libwebrtc's - # libyuv submodule from chromium.googlesource.com. - CARGO_NET_GIT_FETCH_WITH_CLI: "true" + SIGN_MACOS: ${{ github.event_name != 'workflow_dispatch' }} strategy: fail-fast: false @@ -187,25 +180,25 @@ jobs: binaries: "codex-app-server" build_dmg: "false" # Release artifacts intentionally ship MUSL-linked Linux binaries. - - runner: codex-linux-x64-xl + - runner: ubuntu-24.04 target: x86_64-unknown-linux-musl bundle: primary artifact_name: x86_64-unknown-linux-musl binaries: "codex codex-responses-api-proxy bwrap" build_dmg: "false" - - runner: codex-linux-x64-xl + - runner: ubuntu-24.04 target: x86_64-unknown-linux-musl bundle: app-server artifact_name: x86_64-unknown-linux-musl-app-server binaries: "codex-app-server" build_dmg: "false" - - runner: codex-linux-arm64 + - runner: ubuntu-24.04-arm target: aarch64-unknown-linux-musl bundle: primary artifact_name: aarch64-unknown-linux-musl binaries: "codex codex-responses-api-proxy bwrap" build_dmg: "false" - - runner: codex-linux-arm64 + - runner: ubuntu-24.04-arm target: aarch64-unknown-linux-musl bundle: app-server artifact_name: aarch64-unknown-linux-musl-app-server @@ -252,7 +245,16 @@ jobs: set -euo pipefail sudo apt-get update -y sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev - - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + - name: Install UBSan runtime (musl) + if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl' }} + shell: bash + run: | + set -euo pipefail + if command -v apt-get >/dev/null 2>&1; then + sudo apt-get update -y + sudo DEBIAN_FRONTEND=noninteractive apt-get install -y libubsan1 + fi + - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: targets: ${{ matrix.target }} @@ -281,7 +283,30 @@ jobs: run: bash "${GITHUB_WORKSPACE}/.github/scripts/install-musl-build-tools.sh" - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}} - name: Disable aws-lc jitter entropy (musl) + name: Configure rustc UBSan wrapper (musl host) + shell: bash + run: | + set -euo pipefail + ubsan="" + if command -v ldconfig >/dev/null 2>&1; then + ubsan="$(ldconfig -p | grep -m1 'libubsan\.so\.1' | sed -E 's/.*=> (.*)$/\1/')" + fi + wrapper_root="${RUNNER_TEMP:-/tmp}" + wrapper="${wrapper_root}/rustc-ubsan-wrapper" + cat > "${wrapper}" <> "$GITHUB_ENV" + echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV" + + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}} + name: Clear sanitizer flags (musl) shell: bash run: | set -euo pipefail @@ -291,12 +316,37 @@ jobs: target_no_jitter="${target_no_jitter//-/_}" echo "${target_no_jitter}=1" >> "$GITHUB_ENV" - - name: Configure rusty_v8 artifact overrides and verify checksums - uses: ./.github/actions/setup-rusty-v8 + # Clear global Rust flags so host/proc-macro builds don't pull in UBSan. + echo "RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_ENCODED_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "RUSTDOCFLAGS=" >> "$GITHUB_ENV" + # Override any runner-level Cargo config rustflags as well. + echo "CARGO_BUILD_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV" + echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV" + + sanitize_flags() { + local input="$1" + input="${input//-fsanitize=undefined/}" + input="${input//-fno-sanitize-recover=undefined/}" + input="${input//-fno-sanitize-trap=undefined/}" + echo "$input" + } + + cflags="$(sanitize_flags "${CFLAGS-}")" + cxxflags="$(sanitize_flags "${CXXFLAGS-}")" + echo "CFLAGS=${cflags}" >> "$GITHUB_ENV" + echo "CXXFLAGS=${cxxflags}" >> "$GITHUB_ENV" + + - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl' }} + name: Configure musl rusty_v8 artifact overrides and verify checksums + uses: ./.github/actions/setup-rusty-v8-musl with: target: ${{ matrix.target }} - - if: ${{ contains(matrix.target, 'linux') }} + - if: ${{ contains(matrix.target, 'linux') && matrix.bundle == 'primary' }} name: Build bwrap and export digest shell: bash run: | @@ -317,16 +367,12 @@ jobs: - name: Cargo build shell: bash run: | - target="${{ matrix.target }}" - if [[ "$target" == "x86_64-pc-windows-msvc" ]]; then - export LIBSQLITE3_FLAGS=SQLITE_DISABLE_INTRINSIC - fi build_args=() for binary in ${{ matrix.binaries }}; do build_args+=(--bin "$binary") done echo "CARGO_PROFILE_RELEASE_LTO: ${CARGO_PROFILE_RELEASE_LTO}" - cargo build --target "$target" --release --timings "${build_args[@]}" + cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}" - name: Upload Cargo timings uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 @@ -335,7 +381,7 @@ jobs: path: codex-rs/target/**/cargo-timings/cargo-timing.html if-no-files-found: warn - - if: ${{ runner.os == 'macOS' }} + - if: ${{ runner.os == 'macOS' && env.SIGN_MACOS != 'true' }} name: Stage unsigned macOS artifacts shell: bash run: | @@ -360,7 +406,7 @@ jobs: zstd -T0 -19 --rm "${unsigned_path}" done - - if: ${{ runner.os == 'macOS' }} + - if: ${{ runner.os == 'macOS' && env.SIGN_MACOS != 'true' }} name: Upload unsigned macOS artifacts uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: @@ -376,8 +422,75 @@ jobs: artifacts-dir: ${{ github.workspace }}/codex-rs/target/${{ matrix.target }}/release binaries: ${{ matrix.binaries }} + - if: ${{ runner.os == 'macOS' && env.SIGN_MACOS == 'true' }} + name: MacOS code signing (binaries) + uses: ./.github/actions/macos-code-sign + with: + target: ${{ matrix.target }} + binaries: ${{ matrix.binaries }} + sign-binaries: "true" + sign-dmg: "false" + apple-certificate: ${{ secrets.APPLE_CERTIFICATE_P12 }} + apple-certificate-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} + apple-notarization-key-p8: ${{ secrets.APPLE_NOTARIZATION_KEY_P8 }} + apple-notarization-key-id: ${{ secrets.APPLE_NOTARIZATION_KEY_ID }} + apple-notarization-issuer-id: ${{ secrets.APPLE_NOTARIZATION_ISSUER_ID }} + + - if: ${{ runner.os == 'macOS' && matrix.build_dmg == 'true' && env.SIGN_MACOS == 'true' }} + name: Build macOS dmg + shell: bash + run: | + set -euo pipefail + + target="${{ matrix.target }}" + release_dir="target/${target}/release" + dmg_root="${RUNNER_TEMP}/codex-dmg-root" + volname="Codex (${target})" + dmg_path="${release_dir}/codex-${target}.dmg" + + # The previous "MacOS code signing (binaries)" step signs + notarizes the + # built artifacts in `${release_dir}`. This step packages *those same* + # signed binaries into a dmg. + rm -rf "$dmg_root" + mkdir -p "$dmg_root" + + for binary in ${{ matrix.binaries }}; do + binary_path="${release_dir}/${binary}" + if [[ ! -f "${binary_path}" ]]; then + echo "Binary ${binary_path} not found" + exit 1 + fi + ditto "${binary_path}" "${dmg_root}/${binary}" + done + + rm -f "$dmg_path" + hdiutil create \ + -volname "$volname" \ + -srcfolder "$dmg_root" \ + -format UDZO \ + -ov \ + "$dmg_path" + + if [[ ! -f "$dmg_path" ]]; then + echo "dmg $dmg_path not found after build" + exit 1 + fi + + - if: ${{ runner.os == 'macOS' && matrix.build_dmg == 'true' && env.SIGN_MACOS == 'true' }} + name: MacOS code signing (dmg) + uses: ./.github/actions/macos-code-sign + with: + target: ${{ matrix.target }} + sign-binaries: "false" + sign-dmg: "true" + apple-certificate: ${{ secrets.APPLE_CERTIFICATE_P12 }} + apple-certificate-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} + apple-notarization-key-p8: ${{ secrets.APPLE_NOTARIZATION_KEY_P8 }} + apple-notarization-key-id: ${{ secrets.APPLE_NOTARIZATION_KEY_ID }} + apple-notarization-issuer-id: ${{ secrets.APPLE_NOTARIZATION_ISSUER_ID }} + - name: Stage artifacts - if: ${{ runner.os != 'macOS' }} + if: ${{ runner.os != 'macOS' || env.SIGN_MACOS == 'true' }} shell: bash run: | dest="dist/${{ matrix.target }}" @@ -407,7 +520,7 @@ jobs: fi - name: Build Codex package archive - if: ${{ runner.os != 'macOS' }} + if: ${{ runner.os != 'macOS' || env.SIGN_MACOS == 'true' }} shell: bash env: TARGET: ${{ matrix.target }} @@ -421,7 +534,7 @@ jobs: --archive-dir "dist/${TARGET}" - name: Build Python runtime wheel - if: ${{ matrix.bundle == 'primary' && runner.os != 'macOS' }} + if: ${{ matrix.bundle == 'primary' && (runner.os != 'macOS' || env.SIGN_MACOS == 'true') }} shell: bash run: | set -euo pipefail @@ -456,15 +569,23 @@ jobs: "${GITHUB_WORKSPACE}/sdk/python/scripts/update_sdk_artifacts.py" stage-runtime "$stage_dir" - "dist/${{ matrix.target }}/codex-package-${{ matrix.target }}.tar.gz" + "${GITHUB_WORKSPACE}/codex-rs/target/${{ matrix.target }}/release/codex" --codex-version "${GITHUB_REF_NAME}" --platform-tag "$platform_tag" ) + if [[ "${{ matrix.target }}" == *linux* ]]; then + # Keep bwrap in the runtime wheel so Linux sandbox fallback behavior + # matches the standalone release bundle on hosts without system bwrap. + stage_runtime_args+=( + --resource-binary + "${GITHUB_WORKSPACE}/codex-rs/target/${{ matrix.target }}/release/bwrap" + ) + fi python3 "${stage_runtime_args[@]}" "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m build --wheel --outdir "$wheel_dir" "$stage_dir" - name: Upload Python runtime wheel - if: ${{ matrix.bundle == 'primary' && runner.os != 'macOS' }} + if: ${{ matrix.bundle == 'primary' && (runner.os != 'macOS' || env.SIGN_MACOS == 'true') }} uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: python-runtime-wheel-${{ matrix.target }} @@ -472,7 +593,7 @@ jobs: if-no-files-found: error - name: Compress artifacts - if: ${{ runner.os != 'macOS' }} + if: ${{ runner.os != 'macOS' || env.SIGN_MACOS == 'true' }} shell: bash run: | # Path that contains the uncompressed binaries for the current @@ -509,7 +630,7 @@ jobs: done - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - if: ${{ runner.os != 'macOS' }} + if: ${{ runner.os != 'macOS' || env.SIGN_MACOS == 'true' }} with: name: ${{ matrix.artifact_name }} # Upload the per-binary .zst files, .tar.gz equivalents, and any @@ -517,576 +638,6 @@ jobs: path: | codex-rs/dist/${{ matrix.target }}/* - sign-macos-binaries: - if: ${{ github.event_name != 'workflow_dispatch' }} - needs: build - name: Sign macOS binaries - ${{ matrix.target }} - ${{ matrix.bundle }} - runs-on: ubuntu-latest - timeout-minutes: 45 - environment: - name: codesigning - deployment: false - permissions: - contents: read - id-token: write - - strategy: - fail-fast: false - matrix: - include: - - target: aarch64-apple-darwin - bundle: primary - artifact_name: aarch64-apple-darwin - binaries: "codex codex-responses-api-proxy" - - target: aarch64-apple-darwin - bundle: app-server - artifact_name: aarch64-apple-darwin-app-server - binaries: "codex-app-server" - - target: x86_64-apple-darwin - bundle: primary - artifact_name: x86_64-apple-darwin - binaries: "codex codex-responses-api-proxy" - - target: x86_64-apple-darwin - bundle: app-server - artifact_name: x86_64-apple-darwin-app-server - binaries: "codex-app-server" - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Download unsigned macOS binaries - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: ${{ matrix.artifact_name }}-unsigned - path: ${{ runner.temp }}/unsigned-macos - - - name: Set up AKV PKCS11 macOS signing - uses: ./.github/actions/setup-akv-pkcs11-codesigning - with: - rcodesign-blob-uri: ${{ secrets.AKV_CODESIGN_RCODESIGN_BLOB_URI }} - rcodesign-sha256: ${{ secrets.AKV_CODESIGN_RCODESIGN_SHA256 }} - akv-pkcs11-library-blob-uri: ${{ secrets.AKV_CODESIGN_PKCS11_LIBRARY_BLOB_URI }} - akv-pkcs11-library-sha256: ${{ secrets.AKV_CODESIGN_PKCS11_LIBRARY_SHA256 }} - azure-client-id: ${{ secrets.AKV_CODESIGN_AZURE_CLIENT_ID }} - azure-tenant-id: ${{ secrets.AKV_CODESIGN_TENANT }} - azure-subscription-id: ${{ secrets.AKV_CODESIGN_SUBSCRIPTION }} - key-vault-name: ${{ secrets.AKV_CODESIGN_KEY_VAULT_NAME }} - key-name: ${{ secrets.AKV_CODESIGN_KEY_NAME }} - key-version: ${{ secrets.AKV_CODESIGN_KEY_VERSION || '' }} - certificate-sha256: ${{ secrets.AKV_CODESIGN_CERTIFICATE_SHA256 || '' }} - - - name: Sign and notarize macOS binaries - shell: bash - env: - TARGET: ${{ matrix.target }} - BINARIES: ${{ matrix.binaries }} - APPLE_NOTARIZATION_KEY_P8: ${{ secrets.APPLE_NOTARIZATION_KEY_P8 }} - APPLE_NOTARIZATION_KEY_ID: ${{ secrets.APPLE_NOTARIZATION_KEY_ID }} - APPLE_NOTARIZATION_ISSUER_ID: ${{ secrets.APPLE_NOTARIZATION_ISSUER_ID }} - run: | - set -euo pipefail - - input_dir="${RUNNER_TEMP}/unsigned-macos" - output_dir="${GITHUB_WORKSPACE}/signed-macos/${TARGET}" - report_dir="${GITHUB_WORKSPACE}/macos-binary-signing-verification/${TARGET}" - mkdir -p "$output_dir" "$report_dir" - - for binary in ${BINARIES}; do - unsigned_path="${input_dir}/${binary}-${TARGET}-unsigned.zst" - signed_path="${output_dir}/${binary}" - if [[ ! -f "$unsigned_path" ]]; then - echo "Unsigned binary $unsigned_path not found" - exit 1 - fi - - zstd -d --stdout "$unsigned_path" >"$signed_path" - chmod 0755 "$signed_path" - - .github/scripts/macos-signing/sign_macos_code.sh \ - --target "$signed_path" \ - --identity unused \ - --deep false \ - --identifier "$binary" \ - --options runtime \ - --timestamp true \ - --entitlements .github/scripts/macos-signing/codex.entitlements.plist - - mkdir -p "${report_dir}/${binary}" - rcodesign print-signature-info "$signed_path" \ - >"${report_dir}/${binary}/signature-info.yaml" - - .github/scripts/macos-signing/notarize_macos_binary_with_rcodesign.sh \ - --binary "$signed_path" \ - --report-dir "${report_dir}/${binary}" - done - - - name: Upload signed macOS binaries - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }}-signed-binaries - path: signed-macos/${{ matrix.target }}/* - if-no-files-found: error - - - name: Upload binary signing verification - if: ${{ always() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }}-binary-signing-verification - path: macos-binary-signing-verification/${{ matrix.target }}/ - if-no-files-found: warn - - package-macos: - if: ${{ github.event_name != 'workflow_dispatch' }} - needs: sign-macos-binaries - name: Package macOS artifacts - ${{ matrix.target }} - ${{ matrix.bundle }} - runs-on: macos-15-xlarge - timeout-minutes: 45 - permissions: - contents: read - defaults: - run: - working-directory: codex-rs - - strategy: - fail-fast: false - matrix: - include: - - target: aarch64-apple-darwin - bundle: primary - artifact_name: aarch64-apple-darwin - binaries: "codex codex-responses-api-proxy" - build_dmg: "true" - - target: aarch64-apple-darwin - bundle: app-server - artifact_name: aarch64-apple-darwin-app-server - binaries: "codex-app-server" - build_dmg: "false" - - target: x86_64-apple-darwin - bundle: primary - artifact_name: x86_64-apple-darwin - binaries: "codex codex-responses-api-proxy" - build_dmg: "true" - - target: x86_64-apple-darwin - bundle: app-server - artifact_name: x86_64-apple-darwin-app-server - binaries: "codex-app-server" - build_dmg: "false" - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Download signed macOS binaries - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: ${{ matrix.artifact_name }}-signed-binaries - path: codex-rs/target/${{ matrix.target }}/release - - - name: Verify signed macOS binaries - shell: bash - run: | - set -euo pipefail - for binary in ${{ matrix.binaries }}; do - binary_path="target/${{ matrix.target }}/release/${binary}" - chmod 0755 "$binary_path" - codesign --verify --strict --verbose=2 "$binary_path" - done - - - name: Build unsigned macOS DMG - if: ${{ matrix.build_dmg == 'true' }} - shell: bash - run: | - set -euo pipefail - - target="${{ matrix.target }}" - release_dir="target/${target}/release" - dmg_root="${RUNNER_TEMP}/codex-dmg-root-${target}" - volname="Codex (${target})" - dmg_path="${release_dir}/codex-${target}.dmg" - - rm -rf "$dmg_root" - mkdir -p "$dmg_root" - - for binary in ${{ matrix.binaries }}; do - binary_path="${release_dir}/${binary}" - if [[ ! -f "$binary_path" ]]; then - echo "Binary $binary_path not found" - exit 1 - fi - ditto "$binary_path" "${dmg_root}/${binary}" - done - - rm -f "$dmg_path" - hdiutil create \ - -volname "$volname" \ - -srcfolder "$dmg_root" \ - -format UDZO \ - -ov \ - "$dmg_path" - - if [[ ! -f "$dmg_path" ]]; then - echo "DMG $dmg_path not found after build" - exit 1 - fi - - - name: Upload unsigned macOS DMG - if: ${{ matrix.build_dmg == 'true' }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }}-unsigned-dmg - path: codex-rs/target/${{ matrix.target }}/release/codex-${{ matrix.target }}.dmg - if-no-files-found: error - - - name: Stage macOS artifacts - shell: bash - run: | - set -euo pipefail - dest="dist/${{ matrix.target }}" - mkdir -p "$dest" - - for binary in ${{ matrix.binaries }}; do - cp "target/${{ matrix.target }}/release/${binary}" "$dest/${binary}-${{ matrix.target }}" - done - - - name: Build Codex package archive - shell: bash - env: - TARGET: ${{ matrix.target }} - BUNDLE: ${{ matrix.bundle }} - run: | - set -euo pipefail - bash "${GITHUB_WORKSPACE}/.github/scripts/build-codex-package-archive.sh" \ - --target "$TARGET" \ - --bundle "$BUNDLE" \ - --entrypoint-dir "target/${TARGET}/release" \ - --archive-dir "dist/${TARGET}" - - - name: Build Python runtime wheel - if: ${{ matrix.bundle == 'primary' }} - shell: bash - run: | - set -euo pipefail - - case "${{ matrix.target }}" in - aarch64-apple-darwin) - platform_tag="macosx_11_0_arm64" - ;; - x86_64-apple-darwin) - platform_tag="macosx_10_9_x86_64" - ;; - *) - echo "No Python runtime wheel platform tag for ${{ matrix.target }}" - exit 1 - ;; - esac - - python3 -m venv "${RUNNER_TEMP}/python-runtime-build-venv" - "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m pip install build - - stage_dir="${RUNNER_TEMP}/openai-codex-cli-bin-${{ matrix.target }}" - wheel_dir="${GITHUB_WORKSPACE}/python-runtime-dist/${{ matrix.target }}" - python3 \ - "${GITHUB_WORKSPACE}/sdk/python/scripts/update_sdk_artifacts.py" \ - stage-runtime \ - "$stage_dir" \ - "dist/${{ matrix.target }}/codex-package-${{ matrix.target }}.tar.gz" \ - --codex-version "${GITHUB_REF_NAME}" \ - --platform-tag "$platform_tag" - "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m build --wheel --outdir "$wheel_dir" "$stage_dir" - - - name: Upload Python runtime wheel - if: ${{ matrix.bundle == 'primary' }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: python-runtime-wheel-${{ matrix.target }} - path: python-runtime-dist/${{ matrix.target }}/*.whl - if-no-files-found: error - - - name: Compress artifacts - shell: bash - run: | - set -euo pipefail - dest="dist/${{ matrix.target }}" - for f in "$dest"/*; do - base="$(basename "$f")" - if [[ "$base" == *.tar.gz || "$base" == *.tar.zst || "$base" == *.zip || "$base" == *.dmg ]]; then - continue - fi - - tar -C "$dest" -czf "$dest/${base}.tar.gz" "$base" - zstd -T0 -19 --rm "$dest/$base" - done - - - name: Upload packaged macOS artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }}-packaged - path: codex-rs/dist/${{ matrix.target }}/* - if-no-files-found: error - - sign-macos-dmg: - if: ${{ github.event_name != 'workflow_dispatch' }} - needs: package-macos - name: Sign macOS DMG - ${{ matrix.target }} - runs-on: ubuntu-latest - timeout-minutes: 45 - environment: - name: codesigning - deployment: false - permissions: - contents: read - id-token: write - - strategy: - fail-fast: false - matrix: - include: - - target: aarch64-apple-darwin - artifact_name: aarch64-apple-darwin - - target: x86_64-apple-darwin - artifact_name: x86_64-apple-darwin - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Download unsigned macOS DMG - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: ${{ matrix.artifact_name }}-unsigned-dmg - path: ${{ runner.temp }}/unsigned-dmg - - - name: Set up AKV PKCS11 macOS signing - uses: ./.github/actions/setup-akv-pkcs11-codesigning - with: - rcodesign-blob-uri: ${{ secrets.AKV_CODESIGN_RCODESIGN_BLOB_URI }} - rcodesign-sha256: ${{ secrets.AKV_CODESIGN_RCODESIGN_SHA256 }} - akv-pkcs11-library-blob-uri: ${{ secrets.AKV_CODESIGN_PKCS11_LIBRARY_BLOB_URI }} - akv-pkcs11-library-sha256: ${{ secrets.AKV_CODESIGN_PKCS11_LIBRARY_SHA256 }} - azure-client-id: ${{ secrets.AKV_CODESIGN_AZURE_CLIENT_ID }} - azure-tenant-id: ${{ secrets.AKV_CODESIGN_TENANT }} - azure-subscription-id: ${{ secrets.AKV_CODESIGN_SUBSCRIPTION }} - key-vault-name: ${{ secrets.AKV_CODESIGN_KEY_VAULT_NAME }} - key-name: ${{ secrets.AKV_CODESIGN_KEY_NAME }} - key-version: ${{ secrets.AKV_CODESIGN_KEY_VERSION || '' }} - certificate-sha256: ${{ secrets.AKV_CODESIGN_CERTIFICATE_SHA256 || '' }} - - - name: Sign, notarize, and staple macOS DMG - shell: bash - env: - TARGET: ${{ matrix.target }} - APPLE_NOTARIZATION_KEY_P8: ${{ secrets.APPLE_NOTARIZATION_KEY_P8 }} - APPLE_NOTARIZATION_KEY_ID: ${{ secrets.APPLE_NOTARIZATION_KEY_ID }} - APPLE_NOTARIZATION_ISSUER_ID: ${{ secrets.APPLE_NOTARIZATION_ISSUER_ID }} - run: | - set -euo pipefail - - dmg_path="${RUNNER_TEMP}/unsigned-dmg/codex-${TARGET}.dmg" - report_dir="${GITHUB_WORKSPACE}/macos-dmg-signing-verification/${TARGET}" - if [[ ! -f "$dmg_path" ]]; then - echo "Unsigned DMG $dmg_path not found" - exit 1 - fi - - .github/scripts/macos-signing/sign_macos_code.sh \ - --target "$dmg_path" \ - --identity unused \ - --deep false \ - --timestamp true - - mkdir -p "$report_dir" - rcodesign print-signature-info "$dmg_path" \ - >"${report_dir}/signature-info-before-notarization.yaml" - - .github/scripts/macos-signing/notarize_macos_dmg_with_rcodesign.sh \ - --dmg "$dmg_path" \ - --report-dir "$report_dir" - - rcodesign print-signature-info "$dmg_path" \ - >"${report_dir}/signature-info.yaml" - - - name: Upload signed macOS DMG - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }}-signed-dmg - path: ${{ runner.temp }}/unsigned-dmg/codex-${{ matrix.target }}.dmg - if-no-files-found: error - - - name: Upload DMG signing verification - if: ${{ always() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }}-dmg-signing-verification - path: macos-dmg-signing-verification/${{ matrix.target }}/ - if-no-files-found: warn - - finalize-macos: - if: ${{ github.event_name != 'workflow_dispatch' }} - needs: - - package-macos - - sign-macos-dmg - name: Verify macOS artifacts - ${{ matrix.target }} - ${{ matrix.bundle }} - runs-on: macos-15-xlarge - timeout-minutes: 30 - permissions: - contents: read - defaults: - run: - working-directory: codex-rs - - strategy: - fail-fast: false - matrix: - include: - - target: aarch64-apple-darwin - bundle: primary - artifact_name: aarch64-apple-darwin - binaries: "codex codex-responses-api-proxy" - verify_dmg: "true" - - target: aarch64-apple-darwin - bundle: app-server - artifact_name: aarch64-apple-darwin-app-server - binaries: "codex-app-server" - verify_dmg: "false" - - target: x86_64-apple-darwin - bundle: primary - artifact_name: x86_64-apple-darwin - binaries: "codex codex-responses-api-proxy" - verify_dmg: "true" - - target: x86_64-apple-darwin - bundle: app-server - artifact_name: x86_64-apple-darwin-app-server - binaries: "codex-app-server" - verify_dmg: "false" - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - - name: Download packaged macOS artifacts - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: ${{ matrix.artifact_name }}-packaged - path: codex-rs/dist/${{ matrix.target }} - - - name: Download signed macOS binaries - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: ${{ matrix.artifact_name }}-signed-binaries - path: ${{ runner.temp }}/signed-binaries - - - name: Download signed macOS DMG - if: ${{ matrix.verify_dmg == 'true' }} - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 - with: - name: ${{ matrix.artifact_name }}-signed-dmg - path: ${{ runner.temp }}/signed-dmg - - - name: Verify signed macOS artifacts - shell: bash - run: | - set -euo pipefail - - target="${{ matrix.target }}" - packaged_dir="dist/${target}" - expected_entitlements="${GITHUB_WORKSPACE}/.github/scripts/macos-signing/codex.entitlements.plist" - - verify_signed_binary() { - local path="$1" - local actual_entitlements normalized_actual normalized_expected - - chmod 0755 "$path" - codesign --verify --strict --verbose=2 "$path" - - actual_entitlements="$(mktemp)" - normalized_actual="$(mktemp)" - normalized_expected="$(mktemp)" - codesign -d --entitlements :- "$path" >"$actual_entitlements" - plutil -convert xml1 -o "$normalized_actual" "$actual_entitlements" - plutil -convert xml1 -o "$normalized_expected" "$expected_entitlements" - diff -u "$normalized_expected" "$normalized_actual" - rm -f "$actual_entitlements" "$normalized_actual" "$normalized_expected" - } - - for binary in ${{ matrix.binaries }}; do - binary_path="${RUNNER_TEMP}/signed-binaries/${binary}" - verify_signed_binary "$binary_path" - - direct_archive_dir="${RUNNER_TEMP}/direct-archive-${binary}-${target}" - rm -rf "$direct_archive_dir" - mkdir -p "$direct_archive_dir" - tar -xzf "${packaged_dir}/${binary}-${target}.tar.gz" -C "$direct_archive_dir" - verify_signed_binary "${direct_archive_dir}/${binary}-${target}" - - direct_zstd_path="${RUNNER_TEMP}/${binary}-${target}-from-zstd" - zstd -d --stdout "${packaged_dir}/${binary}-${target}.zst" >"$direct_zstd_path" - verify_signed_binary "$direct_zstd_path" - done - - case "${{ matrix.bundle }}" in - primary) - package_stem="codex-package" - package_entrypoint="codex" - ;; - app-server) - package_stem="codex-app-server-package" - package_entrypoint="codex-app-server" - ;; - *) - echo "Unexpected macOS bundle: ${{ matrix.bundle }}" - exit 1 - ;; - esac - - package_dir="${RUNNER_TEMP}/${package_stem}-${target}" - rm -rf "$package_dir" - mkdir -p "$package_dir" - tar -xzf "${packaged_dir}/${package_stem}-${target}.tar.gz" -C "$package_dir" - verify_signed_binary "${package_dir}/bin/${package_entrypoint}" - - if [[ "${{ matrix.verify_dmg }}" != "true" ]]; then - exit 0 - fi - - dmg_path="${RUNNER_TEMP}/signed-dmg/codex-${target}.dmg" - mount_dir="${RUNNER_TEMP}/codex-dmg-mount-${target}" - if [[ ! -f "$dmg_path" ]]; then - echo "Signed DMG $dmg_path not found" - exit 1 - fi - - hdiutil verify "$dmg_path" - codesign --verify --strict --verbose=2 "$dmg_path" - xcrun stapler validate "$dmg_path" - - rm -rf "$mount_dir" - mkdir -p "$mount_dir" - hdiutil attach "$dmg_path" -nobrowse -readonly -mountpoint "$mount_dir" - cleanup_mount() { - hdiutil detach "$mount_dir" >/dev/null - } - trap cleanup_mount EXIT - - for binary in ${{ matrix.binaries }}; do - verify_signed_binary "${mount_dir}/${binary}" - done - - cleanup_mount - trap - EXIT - cp "$dmg_path" "dist/${target}/codex-${target}.dmg" - - - name: Upload verified macOS artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 - with: - name: ${{ matrix.artifact_name }} - path: codex-rs/dist/${{ matrix.target }}/* - if-no-files-found: error - stage-signed-macos: if: ${{ github.event_name == 'workflow_dispatch' && inputs.release_mode == 'promote_signed' }} needs: tag-check @@ -1249,20 +800,6 @@ jobs: cp "$dmg_source" "$dest/$dmg_name" fi - - name: Build Codex package archive - shell: bash - env: - TARGET: ${{ matrix.target }} - BUNDLE: ${{ matrix.bundle }} - run: | - set -euo pipefail - bash "${GITHUB_WORKSPACE}/.github/scripts/build-codex-package-archive.sh" \ - --target "$TARGET" \ - --bundle "$BUNDLE" \ - --entrypoint-dir "dist/${TARGET}" \ - --archive-dir "dist/${TARGET}" \ - --target-suffixed-entrypoint - - name: Build Python runtime wheel if: ${{ matrix.bundle == 'primary' }} shell: bash @@ -1291,11 +828,25 @@ jobs: "${GITHUB_WORKSPACE}/sdk/python/scripts/update_sdk_artifacts.py" \ stage-runtime \ "$stage_dir" \ - "dist/${{ matrix.target }}/codex-package-${{ matrix.target }}.tar.gz" \ + "${GITHUB_WORKSPACE}/codex-rs/dist/${{ matrix.target }}/codex-${{ matrix.target }}" \ --codex-version "${GITHUB_REF_NAME}" \ --platform-tag "$platform_tag" "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m build --wheel --outdir "$wheel_dir" "$stage_dir" + - name: Build Codex package archive + shell: bash + env: + TARGET: ${{ matrix.target }} + BUNDLE: ${{ matrix.bundle }} + run: | + set -euo pipefail + bash "${GITHUB_WORKSPACE}/.github/scripts/build-codex-package-archive.sh" \ + --target "$TARGET" \ + --bundle "$BUNDLE" \ + --entrypoint-dir "dist/${TARGET}" \ + --archive-dir "dist/${TARGET}" \ + --target-suffixed-entrypoint + - name: Upload Python runtime wheel if: ${{ matrix.bundle == 'primary' }} uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 @@ -1327,7 +878,7 @@ jobs: codex-rs/dist/${{ matrix.target }}/* build-windows: - if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode == 'build_unsigned' }} + if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode != 'promote_signed' }} needs: tag-check uses: ./.github/workflows/rust-release-windows.yml with: @@ -1335,7 +886,7 @@ jobs: secrets: inherit argument-comment-lint-release-assets: - if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode == 'build_unsigned' }} + if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode != 'promote_signed' }} name: argument-comment-lint release assets needs: tag-check uses: ./.github/workflows/rust-release-argument-comment-lint.yml @@ -1343,7 +894,7 @@ jobs: publish: true zsh-release-assets: - if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode == 'build_unsigned' }} + if: ${{ github.event_name != 'workflow_dispatch' || inputs.release_mode != 'promote_signed' }} name: zsh release assets needs: tag-check uses: ./.github/workflows/rust-release-zsh.yml @@ -1352,7 +903,6 @@ jobs: needs: - tag-check - build - - finalize-macos - stage-signed-macos - build-windows - argument-comment-lint-release-assets @@ -1367,7 +917,6 @@ jobs: inputs.release_mode == 'promote_signed' && needs.stage-signed-macos.result == 'success' && needs.build.result == 'skipped' && - needs.finalize-macos.result == 'skipped' && needs.build-windows.result == 'skipped' && needs.argument-comment-lint-release-assets.result == 'skipped' && needs.zsh-release-assets.result == 'skipped' @@ -1375,17 +924,6 @@ jobs: ( (github.event_name != 'workflow_dispatch' || inputs.release_mode != 'promote_signed') && needs.build.result == 'success' && - ( - ( - github.event_name == 'workflow_dispatch' && - inputs.release_mode == 'build_unsigned' && - needs.finalize-macos.result == 'skipped' - ) || - ( - github.event_name != 'workflow_dispatch' && - needs.finalize-macos.result == 'success' - ) - ) && needs.stage-signed-macos.result == 'skipped' && needs.build-windows.result == 'success' && needs.argument-comment-lint-release-assets.result == 'success' && @@ -1409,6 +947,7 @@ jobs: sign_macos: ${{ steps.release_mode.outputs.sign_macos }} should_publish_npm: ${{ steps.npm_publish_settings.outputs.should_publish }} npm_tag: ${{ steps.npm_publish_settings.outputs.npm_tag }} + should_publish_python_runtime: ${{ steps.python_runtime_publish_settings.outputs.should_publish }} steps: - name: Checkout repository @@ -1564,46 +1103,19 @@ jobs: - name: Delete entries from dist/ that should not go in the release run: | rm -rf dist/windows-binaries* - rm -rf dist/*-apple-darwin*-signed-binaries - rm -rf dist/*-apple-darwin*-packaged - rm -rf dist/*-apple-darwin*-unsigned-dmg - rm -rf dist/*-apple-darwin*-signed-dmg - rm -rf dist/*-apple-darwin*-binary-signing-verification - rm -rf dist/*-apple-darwin*-dmg-signing-verification - if [[ "${SIGN_MACOS}" == "true" ]]; then - rm -rf dist/*-apple-darwin*-unsigned - fi # cargo-timing.html appears under multiple target-specific directories. # If included in files: dist/**, release upload races on duplicate # asset names and can fail with 404s. find dist -type f -name 'cargo-timing.html' -delete + # Keep package-builder sidecar archives as workflow artifacts only + # until distribution channels are ready to consume them. + find dist -type f \ + \( -name 'codex-package-*' -o -name 'codex-app-server-package-*' \) \ + -delete find dist -type d -empty -delete ls -R dist/ - - name: Add Codex package checksum manifest - run: | - set -euo pipefail - - manifest="dist/codex-package_SHA256SUMS" - tmp_manifest="$(mktemp)" - find dist -type f \ - \( -name 'codex-package-*.tar.gz' -o -name 'codex-app-server-package-*.tar.gz' \) \ - -print | - sort | - while IFS= read -r archive; do - sha256sum "$archive" | - awk -v name="$(basename "$archive")" '{ print $1 " " name }' - done > "$tmp_manifest" - - if [[ ! -s "$tmp_manifest" ]]; then - echo "No Codex package archives found for checksum manifest" - exit 1 - fi - - mv "$tmp_manifest" "$manifest" - cat "$manifest" - - name: Add config schema release asset run: | cp codex-rs/core/config.schema.json dist/config-schema.json @@ -1641,6 +1153,27 @@ jobs: echo "npm_tag=" >> "$GITHUB_OUTPUT" fi + - name: Determine Python runtime publish settings + id: python_runtime_publish_settings + env: + VERSION: ${{ steps.release_name.outputs.name }} + run: | + set -euo pipefail + version="${VERSION}" + + if [[ "${SIGN_MACOS}" != "true" ]]; then + echo "should_publish=false" >> "$GITHUB_OUTPUT" + exit 0 + fi + + if [[ "${version}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "should_publish=true" >> "$GITHUB_OUTPUT" + elif [[ "${version}" =~ ^[0-9]+\.[0-9]+\.[0-9]+-alpha\.[0-9]+$ ]]; then + echo "should_publish=true" >> "$GITHUB_OUTPUT" + else + echo "should_publish=false" >> "$GITHUB_OUTPUT" + fi + - name: Setup pnpm if: ${{ env.SIGN_MACOS == 'true' }} uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5 @@ -1657,6 +1190,8 @@ jobs: if: ${{ env.SIGN_MACOS == 'true' }} run: pnpm install --frozen-lockfile + # stage_npm_packages.py requires DotSlash when staging releases. + - uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2 - name: Stage npm packages if: ${{ env.SIGN_MACOS == 'true' }} env: @@ -1740,6 +1275,19 @@ jobs: tag: ${{ github.ref_name }} config: .github/dotslash-argument-comment-lint-config.json + - name: Trigger developers.openai.com deploy + # Only trigger the deploy if the release is not a pre-release. + # The deploy is used to update the developers.openai.com website with the new config schema json file. + if: ${{ env.SIGN_MACOS == 'true' && !contains(steps.release_name.outputs.name, '-') }} + continue-on-error: true + env: + DEV_WEBSITE_VERCEL_DEPLOY_HOOK_URL: ${{ secrets.DEV_WEBSITE_VERCEL_DEPLOY_HOOK_URL }} + run: | + if ! curl -sS -f -o /dev/null -X POST "$DEV_WEBSITE_VERCEL_DEPLOY_HOOK_URL"; then + echo "::warning title=developers.openai.com deploy hook failed::Vercel deploy hook POST failed for ${GITHUB_REF_NAME}" + exit 1 + fi + # Publish to npm using OIDC authentication. # July 31, 2025: https://github.blog/changelog/2025-07-31-npm-trusted-publishing-with-oidc-is-generally-available/ # npm docs: https://docs.npmjs.com/trusted-publishers @@ -1905,35 +1453,52 @@ jobs: exit "${publish_status}" done - deploy-dev-website: - name: Trigger developers.openai.com deploy - needs: release - # Only trigger the deploy for a stable signed release. - # The deploy updates developers.openai.com with the new config schema json file. + # Publish the platform-specific Python runtime wheels using PyPI trusted publishing. + # PyPI project configuration must trust this workflow and job. Keep this + # non-blocking while the Python runtime publishing path is new; failures still + # need release follow-up, but should not invalidate the Rust release itself. + publish-python-runtime: + # Publish to PyPI for stable releases and alpha pre-releases with numeric suffixes. if: >- ${{ !cancelled() && needs.release.result == 'success' && - needs.release.outputs.sign_macos == 'true' && - !contains(needs.release.outputs.version, '-') + needs.release.outputs.should_publish_python_runtime == 'true' }} + name: publish-python-runtime + needs: release runs-on: ubuntu-latest continue-on-error: true - permissions: {} - environment: - name: dev-website-vercel-deploy - deployment: false + environment: pypi + permissions: + id-token: write # Required for PyPI trusted publishing. + contents: read steps: - - name: Trigger developers.openai.com deploy - continue-on-error: true + - name: Download Python runtime wheels from release env: - DEV_WEBSITE_VERCEL_DEPLOY_HOOK_URL: ${{ secrets.DEV_WEBSITE_VERCEL_DEPLOY_HOOK_URL }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + RELEASE_TAG: ${{ needs.release.outputs.tag }} + RELEASE_VERSION: ${{ needs.release.outputs.version }} run: | - if ! curl -sS -f -o /dev/null -X POST "$DEV_WEBSITE_VERCEL_DEPLOY_HOOK_URL"; then - echo "::warning title=developers.openai.com deploy hook failed::Vercel deploy hook POST failed for ${GITHUB_REF_NAME}" - exit 1 - fi + set -euo pipefail + python_version="$RELEASE_VERSION" + python_version="${python_version/-alpha./a}" + python_version="${python_version/-beta./b}" + python_version="${python_version/-rc./rc}" + + mkdir -p dist/python-runtime + gh release download "$RELEASE_TAG" \ + --repo "${GITHUB_REPOSITORY}" \ + --pattern "openai_codex_cli_bin-${python_version}-*.whl" \ + --dir dist/python-runtime + ls -lh dist/python-runtime + + - name: Publish Python runtime wheels to PyPI + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + with: + packages-dir: dist/python-runtime + skip-existing: true winget: name: winget diff --git a/.github/workflows/rusty-v8-release.yml b/.github/workflows/rusty-v8-release.yml index d6fb73e96d8..3b56a1e93f6 100644 --- a/.github/workflows/rusty-v8-release.yml +++ b/.github/workflows/rusty-v8-release.yml @@ -5,11 +5,6 @@ on: tags: - "rusty-v8-v*.*.*" -# Cargo's libgit2 transport has been flaky when fetching git dependencies with -# nested submodules. Prefer the system git CLI for Cargo smoke tests. -env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - concurrency: group: ${{ github.workflow }}::${{ github.ref_name }} cancel-in-progress: false @@ -157,9 +152,9 @@ jobs: python-version: "3.12" - name: Set up Rust toolchain for Cargo smoke - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: - toolchain: "1.95.0" + toolchain: "1.93.0" - name: Build Bazel V8 release pair env: @@ -191,10 +186,11 @@ jobs: bazel_args+=(--config=v8-release-compat) fi - ./.github/scripts/run_bazel_with_buildbuddy.py \ + bazel \ --noexperimental_remote_repo_contents_cache \ "${bazel_args[@]}" \ - "--config=${{ matrix.bazel_config }}" + "--config=${{ matrix.bazel_config }}" \ + "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}" - name: Stage release pair env: diff --git a/.github/workflows/sdk.yml b/.github/workflows/sdk.yml index 4103a948cd0..54ed8dc558e 100644 --- a/.github/workflows/sdk.yml +++ b/.github/workflows/sdk.yml @@ -23,15 +23,15 @@ jobs: run: | set -euo pipefail - # Run inside a glibc Linux image so dependency resolution exercises - # the pinned manylinux runtime wheel that users install. + # Run inside Alpine so dependency resolution exercises the pinned + # runtime wheel on the same Linux wheel family that CI installs. docker run --rm \ --user "$(id -u):$(id -g)" \ -e HOME=/tmp/codex-python-sdk-home \ -e UV_LINK_MODE=copy \ -v "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}" \ -w "${GITHUB_WORKSPACE}/sdk/python" \ - python:3.12-slim \ + python:3.12-alpine \ sh -euxc ' python -m venv /tmp/uv /tmp/uv/bin/python -m pip install uv==0.11.3 diff --git a/.github/workflows/v8-canary.yml b/.github/workflows/v8-canary.yml index 0ad9f850d11..979e991504b 100644 --- a/.github/workflows/v8-canary.yml +++ b/.github/workflows/v8-canary.yml @@ -5,7 +5,6 @@ on: paths: - ".bazelrc" - ".github/actions/setup-bazel-ci/**" - - ".github/scripts/run_bazel_with_buildbuddy.py" - ".github/scripts/rusty_v8_bazel.py" - ".github/scripts/rusty_v8_module_bazel.py" - ".github/workflows/rusty-v8-release.yml" @@ -24,7 +23,6 @@ on: paths: - ".bazelrc" - ".github/actions/setup-bazel-ci/**" - - ".github/scripts/run_bazel_with_buildbuddy.py" - ".github/scripts/rusty_v8_bazel.py" - ".github/scripts/rusty_v8_module_bazel.py" - ".github/workflows/rusty-v8-release.yml" @@ -39,11 +37,6 @@ on: - "third_party/v8/**" workflow_dispatch: -# Cargo's libgit2 transport has been flaky when fetching git dependencies with -# nested submodules. Prefer the system git CLI for Cargo builds and smoke tests. -env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - concurrency: group: ${{ github.workflow }}::${{ github.event.pull_request.number > 0 && format('pr-{0}', github.event.pull_request.number) || github.ref_name }} cancel-in-progress: ${{ github.ref_name != 'main' }} @@ -173,9 +166,9 @@ jobs: python-version: "3.12" - name: Set up Rust toolchain for Cargo smoke - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: - toolchain: "1.95.0" + toolchain: "1.93.0" - name: Build Bazel V8 release pair env: @@ -205,10 +198,11 @@ jobs: bazel_args+=(--config=v8-release-compat) fi - ./.github/scripts/run_bazel_with_buildbuddy.py \ + bazel \ --noexperimental_remote_repo_contents_cache \ "${bazel_args[@]}" \ - "--config=${{ matrix.bazel_config }}" + "--config=${{ matrix.bazel_config }}" \ + "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}" - name: Stage release pair env: @@ -316,9 +310,9 @@ jobs: architecture: x64 - name: Set up Codex Rust toolchain for Cargo smoke - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0 + uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0 with: - toolchain: "1.95.0" + toolchain: "1.93.0" targets: ${{ matrix.target }} - name: Install rusty_v8 Rust toolchain @@ -407,7 +401,7 @@ jobs: cd codex-rs RUSTY_V8_ARCHIVE="${GITHUB_WORKSPACE}/${archive}" \ RUSTY_V8_SRC_BINDING_PATH="${GITHUB_WORKSPACE}/${binding}" \ - cargo +1.95.0 test -p codex-v8-poc --target "${TARGET}" --features sandbox --no-run + cargo +1.93.0 test -p codex-v8-poc --target "${TARGET}" --features sandbox --no-run ) - name: Upload staged artifacts diff --git a/AGENTS.md b/AGENTS.md index 88d3fc4eeac..0118ef77b21 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -14,6 +14,7 @@ In the codex-rs folder where the rust code lives: - Avoid bool or ambiguous `Option` parameters that force callers to write hard-to-read code such as `foo(false)` or `bar(None)`. Prefer enums, named methods, newtypes, or other idiomatic Rust API shapes when they keep the callsite self-documenting. - When you cannot make that API change and still need a small positional-literal callsite in Rust, follow the `argument_comment_lint` convention: - Use an exact `/*param_name*/` comment before opaque literal arguments such as `None`, booleans, and numeric literals when passing them by position. + - A method's sole non-self argument is exempt when the method and parameter names match, such as `.enabled(false)` for `fn enabled(&self, enabled: bool)`. - Do not add these comments for string or char literals unless the comment adds real clarity; those literals are intentionally exempt from the lint. - The parameter name in the comment must exactly match the callee signature. - You can run `just argument-comment-lint` to run the lint check locally. This is powered by Bazel, so running it the first time can be slow if Bazel is not warmed up, though incremental invocations should take <15s. Most of the time, it is best to update the PR and let CI take responsibility for checking this (or run it asynchronously in the background after submitting the PR). Note CI checks all three platforms, which the local run does not. @@ -26,6 +27,8 @@ In the codex-rs folder where the rust code lives: - Implementations may still use `async fn foo(&self, ...) -> T` when they satisfy that contract. - Do not use `#[allow(async_fn_in_trait)]` as a shortcut around spelling the future contract explicitly. - When writing tests, prefer comparing the equality of entire objects over fields one by one. +- Do not add tests for values that are statically defined. +- Do not add negative tests for logic that was removed. - Do not add general product or user-facing documentation to the `docs/` folder. The official Codex documentation lives elsewhere. The exception is app-server API documentation, which is covered by the app-server guidance below. - Prefer private modules and explicitly exported public crate API. - If you change `ConfigToml` or nested config types, run `just write-config-schema` to update `codex-rs/core/config.schema.json`. @@ -190,6 +193,12 @@ If you don’t have the tool: - `cargo install --locked cargo-insta` +### Benchmarks + +cargo benchmarks can be run with `just bench`, use the divan crate to write new ones. + +Use `just bench-smoke` to dry-run the benchmark for a single iteration to ensure it works. + ### Test assertions - Tests should use pretty_assertions::assert_eq for clearer diffs. Import this at the top of the test module if it isn't already. diff --git a/MODULE.bazel b/MODULE.bazel index abca889d640..559516bd1a8 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -11,6 +11,7 @@ single_version_override( patch_strip = 1, patches = [ "//patches:llvm_rusty_v8_custom_libcxx.patch", + "//patches:llvm_windows_arm64_powl.patch", "//patches:llvm_windows_symlink_extract.patch", ], ) @@ -94,6 +95,7 @@ single_version_override( module_name = "rules_rs", patch_strip = 1, patches = [ + "//patches:rules_rs_build_script_deps_annotation.patch", "//patches:rules_rs_windows_gnullvm_exec.patch", "//patches:rules_rs_windows_exec_linker.patch", ], @@ -295,6 +297,11 @@ bazel_dep(name = "openssl", version = "3.5.4.bcr.0") inject_repo(crate, "xz") crate.annotation( + # Build scripts compile in Bazel's exec configuration, so target-specific + # optional build deps are otherwise dropped for the musl release platforms. + build_script_deps = [ + "@crates//:openssl-src-300.5.5+3.5.5", + ], build_script_data = [ "@openssl//:gen_dir", ], @@ -415,18 +422,18 @@ crate.annotation( inject_repo(crate, "alsa_lib") -bazel_dep(name = "v8", version = "14.7.173.20") +bazel_dep(name = "v8", version = "14.9.207.2") archive_override( module_name = "v8", - integrity = "sha256-v/x6I4X38a2wckzUIft3Dh0SUdkuOTokwxyF7lzW8Lc=", + integrity = "sha256-tflbZE5srqal6leMxJjK/ZQtwpF96OMGJ6avd5lice4=", patch_strip = 3, patches = [ "//patches:v8_module_deps.patch", "//patches:v8_bazel_rules.patch", "//patches:v8_source_portability.patch", ], - strip_prefix = "v8-14.7.173.20", - urls = ["https://github.com/v8/v8/archive/refs/tags/14.7.173.20.tar.gz"], + strip_prefix = "v8-14.9.207.2", + urls = ["https://github.com/v8/v8/archive/refs/tags/14.9.207.2.tar.gz"], ) http_archive( @@ -439,12 +446,12 @@ http_archive( ) http_archive( - name = "v8_crate_147_4_0", + name = "v8_crate_149_2_0", build_file = "//third_party/v8:v8_crate.BUILD.bazel", - sha256 = "2df8fffd507fb18ed000673a83d937f58e60fb07f3306b2274284125b15137cd", - strip_prefix = "v8-147.4.0", + sha256 = "46dccf61a364b61bbaac70a8ba64a1a1006e87123b7d62eaeec999a3ba31ecdb", + strip_prefix = "v8-149.2.0", type = "tar.gz", - urls = ["https://static.crates.io/crates/v8/v8-147.4.0.crate"], + urls = ["https://static.crates.io/crates/v8/v8-149.2.0.crate"], ) git_repository = use_repo_rule("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository") @@ -452,7 +459,7 @@ git_repository = use_repo_rule("@bazel_tools//tools/build_defs/repo:git.bzl", "g git_repository( name = "rusty_v8_libcxx", build_file = "//third_party/v8:libcxx.BUILD.bazel", - commit = "7ab65651aed6802d2599dcb7a73b1f82d5179d05", + commit = "99457fa555797f8c5ac3c076ca288d8481d3b23a", remote = "https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxx.git", ) @@ -466,25 +473,25 @@ git_repository( git_repository( name = "rusty_v8_llvm_libc", build_file = "//third_party/v8:llvm_libc.BUILD.bazel", - commit = "b3aa5bb702ff9e890179fd1e7d3ba346e17ecf8e", + commit = "cb952785ccee13811f293f3c419958d1e3ddafbf", remote = "https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libc.git", ) http_file( - name = "rusty_v8_147_4_0_aarch64_pc_windows_msvc_archive", + name = "rusty_v8_149_2_0_aarch64_pc_windows_msvc_archive", downloaded_file_path = "rusty_v8_release_aarch64-pc-windows-msvc.lib.gz", - sha256 = "1fa3f94d9e09cff1f6bcce94c478e5cb072c0755f6a0357abadb9dd3b48d8127", + sha256 = "923f2b6ccdc14526b814e171e34c9aafd7969f12304948857c6696d022f0fb3c", urls = [ - "https://github.com/denoland/rusty_v8/releases/download/v147.4.0/rusty_v8_release_aarch64-pc-windows-msvc.lib.gz", + "https://github.com/denoland/rusty_v8/releases/download/v149.2.0/rusty_v8_release_aarch64-pc-windows-msvc.lib.gz", ], ) http_file( - name = "rusty_v8_147_4_0_x86_64_pc_windows_msvc_archive", + name = "rusty_v8_149_2_0_x86_64_pc_windows_msvc_archive", downloaded_file_path = "rusty_v8_release_x86_64-pc-windows-msvc.lib.gz", - sha256 = "e2827ff98b1a9d4c0343000fc5124ac30dfab3007bc0129c168c9355fc2fcd7c", + sha256 = "12b5a791b54e92f748738ad8d0d12dad8d281a2d836638ad1aa6678e3b855d9a", urls = [ - "https://github.com/denoland/rusty_v8/releases/download/v147.4.0/rusty_v8_release_x86_64-pc-windows-msvc.lib.gz", + "https://github.com/denoland/rusty_v8/releases/download/v149.2.0/rusty_v8_release_x86_64-pc-windows-msvc.lib.gz", ], ) diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index f541a2c7bf3..d230cfff9e9 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -613,8 +613,8 @@ "age_0.11.2": "{\"dependencies\":[{\"name\":\"aes\",\"optional\":true,\"req\":\"^0.8\"},{\"name\":\"aes-gcm\",\"optional\":true,\"req\":\"^0.10\"},{\"name\":\"age-core\",\"req\":\"^0.11.0\"},{\"name\":\"base64\",\"req\":\"^0.21\"},{\"name\":\"bcrypt-pbkdf\",\"optional\":true,\"req\":\"^0.10\"},{\"name\":\"bech32\",\"req\":\"^0.9\"},{\"name\":\"cbc\",\"optional\":true,\"req\":\"^0.1\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"chacha20poly1305\",\"req\":\"^0.10\"},{\"features\":[\"alloc\"],\"name\":\"cipher\",\"optional\":true,\"req\":\"^0.4.3\"},{\"default_features\":false,\"name\":\"console\",\"optional\":true,\"req\":\"^0.15\"},{\"name\":\"cookie-factory\",\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"kind\":\"dev\",\"name\":\"criterion-cycles-per-byte\",\"req\":\"^0.6\",\"target\":\"cfg(any(target_arch = \\\"x86\\\", target_arch = \\\"x86_64\\\"))\"},{\"name\":\"ctr\",\"optional\":true,\"req\":\"^0.9\"},{\"name\":\"curve25519-dalek\",\"optional\":true,\"req\":\"^4\"},{\"name\":\"futures\",\"optional\":true,\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"futures-test\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4\"},{\"name\":\"hmac\",\"req\":\"^0.12\"},{\"features\":[\"fluent-system\"],\"name\":\"i18n-embed\",\"req\":\"^0.15\"},{\"features\":[\"fluent-system\",\"desktop-requester\"],\"kind\":\"dev\",\"name\":\"i18n-embed\",\"req\":\"^0.15\"},{\"name\":\"i18n-embed-fl\",\"req\":\"^0.9\"},{\"name\":\"is-terminal\",\"optional\":true,\"req\":\"^0.4\"},{\"name\":\"lazy_static\",\"req\":\"^1\"},{\"name\":\"memchr\",\"optional\":true,\"req\":\"^2.5\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"nom\",\"req\":\"^7\"},{\"name\":\"num-traits\",\"optional\":true,\"req\":\"^0.2\"},{\"name\":\"pin-project\",\"req\":\"^1\"},{\"name\":\"pinentry\",\"optional\":true,\"req\":\"^0.6\"},{\"features\":[\"criterion\",\"flamegraph\"],\"kind\":\"dev\",\"name\":\"pprof\",\"req\":\"^0.13\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1\"},{\"name\":\"rand\",\"req\":\"^0.8\"},{\"name\":\"rpassword\",\"optional\":true,\"req\":\"^7\"},{\"default_features\":false,\"name\":\"rsa\",\"optional\":true,\"req\":\"^0.9\"},{\"name\":\"rust-embed\",\"req\":\"^8\"},{\"default_features\":false,\"name\":\"scrypt\",\"req\":\"^0.11\"},{\"name\":\"sha2\",\"req\":\"^0.10\"},{\"name\":\"subtle\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"test-case\",\"req\":\"^3\"},{\"features\":[\"macros\",\"rt-multi-thread\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"Window\",\"Performance\"],\"name\":\"web-sys\",\"optional\":true,\"req\":\"^0.3\"},{\"name\":\"which\",\"optional\":true,\"req\":\"^4\",\"target\":\"cfg(any(unix, windows))\"},{\"name\":\"wsl\",\"optional\":true,\"req\":\"^0.1\",\"target\":\"cfg(any(unix, windows))\"},{\"features\":[\"static_secrets\"],\"name\":\"x25519-dalek\",\"req\":\"^2\"},{\"name\":\"zeroize\",\"req\":\"^1\"}],\"features\":{\"armor\":[],\"async\":[\"futures\",\"memchr\"],\"cli-common\":[\"console\",\"is-terminal\",\"pinentry\",\"rpassword\"],\"default\":[],\"plugin\":[\"age-core/plugin\",\"which\",\"wsl\"],\"ssh\":[\"aes\",\"aes-gcm\",\"bcrypt-pbkdf\",\"cbc\",\"cipher\",\"ctr\",\"curve25519-dalek\",\"num-traits\",\"rsa\"],\"unstable\":[\"age-core/unstable\"]}}", "ahash_0.8.12": "{\"dependencies\":[{\"name\":\"cfg-if\",\"req\":\"^1.0\"},{\"name\":\"const-random\",\"optional\":true,\"req\":\"^0.1.17\"},{\"features\":[\"html_reports\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3.2\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0.5\"},{\"kind\":\"dev\",\"name\":\"fxhash\",\"req\":\"^0.2.1\"},{\"name\":\"getrandom\",\"optional\":true,\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"hashbrown\",\"req\":\"^0.14.3\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4.2\"},{\"kind\":\"dev\",\"name\":\"no-panic\",\"req\":\"^0.1.10\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"once_cell\",\"req\":\"^1.18.0\",\"target\":\"cfg(not(all(target_arch = \\\"arm\\\", target_os = \\\"none\\\")))\"},{\"kind\":\"dev\",\"name\":\"pcg-mwc\",\"req\":\"^0.2.1\"},{\"name\":\"portable-atomic\",\"optional\":true,\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.5\"},{\"kind\":\"dev\",\"name\":\"seahash\",\"req\":\"^4.0\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.117\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.59\"},{\"kind\":\"dev\",\"name\":\"smallvec\",\"req\":\"^1.13.1\"},{\"kind\":\"build\",\"name\":\"version_check\",\"req\":\"^0.9.4\"},{\"default_features\":false,\"features\":[\"simd\"],\"name\":\"zerocopy\",\"req\":\"^0.8.24\"}],\"features\":{\"atomic-polyfill\":[\"dep:portable-atomic\",\"once_cell/critical-section\"],\"compile-time-rng\":[\"const-random\"],\"default\":[\"std\",\"runtime-rng\"],\"nightly-arm-aes\":[],\"no-rng\":[],\"runtime-rng\":[\"getrandom\"],\"std\":[]}}", "aho-corasick_1.1.4": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.3\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.17\"},{\"default_features\":false,\"name\":\"memchr\",\"optional\":true,\"req\":\"^2.4.0\"}],\"features\":{\"default\":[\"std\",\"perf-literal\"],\"logging\":[\"dep:log\"],\"perf-literal\":[\"dep:memchr\"],\"std\":[\"memchr?/std\"]}}", - "allocative_0.3.4": "{\"dependencies\":[{\"name\":\"allocative_derive\",\"req\":\"=0.3.3\"},{\"name\":\"anyhow\",\"optional\":true,\"req\":\"^1.0.65\"},{\"name\":\"bumpalo\",\"optional\":true,\"req\":\"^3.11.1\"},{\"name\":\"compact_str\",\"optional\":true,\"req\":\"^0.8\"},{\"name\":\"ctor\",\"req\":\"^0.1.26\"},{\"name\":\"dashmap\",\"optional\":true,\"req\":\"^5.5.3\"},{\"name\":\"either\",\"optional\":true,\"req\":\"^1.8\"},{\"name\":\"futures\",\"optional\":true,\"req\":\"^0.3.24\"},{\"features\":[\"raw\"],\"name\":\"hashbrown\",\"optional\":true,\"req\":\"^0.14.3\"},{\"name\":\"indexmap\",\"optional\":true,\"req\":\"^2.2.6\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"inferno\",\"req\":\"^0.11.11\"},{\"name\":\"num-bigint\",\"optional\":true,\"req\":\"^0.4.3\"},{\"name\":\"once_cell\",\"optional\":true,\"req\":\"^1.15.0\"},{\"name\":\"parking_lot\",\"optional\":true,\"req\":\"^0.11.2\"},{\"name\":\"prost-types\",\"optional\":true,\"req\":\"^0.11.2\"},{\"name\":\"relative-path\",\"optional\":true,\"req\":\"^1.7.0\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.48\"},{\"name\":\"slab\",\"optional\":true,\"req\":\"^0.4.7\"},{\"name\":\"smallvec\",\"optional\":true,\"req\":\"^1.10.0\"},{\"name\":\"sorted_vector_map\",\"optional\":true,\"req\":\"^0.2\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.5\"},{\"name\":\"triomphe\",\"optional\":true,\"req\":\"^0.1.8\"}],\"features\":{}}", - "allocative_derive_0.3.3": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0\"},{\"name\":\"quote\",\"req\":\"^1.0.3\"},{\"features\":[\"full\",\"extra-traits\"],\"name\":\"syn\",\"req\":\"^2\"}],\"features\":{}}", + "allocative_0.3.6": "{\"dependencies\":[{\"name\":\"allocative_derive\",\"req\":\"=0.3.6\"},{\"name\":\"anyhow\",\"optional\":true,\"req\":\"^1.0.65\"},{\"name\":\"bumpalo\",\"optional\":true,\"req\":\"^3.11.1\"},{\"name\":\"compact_str\",\"optional\":true,\"req\":\"^0.9\"},{\"name\":\"ctor\",\"req\":\"^1.0.5\"},{\"name\":\"dashmap\",\"optional\":true,\"req\":\"^6.1.0\"},{\"name\":\"either\",\"optional\":true,\"req\":\"^1.8\"},{\"name\":\"futures\",\"optional\":true,\"req\":\"^0.3.24\"},{\"name\":\"hashbrown\",\"optional\":true,\"req\":\"^0.16.1\"},{\"name\":\"indexmap\",\"optional\":true,\"req\":\"^2.2.6\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"inferno\",\"req\":\"^0.11.11\"},{\"name\":\"num-bigint\",\"optional\":true,\"req\":\"^0.4.3\"},{\"name\":\"once_cell\",\"optional\":true,\"req\":\"^1.21.4\"},{\"name\":\"parking_lot\",\"optional\":true,\"req\":\"^0.11.2\"},{\"name\":\"prost-types\",\"optional\":true,\"req\":\"^0.14.3\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.48\"},{\"name\":\"slab\",\"optional\":true,\"req\":\"^0.4.12\"},{\"name\":\"smallvec\",\"optional\":true,\"req\":\"^1.10.0\"},{\"name\":\"sorted_vector_map\",\"optional\":true,\"req\":\"^0.2\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.5\"},{\"name\":\"triomphe\",\"optional\":true,\"req\":\"^0.1.8\"}],\"features\":{\"anyhow\":[\"dep:anyhow\"],\"bumpalo\":[\"dep:bumpalo\"],\"compact_str\":[\"dep:compact_str\"],\"dashmap\":[\"dep:dashmap\"],\"default\":[],\"either\":[\"dep:either\"],\"futures\":[\"dep:futures\"],\"hashbrown\":[\"dep:hashbrown\"],\"indexmap\":[\"dep:indexmap\"],\"num-bigint\":[\"dep:num-bigint\"],\"once_cell\":[\"dep:once_cell\"],\"parking_lot\":[\"dep:parking_lot\"],\"prost-types\":[\"dep:prost-types\"],\"serde_json\":[\"dep:serde_json\"],\"slab\":[\"dep:slab\"],\"smallvec\":[\"dep:smallvec\"],\"sorted_vector_map\":[\"dep:sorted_vector_map\"],\"tokio\":[\"dep:tokio\"],\"triomphe\":[\"dep:triomphe\"]}}", + "allocative_derive_0.3.6": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.106\"},{\"name\":\"quote\",\"req\":\"^1.0.45\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0.117\"}],\"features\":{}}", "allocator-api2_0.2.21": "{\"dependencies\":[{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"fresh-rust\":[],\"nightly\":[],\"std\":[\"alloc\"]}}", "alsa-sys_0.3.1": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2.65\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"req\":\"^0.3\"}],\"features\":{}}", "alsa_0.9.1": "{\"dependencies\":[{\"name\":\"alsa-sys\",\"req\":\"^0.3.1\"},{\"name\":\"bitflags\",\"req\":\"^2.4.0\"},{\"name\":\"cfg-if\",\"req\":\"^1.0\"},{\"name\":\"libc\",\"req\":\"^0.2\"}],\"features\":{}}", @@ -629,13 +629,12 @@ "anstyle-wincon_3.0.11": "{\"dependencies\":[{\"name\":\"anstyle\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"lexopt\",\"req\":\"^0.3.1\"},{\"name\":\"once_cell_polyfill\",\"req\":\"^1.56.1\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_System_Console\",\"Win32_Foundation\"],\"name\":\"windows-sys\",\"req\":\">=0.60.2, <0.62\",\"target\":\"cfg(windows)\"}],\"features\":{}}", "anstyle_1.0.13": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"lexopt\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"snapbox\",\"req\":\"^0.6.5\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", "anstyle_1.0.14": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"lexopt\",\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"snapbox\",\"req\":\"^0.6.23\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", - "anyhow_1.0.101": "{\"dependencies\":[{\"name\":\"backtrace\",\"optional\":true,\"req\":\"^0.3.51\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0.6\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"syn\",\"req\":\"^2.0\"},{\"kind\":\"dev\",\"name\":\"thiserror\",\"req\":\"^2\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", "anyhow_1.0.102": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0.6\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"syn\",\"req\":\"^2.0\"},{\"kind\":\"dev\",\"name\":\"thiserror\",\"req\":\"^2\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"}],\"features\":{\"backtrace\":[],\"default\":[\"std\"],\"std\":[]}}", "arbitrary_1.4.2": "{\"dependencies\":[{\"name\":\"derive_arbitrary\",\"optional\":true,\"req\":\"~1.4.0\"},{\"kind\":\"dev\",\"name\":\"exhaustigen\",\"req\":\"^0.1.0\"}],\"features\":{\"derive\":[\"derive_arbitrary\"]}}", "arboard_3.6.1": "{\"dependencies\":[{\"features\":[\"std\"],\"name\":\"clipboard-win\",\"req\":\"^5.3.1\",\"target\":\"cfg(windows)\"},{\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.10.2\"},{\"default_features\":false,\"features\":[\"png\"],\"name\":\"image\",\"optional\":true,\"req\":\"^0.25\",\"target\":\"cfg(all(unix, not(any(target_os=\\\"macos\\\", target_os=\\\"android\\\", target_os=\\\"emscripten\\\"))))\"},{\"default_features\":false,\"features\":[\"tiff\"],\"name\":\"image\",\"optional\":true,\"req\":\"^0.25\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"features\":[\"png\",\"bmp\"],\"name\":\"image\",\"optional\":true,\"req\":\"^0.25\",\"target\":\"cfg(windows)\"},{\"name\":\"log\",\"req\":\"^0.4\",\"target\":\"cfg(all(unix, not(any(target_os=\\\"macos\\\", target_os=\\\"android\\\", target_os=\\\"emscripten\\\"))))\"},{\"name\":\"log\",\"req\":\"^0.4\",\"target\":\"cfg(windows)\"},{\"name\":\"objc2\",\"req\":\"^0.6.0\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"features\":[\"std\",\"objc2-core-graphics\",\"NSPasteboard\",\"NSPasteboardItem\",\"NSImage\"],\"name\":\"objc2-app-kit\",\"req\":\"^0.3.0\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"features\":[\"std\",\"CFCGTypes\"],\"name\":\"objc2-core-foundation\",\"optional\":true,\"req\":\"^0.3.0\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"features\":[\"std\",\"CGImage\",\"CGColorSpace\",\"CGDataProvider\"],\"name\":\"objc2-core-graphics\",\"optional\":true,\"req\":\"^0.3.0\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"features\":[\"std\",\"NSArray\",\"NSString\",\"NSEnumerator\",\"NSGeometry\",\"NSValue\"],\"name\":\"objc2-foundation\",\"req\":\"^0.3.0\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"name\":\"parking_lot\",\"req\":\"^0.12\",\"target\":\"cfg(all(unix, not(any(target_os=\\\"macos\\\", target_os=\\\"android\\\", target_os=\\\"emscripten\\\"))))\"},{\"name\":\"percent-encoding\",\"req\":\"^2.3.1\",\"target\":\"cfg(all(unix, not(any(target_os=\\\"macos\\\", target_os=\\\"android\\\", target_os=\\\"emscripten\\\"))))\"},{\"features\":[\"Win32_Foundation\",\"Win32_Storage_FileSystem\",\"Win32_System_DataExchange\",\"Win32_System_Memory\",\"Win32_System_Ole\",\"Win32_UI_Shell\"],\"name\":\"windows-sys\",\"req\":\">=0.52.0, <0.61.0\",\"target\":\"cfg(windows)\"},{\"name\":\"wl-clipboard-rs\",\"optional\":true,\"req\":\"^0.9.0\",\"target\":\"cfg(all(unix, not(any(target_os=\\\"macos\\\", target_os=\\\"android\\\", target_os=\\\"emscripten\\\"))))\"},{\"name\":\"x11rb\",\"req\":\"^0.13\",\"target\":\"cfg(all(unix, not(any(target_os=\\\"macos\\\", target_os=\\\"android\\\", target_os=\\\"emscripten\\\"))))\"}],\"features\":{\"core-graphics\":[\"dep:objc2-core-graphics\"],\"default\":[\"image-data\"],\"image\":[\"dep:image\"],\"image-data\":[\"dep:objc2-core-graphics\",\"dep:objc2-core-foundation\",\"image\",\"windows-sys\",\"core-graphics\"],\"wayland-data-control\":[\"wl-clipboard-rs\"],\"windows-sys\":[\"windows-sys/Win32_Graphics_Gdi\"],\"wl-clipboard-rs\":[\"dep:wl-clipboard-rs\"]}}", "arc-swap_1.9.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"adaptive-barrier\",\"req\":\"~1\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"~0.7\"},{\"kind\":\"dev\",\"name\":\"crossbeam-utils\",\"req\":\"~0.8\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.14\"},{\"kind\":\"dev\",\"name\":\"num_cpus\",\"req\":\"~1\"},{\"kind\":\"dev\",\"name\":\"once_cell\",\"req\":\"~1\"},{\"kind\":\"dev\",\"name\":\"parking_lot\",\"req\":\"~0.12\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1\"},{\"name\":\"rustversion\",\"req\":\"^1\"},{\"features\":[\"rc\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.130\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0.177\"}],\"features\":{\"experimental-strategies\":[],\"experimental-thread-local\":[],\"internal-test-strategies\":[],\"weak\":[]}}", + "arrayref_0.3.9": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0\"}],\"features\":{}}", "arrayvec_0.7.6": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bencher\",\"req\":\"^0.1.4\"},{\"default_features\":false,\"name\":\"borsh\",\"optional\":true,\"req\":\"^1.2.0\"},{\"kind\":\"dev\",\"name\":\"matches\",\"req\":\"^0.1\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1.4\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", - "ascii-canvas_3.0.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"diff\",\"req\":\"^0.1\"},{\"name\":\"term\",\"req\":\"^0.7\"}],\"features\":{}}", "ascii_1.1.0": "{\"dependencies\":[{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.25\"},{\"name\":\"serde_test\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"std\":[\"alloc\"]}}", "asn1-rs-derive_0.6.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0\"},{\"name\":\"quote\",\"req\":\"^1.0\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0\"},{\"name\":\"synstructure\",\"req\":\"^0.13\"}],\"features\":{}}", "asn1-rs-impl_0.2.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1\"},{\"name\":\"quote\",\"req\":\"^1\"},{\"name\":\"syn\",\"req\":\"^2.0\"}],\"features\":{}}", @@ -658,7 +657,9 @@ "async-trait_0.1.89": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.30\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0.74\"},{\"name\":\"quote\",\"req\":\"^1.0.35\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0.13\"},{\"default_features\":false,\"features\":[\"clone-impls\",\"full\",\"parsing\",\"printing\",\"proc-macro\",\"visit-mut\"],\"name\":\"syn\",\"req\":\"^2.0.46\"},{\"kind\":\"dev\",\"name\":\"tracing\",\"req\":\"^0.1.40\"},{\"kind\":\"dev\",\"name\":\"tracing-attributes\",\"req\":\"^0.1.27\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.81\"}],\"features\":{}}", "asynk-strim_0.1.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-fn-stream\",\"req\":\"^0.3.2\"},{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3.6\"},{\"default_features\":false,\"features\":[\"cargo_bench_support\",\"plotters\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.7.0\"},{\"default_features\":false,\"name\":\"futures-core\",\"req\":\"^0.3.31\"},{\"default_features\":false,\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"futures-lite\",\"req\":\"^2.3.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.14\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.99\"}],\"features\":{}}", "atoi_2.0.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"num-traits\",\"req\":\"^0.2.14\"}],\"features\":{\"default\":[\"std\"],\"std\":[\"num-traits/std\"]}}", + "atomic-polyfill_1.0.3": "{\"dependencies\":[{\"name\":\"critical-section\",\"req\":\"^1.0.0\"}],\"features\":{}}", "atomic-waker_1.1.2": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"cargo_bench_support\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4.0\"},{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.5\"},{\"default_features\":false,\"name\":\"portable-atomic\",\"optional\":true,\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.7.0\"}],\"features\":{}}", + "atomic_0.5.3": "{\"dependencies\":[],\"features\":{\"default\":[\"fallback\"],\"fallback\":[],\"nightly\":[],\"std\":[]}}", "autocfg_1.5.0": "{\"dependencies\":[],\"features\":{}}", "aws-config_1.8.12": "{\"dependencies\":[{\"features\":[\"test-util\"],\"name\":\"aws-credential-types\",\"req\":\"^1.2.11\"},{\"name\":\"aws-runtime\",\"req\":\"^1.5.17\"},{\"default_features\":false,\"name\":\"aws-sdk-signin\",\"optional\":true,\"req\":\"^1.2.0\"},{\"default_features\":false,\"name\":\"aws-sdk-sso\",\"optional\":true,\"req\":\"^1.91.0\"},{\"default_features\":false,\"name\":\"aws-sdk-ssooidc\",\"optional\":true,\"req\":\"^1.93.0\"},{\"default_features\":false,\"name\":\"aws-sdk-sts\",\"req\":\"^1.95.0\"},{\"name\":\"aws-smithy-async\",\"req\":\"^1.2.7\"},{\"features\":[\"rt-tokio\",\"test-util\"],\"kind\":\"dev\",\"name\":\"aws-smithy-async\",\"req\":\"^1.2.7\"},{\"name\":\"aws-smithy-http\",\"req\":\"^0.62.6\"},{\"features\":[\"default-client\",\"test-util\"],\"kind\":\"dev\",\"name\":\"aws-smithy-http-client\",\"req\":\"^1.1.5\"},{\"name\":\"aws-smithy-json\",\"req\":\"^0.61.8\"},{\"features\":[\"client\"],\"name\":\"aws-smithy-runtime\",\"req\":\"^1.9.5\"},{\"features\":[\"client\",\"test-util\"],\"kind\":\"dev\",\"name\":\"aws-smithy-runtime\",\"req\":\"^1.9.5\"},{\"features\":[\"client\"],\"name\":\"aws-smithy-runtime-api\",\"req\":\"^1.9.3\"},{\"features\":[\"test-util\"],\"kind\":\"dev\",\"name\":\"aws-smithy-runtime-api\",\"req\":\"^1.9.3\"},{\"name\":\"aws-smithy-types\",\"req\":\"^1.3.5\"},{\"name\":\"aws-types\",\"req\":\"^1.3.11\"},{\"name\":\"base64-simd\",\"optional\":true,\"req\":\"^0.8.0\"},{\"name\":\"bytes\",\"req\":\"^1.1.0\"},{\"name\":\"fastrand\",\"req\":\"^2.3.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.29\"},{\"name\":\"hex\",\"optional\":true,\"req\":\"^0.4.3\"},{\"name\":\"http\",\"req\":\"^1\"},{\"name\":\"p256\",\"optional\":true,\"req\":\"^0.13.2\"},{\"default_features\":false,\"features\":[\"std\",\"std_rng\"],\"name\":\"rand\",\"optional\":true,\"req\":\"^0.8.5\"},{\"name\":\"ring\",\"optional\":true,\"req\":\"^0.17.5\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1\"},{\"name\":\"sha2\",\"optional\":true,\"req\":\"^0.10.9\"},{\"features\":[\"parsing\"],\"name\":\"time\",\"req\":\"^0.3.4\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"req\":\"^1.13.1\"},{\"features\":[\"full\",\"test-util\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.23.1\"},{\"name\":\"tracing\",\"req\":\"^0.1\"},{\"features\":[\"fmt\",\"json\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3.16\"},{\"kind\":\"dev\",\"name\":\"tracing-test\",\"req\":\"^0.2.4\"},{\"name\":\"url\",\"req\":\"^2.5.4\"},{\"name\":\"uuid\",\"optional\":true,\"req\":\"^1.18.1\"},{\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"allow-compilation\":[],\"behavior-version-latest\":[],\"client-hyper\":[\"aws-smithy-runtime/default-https-client\"],\"credentials-login\":[\"dep:aws-sdk-signin\",\"dep:sha2\",\"dep:zeroize\",\"dep:hex\",\"dep:base64-simd\",\"dep:uuid\",\"uuid?/v4\",\"dep:p256\",\"p256?/arithmetic\",\"p256?/pem\",\"dep:rand\"],\"credentials-process\":[\"tokio/process\"],\"default\":[\"default-https-client\",\"rt-tokio\",\"credentials-process\",\"sso\"],\"default-https-client\":[\"aws-smithy-runtime/default-https-client\"],\"rt-tokio\":[\"aws-smithy-async/rt-tokio\",\"aws-smithy-runtime/rt-tokio\",\"tokio/rt\"],\"rustls\":[\"client-hyper\"],\"sso\":[\"dep:aws-sdk-sso\",\"dep:aws-sdk-ssooidc\",\"dep:ring\",\"dep:hex\",\"dep:zeroize\",\"aws-smithy-runtime-api/http-auth\"],\"test-util\":[\"aws-runtime/test-util\"]}}", "aws-credential-types_1.2.11": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-trait\",\"req\":\"^0.1.74\"},{\"name\":\"aws-smithy-async\",\"req\":\"^1.2.7\"},{\"features\":[\"client\",\"http-auth\"],\"name\":\"aws-smithy-runtime-api\",\"req\":\"^1.9.3\"},{\"features\":[\"test-util\"],\"kind\":\"dev\",\"name\":\"aws-smithy-runtime-api\",\"req\":\"^1.9.3\"},{\"name\":\"aws-smithy-types\",\"req\":\"^1.3.5\"},{\"features\":[\"full\",\"test-util\",\"rt\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.23.1\"},{\"name\":\"zeroize\",\"req\":\"^1.7.0\"}],\"features\":{\"hardcoded-credentials\":[],\"test-util\":[\"aws-smithy-runtime-api/test-util\"]}}", @@ -697,12 +698,13 @@ "beef_0.5.2": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.105\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.105\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"const_fn\":[],\"default\":[],\"impl_serde\":[\"serde\"]}}", "bincode_1.3.3": "{\"dependencies\":[{\"name\":\"serde\",\"req\":\"^1.0.63\"},{\"kind\":\"dev\",\"name\":\"serde_bytes\",\"req\":\"^0.11\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.27\"}],\"features\":{\"i128\":[]}}", "bindgen_0.72.1": "{\"dependencies\":[{\"name\":\"annotate-snippets\",\"optional\":true,\"req\":\"^0.11.4\"},{\"name\":\"bitflags\",\"req\":\"^2.2.1\"},{\"name\":\"cexpr\",\"req\":\"^0.6\"},{\"features\":[\"clang_11_0\"],\"name\":\"clang-sys\",\"req\":\"^1\"},{\"features\":[\"derive\"],\"name\":\"clap\",\"optional\":true,\"req\":\"^4\"},{\"name\":\"clap_complete\",\"optional\":true,\"req\":\"^4\"},{\"default_features\":false,\"name\":\"itertools\",\"req\":\">=0.10, <0.14\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4\"},{\"features\":[\"verbatim\"],\"name\":\"prettyplease\",\"optional\":true,\"req\":\"^0.2.7\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0.80\"},{\"default_features\":false,\"name\":\"quote\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"std\",\"unicode-perl\"],\"name\":\"regex\",\"req\":\"^1.5.3\"},{\"name\":\"rustc-hash\",\"req\":\"^2.1.0\"},{\"name\":\"shlex\",\"req\":\"^1\"},{\"features\":[\"full\",\"extra-traits\",\"visit-mut\"],\"name\":\"syn\",\"req\":\"^2.0\"}],\"features\":{\"__cli\":[\"dep:clap\",\"dep:clap_complete\"],\"__testing_only_extra_assertions\":[],\"__testing_only_libclang_16\":[],\"__testing_only_libclang_9\":[],\"default\":[\"logging\",\"prettyplease\",\"runtime\"],\"experimental\":[\"dep:annotate-snippets\"],\"logging\":[\"dep:log\"],\"runtime\":[\"clang-sys/runtime\"],\"static\":[\"clang-sys/static\"]}}", - "bit-set_0.5.3": "{\"dependencies\":[{\"default_features\":false,\"name\":\"bit-vec\",\"req\":\"^0.6.1\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.3\"}],\"features\":{\"default\":[\"std\"],\"std\":[\"bit-vec/std\"]}}", - "bit-vec_0.6.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"},{\"kind\":\"dev\",\"name\":\"rand_xorshift\",\"req\":\"^0.2\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"std\"],\"serde_no_std\":[\"serde/alloc\"],\"serde_std\":[\"std\",\"serde/std\"],\"std\":[]}}", + "bit-set_0.8.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"bit-vec\",\"req\":\"^0.8.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"std\"],\"serde\":[\"dep:serde\",\"bit-vec/serde\"],\"std\":[\"bit-vec/std\"]}}", + "bit-vec_0.8.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"borsh\",\"optional\":true,\"req\":\"^1.5\"},{\"name\":\"miniserde\",\"optional\":true,\"req\":\"^0.1\"},{\"name\":\"nanoserde\",\"optional\":true,\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"rand_xorshift\",\"req\":\"^0.3\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"borsh_std\":[\"borsh/std\"],\"default\":[\"std\"],\"serde_no_std\":[\"serde/alloc\"],\"serde_std\":[\"std\",\"serde/std\"],\"std\":[]}}", "bitflags_1.3.2": "{\"dependencies\":[{\"name\":\"compiler_builtins\",\"optional\":true,\"req\":\"^0.1.2\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.3\"}],\"features\":{\"default\":[],\"example_generated\":[],\"rustc-dep-of-std\":[\"core\",\"compiler_builtins\"]}}", "bitflags_2.10.0": "{\"dependencies\":[{\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"arbitrary\",\"req\":\"^1.0\"},{\"name\":\"bytemuck\",\"optional\":true,\"req\":\"^1.12\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"bytemuck\",\"req\":\"^1.12.2\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.228\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde_lib\",\"package\":\"serde\",\"req\":\"^1.0.103\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0.19\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.18\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"zerocopy\",\"req\":\"^0.8\"}],\"features\":{\"example_generated\":[],\"serde\":[\"serde_core\"],\"std\":[]}}", "bitflags_2.11.0": "{\"dependencies\":[{\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"arbitrary\",\"req\":\"^1.0\"},{\"name\":\"bytemuck\",\"optional\":true,\"req\":\"^1.12\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"bytemuck\",\"req\":\"^1.12.2\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.228\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde_lib\",\"package\":\"serde\",\"req\":\"^1.0.103\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0.19\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.18\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"zerocopy\",\"req\":\"^0.8\"}],\"features\":{\"example_generated\":[],\"serde\":[\"serde_core\"],\"std\":[]}}", "blake2_0.10.6": "{\"dependencies\":[{\"features\":[\"mac\"],\"name\":\"digest\",\"req\":\"^0.10.3\"},{\"features\":[\"dev\"],\"kind\":\"dev\",\"name\":\"digest\",\"req\":\"^0.10.3\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^0.2.2\"}],\"features\":{\"default\":[\"std\"],\"reset\":[],\"simd\":[],\"simd_asm\":[\"simd_opt\"],\"simd_opt\":[\"simd\"],\"size_opt\":[],\"std\":[\"digest/std\"]}}", + "blake3_1.8.2": "{\"dependencies\":[{\"name\":\"arrayref\",\"req\":\"^0.3.5\"},{\"default_features\":false,\"name\":\"arrayvec\",\"req\":\"^0.7.4\"},{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.1.12\"},{\"name\":\"cfg-if\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"ciborium\",\"req\":\"^0.2.2\"},{\"default_features\":false,\"name\":\"constant_time_eq\",\"req\":\"^0.3.1\"},{\"features\":[\"mac\"],\"name\":\"digest\",\"optional\":true,\"req\":\"^0.10.1\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4.2\"},{\"kind\":\"dev\",\"name\":\"hmac\",\"req\":\"^0.12.0\"},{\"name\":\"memmap2\",\"optional\":true,\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"page_size\",\"req\":\"^0.6.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9.0\"},{\"kind\":\"dev\",\"name\":\"rand_chacha\",\"req\":\"^0.9.0\"},{\"name\":\"rayon-core\",\"optional\":true,\"req\":\"^1.12.1\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.107\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.8.0\"},{\"default_features\":false,\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"default\":[\"std\"],\"digest\":[\"dep:digest\"],\"mmap\":[\"std\",\"dep:memmap2\"],\"neon\":[],\"no_avx2\":[],\"no_avx512\":[],\"no_neon\":[],\"no_sse2\":[],\"no_sse41\":[],\"prefer_intrinsics\":[],\"pure\":[],\"rayon\":[\"dep:rayon-core\"],\"std\":[],\"traits-preview\":[\"dep:digest\"],\"wasm32_simd\":[],\"zeroize\":[\"dep:zeroize\",\"arrayvec/zeroize\"]}}", "block-buffer_0.10.4": "{\"dependencies\":[{\"name\":\"generic-array\",\"req\":\"^0.14\"}],\"features\":{}}", "block-buffer_0.12.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^1\"},{\"name\":\"hybrid-array\",\"req\":\"^0.4\"},{\"default_features\":false,\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1.4\"}],\"features\":{}}", "block-padding_0.3.3": "{\"dependencies\":[{\"name\":\"generic-array\",\"req\":\"^0.14\"}],\"features\":{\"std\":[]}}", @@ -713,6 +715,7 @@ "bstr_1.12.1": "{\"dependencies\":[{\"default_features\":false,\"name\":\"memchr\",\"req\":\"^2.7.1\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"dfa-search\"],\"name\":\"regex-automata\",\"optional\":true,\"req\":\"^0.4.1\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.85\"},{\"kind\":\"dev\",\"name\":\"ucd-parse\",\"req\":\"^0.1.3\"},{\"kind\":\"dev\",\"name\":\"unicode-segmentation\",\"req\":\"^1.2.1\"}],\"features\":{\"alloc\":[\"memchr/alloc\",\"serde?/alloc\"],\"default\":[\"std\",\"unicode\"],\"serde\":[\"dep:serde\"],\"std\":[\"alloc\",\"memchr/std\",\"serde?/std\"],\"unicode\":[\"dep:regex-automata\"]}}", "bumpalo_3.19.1": "{\"dependencies\":[{\"default_features\":false,\"name\":\"allocator-api2\",\"optional\":true,\"req\":\"^0.2.8\"},{\"kind\":\"dev\",\"name\":\"blink-alloc\",\"req\":\"=0.4.0\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3.6\"},{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.5\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"=1.10.0\"},{\"kind\":\"dev\",\"name\":\"rayon-core\",\"req\":\"=1.12.1\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.171\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.197\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.115\"}],\"features\":{\"allocator_api\":[],\"bench_allocator_api\":[\"allocator_api\",\"blink-alloc/nightly\"],\"boxed\":[],\"collections\":[],\"default\":[],\"serde\":[\"dep:serde\"],\"std\":[]}}", "bytemuck_1.25.0": "{\"dependencies\":[{\"name\":\"bytemuck_derive\",\"optional\":true,\"req\":\"^1.10.2\"},{\"name\":\"rustversion\",\"optional\":true,\"req\":\"^1.0.22\"}],\"features\":{\"aarch64_simd\":[],\"align_offset\":[],\"alloc_uninit\":[],\"avx512_simd\":[],\"const_zeroed\":[],\"derive\":[\"bytemuck_derive\"],\"extern_crate_alloc\":[],\"extern_crate_std\":[\"extern_crate_alloc\"],\"impl_core_error\":[],\"latest_stable_rust\":[\"aarch64_simd\",\"avx512_simd\",\"align_offset\",\"alloc_uninit\",\"const_zeroed\",\"derive\",\"impl_core_error\",\"min_const_generics\",\"must_cast\",\"must_cast_extra\",\"pod_saturating\",\"track_caller\",\"transparentwrapper_extra\",\"wasm_simd\",\"zeroable_atomics\",\"zeroable_maybe_uninit\",\"zeroable_unwind_fn\"],\"min_const_generics\":[],\"must_cast\":[],\"must_cast_extra\":[\"must_cast\"],\"nightly_docs\":[],\"nightly_float\":[],\"nightly_portable_simd\":[\"rustversion\"],\"nightly_stdsimd\":[],\"pod_saturating\":[],\"track_caller\":[],\"transparentwrapper_extra\":[],\"unsound_ptr_pod_impl\":[],\"wasm_simd\":[],\"zeroable_atomics\":[],\"zeroable_maybe_uninit\":[],\"zeroable_unwind_fn\":[]}}", + "bytemuck_derive_1.10.2": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"name\":\"quote\",\"req\":\"^1\"},{\"name\":\"syn\",\"req\":\"^2.0.1\"}],\"features\":{}}", "byteorder-lite_0.1.0": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^0.9.2\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", "byteorder_1.5.0": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^0.9.2\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"}],\"features\":{\"default\":[\"std\"],\"i128\":[],\"std\":[]}}", "bytes-utils_0.1.4": "{\"dependencies\":[{\"default_features\":false,\"name\":\"bytes\",\"req\":\"^1\"},{\"default_features\":false,\"name\":\"either\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.12\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0.144\"}],\"features\":{\"default\":[\"std\"],\"serde\":[\"dep:serde\",\"bytes/serde\"],\"std\":[\"bytes/default\"]}}", @@ -761,6 +764,7 @@ "cmake_0.1.57": "{\"dependencies\":[{\"name\":\"cc\",\"req\":\"^1.2.46\"}],\"features\":{}}", "cmov_0.5.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1.9\",\"target\":\"cfg(any(unix, windows))\"}],\"features\":{}}", "cmp_any_0.8.1": "{\"dependencies\":[],\"features\":{}}", + "cobs_0.3.0": "{\"dependencies\":[{\"name\":\"defmt\",\"optional\":true,\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"default_features\":false,\"name\":\"thiserror\",\"req\":\"^2\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"std\":[\"alloc\",\"thiserror/std\"],\"use_std\":[\"std\"]}}", "codespan-reporting_0.13.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1.6.3\"},{\"kind\":\"dev\",\"name\":\"peg\",\"req\":\"^0.7\"},{\"kind\":\"dev\",\"name\":\"pico-args\",\"req\":\"^0.5.0\"},{\"kind\":\"dev\",\"name\":\"rustyline\",\"req\":\"^6\"},{\"default_features\":false,\"features\":[\"derive\",\"alloc\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"termcolor\",\"optional\":true,\"req\":\"^1.0.4\"},{\"name\":\"unicode-width\",\"req\":\">=0.1, <0.3\"},{\"kind\":\"dev\",\"name\":\"unindent\",\"req\":\"^0.1\"}],\"features\":{\"ascii-only\":[],\"default\":[\"std\",\"termcolor\"],\"serialization\":[\"serde\"],\"std\":[\"serde?/std\"],\"termcolor\":[\"std\",\"dep:termcolor\"]}}", "color-eyre_0.6.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"ansi-parser\",\"req\":\"^0.8.0\"},{\"name\":\"backtrace\",\"req\":\"^0.3.59\"},{\"name\":\"color-spantrace\",\"optional\":true,\"req\":\"^0.3\"},{\"name\":\"eyre\",\"req\":\"^0.6\"},{\"name\":\"indenter\",\"req\":\"^0.3.0\"},{\"name\":\"once_cell\",\"req\":\"^1.18.0\"},{\"name\":\"owo-colors\",\"req\":\"^4.0\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"thiserror\",\"req\":\"^1.0.19\"},{\"kind\":\"dev\",\"name\":\"tracing\",\"req\":\"^0.1.13\"},{\"name\":\"tracing-error\",\"optional\":true,\"req\":\"^0.2.0\"},{\"features\":[\"env-filter\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3.0\"},{\"name\":\"url\",\"optional\":true,\"req\":\"^2.1.1\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3.15\",\"target\":\"cfg(target_arch = \\\"wasm32\\\")\"}],\"features\":{\"capture-spantrace\":[\"tracing-error\",\"color-spantrace\"],\"default\":[\"track-caller\",\"capture-spantrace\"],\"issue-url\":[\"url\"],\"track-caller\":[]}}", "color-spantrace_0.3.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"ansi-parser\",\"req\":\"^0.8\"},{\"name\":\"once_cell\",\"req\":\"^1.18.0\"},{\"name\":\"owo-colors\",\"req\":\"^4.0\"},{\"kind\":\"dev\",\"name\":\"tracing\",\"req\":\"^0.1.29\"},{\"name\":\"tracing-core\",\"req\":\"^0.1.21\"},{\"name\":\"tracing-error\",\"req\":\"^0.2.0\"},{\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3.4\"}],\"features\":{}}", @@ -812,8 +816,8 @@ "csv-core_0.1.13": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"arrayvec\",\"req\":\"^0.5\"},{\"default_features\":false,\"name\":\"memchr\",\"req\":\"^2\"}],\"features\":{\"default\":[],\"libc\":[\"memchr/libc\"]}}", "csv_1.4.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"alloc\",\"serde\"],\"kind\":\"dev\",\"name\":\"bstr\",\"req\":\"^1.7.0\"},{\"name\":\"csv-core\",\"req\":\"^0.1.11\"},{\"name\":\"itoa\",\"req\":\"^1\"},{\"name\":\"ryu\",\"req\":\"^1\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.221\"},{\"name\":\"serde_core\",\"req\":\"^1.0.221\"}],\"features\":{}}", "ctor-proc-macro_0.0.7": "{\"dependencies\":[],\"features\":{\"default\":[]}}", - "ctor_0.1.26": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"libc-print\",\"req\":\"^0.1.20\"},{\"name\":\"quote\",\"req\":\"^1.0.20\"},{\"default_features\":false,\"features\":[\"full\",\"parsing\",\"printing\",\"proc-macro\"],\"name\":\"syn\",\"req\":\"^1.0.98\"}],\"features\":{}}", "ctor_0.6.3": "{\"dependencies\":[{\"name\":\"ctor-proc-macro\",\"optional\":true,\"req\":\"=0.0.7\"},{\"default_features\":false,\"name\":\"dtor\",\"optional\":true,\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"libc-print\",\"req\":\"^0.1.20\"}],\"features\":{\"__no_warn_on_missing_unsafe\":[\"dtor?/__no_warn_on_missing_unsafe\"],\"default\":[\"dtor\",\"proc_macro\",\"__no_warn_on_missing_unsafe\"],\"dtor\":[\"dep:dtor\"],\"proc_macro\":[\"dep:ctor-proc-macro\",\"dtor?/proc_macro\"],\"used_linker\":[\"dtor?/used_linker\"]}}", + "ctor_1.0.6": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"libc-print\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"link-section\",\"optional\":true,\"req\":\"^0.17.0\"},{\"features\":[\"ctor\"],\"name\":\"linktime-proc-macro\",\"optional\":true,\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"macrotest\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2\"}],\"features\":{\"default\":[\"std\",\"proc_macro\",\"priority\"],\"priority\":[\"dep:link-section\"],\"proc_macro\":[\"dep:linktime-proc-macro\"],\"std\":[]}}", "ctutils_0.4.2": "{\"dependencies\":[{\"name\":\"cmov\",\"req\":\"^0.5.3\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1.11\"},{\"default_features\":false,\"name\":\"subtle\",\"optional\":true,\"req\":\"^2\"}],\"features\":{\"alloc\":[],\"subtle\":[\"dep:subtle\"]}}", "curve25519-dalek-derive_0.1.1": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.66\"},{\"name\":\"quote\",\"req\":\"^1.0.31\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0.27\"}],\"features\":{}}", "curve25519-dalek_4.1.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1\"},{\"name\":\"cfg-if\",\"req\":\"^1\"},{\"name\":\"cpufeatures\",\"req\":\"^0.2.6\",\"target\":\"cfg(target_arch = \\\"x86_64\\\")\"},{\"features\":[\"html_reports\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"name\":\"curve25519-dalek-derive\",\"req\":\"^0.1\",\"target\":\"cfg(all(not(curve25519_dalek_backend = \\\"fiat\\\"), not(curve25519_dalek_backend = \\\"serial\\\"), target_arch = \\\"x86_64\\\"))\"},{\"default_features\":false,\"name\":\"digest\",\"optional\":true,\"req\":\"^0.10\"},{\"default_features\":false,\"name\":\"ff\",\"optional\":true,\"req\":\"^0.13\"},{\"default_features\":false,\"name\":\"fiat-crypto\",\"req\":\"^0.2.1\",\"target\":\"cfg(curve25519_dalek_backend = \\\"fiat\\\")\"},{\"default_features\":false,\"name\":\"group\",\"optional\":true,\"req\":\"^0.13\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4.2\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"default_features\":false,\"name\":\"rand_core\",\"optional\":true,\"req\":\"^0.6.4\"},{\"default_features\":false,\"features\":[\"getrandom\"],\"kind\":\"dev\",\"name\":\"rand_core\",\"req\":\"^0.6\"},{\"kind\":\"build\",\"name\":\"rustc_version\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"sha2\",\"req\":\"^0.10\"},{\"default_features\":false,\"name\":\"subtle\",\"req\":\"^2.3.0\"},{\"default_features\":false,\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"alloc\":[\"zeroize?/alloc\"],\"default\":[\"alloc\",\"precomputed-tables\",\"zeroize\"],\"group\":[\"dep:group\",\"rand_core\"],\"group-bits\":[\"group\",\"ff/bits\"],\"legacy_compatibility\":[],\"precomputed-tables\":[]}}", @@ -888,7 +892,8 @@ "ed25519_2.2.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1\"},{\"features\":[\"rand_core\"],\"kind\":\"dev\",\"name\":\"ed25519-dalek\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^0.4\"},{\"name\":\"pkcs8\",\"optional\":true,\"req\":\"^0.10\"},{\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"rand_core\",\"req\":\"^0.6\"},{\"default_features\":false,\"features\":[\"signature\"],\"kind\":\"dev\",\"name\":\"ring-compat\",\"req\":\"^0.8\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"serde_bytes\",\"optional\":true,\"req\":\"^0.11\"},{\"default_features\":false,\"name\":\"signature\",\"req\":\"^2\"},{\"default_features\":false,\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"alloc\":[\"pkcs8?/alloc\"],\"default\":[\"std\"],\"pem\":[\"alloc\",\"pkcs8/pem\"],\"serde_bytes\":[\"serde\",\"dep:serde_bytes\"],\"std\":[\"pkcs8?/std\",\"signature/std\"]}}", "either_1.15.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"alloc\",\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.95\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.0\"}],\"features\":{\"default\":[\"std\"],\"std\":[],\"use_std\":[\"std\"]}}", "elliptic-curve_0.13.8": "{\"dependencies\":[{\"name\":\"base16ct\",\"req\":\"^0.2\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"base64ct\",\"optional\":true,\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"rand_core\",\"generic-array\",\"zeroize\"],\"name\":\"crypto-bigint\",\"req\":\"^0.5\"},{\"name\":\"digest\",\"optional\":true,\"req\":\"^0.10\"},{\"default_features\":false,\"name\":\"ff\",\"optional\":true,\"req\":\"^0.13\"},{\"default_features\":false,\"features\":[\"zeroize\"],\"name\":\"generic-array\",\"req\":\"^0.14.6\"},{\"default_features\":false,\"name\":\"group\",\"optional\":true,\"req\":\"^0.13\"},{\"name\":\"hex-literal\",\"optional\":true,\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^0.4\"},{\"default_features\":false,\"name\":\"hkdf\",\"optional\":true,\"req\":\"^0.12.1\"},{\"features\":[\"alloc\"],\"name\":\"pem-rfc7468\",\"optional\":true,\"req\":\"^0.7\"},{\"default_features\":false,\"name\":\"pkcs8\",\"optional\":true,\"req\":\"^0.10.2\"},{\"default_features\":false,\"name\":\"rand_core\",\"req\":\"^0.6.4\"},{\"features\":[\"subtle\",\"zeroize\"],\"name\":\"sec1\",\"optional\":true,\"req\":\"^0.7.1\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.47\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serdect\",\"optional\":true,\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"sha2\",\"req\":\"^0.10\"},{\"kind\":\"dev\",\"name\":\"sha3\",\"req\":\"^0.10\"},{\"default_features\":false,\"name\":\"subtle\",\"req\":\"^2\"},{\"default_features\":false,\"name\":\"tap\",\"optional\":true,\"req\":\"^1.0.1\"},{\"default_features\":false,\"name\":\"zeroize\",\"req\":\"^1.7\"}],\"features\":{\"alloc\":[\"base16ct/alloc\",\"ff?/alloc\",\"group?/alloc\",\"pkcs8?/alloc\",\"sec1?/alloc\",\"zeroize/alloc\"],\"arithmetic\":[\"group\"],\"bits\":[\"arithmetic\",\"ff/bits\",\"dep:tap\"],\"default\":[\"arithmetic\"],\"dev\":[\"arithmetic\",\"dep:hex-literal\",\"pem\",\"pkcs8\"],\"ecdh\":[\"arithmetic\",\"digest\",\"dep:hkdf\"],\"group\":[\"dep:group\",\"ff\"],\"hash2curve\":[\"arithmetic\",\"digest\"],\"hazmat\":[],\"jwk\":[\"dep:base64ct\",\"dep:serde_json\",\"alloc\",\"serde\",\"zeroize/alloc\"],\"pem\":[\"dep:pem-rfc7468\",\"alloc\",\"arithmetic\",\"pkcs8\",\"sec1/pem\"],\"pkcs8\":[\"dep:pkcs8\",\"sec1\"],\"serde\":[\"dep:serdect\",\"alloc\",\"pkcs8\",\"sec1/serde\"],\"std\":[\"alloc\",\"rand_core/std\",\"pkcs8?/std\",\"sec1?/std\"],\"voprf\":[\"digest\"]}}", - "ena_0.14.3": "{\"dependencies\":[{\"name\":\"dogged\",\"optional\":true,\"req\":\"^0.2.0\"},{\"name\":\"log\",\"req\":\"^0.4\"}],\"features\":{\"bench\":[],\"persistent\":[\"dogged\"]}}", + "embedded-io_0.4.0": "{\"dependencies\":[{\"name\":\"defmt\",\"optional\":true,\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures\",\"optional\":true,\"req\":\"^0.3.21\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.14\"},{\"default_features\":false,\"features\":[\"net\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"alloc\":[],\"async\":[],\"futures\":[\"std\",\"async\",\"dep:futures\"],\"std\":[\"alloc\",\"futures?/std\"],\"tokio\":[\"std\",\"async\",\"dep:tokio\"]}}", + "embedded-io_0.6.1": "{\"dependencies\":[{\"name\":\"defmt-03\",\"optional\":true,\"package\":\"defmt\",\"req\":\"^0.3\"}],\"features\":{\"alloc\":[],\"defmt-03\":[\"dep:defmt-03\"],\"std\":[\"alloc\"]}}", "encode_unicode_1.0.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"ascii\",\"optional\":true,\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.0\",\"target\":\"cfg(unix)\"},{\"features\":[\"https-native\"],\"kind\":\"dev\",\"name\":\"minreq\",\"req\":\"^2.6\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", "encoding_rs_0.8.35": "{\"dependencies\":[{\"name\":\"any_all_workaround\",\"optional\":true,\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.0\"},{\"name\":\"cfg-if\",\"req\":\"^1.0\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"alloc\"],\"fast-big5-hanzi-encode\":[],\"fast-gb-hanzi-encode\":[],\"fast-hangul-encode\":[],\"fast-hanja-encode\":[],\"fast-kanji-encode\":[],\"fast-legacy-encode\":[\"fast-hangul-encode\",\"fast-hanja-encode\",\"fast-kanji-encode\",\"fast-gb-hanzi-encode\",\"fast-big5-hanzi-encode\"],\"less-slow-big5-hanzi-encode\":[],\"less-slow-gb-hanzi-encode\":[],\"less-slow-kanji-encode\":[],\"simd-accel\":[\"any_all_workaround\"]}}", "endi_1.1.1": "{\"dependencies\":[],\"features\":{\"default\":[\"std\"],\"std\":[]}}", @@ -904,6 +909,7 @@ "env_logger_0.11.9": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"wincon\"],\"name\":\"anstream\",\"optional\":true,\"req\":\"^0.6.11\"},{\"name\":\"anstyle\",\"optional\":true,\"req\":\"^1.0.6\"},{\"default_features\":false,\"name\":\"env_filter\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"jiff\",\"optional\":true,\"req\":\"^0.2.3\"},{\"features\":[\"std\"],\"name\":\"log\",\"req\":\"^0.4.21\"}],\"features\":{\"auto-color\":[\"color\",\"anstream/auto\"],\"color\":[\"dep:anstream\",\"dep:anstyle\"],\"default\":[\"auto-color\",\"humantime\",\"regex\"],\"humantime\":[\"dep:jiff\"],\"kv\":[\"log/kv\"],\"regex\":[\"env_filter/regex\"],\"unstable-kv\":[\"kv\"]}}", "equivalent_1.0.2": "{\"dependencies\":[],\"features\":{}}", "erased-serde_0.3.31": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0.13\"},{\"default_features\":false,\"name\":\"serde\",\"req\":\"^1.0.166\"},{\"kind\":\"dev\",\"name\":\"serde_cbor\",\"req\":\"^0.11.2\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.166\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.99\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.83\"}],\"features\":{\"alloc\":[\"serde/alloc\"],\"default\":[\"std\"],\"std\":[\"serde/std\"],\"unstable-debug\":[]}}", + "erased-serde_0.4.10": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.8\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0.13\"},{\"default_features\":false,\"name\":\"serde\",\"req\":\"^1.0.220\",\"target\":\"cfg(any())\"},{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.220\"},{\"kind\":\"dev\",\"name\":\"serde_cbor\",\"req\":\"^0.11.2\"},{\"default_features\":false,\"name\":\"serde_core\",\"req\":\"^1.0.220\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.220\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.99\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"},{\"name\":\"typeid\",\"req\":\"^1\"}],\"features\":{\"alloc\":[\"serde_core/alloc\"],\"default\":[\"std\"],\"std\":[\"alloc\",\"serde_core/std\"],\"unstable-debug\":[]}}", "errno_0.3.14": "{\"dependencies\":[{\"default_features\":false,\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(target_os=\\\"hermit\\\")\"},{\"default_features\":false,\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(target_os=\\\"wasi\\\")\"},{\"default_features\":false,\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(unix)\"},{\"features\":[\"Win32_Foundation\",\"Win32_System_Diagnostics_Debug\"],\"name\":\"windows-sys\",\"req\":\">=0.52, <0.62\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[\"std\"],\"std\":[\"libc/std\"]}}", "error-code_3.3.2": "{\"dependencies\":[],\"features\":{\"std\":[]}}", "etcetera_0.11.0": "{\"dependencies\":[{\"name\":\"cfg-if\",\"req\":\"^1\"},{\"features\":[\"Win32_Foundation\",\"Win32_System_Com\",\"Win32_UI_Shell\"],\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{}}", @@ -911,6 +917,7 @@ "event-listener_5.4.1": "{\"dependencies\":[{\"default_features\":false,\"name\":\"concurrent-queue\",\"req\":\"^2.4.0\"},{\"default_features\":false,\"features\":[\"cargo_bench_support\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.7\"},{\"default_features\":false,\"name\":\"critical-section\",\"optional\":true,\"req\":\"^1.2.0\"},{\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"critical-section\",\"req\":\"^1.2.0\"},{\"kind\":\"dev\",\"name\":\"futures-lite\",\"req\":\"^2.0.0\"},{\"name\":\"loom\",\"optional\":true,\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"name\":\"parking\",\"optional\":true,\"req\":\"^2.0.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.12\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"portable-atomic-util\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"portable_atomic_crate\",\"optional\":true,\"package\":\"portable-atomic\",\"req\":\"^1.2.0\"},{\"kind\":\"dev\",\"name\":\"try-lock\",\"req\":\"^0.2.5\"},{\"kind\":\"dev\",\"name\":\"waker-fn\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3\",\"target\":\"cfg(target_family = \\\"wasm\\\")\"}],\"features\":{\"default\":[\"std\"],\"loom\":[\"concurrent-queue/loom\",\"parking?/loom\",\"dep:loom\"],\"portable-atomic\":[\"portable-atomic-util\",\"portable_atomic_crate\",\"concurrent-queue/portable-atomic\"],\"std\":[\"concurrent-queue/std\",\"parking\"]}}", "eventsource-stream_0.2.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-core\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"http\",\"req\":\"^0.2\"},{\"default_features\":false,\"name\":\"nom\",\"req\":\"^7.1\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.8\"},{\"features\":[\"stream\"],\"kind\":\"dev\",\"name\":\"reqwest\",\"req\":\"^0.11\"},{\"features\":[\"macros\",\"rt\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"url\",\"req\":\"^2.2\"}],\"features\":{\"default\":[\"std\"],\"std\":[\"futures-core/std\",\"nom/std\"]}}", "eyre_0.6.12": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.28\"},{\"kind\":\"dev\",\"name\":\"backtrace\",\"req\":\"^0.3.46\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"name\":\"indenter\",\"req\":\"^0.3.0\"},{\"name\":\"once_cell\",\"req\":\"^1.18.0\"},{\"default_features\":false,\"name\":\"pyo3\",\"optional\":true,\"req\":\"^0.20\"},{\"default_features\":false,\"features\":[\"auto-initialize\"],\"kind\":\"dev\",\"name\":\"pyo3\",\"req\":\"^0.20\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"syn\",\"req\":\"^2.0\"},{\"kind\":\"dev\",\"name\":\"thiserror\",\"req\":\"^1.0\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.19\"}],\"features\":{\"auto-install\":[],\"default\":[\"auto-install\",\"track-caller\"],\"track-caller\":[]}}", + "fancy-regex_0.16.2": "{\"dependencies\":[{\"default_features\":false,\"name\":\"bit-set\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"kind\":\"dev\",\"name\":\"matches\",\"req\":\"^0.1.10\"},{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1.10\"},{\"default_features\":false,\"features\":[\"alloc\",\"syntax\",\"meta\",\"nfa\",\"dfa\",\"hybrid\"],\"name\":\"regex-automata\",\"req\":\"^0.4\"},{\"default_features\":false,\"name\":\"regex-syntax\",\"req\":\"^0.8\"}],\"features\":{\"default\":[\"unicode\",\"perf\",\"std\"],\"perf\":[\"regex-automata/perf\"],\"std\":[\"regex-automata/std\",\"regex-syntax/std\",\"bit-set/std\"],\"track_caller\":[],\"unicode\":[\"regex-automata/unicode\",\"regex-syntax/unicode\"]}}", "faster-hex_0.10.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bytes\",\"req\":\"^1.4.0\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"name\":\"heapless\",\"req\":\"^0.8\",\"target\":\"cfg(not(feature = \\\"alloc\\\"))\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.3.2\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rustc-hex\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"std\",\"serde\"],\"serde\":[\"dep:serde\",\"alloc\"],\"std\":[\"alloc\",\"serde?/std\"]}}", "fastrand_2.3.0": "{\"dependencies\":[{\"features\":[\"js\"],\"name\":\"getrandom\",\"optional\":true,\"req\":\"^0.2\",\"target\":\"cfg(all(any(target_arch = \\\"wasm32\\\", target_arch = \\\"wasm64\\\"), target_os = \\\"unknown\\\"))\"},{\"kind\":\"dev\",\"name\":\"getrandom\",\"req\":\"^0.2\"},{\"features\":[\"js\"],\"kind\":\"dev\",\"name\":\"getrandom\",\"req\":\"^0.2\",\"target\":\"cfg(all(any(target_arch = \\\"wasm32\\\", target_arch = \\\"wasm64\\\"), target_os = \\\"unknown\\\"))\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3\",\"target\":\"cfg(all(any(target_arch = \\\"wasm32\\\", target_arch = \\\"wasm64\\\"), target_os = \\\"unknown\\\"))\"},{\"kind\":\"dev\",\"name\":\"wyhash\",\"req\":\"^0.5\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"js\":[\"std\",\"getrandom\"],\"std\":[\"alloc\"]}}", "fax_0.2.6": "{\"dependencies\":[{\"name\":\"fax_derive\",\"req\":\"^0.2.0\"},{\"kind\":\"dev\",\"name\":\"tiff\",\"req\":\"^0.9\"}],\"features\":{\"debug\":[]}}", @@ -932,6 +939,7 @@ "fluent-bundle_0.15.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"name\":\"fluent-langneg\",\"req\":\"^0.13\"},{\"name\":\"fluent-syntax\",\"req\":\"^0.11.1\"},{\"kind\":\"dev\",\"name\":\"iai\",\"req\":\"^0.1\"},{\"name\":\"intl-memoizer\",\"req\":\"^0.5.2\"},{\"name\":\"intl_pluralrules\",\"req\":\"^7.0.1\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"name\":\"rustc-hash\",\"req\":\"^1\"},{\"name\":\"self_cell\",\"req\":\"^0.10\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_yaml\",\"req\":\"^0.8\"},{\"name\":\"smallvec\",\"req\":\"^1\"},{\"name\":\"unic-langid\",\"req\":\"^0.9\"},{\"features\":[\"macros\"],\"kind\":\"dev\",\"name\":\"unic-langid\",\"req\":\"^0.9\"}],\"features\":{\"all-benchmarks\":[],\"default\":[]}}", "fluent-langneg_0.13.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"unic-langid\",\"req\":\"^0.9\"},{\"features\":[\"macros\"],\"kind\":\"dev\",\"name\":\"unic-langid\",\"req\":\"^0.9\"},{\"features\":[\"macros\"],\"kind\":\"dev\",\"name\":\"unic-locale\",\"req\":\"^0.9\"}],\"features\":{\"cldr\":[\"unic-langid/likelysubtags\"],\"default\":[]}}", "fluent-syntax_0.11.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"glob\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"iai\",\"req\":\"^0.1\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"thiserror\",\"req\":\"^1.0\"}],\"features\":{\"all-benchmarks\":[],\"default\":[],\"json\":[\"serde\",\"serde_json\"]}}", + "fluent-uri_0.1.4": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^1.3.2\"}],\"features\":{\"default\":[\"std\"],\"ipv_future\":[],\"rfc6874bis\":[],\"std\":[],\"unstable\":[]}}", "fluent_0.16.1": "{\"dependencies\":[{\"name\":\"fluent-bundle\",\"req\":\"^0.15.3\"},{\"name\":\"fluent-pseudo\",\"optional\":true,\"req\":\"^0.3.2\"},{\"name\":\"unic-langid\",\"req\":\"^0.9\"}],\"features\":{}}", "flume_0.12.0": "{\"dependencies\":[{\"features\":[\"attributes\",\"unstable\"],\"kind\":\"dev\",\"name\":\"async-std\",\"req\":\"^1.13.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5.1\"},{\"kind\":\"dev\",\"name\":\"crossbeam-channel\",\"req\":\"^0.5.5\"},{\"kind\":\"dev\",\"name\":\"crossbeam-utils\",\"req\":\"^0.8.10\"},{\"features\":[\"std\",\"js\"],\"name\":\"fastrand\",\"optional\":true,\"req\":\"^2.3\"},{\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-core\",\"optional\":true,\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-sink\",\"optional\":true,\"req\":\"^0.3\"},{\"features\":[\"js\"],\"kind\":\"dev\",\"name\":\"getrandom\",\"req\":\"^0.2.15\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.3\"},{\"features\":[\"mutex\"],\"name\":\"spin1\",\"package\":\"spin\",\"req\":\"^0.9.8\"},{\"features\":[\"rt\",\"macros\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.16.1\"},{\"kind\":\"dev\",\"name\":\"waker-fn\",\"req\":\"^1.1.0\"}],\"features\":{\"async\":[\"futures-sink\",\"futures-core\"],\"default\":[\"async\",\"select\",\"eventual-fairness\"],\"eventual-fairness\":[\"select\",\"fastrand\"],\"select\":[],\"spin\":[]}}", "fnv_1.0.7": "{\"dependencies\":[],\"features\":{\"default\":[\"std\"],\"std\":[]}}", @@ -1044,14 +1052,17 @@ "h2_0.4.13": "{\"dependencies\":[{\"name\":\"atomic-waker\",\"req\":\"^1.0.0\"},{\"name\":\"bytes\",\"req\":\"^1\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.10\"},{\"name\":\"fnv\",\"req\":\"^1.0.5\"},{\"default_features\":false,\"name\":\"futures-core\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-sink\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4.3\"},{\"name\":\"http\",\"req\":\"^1\"},{\"features\":[\"std\"],\"name\":\"indexmap\",\"req\":\"^2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.4\"},{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.0\"},{\"name\":\"slab\",\"req\":\"^0.4.2\"},{\"features\":[\"io-util\"],\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"rt-multi-thread\",\"macros\",\"sync\",\"net\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tokio-rustls\",\"req\":\"^0.26\"},{\"features\":[\"codec\",\"io\"],\"name\":\"tokio-util\",\"req\":\"^0.7.1\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"req\":\"^0.1.35\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.3.2\"},{\"kind\":\"dev\",\"name\":\"webpki-roots\",\"req\":\"^1\"}],\"features\":{\"stream\":[],\"unstable\":[]}}", "h2_0.4.6": "{\"dependencies\":[{\"name\":\"atomic-waker\",\"req\":\"^1.0.0\"},{\"name\":\"bytes\",\"req\":\"^1\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.10\"},{\"name\":\"fnv\",\"req\":\"^1.0.5\"},{\"default_features\":false,\"name\":\"futures-core\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-sink\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4.3\"},{\"name\":\"http\",\"req\":\"^1\"},{\"features\":[\"std\"],\"name\":\"indexmap\",\"req\":\"^2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.4\"},{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.0\"},{\"name\":\"slab\",\"req\":\"^0.4.2\"},{\"features\":[\"io-util\"],\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"rt-multi-thread\",\"macros\",\"sync\",\"net\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tokio-rustls\",\"req\":\"^0.26\"},{\"features\":[\"codec\",\"io\"],\"name\":\"tokio-util\",\"req\":\"^0.7.1\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"req\":\"^0.1.35\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.3.2\"},{\"kind\":\"dev\",\"name\":\"webpki-roots\",\"req\":\"^0.26\"}],\"features\":{\"stream\":[],\"unstable\":[]}}", "half_2.7.1": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.4.1\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"bytemuck\",\"optional\":true,\"req\":\"^1.4.1\"},{\"name\":\"cfg-if\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"name\":\"crunchy\",\"req\":\"^0.2.2\",\"target\":\"cfg(target_arch = \\\"spirv\\\")\"},{\"kind\":\"dev\",\"name\":\"crunchy\",\"req\":\"^0.2.2\"},{\"default_features\":false,\"features\":[\"libm\"],\"name\":\"num-traits\",\"optional\":true,\"req\":\"^0.2.16\"},{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"quickcheck_macros\",\"req\":\"^1.0\"},{\"default_features\":false,\"features\":[\"thread_rng\"],\"name\":\"rand\",\"optional\":true,\"req\":\"^0.9.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9.0\"},{\"default_features\":false,\"name\":\"rand_distr\",\"optional\":true,\"req\":\"^0.5.0\"},{\"name\":\"rkyv\",\"optional\":true,\"req\":\"^0.8.0\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"features\":[\"derive\",\"simd\"],\"name\":\"zerocopy\",\"req\":\"^0.8.26\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"nightly\":[],\"rand_distr\":[\"dep:rand\",\"dep:rand_distr\"],\"std\":[\"alloc\"],\"use-intrinsics\":[],\"zerocopy\":[]}}", + "hash32_0.2.1": "{\"dependencies\":[{\"default_features\":false,\"name\":\"byteorder\",\"req\":\"^1.2.2\"},{\"kind\":\"dev\",\"name\":\"hash32-derive\",\"req\":\"^0.1.0\"}],\"features\":{}}", "hash32_0.3.1": "{\"dependencies\":[{\"default_features\":false,\"name\":\"byteorder\",\"req\":\"^1.2.2\"}],\"features\":{}}", "hashbrown_0.12.3": "{\"dependencies\":[{\"default_features\":false,\"name\":\"ahash\",\"optional\":true,\"req\":\"^0.7.0\"},{\"name\":\"alloc\",\"optional\":true,\"package\":\"rustc-std-workspace-alloc\",\"req\":\"^1.0.0\"},{\"name\":\"bumpalo\",\"optional\":true,\"req\":\"^3.5.0\"},{\"name\":\"compiler_builtins\",\"optional\":true,\"req\":\"^0.1.2\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0.7\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.4\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.3\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.25\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"ahash-compile-time-rng\":[\"ahash/compile-time-rng\"],\"default\":[\"ahash\",\"inline-more\"],\"inline-more\":[],\"nightly\":[],\"raw\":[],\"rustc-dep-of-std\":[\"nightly\",\"core\",\"compiler_builtins\",\"alloc\",\"rustc-internal-api\"],\"rustc-internal-api\":[]}}", "hashbrown_0.14.5": "{\"dependencies\":[{\"default_features\":false,\"name\":\"ahash\",\"optional\":true,\"req\":\"^0.8.7\"},{\"name\":\"alloc\",\"optional\":true,\"package\":\"rustc-std-workspace-alloc\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"allocator-api2\",\"optional\":true,\"req\":\"^0.2.9\"},{\"features\":[\"allocator-api2\"],\"kind\":\"dev\",\"name\":\"bumpalo\",\"req\":\"^3.13.0\"},{\"name\":\"compiler_builtins\",\"optional\":true,\"req\":\"^0.1.2\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.1\"},{\"default_features\":false,\"name\":\"equivalent\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0.7\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.4\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.3\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.0\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"rkyv\",\"optional\":true,\"req\":\"^0.7.42\"},{\"features\":[\"validation\"],\"kind\":\"dev\",\"name\":\"rkyv\",\"req\":\"^0.7.42\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.25\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"ahash\",\"inline-more\",\"allocator-api2\"],\"inline-more\":[],\"nightly\":[\"allocator-api2?/nightly\",\"bumpalo/allocator_api\"],\"raw\":[],\"rustc-dep-of-std\":[\"nightly\",\"core\",\"compiler_builtins\",\"alloc\",\"rustc-internal-api\"],\"rustc-internal-api\":[]}}", "hashbrown_0.15.5": "{\"dependencies\":[{\"name\":\"alloc\",\"optional\":true,\"package\":\"rustc-std-workspace-alloc\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"allocator-api2\",\"optional\":true,\"req\":\"^0.2.9\"},{\"features\":[\"allocator-api2\"],\"kind\":\"dev\",\"name\":\"bumpalo\",\"req\":\"^3.13.0\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.1\"},{\"default_features\":false,\"name\":\"equivalent\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0.7\"},{\"default_features\":false,\"name\":\"foldhash\",\"optional\":true,\"req\":\"^0.1.2\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.4\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9.0\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.2\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.2\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.25\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"default-hasher\",\"inline-more\",\"allocator-api2\",\"equivalent\",\"raw-entry\"],\"default-hasher\":[\"dep:foldhash\"],\"inline-more\":[],\"nightly\":[\"bumpalo/allocator_api\"],\"raw-entry\":[],\"rustc-dep-of-std\":[\"nightly\",\"core\",\"alloc\",\"rustc-internal-api\"],\"rustc-internal-api\":[]}}", "hashbrown_0.16.1": "{\"dependencies\":[{\"name\":\"alloc\",\"optional\":true,\"package\":\"rustc-std-workspace-alloc\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"allocator-api2\",\"optional\":true,\"req\":\"^0.2.9\"},{\"features\":[\"allocator-api2\"],\"kind\":\"dev\",\"name\":\"bumpalo\",\"req\":\"^3.13.0\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"name\":\"equivalent\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0.7\"},{\"default_features\":false,\"name\":\"foldhash\",\"optional\":true,\"req\":\"^0.2.0\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.4\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.155\",\"target\":\"cfg(unix)\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9.0\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.9.0\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.2\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.220\",\"target\":\"cfg(any())\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.221\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"default-hasher\",\"inline-more\",\"allocator-api2\",\"equivalent\",\"raw-entry\"],\"default-hasher\":[\"dep:foldhash\"],\"inline-more\":[],\"nightly\":[\"foldhash?/nightly\",\"bumpalo/allocator_api\"],\"raw-entry\":[],\"rustc-dep-of-std\":[\"nightly\",\"core\",\"alloc\",\"rustc-internal-api\"],\"rustc-internal-api\":[],\"serde\":[\"dep:serde_core\",\"dep:serde\"]}}", + "hashbrown_0.17.1": "{\"dependencies\":[{\"name\":\"alloc\",\"optional\":true,\"package\":\"rustc-std-workspace-alloc\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"allocator-api2\",\"optional\":true,\"req\":\"^0.2.9\"},{\"features\":[\"allocator-api2\"],\"kind\":\"dev\",\"name\":\"bumpalo\",\"req\":\"^3.13.0\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"features\":[\"html_reports\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.7\"},{\"default_features\":false,\"name\":\"equivalent\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0.7\"},{\"default_features\":false,\"name\":\"foldhash\",\"optional\":true,\"req\":\"^0.2.0\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.155\",\"target\":\"cfg(unix)\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9.0\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.9.0\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.2\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.220\",\"target\":\"cfg(any())\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.221\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"default-hasher\",\"inline-more\",\"allocator-api2\",\"equivalent\",\"raw-entry\"],\"default-hasher\":[\"dep:foldhash\"],\"inline-more\":[],\"nightly\":[\"foldhash?/nightly\",\"bumpalo/allocator_api\"],\"raw-entry\":[],\"rustc-dep-of-std\":[\"nightly\",\"core\",\"alloc\",\"rustc-internal-api\"],\"rustc-internal-api\":[],\"serde\":[\"dep:serde_core\",\"dep:serde\"]}}", "hashlink_0.11.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"default-hasher\"],\"name\":\"hashbrown\",\"req\":\"^0.16\"},{\"kind\":\"dev\",\"name\":\"rustc-hash\",\"req\":\"^2\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"serde_impl\":[\"serde\"]}}", "headers-core_0.3.0": "{\"dependencies\":[{\"name\":\"http\",\"req\":\"^1.0.0\"}],\"features\":{}}", "headers_0.4.1": "{\"dependencies\":[{\"name\":\"base64\",\"req\":\"^0.22\"},{\"name\":\"bytes\",\"req\":\"^1\"},{\"name\":\"headers-core\",\"req\":\"^0.3\"},{\"name\":\"http\",\"req\":\"^1.0.0\"},{\"name\":\"httpdate\",\"req\":\"^1\"},{\"name\":\"mime\",\"req\":\"^0.3.14\"},{\"name\":\"sha1\",\"req\":\"^0.10\"}],\"features\":{\"nightly\":[]}}", + "heapless_0.7.17": "{\"dependencies\":[{\"name\":\"atomic-polyfill\",\"req\":\"^1\",\"target\":\"riscv32i-unknown-none-elf\"},{\"name\":\"atomic-polyfill\",\"req\":\"^1\",\"target\":\"riscv32imc-unknown-none-elf\"},{\"name\":\"atomic-polyfill\",\"req\":\"^1\",\"target\":\"xtensa-esp32s2-none-elf\"},{\"name\":\"atomic-polyfill\",\"optional\":true,\"req\":\"^1\",\"target\":\"cfg(target_arch = \\\"avr\\\")\"},{\"name\":\"atomic-polyfill\",\"optional\":true,\"req\":\"^1\",\"target\":\"thumbv6m-none-eabi\"},{\"name\":\"defmt\",\"optional\":true,\"req\":\">=0.2.0, <0.4\"},{\"name\":\"hash32\",\"req\":\"^0.2.1\"},{\"kind\":\"build\",\"name\":\"rustc_version\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"spin\",\"req\":\"^0.9.2\",\"target\":\"cfg(target_arch = \\\"x86_64\\\")\"},{\"default_features\":false,\"name\":\"stable_deref_trait\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"ufmt\",\"req\":\"^0.1\"},{\"name\":\"ufmt-write\",\"optional\":true,\"req\":\"^0.1\"}],\"features\":{\"__trybuild\":[],\"cas\":[\"atomic-polyfill\"],\"default\":[\"cas\"],\"defmt-impl\":[\"defmt\"],\"mpmc_large\":[],\"ufmt-impl\":[\"ufmt-write\"],\"x86-sync-pool\":[]}}", "heapless_0.8.0": "{\"dependencies\":[{\"name\":\"defmt\",\"optional\":true,\"req\":\">=0.2.0, <0.4\"},{\"name\":\"hash32\",\"req\":\"^0.3.0\"},{\"name\":\"portable-atomic\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"default_features\":false,\"name\":\"stable_deref_trait\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"ufmt\",\"req\":\"^0.2\"},{\"name\":\"ufmt-write\",\"optional\":true,\"req\":\"^0.1\"}],\"features\":{\"defmt-03\":[\"dep:defmt\"],\"mpmc_large\":[],\"portable-atomic\":[\"dep:portable-atomic\"],\"portable-atomic-critical-section\":[\"dep:portable-atomic\",\"portable-atomic\",\"portable-atomic?/critical-section\"],\"portable-atomic-unsafe-assume-single-core\":[\"dep:portable-atomic\",\"portable-atomic\",\"portable-atomic?/unsafe-assume-single-core\"],\"serde\":[\"dep:serde\"],\"ufmt\":[\"dep:ufmt-write\"]}}", "heck_0.4.1": "{\"dependencies\":[{\"name\":\"unicode-segmentation\",\"optional\":true,\"req\":\"^1.2.0\"}],\"features\":{\"default\":[],\"unicode\":[\"unicode-segmentation\"]}}", "heck_0.5.0": "{\"dependencies\":[],\"features\":{}}", @@ -1124,6 +1135,7 @@ "indenter_0.3.4": "{\"dependencies\":[],\"features\":{\"default\":[],\"std\":[]}}", "indexmap_1.9.3": "{\"dependencies\":[{\"default_features\":false,\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"build\",\"name\":\"autocfg\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"fxhash\",\"req\":\"^0.2.1\"},{\"default_features\":false,\"features\":[\"raw\"],\"name\":\"hashbrown\",\"req\":\"^0.12\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.10\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.3\"},{\"default_features\":false,\"name\":\"quickcheck\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.4.1\"},{\"name\":\"rustc-rayon\",\"optional\":true,\"package\":\"rustc-rayon\",\"req\":\"^0.5\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0\"}],\"features\":{\"serde-1\":[\"serde\"],\"std\":[],\"test_debug\":[],\"test_low_transition_point\":[]}}", "indexmap_2.13.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"borsh\",\"optional\":true,\"req\":\"^1.2\"},{\"default_features\":false,\"name\":\"equivalent\",\"req\":\"^1.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"fastrand\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"hashbrown\",\"req\":\"^0.16.1\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.14\"},{\"default_features\":false,\"name\":\"quickcheck\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.9\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.220\",\"target\":\"cfg(any())\"},{\"default_features\":false,\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"default_features\":false,\"name\":\"sval\",\"optional\":true,\"req\":\"^2\"}],\"features\":{\"default\":[\"std\"],\"serde\":[\"dep:serde_core\",\"dep:serde\"],\"std\":[],\"test_debug\":[]}}", + "indexmap_2.14.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"borsh\",\"optional\":true,\"req\":\"^1.2\"},{\"default_features\":false,\"name\":\"equivalent\",\"req\":\"^1.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"fastrand\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"fnv\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"hashbrown\",\"req\":\"^0.17\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.14\"},{\"default_features\":false,\"name\":\"quickcheck\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.1\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.9\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.220\",\"target\":\"cfg(any())\"},{\"default_features\":false,\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"default_features\":false,\"name\":\"sval\",\"optional\":true,\"req\":\"^2\"}],\"features\":{\"default\":[\"std\"],\"serde\":[\"dep:serde_core\",\"dep:serde\"],\"std\":[],\"test_debug\":[]}}", "indoc_2.0.7": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"},{\"kind\":\"dev\",\"name\":\"unindent\",\"req\":\"^0.2.3\"}],\"features\":{}}", "inotify-sys_0.1.5": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2\"}],\"features\":{}}", "inotify_0.11.0": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2\"},{\"name\":\"futures-core\",\"optional\":true,\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.1\"},{\"name\":\"inotify-sys\",\"req\":\"^0.1.3\"},{\"name\":\"libc\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"maplit\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\"},{\"features\":[\"net\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.0.1\"},{\"features\":[\"macros\",\"rt-multi-thread\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.1\"}],\"features\":{\"default\":[\"stream\"],\"stream\":[\"futures-core\",\"tokio\"]}}", @@ -1132,7 +1144,7 @@ "instability_0.3.11": "{\"dependencies\":[{\"name\":\"darling\",\"req\":\"^0.23\"},{\"name\":\"indoc\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^1.4\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0.86\"},{\"name\":\"quote\",\"req\":\"^1.0.25\"},{\"features\":[\"derive\",\"full\"],\"name\":\"syn\",\"req\":\"^2.0.15\"}],\"features\":{}}", "intl-memoizer_0.5.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"fluent-langneg\",\"req\":\"^0.13\"},{\"kind\":\"dev\",\"name\":\"intl_pluralrules\",\"req\":\"^7.0\"},{\"name\":\"type-map\",\"req\":\"^0.5\"},{\"name\":\"unic-langid\",\"req\":\"^0.9\"}],\"features\":{}}", "intl_pluralrules_7.0.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"name\":\"unic-langid\",\"req\":\"^0.9\"},{\"features\":[\"macros\"],\"kind\":\"dev\",\"name\":\"unic-langid\",\"req\":\"^0.9\"}],\"features\":{}}", - "inventory_0.3.21": "{\"dependencies\":[{\"name\":\"rustversion\",\"req\":\"^1.0\",\"target\":\"cfg(target_family = \\\"wasm\\\")\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.89\"}],\"features\":{}}", + "inventory_0.3.24": "{\"dependencies\":[{\"name\":\"rustversion\",\"req\":\"^1.0\",\"target\":\"cfg(target_family = \\\"wasm\\\")\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"}],\"features\":{}}", "io-close_0.3.7": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2.80\",\"target\":\"cfg(unix)\"},{\"name\":\"os_pipe\",\"optional\":true,\"req\":\"^0.9.2\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\"},{\"features\":[\"handleapi\",\"std\",\"winsock2\"],\"name\":\"winapi\",\"req\":\"^0.3.9\",\"target\":\"cfg(windows)\"}],\"features\":{}}", "io_tee_0.1.1": "{\"dependencies\":[],\"features\":{}}", "ipconfig_0.3.2": "{\"dependencies\":[{\"name\":\"socket2\",\"req\":\"^0.5.1\",\"target\":\"cfg(windows)\"},{\"name\":\"widestring\",\"req\":\"^1.0.2\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_System_Registry\"],\"name\":\"windows-sys\",\"req\":\"^0.48.0\",\"target\":\"cfg(windows)\"},{\"name\":\"winreg\",\"optional\":true,\"req\":\"^0.50.0\",\"target\":\"cfg(windows)\"}],\"features\":{\"computer\":[\"winreg\"],\"default\":[\"computer\"]}}", @@ -1141,7 +1153,6 @@ "is-terminal_0.4.17": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"atty\",\"req\":\"^0.2.14\"},{\"name\":\"hermit-abi\",\"req\":\"^0.5.0\",\"target\":\"cfg(target_os = \\\"hermit\\\")\"},{\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(any(unix, target_os = \\\"wasi\\\"))\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.110\",\"target\":\"cfg(any(unix, target_os = \\\"wasi\\\"))\"},{\"features\":[\"termios\"],\"kind\":\"dev\",\"name\":\"rustix\",\"req\":\"^1.0.0\",\"target\":\"cfg(any(unix, target_os = \\\"wasi\\\"))\"},{\"features\":[\"stdio\"],\"kind\":\"dev\",\"name\":\"rustix\",\"req\":\"^1.0.0\",\"target\":\"cfg(not(any(windows, target_os = \\\"hermit\\\", target_os = \\\"unknown\\\")))\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Storage_FileSystem\",\"Win32_System_Console\"],\"name\":\"windows-sys\",\"req\":\">=0.52, <0.62\",\"target\":\"cfg(windows)\"}],\"features\":{}}", "is_ci_1.2.0": "{\"dependencies\":[],\"features\":{}}", "is_terminal_polyfill_1.70.2": "{\"dependencies\":[],\"features\":{\"default\":[]}}", - "itertools_0.10.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"= 0\"},{\"default_features\":false,\"name\":\"either\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"paste\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"permutohedron\",\"req\":\"^0.2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"}],\"features\":{\"default\":[\"use_std\"],\"use_alloc\":[],\"use_std\":[\"use_alloc\",\"either/use_std\"]}}", "itertools_0.11.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"either\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"paste\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"permutohedron\",\"req\":\"^0.2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"}],\"features\":{\"default\":[\"use_std\"],\"use_alloc\":[],\"use_std\":[\"use_alloc\",\"either/use_std\"]}}", "itertools_0.12.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"either\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"paste\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"permutohedron\",\"req\":\"^0.2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"}],\"features\":{\"default\":[\"use_std\"],\"use_alloc\":[],\"use_std\":[\"use_alloc\",\"either/use_std\"]}}", "itertools_0.13.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"either\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"paste\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"permutohedron\",\"req\":\"^0.2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.7\"}],\"features\":{\"default\":[\"use_std\"],\"use_alloc\":[],\"use_std\":[\"use_alloc\",\"either/use_std\"]}}", @@ -1167,26 +1178,26 @@ "kqueue-sys_1.0.4": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^1.2.1\"},{\"name\":\"libc\",\"req\":\"^0.2.74\"}],\"features\":{}}", "kqueue_1.1.1": "{\"dependencies\":[{\"features\":[\"html_reports\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"kind\":\"dev\",\"name\":\"dhat\",\"req\":\"^0.3.2\"},{\"name\":\"kqueue-sys\",\"req\":\"^1.0.4\"},{\"name\":\"libc\",\"req\":\"^0.2.17\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\"}],\"features\":{}}", "kstring_2.0.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5\"},{\"name\":\"document-features\",\"optional\":true,\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1.4.0\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"static_assertions\",\"req\":\"^1.1.0\"}],\"features\":{\"arc\":[],\"default\":[\"std\",\"unsafe\"],\"max_inline\":[],\"std\":[],\"unsafe\":[],\"unstable_bench_subset\":[]}}", - "lalrpop-util_0.19.12": "{\"dependencies\":[{\"name\":\"regex\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"default\":[\"std\"],\"lexer\":[\"regex/std\",\"std\"],\"std\":[]}}", - "lalrpop_0.19.12": "{\"dependencies\":[{\"default_features\":false,\"name\":\"ascii-canvas\",\"req\":\"^3.0\"},{\"default_features\":false,\"name\":\"bit-set\",\"req\":\"^0.5.2\"},{\"default_features\":false,\"name\":\"diff\",\"req\":\"^0.1.12\"},{\"default_features\":false,\"name\":\"ena\",\"req\":\"^0.14\"},{\"name\":\"is-terminal\",\"req\":\"^0.4.2\"},{\"default_features\":false,\"features\":[\"use_std\"],\"name\":\"itertools\",\"req\":\"^0.10\"},{\"name\":\"lalrpop-util\",\"req\":\"^0.19.12\"},{\"default_features\":false,\"name\":\"petgraph\",\"req\":\"^0.6\"},{\"default_features\":false,\"name\":\"pico-args\",\"optional\":true,\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"regex\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"std\",\"unicode-case\",\"unicode-perl\"],\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"unicode\"],\"name\":\"regex-syntax\",\"req\":\"^0.6\"},{\"default_features\":false,\"features\":[\"unicode-case\",\"unicode-perl\"],\"kind\":\"dev\",\"name\":\"regex-syntax\",\"req\":\"^0.6\"},{\"default_features\":false,\"name\":\"string_cache\",\"req\":\"^0.8\"},{\"default_features\":false,\"name\":\"term\",\"req\":\"^0.7\"},{\"features\":[\"sha3\"],\"name\":\"tiny-keccak\",\"req\":\"^2.0.2\"},{\"default_features\":false,\"name\":\"unicode-xid\",\"req\":\"^0.2\"}],\"features\":{\"default\":[\"lexer\"],\"lexer\":[\"lalrpop-util/lexer\"],\"test\":[]}}", "landlock_0.4.4": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0\"},{\"name\":\"enumflags2\",\"req\":\"^0.7\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1\"},{\"name\":\"libc\",\"req\":\"^0.2.175\"},{\"kind\":\"dev\",\"name\":\"strum\",\"req\":\"^0.26\"},{\"kind\":\"dev\",\"name\":\"strum_macros\",\"req\":\"^0.26\"},{\"name\":\"thiserror\",\"req\":\"^2.0\"}],\"features\":{}}", "language-tags_0.3.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bencher\",\"req\":\"^0.1\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{}}", "lazy_static_1.5.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.1\"},{\"default_features\":false,\"features\":[\"once\"],\"name\":\"spin\",\"optional\":true,\"req\":\"^0.9.8\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1\"}],\"features\":{\"spin_no_std\":[\"spin\"]}}", "leb128fmt_0.1.0": "{\"dependencies\":[],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"std\":[]}}", - "libc_0.2.182": "{\"dependencies\":[{\"name\":\"rustc-std-workspace-core\",\"optional\":true,\"req\":\"^1.0.1\"}],\"features\":{\"align\":[],\"const-extern-fn\":[],\"default\":[\"std\"],\"extra_traits\":[],\"rustc-dep-of-std\":[\"align\",\"rustc-std-workspace-core\"],\"std\":[],\"use_std\":[\"std\"]}}", "libc_0.2.183": "{\"dependencies\":[{\"name\":\"rustc-std-workspace-core\",\"optional\":true,\"req\":\"^1.0.1\"}],\"features\":{\"align\":[],\"const-extern-fn\":[],\"default\":[\"std\"],\"extra_traits\":[],\"rustc-dep-of-std\":[\"align\",\"rustc-std-workspace-core\"],\"std\":[],\"use_std\":[\"std\"]}}", + "libc_0.2.186": "{\"dependencies\":[{\"name\":\"rustc-std-workspace-core\",\"optional\":true,\"req\":\"^1.0.1\"}],\"features\":{\"align\":[],\"const-extern-fn\":[],\"default\":[\"std\"],\"extra_traits\":[],\"rustc-dep-of-std\":[\"align\",\"rustc-std-workspace-core\"],\"std\":[],\"use_std\":[\"std\"]}}", "libdbus-sys_0.2.7": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cc\",\"optional\":true,\"req\":\"^1.0.78\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"optional\":true,\"req\":\"^0.3\"}],\"features\":{\"default\":[\"pkg-config\"],\"vendored\":[\"cc\"]}}", "libgit2-sys_0.18.3+1.9.2": "{\"dependencies\":[{\"features\":[\"parallel\"],\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.0.43\"},{\"name\":\"libc\",\"req\":\"^0.2\"},{\"name\":\"libssh2-sys\",\"optional\":true,\"req\":\"^0.3.0\"},{\"default_features\":false,\"features\":[\"libc\"],\"name\":\"libz-sys\",\"req\":\"^1.1.0\"},{\"name\":\"openssl-sys\",\"optional\":true,\"req\":\"^0.9.45\",\"target\":\"cfg(unix)\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"req\":\"^0.3.15\"}],\"features\":{\"https\":[\"openssl-sys\"],\"ssh\":[\"libssh2-sys\"],\"vendored\":[],\"vendored-openssl\":[\"openssl-sys/vendored\"],\"zlib-ng-compat\":[\"libz-sys/zlib-ng\",\"libssh2-sys?/zlib-ng-compat\"]}}", "libloading_0.8.9": "{\"dependencies\":[{\"name\":\"cfg-if\",\"req\":\"^1\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"static_assertions\",\"req\":\"^1.1\"},{\"name\":\"windows-link\",\"req\":\"^0.2\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_Foundation\"],\"kind\":\"dev\",\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{}}", "libm_0.2.16": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"no-panic\",\"req\":\"^0.1.35\"}],\"features\":{\"arch\":[],\"default\":[\"arch\"],\"force-soft-floats\":[],\"unstable\":[\"unstable-intrinsics\",\"unstable-float\"],\"unstable-float\":[],\"unstable-intrinsics\":[],\"unstable-public-internals\":[]}}", "libredox_0.1.12": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2\"},{\"name\":\"ioslice\",\"optional\":true,\"req\":\"^0.6\"},{\"name\":\"libc\",\"req\":\"^0.2\"},{\"name\":\"redox_syscall\",\"optional\":true,\"req\":\"^0.7\"}],\"features\":{\"call\":[],\"default\":[\"call\",\"std\",\"redox_syscall\"],\"mkns\":[\"ioslice\"],\"std\":[]}}", "libredox_0.1.14": "{\"dependencies\":[{\"name\":\"bitflags\",\"optional\":true,\"req\":\"^2\"},{\"name\":\"ioslice\",\"optional\":true,\"req\":\"^0.6\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2\"},{\"name\":\"plain\",\"optional\":true,\"req\":\"^0.2\"},{\"name\":\"redox_syscall\",\"optional\":true,\"req\":\"^0.7\"}],\"features\":{\"base\":[\"libc\"],\"call\":[\"base\"],\"default\":[\"base\",\"call\",\"std\",\"redox_syscall\",\"protocol\"],\"mkns\":[\"ioslice\"],\"protocol\":[\"plain\",\"bitflags\",\"redox_syscall\"],\"std\":[\"base\"]}}", - "libsqlite3-sys_0.37.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"runtime\"],\"kind\":\"build\",\"name\":\"bindgen\",\"optional\":true,\"req\":\"^0.72\"},{\"kind\":\"build\",\"name\":\"cc\",\"optional\":true,\"req\":\"^1.2.27\"},{\"name\":\"openssl-sys\",\"optional\":true,\"req\":\"^0.9.103\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"optional\":true,\"req\":\"^0.3.19\"},{\"kind\":\"build\",\"name\":\"prettyplease\",\"optional\":true,\"req\":\"^0.2.20\"},{\"default_features\":false,\"kind\":\"build\",\"name\":\"quote\",\"optional\":true,\"req\":\"^1.0.36\"},{\"features\":[\"full\",\"extra-traits\",\"visit-mut\"],\"kind\":\"build\",\"name\":\"syn\",\"optional\":true,\"req\":\"^2.0.89\"},{\"kind\":\"build\",\"name\":\"vcpkg\",\"optional\":true,\"req\":\"^0.2.15\"}],\"features\":{\"buildtime_bindgen\":[\"bindgen\",\"pkg-config\",\"vcpkg\"],\"bundled\":[\"cc\",\"bundled_bindings\"],\"bundled-sqlcipher\":[\"bundled\"],\"bundled-sqlcipher-vendored-openssl\":[\"bundled-sqlcipher\",\"openssl-sys/vendored\"],\"bundled-windows\":[\"cc\",\"bundled_bindings\"],\"bundled_bindings\":[],\"column_metadata\":[],\"default\":[\"min_sqlite_version_3_34_1\"],\"in_gecko\":[],\"loadable_extension\":[\"prettyplease\",\"quote\",\"syn\"],\"min_sqlite_version_3_34_1\":[\"pkg-config\",\"vcpkg\"],\"preupdate_hook\":[\"buildtime_bindgen\"],\"session\":[\"preupdate_hook\",\"buildtime_bindgen\"],\"sqlcipher\":[],\"unlock_notify\":[],\"wasm32-wasi-vfs\":[],\"with-asan\":[]}}", + "libsqlite3-sys_0.35.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"runtime\"],\"kind\":\"build\",\"name\":\"bindgen\",\"optional\":true,\"req\":\"^0.72\"},{\"kind\":\"build\",\"name\":\"cc\",\"optional\":true,\"req\":\"^1.1.6\"},{\"name\":\"openssl-sys\",\"optional\":true,\"req\":\"^0.9.103\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"optional\":true,\"req\":\"^0.3.19\"},{\"kind\":\"build\",\"name\":\"prettyplease\",\"optional\":true,\"req\":\"^0.2.20\"},{\"default_features\":false,\"kind\":\"build\",\"name\":\"quote\",\"optional\":true,\"req\":\"^1.0.36\"},{\"features\":[\"full\",\"extra-traits\",\"visit-mut\"],\"kind\":\"build\",\"name\":\"syn\",\"optional\":true,\"req\":\"^2.0.72\"},{\"kind\":\"build\",\"name\":\"vcpkg\",\"optional\":true,\"req\":\"^0.2.15\"}],\"features\":{\"buildtime_bindgen\":[\"bindgen\",\"pkg-config\",\"vcpkg\"],\"bundled\":[\"cc\",\"bundled_bindings\"],\"bundled-sqlcipher\":[\"bundled\"],\"bundled-sqlcipher-vendored-openssl\":[\"bundled-sqlcipher\",\"openssl-sys/vendored\"],\"bundled-windows\":[\"cc\",\"bundled_bindings\"],\"bundled_bindings\":[],\"column_metadata\":[],\"default\":[\"min_sqlite_version_3_14_0\"],\"in_gecko\":[],\"loadable_extension\":[\"prettyplease\",\"quote\",\"syn\"],\"min_sqlite_version_3_14_0\":[\"pkg-config\",\"vcpkg\"],\"preupdate_hook\":[\"buildtime_bindgen\"],\"session\":[\"preupdate_hook\",\"buildtime_bindgen\"],\"sqlcipher\":[],\"unlock_notify\":[],\"wasm32-wasi-vfs\":[],\"with-asan\":[]}}", "libssh2-sys_0.3.1": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.0.25\"},{\"name\":\"libc\",\"req\":\"^0.2\"},{\"default_features\":false,\"features\":[\"libc\"],\"name\":\"libz-sys\",\"req\":\"^1.1.0\"},{\"name\":\"openssl-sys\",\"req\":\"^0.9.35\",\"target\":\"cfg(unix)\"},{\"name\":\"openssl-sys\",\"optional\":true,\"req\":\"^0.9.35\",\"target\":\"cfg(windows)\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"req\":\"^0.3.11\"},{\"kind\":\"build\",\"name\":\"vcpkg\",\"req\":\"^0.2\",\"target\":\"cfg(target_env = \\\"msvc\\\")\"}],\"features\":{\"openssl-on-win32\":[\"openssl-sys\"],\"vendored-openssl\":[\"openssl-sys/vendored\"],\"zlib-ng-compat\":[\"libz-sys/zlib-ng\"]}}", "libz-sys_1.1.23": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.0.98\"},{\"kind\":\"build\",\"name\":\"cmake\",\"optional\":true,\"req\":\"^0.1.50\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.43\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"req\":\"^0.3.9\"},{\"kind\":\"build\",\"name\":\"vcpkg\",\"req\":\"^0.2.11\"}],\"features\":{\"asm\":[],\"default\":[\"libc\",\"stock-zlib\"],\"static\":[],\"stock-zlib\":[],\"zlib-ng\":[\"libc\",\"cmake\"],\"zlib-ng-no-cmake-experimental-community-maintained\":[\"libc\"]}}", "libz-sys_1.1.25": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.0.98\"},{\"kind\":\"build\",\"name\":\"cmake\",\"optional\":true,\"req\":\"^0.1.50\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.43\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"req\":\"^0.3.9\"},{\"kind\":\"build\",\"name\":\"vcpkg\",\"req\":\"^0.2.11\"}],\"features\":{\"asm\":[],\"default\":[\"libc\",\"stock-zlib\"],\"static\":[],\"stock-zlib\":[],\"zlib-ng\":[\"libc\",\"cmake\"],\"zlib-ng-no-cmake-experimental-community-maintained\":[\"libc\"]}}", "link-cplusplus_1.0.12": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1\"}],\"features\":{\"default\":[],\"libc++\":[],\"libcxx\":[\"libc++\"],\"libstdc++\":[],\"libstdcxx\":[\"libstdc++\"],\"nothing\":[]}}", + "link-section_0.17.2": "{\"dependencies\":[{\"features\":[\"link_section\"],\"name\":\"linktime-proc-macro\",\"optional\":true,\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"macrotest\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2\"}],\"features\":{\"default\":[\"proc_macro\",\"std\"],\"proc_macro\":[\"dep:linktime-proc-macro\"],\"std\":[]}}", "linked-hash-map_0.5.6": "{\"dependencies\":[{\"name\":\"heapsize\",\"optional\":true,\"req\":\"^0.4\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"}],\"features\":{\"heapsize_impl\":[\"heapsize\"],\"nightly\":[],\"serde_impl\":[\"serde\"]}}", + "linktime-proc-macro_0.1.0": "{\"dependencies\":[],\"features\":{\"ctor\":[],\"default\":[],\"dtor\":[],\"link_section\":[]}}", "linux-keyutils_0.2.4": "{\"dependencies\":[{\"default_features\":false,\"name\":\"bitflags\",\"req\":\"^2.4\"},{\"default_features\":false,\"features\":[\"std\",\"derive\"],\"kind\":\"dev\",\"name\":\"clap\",\"req\":\"^4.4.11\"},{\"default_features\":false,\"name\":\"libc\",\"req\":\"^0.2.132\"},{\"kind\":\"dev\",\"name\":\"zeroize\",\"req\":\"^1.5.7\"}],\"features\":{\"default\":[],\"std\":[\"bitflags/std\"]}}", "linux-raw-sys_0.12.1": "{\"dependencies\":[{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.100\"},{\"kind\":\"dev\",\"name\":\"static_assertions\",\"req\":\"^1.1.0\"}],\"features\":{\"auxvec\":[],\"bootparam\":[],\"btrfs\":[],\"default\":[\"std\",\"general\",\"errno\"],\"elf\":[],\"elf_uapi\":[],\"errno\":[],\"general\":[],\"if_arp\":[],\"if_ether\":[],\"if_packet\":[],\"if_tun\":[],\"image\":[],\"io_uring\":[],\"ioctl\":[],\"landlock\":[],\"loop_device\":[],\"mempolicy\":[],\"net\":[],\"netlink\":[],\"no_std\":[],\"prctl\":[],\"ptrace\":[],\"rustc-dep-of-std\":[\"core\",\"no_std\"],\"std\":[],\"system\":[],\"vm_sockets\":[],\"xdp\":[]}}", "linux-raw-sys_0.4.15": "{\"dependencies\":[{\"name\":\"compiler_builtins\",\"optional\":true,\"req\":\"^0.1.49\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.100\"},{\"kind\":\"dev\",\"name\":\"static_assertions\",\"req\":\"^1.1.0\"}],\"features\":{\"bootparam\":[],\"btrfs\":[],\"default\":[\"std\",\"general\",\"errno\"],\"elf\":[],\"elf_uapi\":[],\"errno\":[],\"general\":[],\"if_arp\":[],\"if_ether\":[],\"if_packet\":[],\"io_uring\":[],\"ioctl\":[],\"landlock\":[],\"loop_device\":[],\"mempolicy\":[],\"net\":[],\"netlink\":[],\"no_std\":[],\"prctl\":[],\"ptrace\":[],\"rustc-dep-of-std\":[\"core\",\"compiler_builtins\",\"no_std\"],\"std\":[],\"system\":[],\"xdp\":[]}}", @@ -1194,14 +1205,16 @@ "litrs_1.0.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"optional\":true,\"req\":\"^1.0.63\"},{\"name\":\"unicode-xid\",\"optional\":true,\"req\":\"^0.2.4\"}],\"features\":{\"check_suffix\":[\"unicode-xid\"]}}", "local-waker_0.1.4": "{\"dependencies\":[],\"features\":{}}", "lock_api_0.4.14": "{\"dependencies\":[{\"name\":\"owning_ref\",\"optional\":true,\"req\":\"^0.4.1\"},{\"default_features\":false,\"name\":\"scopeguard\",\"req\":\"^1.1.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.126\"}],\"features\":{\"arc_lock\":[],\"atomic_usize\":[],\"default\":[\"atomic_usize\"],\"nightly\":[]}}", + "lock_free_hashtable_0.1.4": "{\"dependencies\":[{\"default_features\":false,\"name\":\"allocative\",\"optional\":true,\"req\":\"^0.3.6\"},{\"name\":\"atomic\",\"req\":\"^0.5.3\"},{\"kind\":\"dev\",\"name\":\"num_cpus\",\"req\":\"^1.16\"},{\"name\":\"parking_lot\",\"req\":\"^0.12.1\"}],\"features\":{\"allocative\":[\"dep:allocative\"],\"default\":[]}}", "log_0.4.29": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"proc-macro2\",\"req\":\"^1.0.63\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"sval\",\"optional\":true,\"req\":\"^2.16\"},{\"kind\":\"dev\",\"name\":\"sval\",\"req\":\"^2.16\"},{\"kind\":\"dev\",\"name\":\"sval_derive\",\"req\":\"^2.16\"},{\"default_features\":false,\"name\":\"sval_ref\",\"optional\":true,\"req\":\"^2.16\"},{\"default_features\":false,\"features\":[\"inline-i128\"],\"name\":\"value-bag\",\"optional\":true,\"req\":\"^1.12\"},{\"features\":[\"test\"],\"kind\":\"dev\",\"name\":\"value-bag\",\"req\":\"^1.12\"}],\"features\":{\"kv\":[],\"kv_serde\":[\"kv_std\",\"value-bag/serde\",\"serde\"],\"kv_std\":[\"std\",\"kv\",\"value-bag/error\"],\"kv_sval\":[\"kv\",\"value-bag/sval\",\"sval\",\"sval_ref\"],\"kv_unstable\":[\"kv\",\"value-bag\"],\"kv_unstable_serde\":[\"kv_serde\",\"kv_unstable_std\"],\"kv_unstable_std\":[\"kv_std\",\"kv_unstable\"],\"kv_unstable_sval\":[\"kv_sval\",\"kv_unstable\"],\"max_level_debug\":[],\"max_level_error\":[],\"max_level_info\":[],\"max_level_off\":[],\"max_level_trace\":[],\"max_level_warn\":[],\"release_max_level_debug\":[],\"release_max_level_error\":[],\"release_max_level_info\":[],\"release_max_level_off\":[],\"release_max_level_trace\":[],\"release_max_level_warn\":[],\"serde\":[\"serde_core\"],\"std\":[]}}", - "logos-derive_0.12.1": "{\"dependencies\":[{\"name\":\"beef\",\"req\":\"^0.5.0\"},{\"name\":\"fnv\",\"req\":\"^1.0.6\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^0.6.1\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0.9\"},{\"name\":\"quote\",\"req\":\"^1.0.3\"},{\"name\":\"regex-syntax\",\"req\":\"^0.6\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^1.0.17\"}],\"features\":{}}", - "logos_0.12.1": "{\"dependencies\":[{\"name\":\"logos-derive\",\"optional\":true,\"req\":\"^0.12.1\"}],\"features\":{\"default\":[\"export_derive\",\"std\"],\"export_derive\":[\"logos-derive\"],\"std\":[]}}", + "logos-codegen_0.15.1": "{\"dependencies\":[{\"name\":\"beef\",\"req\":\"^0.5.0\"},{\"name\":\"fnv\",\"req\":\"^1.0.6\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1.41.1\"},{\"name\":\"lazy_static\",\"req\":\"^1.4.0\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^1.4.0\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0.9\"},{\"name\":\"quote\",\"req\":\"^1.0.3\"},{\"name\":\"regex-syntax\",\"req\":\"^0.8.2\"},{\"kind\":\"dev\",\"name\":\"rstest\",\"req\":\"^0.23.0\"},{\"kind\":\"build\",\"name\":\"rustc_version\",\"req\":\"^0.4.1\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0.13\"}],\"features\":{\"debug\":[],\"forbid_unsafe\":[],\"fuzzing\":[]}}", + "logos-derive_0.15.1": "{\"dependencies\":[{\"name\":\"logos-codegen\",\"req\":\"^0.15.1\"}],\"features\":{\"debug\":[\"logos-codegen/debug\"],\"forbid_unsafe\":[\"logos-codegen/forbid_unsafe\"]}}", + "logos_0.15.1": "{\"dependencies\":[{\"features\":[\"auto-color\"],\"kind\":\"dev\",\"name\":\"ariadne\",\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"chumsky\",\"req\":\"^0.10.0\"},{\"name\":\"logos-derive\",\"optional\":true,\"req\":\"^0.15.1\"}],\"features\":{\"debug\":[\"logos-derive?/debug\"],\"default\":[\"export_derive\",\"std\"],\"export_derive\":[\"logos-derive\"],\"forbid_unsafe\":[\"logos-derive?/forbid_unsafe\"],\"std\":[]}}", "loom_0.7.2": "{\"dependencies\":[{\"name\":\"cfg-if\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.0\"},{\"name\":\"generator\",\"req\":\"^0.8.1\"},{\"name\":\"pin-utils\",\"optional\":true,\"req\":\"^0.1.0\"},{\"name\":\"scoped-tls\",\"req\":\"^1.0.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.92\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.33\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"req\":\"^0.1.27\"},{\"features\":[\"env-filter\"],\"name\":\"tracing-subscriber\",\"req\":\"^0.3.8\"}],\"features\":{\"checkpoint\":[\"serde\",\"serde_json\"],\"default\":[],\"futures\":[\"pin-utils\"]}}", "lru-slab_0.1.2": "{\"dependencies\":[],\"features\":{}}", "lru_0.12.5": "{\"dependencies\":[{\"name\":\"hashbrown\",\"optional\":true,\"req\":\"^0.15\"},{\"kind\":\"dev\",\"name\":\"scoped_threadpool\",\"req\":\"0.1.*\"},{\"kind\":\"dev\",\"name\":\"stats_alloc\",\"req\":\"0.1.*\"}],\"features\":{\"default\":[\"hashbrown\"],\"nightly\":[\"hashbrown\",\"hashbrown/nightly\"]}}", "lru_0.16.3": "{\"dependencies\":[{\"name\":\"hashbrown\",\"optional\":true,\"req\":\"^0.16.0\"},{\"kind\":\"dev\",\"name\":\"scoped_threadpool\",\"req\":\"0.1.*\"},{\"kind\":\"dev\",\"name\":\"stats_alloc\",\"req\":\"0.1.*\"}],\"features\":{\"default\":[\"hashbrown\"],\"nightly\":[\"hashbrown\",\"hashbrown/nightly\"]}}", - "lsp-types_0.94.1": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^1.0.1\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0.34\"},{\"name\":\"serde_json\",\"req\":\"^1.0.50\"},{\"name\":\"serde_repr\",\"req\":\"^0.1\"},{\"features\":[\"serde\"],\"name\":\"url\",\"req\":\"^2.0.0\"}],\"features\":{\"default\":[],\"proposed\":[]}}", + "lsp-types_0.97.0": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^1.0.1\"},{\"name\":\"fluent-uri\",\"req\":\"^0.1.4\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0.34\"},{\"name\":\"serde_json\",\"req\":\"^1.0.50\"},{\"name\":\"serde_repr\",\"req\":\"^0.1\"}],\"features\":{\"default\":[],\"proposed\":[]}}", "lzma-rs_0.3.0": "{\"dependencies\":[{\"name\":\"byteorder\",\"req\":\"^1.4.3\"},{\"name\":\"crc\",\"req\":\"^3.0.0\"},{\"name\":\"env_logger\",\"optional\":true,\"req\":\"^0.9.0\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.17\"},{\"kind\":\"dev\",\"name\":\"rust-lzma\",\"req\":\"^0.5\"}],\"features\":{\"enable_logging\":[\"env_logger\",\"log\"],\"raw_decoder\":[],\"stream\":[]}}", "lzma-sys_0.1.20": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.0.34\"},{\"name\":\"libc\",\"req\":\"^0.2.51\"},{\"kind\":\"build\",\"name\":\"pkg-config\",\"req\":\"^0.3.14\"}],\"features\":{\"static\":[]}}", "mach2_0.4.3": "{\"dependencies\":[{\"default_features\":false,\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(any(target_os = \\\"macos\\\", target_os = \\\"ios\\\"))\"}],\"features\":{\"default\":[],\"unstable\":[]}}", @@ -1213,16 +1226,16 @@ "maybe-async_0.2.10": "{\"dependencies\":[{\"features\":[\"attributes\"],\"kind\":\"dev\",\"name\":\"async-std\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"async-trait\",\"req\":\"^0.1\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0\"},{\"name\":\"quote\",\"req\":\"^1.0\"},{\"features\":[\"visit-mut\",\"full\"],\"name\":\"syn\",\"req\":\"^2.0\"},{\"features\":[\"macros\",\"rt-multi-thread\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1\"}],\"features\":{\"default\":[],\"is_sync\":[]}}", "md-5_0.11.0": "{\"dependencies\":[{\"name\":\"cfg-if\",\"req\":\"^1\"},{\"name\":\"digest\",\"req\":\"^0.11\"},{\"features\":[\"dev\"],\"kind\":\"dev\",\"name\":\"digest\",\"req\":\"^0.11\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^1\"}],\"features\":{\"alloc\":[\"digest/alloc\"],\"default\":[\"alloc\",\"oid\"],\"oid\":[\"digest/oid\"],\"zeroize\":[\"digest/zeroize\"]}}", "md5_0.8.0": "{\"dependencies\":[],\"features\":{\"default\":[\"std\"],\"std\":[]}}", - "memchr_2.7.6": "{\"dependencies\":[{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.20\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"libc\":[],\"logging\":[\"dep:log\"],\"rustc-dep-of-std\":[\"core\"],\"std\":[\"alloc\"],\"use_std\":[\"std\"]}}", "memchr_2.8.0": "{\"dependencies\":[{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.20\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"libc\":[],\"logging\":[\"dep:log\"],\"rustc-dep-of-std\":[\"core\"],\"std\":[\"alloc\"],\"use_std\":[\"std\"]}}", + "memchr_2.8.1": "{\"dependencies\":[{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.20\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"libc\":[],\"logging\":[\"dep:log\"],\"rustc-dep-of-std\":[\"core\"],\"std\":[\"alloc\"],\"use_std\":[\"std\"]}}", "memmap2_0.9.10": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2.151\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"owning_ref\",\"req\":\"^0.4.1\"},{\"name\":\"stable_deref_trait\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"}],\"features\":{}}", - "memoffset_0.6.5": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"autocfg\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3\"}],\"features\":{\"default\":[],\"unstable_const\":[]}}", "memoffset_0.9.1": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"autocfg\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3\"}],\"features\":{\"default\":[],\"unstable_const\":[],\"unstable_offset_of\":[]}}", "mime_0.3.17": "{\"dependencies\":[],\"features\":{}}", "mime_guess_2.0.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"name\":\"mime\",\"req\":\"^0.3\"},{\"name\":\"unicase\",\"req\":\"^2.4.0\"},{\"kind\":\"build\",\"name\":\"unicase\",\"req\":\"^2.4.0\"}],\"features\":{\"default\":[\"rev-mappings\"],\"rev-mappings\":[]}}", "minimal-lexical_0.2.1": "{\"dependencies\":[],\"features\":{\"alloc\":[],\"compact\":[],\"default\":[\"std\"],\"lint\":[],\"nightly\":[],\"std\":[]}}", "miniz_oxide_0.8.9": "{\"dependencies\":[{\"default_features\":false,\"name\":\"adler2\",\"req\":\"^2.0\"},{\"name\":\"alloc\",\"optional\":true,\"package\":\"rustc-std-workspace-alloc\",\"req\":\"^1.0.0\"},{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"simd-adler32\",\"optional\":true,\"req\":\"^0.3.3\"}],\"features\":{\"block-boundary\":[],\"default\":[\"with-alloc\"],\"rustc-dep-of-std\":[\"core\",\"alloc\",\"adler2/rustc-dep-of-std\"],\"simd\":[\"simd-adler32\"],\"std\":[],\"with-alloc\":[]}}", "mio_1.1.1": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.11\"},{\"name\":\"libc\",\"req\":\"^0.2.178\",\"target\":\"cfg(target_os = \\\"hermit\\\")\"},{\"name\":\"libc\",\"req\":\"^0.2.178\",\"target\":\"cfg(target_os = \\\"wasi\\\")\"},{\"name\":\"libc\",\"req\":\"^0.2.178\",\"target\":\"cfg(unix)\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.8\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\"},{\"name\":\"wasi\",\"req\":\"^0.11.0\",\"target\":\"cfg(target_os = \\\"wasi\\\")\"},{\"features\":[\"Wdk_Foundation\",\"Wdk_Storage_FileSystem\",\"Wdk_System_IO\",\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_Storage_FileSystem\",\"Win32_Security\",\"Win32_System_IO\",\"Win32_System_WindowsProgramming\"],\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[\"log\"],\"net\":[],\"os-ext\":[\"os-poll\",\"windows-sys/Win32_System_Pipes\",\"windows-sys/Win32_Security\"],\"os-poll\":[]}}", + "mio_1.2.0": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.11\"},{\"name\":\"libc\",\"req\":\"^0.2.183\",\"target\":\"cfg(any(unix, target_os = \\\"hermit\\\", target_os = \\\"wasi\\\"))\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.8\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\"},{\"name\":\"wasi\",\"req\":\"^0.11.0\",\"target\":\"cfg(target_os = \\\"wasi\\\")\"},{\"features\":[\"Wdk_Foundation\",\"Wdk_Storage_FileSystem\",\"Wdk_System_IO\",\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_Storage_FileSystem\",\"Win32_Security\",\"Win32_System_IO\",\"Win32_System_WindowsProgramming\"],\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[\"log\"],\"net\":[],\"os-ext\":[\"os-poll\",\"windows-sys/Win32_System_Pipes\",\"windows-sys/Win32_Security\"],\"os-poll\":[]}}", "miow_0.6.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.0\"},{\"kind\":\"dev\",\"name\":\"socket2\",\"req\":\"^0.6.0\"},{\"features\":[\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_Security\",\"Win32_Storage_FileSystem\",\"Win32_System_IO\",\"Win32_System_Pipes\",\"Win32_System_Threading\"],\"name\":\"windows-sys\",\"req\":\">=0.60, <=0.61\"}],\"features\":{}}", "moka_0.12.13": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"actix-rt\",\"req\":\"^2.8\"},{\"kind\":\"dev\",\"name\":\"ahash\",\"req\":\"^0.8.3\"},{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.19\"},{\"name\":\"async-lock\",\"optional\":true,\"req\":\"^3.3\"},{\"name\":\"crossbeam-channel\",\"req\":\"^0.5.15\"},{\"name\":\"crossbeam-epoch\",\"req\":\"^0.9.18\"},{\"name\":\"crossbeam-utils\",\"req\":\"^0.8.21\"},{\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.10.0\"},{\"name\":\"equivalent\",\"req\":\"^1.0\"},{\"name\":\"event-listener\",\"optional\":true,\"req\":\"^5.3\"},{\"name\":\"futures-util\",\"optional\":true,\"req\":\"^0.3.17\"},{\"kind\":\"dev\",\"name\":\"getrandom\",\"req\":\"^0.2\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(moka_loom)\"},{\"kind\":\"dev\",\"name\":\"once_cell\",\"req\":\"^1.7\"},{\"name\":\"parking_lot\",\"req\":\"^0.12\"},{\"name\":\"portable-atomic\",\"req\":\"^1.6\"},{\"name\":\"quanta\",\"optional\":true,\"req\":\"^0.12.2\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.5\"},{\"default_features\":false,\"features\":[\"rustls-tls\"],\"kind\":\"dev\",\"name\":\"reqwest\",\"req\":\"^0.12\"},{\"name\":\"smallvec\",\"req\":\"^1.8\"},{\"name\":\"tagptr\",\"req\":\"^0.2\"},{\"features\":[\"fs\",\"io-util\",\"macros\",\"rt-multi-thread\",\"sync\",\"time\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.19\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0\",\"target\":\"cfg(trybuild)\"},{\"features\":[\"v4\"],\"name\":\"uuid\",\"req\":\"^1.1\"}],\"features\":{\"atomic64\":[],\"default\":[],\"future\":[\"async-lock\",\"event-listener\",\"futures-util\"],\"logging\":[\"log\"],\"quanta\":[\"dep:quanta\"],\"sync\":[],\"unstable-debug-counters\":[\"future\"]}}", "moxcms_0.7.11": "{\"dependencies\":[{\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"name\":\"pxfm\",\"req\":\"^0.1.1\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\"}],\"features\":{\"avx\":[],\"avx512\":[],\"default\":[\"avx\",\"sse\",\"neon\"],\"neon\":[],\"options\":[],\"sse\":[]}}", @@ -1231,7 +1244,6 @@ "ndk-context_0.1.1": "{\"dependencies\":[],\"features\":{}}", "ndk-sys_0.5.0+25.2.9519653": "{\"dependencies\":[{\"name\":\"jni-sys\",\"req\":\"^0.3.0\"}],\"features\":{\"audio\":[],\"bitmap\":[],\"media\":[],\"sync\":[],\"test\":[]}}", "ndk_0.8.0": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2.0.0\"},{\"name\":\"ffi\",\"package\":\"ndk-sys\",\"req\":\"^0.5.0\"},{\"name\":\"jni\",\"optional\":true,\"req\":\"^0.21\"},{\"name\":\"jni-sys\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2\"},{\"name\":\"log\",\"req\":\"^0.4\"},{\"name\":\"num_enum\",\"req\":\"^0.7\"},{\"name\":\"rwh_04\",\"optional\":true,\"package\":\"raw-window-handle\",\"req\":\"^0.4\"},{\"name\":\"rwh_05\",\"optional\":true,\"package\":\"raw-window-handle\",\"req\":\"^0.5\"},{\"name\":\"rwh_06\",\"optional\":true,\"package\":\"raw-window-handle\",\"req\":\"^0.6\"},{\"name\":\"thiserror\",\"req\":\"^1.0.23\"}],\"features\":{\"all\":[\"audio\",\"bitmap\",\"media\",\"api-level-31\",\"rwh_04\",\"rwh_05\",\"rwh_06\"],\"api-level-23\":[],\"api-level-24\":[\"api-level-23\"],\"api-level-25\":[\"api-level-24\"],\"api-level-26\":[\"api-level-25\"],\"api-level-27\":[\"api-level-26\"],\"api-level-28\":[\"api-level-27\"],\"api-level-29\":[\"api-level-28\"],\"api-level-30\":[\"api-level-29\"],\"api-level-31\":[\"api-level-30\"],\"audio\":[\"ffi/audio\",\"api-level-26\"],\"bitmap\":[\"ffi/bitmap\"],\"default\":[\"rwh_06\"],\"media\":[\"ffi/media\"],\"sync\":[\"ffi/sync\",\"api-level-26\"],\"test\":[\"ffi/test\",\"jni\",\"all\"]}}", - "new_debug_unreachable_1.0.6": "{\"dependencies\":[],\"features\":{}}", "nibble_vec_0.1.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"name\":\"smallvec\",\"req\":\"^1.0\"}],\"features\":{}}", "nix_0.28.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"assert-impl\",\"req\":\"^0.1\"},{\"name\":\"bitflags\",\"req\":\"^2.3.1\"},{\"kind\":\"dev\",\"name\":\"caps\",\"req\":\"^0.5.3\",\"target\":\"cfg(any(target_os = \\\"android\\\", target_os = \\\"linux\\\"))\"},{\"name\":\"cfg-if\",\"req\":\"^1.0\"},{\"kind\":\"build\",\"name\":\"cfg_aliases\",\"req\":\"^0.1.1\"},{\"features\":[\"extra_traits\"],\"name\":\"libc\",\"req\":\"^0.2.153\"},{\"name\":\"memoffset\",\"optional\":true,\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"parking_lot\",\"req\":\"^0.12\"},{\"name\":\"pin-utils\",\"optional\":true,\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"semver\",\"req\":\"^1.0.7\"},{\"kind\":\"dev\",\"name\":\"sysctl\",\"req\":\"^0.4\",\"target\":\"cfg(target_os = \\\"freebsd\\\")\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.7.1\"}],\"features\":{\"acct\":[],\"aio\":[\"pin-utils\"],\"default\":[],\"dir\":[\"fs\"],\"env\":[],\"event\":[],\"fanotify\":[],\"feature\":[],\"fs\":[],\"hostname\":[],\"inotify\":[],\"ioctl\":[],\"kmod\":[],\"mman\":[],\"mount\":[\"uio\"],\"mqueue\":[\"fs\"],\"net\":[\"socket\"],\"personality\":[],\"poll\":[],\"process\":[],\"pthread\":[],\"ptrace\":[\"process\"],\"quota\":[],\"reboot\":[],\"resource\":[],\"sched\":[\"process\"],\"signal\":[\"process\"],\"socket\":[\"memoffset\"],\"term\":[],\"time\":[],\"ucontext\":[\"signal\"],\"uio\":[],\"user\":[\"feature\"],\"zerocopy\":[\"fs\",\"uio\"]}}", "nix_0.29.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"assert-impl\",\"req\":\"^0.1\"},{\"name\":\"bitflags\",\"req\":\"^2.3.1\"},{\"kind\":\"dev\",\"name\":\"caps\",\"req\":\"^0.5.3\",\"target\":\"cfg(any(target_os = \\\"android\\\", target_os = \\\"linux\\\"))\"},{\"name\":\"cfg-if\",\"req\":\"^1.0\"},{\"kind\":\"build\",\"name\":\"cfg_aliases\",\"req\":\"^0.2\"},{\"features\":[\"extra_traits\"],\"name\":\"libc\",\"req\":\"^0.2.155\"},{\"name\":\"memoffset\",\"optional\":true,\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"parking_lot\",\"req\":\"^0.12\"},{\"name\":\"pin-utils\",\"optional\":true,\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"semver\",\"req\":\"^1.0.7\"},{\"kind\":\"dev\",\"name\":\"sysctl\",\"req\":\"^0.4\",\"target\":\"cfg(target_os = \\\"freebsd\\\")\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.7.1\"}],\"features\":{\"acct\":[],\"aio\":[\"pin-utils\"],\"default\":[],\"dir\":[\"fs\"],\"env\":[],\"event\":[],\"fanotify\":[],\"feature\":[],\"fs\":[],\"hostname\":[],\"inotify\":[],\"ioctl\":[],\"kmod\":[],\"mman\":[],\"mount\":[\"uio\"],\"mqueue\":[\"fs\"],\"net\":[\"socket\"],\"personality\":[],\"poll\":[],\"process\":[],\"pthread\":[],\"ptrace\":[\"process\"],\"quota\":[],\"reboot\":[],\"resource\":[],\"sched\":[\"process\"],\"signal\":[\"process\"],\"socket\":[\"memoffset\"],\"term\":[],\"time\":[],\"ucontext\":[\"signal\"],\"uio\":[],\"user\":[\"feature\"],\"zerocopy\":[\"fs\",\"uio\"]}}", @@ -1276,7 +1288,6 @@ "oboe-sys_0.6.1": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"bindgen\",\"optional\":true,\"req\":\"^0.69\"},{\"features\":[\"parallel\"],\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1\"},{\"kind\":\"build\",\"name\":\"fetch_unroll\",\"optional\":true,\"req\":\"^0.3\"}],\"features\":{\"fetch-prebuilt\":[\"fetch_unroll\"],\"generate-bindings\":[\"bindgen\"],\"shared-link\":[],\"shared-stdcxx\":[],\"test\":[]}}", "oboe_0.6.1": "{\"dependencies\":[{\"name\":\"jni\",\"optional\":true,\"req\":\"^0.21\"},{\"default_features\":false,\"name\":\"ndk\",\"optional\":true,\"req\":\"^0.8\"},{\"name\":\"ndk-context\",\"optional\":true,\"req\":\"^0.1\"},{\"name\":\"num-derive\",\"req\":\"^0.4\"},{\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"name\":\"oboe-sys\",\"req\":\"^0.6\"}],\"features\":{\"doc-cfg\":[],\"fetch-prebuilt\":[\"oboe-sys/fetch-prebuilt\"],\"generate-bindings\":[\"oboe-sys/generate-bindings\"],\"java-interface\":[\"ndk\",\"ndk-context\",\"jni\"],\"shared-link\":[\"oboe-sys/shared-link\"],\"shared-stdcxx\":[\"oboe-sys/shared-stdcxx\"]}}", "oid-registry_0.8.1": "{\"dependencies\":[{\"name\":\"asn1-rs\",\"req\":\"^0.7\"}],\"features\":{\"crypto\":[\"kdf\",\"pkcs1\",\"pkcs7\",\"pkcs9\",\"pkcs12\",\"nist_algs\",\"x962\"],\"default\":[\"registry\"],\"kdf\":[],\"ms_spc\":[],\"nist_algs\":[],\"pkcs1\":[],\"pkcs12\":[],\"pkcs7\":[],\"pkcs9\":[],\"registry\":[],\"x500\":[],\"x509\":[],\"x962\":[]}}", - "once_cell_1.21.3": "{\"dependencies\":[{\"name\":\"critical-section\",\"optional\":true,\"req\":\"^1.1.3\"},{\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"critical-section\",\"req\":\"^1.1.3\"},{\"default_features\":false,\"name\":\"parking_lot_core\",\"optional\":true,\"req\":\"^0.9.10\"},{\"default_features\":false,\"name\":\"portable-atomic\",\"optional\":true,\"req\":\"^1.8\"},{\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1.10.6\"}],\"features\":{\"alloc\":[\"race\"],\"atomic-polyfill\":[\"critical-section\"],\"critical-section\":[\"dep:critical-section\",\"portable-atomic\"],\"default\":[\"std\"],\"parking_lot\":[\"dep:parking_lot_core\"],\"portable-atomic\":[\"dep:portable-atomic\"],\"race\":[],\"std\":[\"alloc\"],\"unstable\":[]}}", "once_cell_1.21.4": "{\"dependencies\":[{\"name\":\"critical-section\",\"optional\":true,\"req\":\"^1.1.3\"},{\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"critical-section\",\"req\":\"^1.1.3\"},{\"default_features\":false,\"name\":\"parking_lot_core\",\"optional\":true,\"req\":\"^0.9.10\"},{\"default_features\":false,\"name\":\"portable-atomic\",\"optional\":true,\"req\":\"^1.8\"},{\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1.10.6\"}],\"features\":{\"alloc\":[\"race\"],\"atomic-polyfill\":[\"critical-section\"],\"critical-section\":[\"dep:critical-section\",\"portable-atomic\"],\"default\":[\"std\"],\"parking_lot\":[\"dep:parking_lot_core\"],\"portable-atomic\":[\"dep:portable-atomic\"],\"race\":[],\"std\":[\"alloc\"],\"unstable\":[]}}", "once_cell_polyfill_1.70.2": "{\"dependencies\":[],\"features\":{\"default\":[]}}", "onig_6.5.1": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2.4.0\"},{\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(windows)\"},{\"name\":\"once_cell\",\"req\":\"^1.12\"},{\"default_features\":false,\"name\":\"onig_sys\",\"req\":\"^69.9.1\"}],\"features\":{\"default\":[\"generate\"],\"generate\":[\"onig_sys/generate\"],\"posix-api\":[\"onig_sys/posix-api\"],\"print-debug\":[\"onig_sys/print-debug\"],\"std-pattern\":[]}}", @@ -1303,6 +1314,8 @@ "outref_0.5.2": "{\"dependencies\":[],\"features\":{}}", "owo-colors_4.3.0": "{\"dependencies\":[{\"name\":\"supports-color\",\"optional\":true,\"req\":\"^3.0.0\"},{\"name\":\"supports-color-2\",\"optional\":true,\"package\":\"supports-color\",\"req\":\"^2.0\"}],\"features\":{\"alloc\":[],\"supports-colors\":[\"dep:supports-color-2\",\"supports-color\"]}}", "p256_0.13.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"blobby\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4\"},{\"default_features\":false,\"features\":[\"der\"],\"name\":\"ecdsa-core\",\"optional\":true,\"package\":\"ecdsa\",\"req\":\"^0.16\"},{\"default_features\":false,\"features\":[\"dev\"],\"kind\":\"dev\",\"name\":\"ecdsa-core\",\"package\":\"ecdsa\",\"req\":\"^0.16\"},{\"default_features\":false,\"features\":[\"hazmat\",\"sec1\"],\"name\":\"elliptic-curve\",\"req\":\"^0.13.1\"},{\"name\":\"hex-literal\",\"optional\":true,\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^0.4\"},{\"name\":\"primeorder\",\"optional\":true,\"req\":\"^0.13\"},{\"features\":[\"dev\"],\"kind\":\"dev\",\"name\":\"primeorder\",\"req\":\"^0.13\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1\"},{\"features\":[\"getrandom\"],\"kind\":\"dev\",\"name\":\"rand_core\",\"req\":\"^0.6\"},{\"default_features\":false,\"name\":\"serdect\",\"optional\":true,\"req\":\"^0.2\"},{\"default_features\":false,\"name\":\"sha2\",\"optional\":true,\"req\":\"^0.10\"}],\"features\":{\"alloc\":[\"ecdsa-core?/alloc\",\"elliptic-curve/alloc\"],\"arithmetic\":[\"dep:primeorder\",\"elliptic-curve/arithmetic\"],\"bits\":[\"arithmetic\",\"elliptic-curve/bits\"],\"default\":[\"arithmetic\",\"ecdsa\",\"pem\",\"std\"],\"digest\":[\"ecdsa-core/digest\",\"ecdsa-core/hazmat\"],\"ecdh\":[\"arithmetic\",\"elliptic-curve/ecdh\"],\"ecdsa\":[\"arithmetic\",\"ecdsa-core/signing\",\"ecdsa-core/verifying\",\"sha256\"],\"expose-field\":[\"arithmetic\"],\"hash2curve\":[\"arithmetic\",\"elliptic-curve/hash2curve\"],\"jwk\":[\"elliptic-curve/jwk\"],\"pem\":[\"elliptic-curve/pem\",\"ecdsa-core/pem\",\"pkcs8\"],\"pkcs8\":[\"ecdsa-core?/pkcs8\",\"elliptic-curve/pkcs8\"],\"serde\":[\"ecdsa-core?/serde\",\"elliptic-curve/serde\",\"primeorder?/serde\",\"serdect\"],\"sha256\":[\"digest\",\"sha2\"],\"std\":[\"alloc\",\"ecdsa-core?/std\",\"elliptic-curve/std\"],\"test-vectors\":[\"dep:hex-literal\"],\"voprf\":[\"elliptic-curve/voprf\",\"sha2\"]}}", + "pagable_0.4.1": "{\"dependencies\":[{\"name\":\"allocative\",\"req\":\"^0.3.6\"},{\"name\":\"anyhow\",\"req\":\"^1.0.102\"},{\"name\":\"async-trait\",\"req\":\"^0.1.86\"},{\"features\":[\"default\",\"rayon\",\"std\",\"traits-preview\"],\"name\":\"blake3\",\"req\":\"=1.8.2\"},{\"features\":[\"const_zeroed\",\"derive\",\"min_const_generics\",\"must_cast\",\"nightly_stdsimd\"],\"name\":\"bytemuck\",\"req\":\"^1.25\"},{\"name\":\"dashmap\",\"req\":\"^6.1.0\"},{\"name\":\"dupe\",\"req\":\"^0.9.1\"},{\"name\":\"either\",\"req\":\"^1.8\"},{\"name\":\"erased-serde\",\"req\":\"^0.4.10\"},{\"name\":\"fancy-regex\",\"req\":\"^0.16.2\"},{\"features\":[\"serde\"],\"name\":\"indexmap\",\"req\":\"^2.14.0\"},{\"name\":\"inventory\",\"req\":\"^0.3.24\"},{\"features\":[\"serde\"],\"name\":\"num-bigint\",\"req\":\"^0.4.6\"},{\"name\":\"once_cell\",\"req\":\"^1.21.4\"},{\"name\":\"pagable_derive\",\"req\":\"=0.4.1\"},{\"features\":[\"send_guard\"],\"name\":\"parking_lot\",\"req\":\"^0.12.1\"},{\"features\":[\"use-crc\",\"use-std\"],\"name\":\"postcard\",\"req\":\"^1.0.8\"},{\"name\":\"regex\",\"req\":\"^1.12.3\"},{\"name\":\"sequence_trie\",\"req\":\"^0.3.6\"},{\"features\":[\"derive\",\"rc\"],\"name\":\"serde\",\"req\":\"^1.0.219\"},{\"features\":[\"raw_value\"],\"name\":\"serde_json\",\"req\":\"^1.0.140\"},{\"features\":[\"const_generics\"],\"name\":\"smallvec\",\"req\":\"^1.15\"},{\"name\":\"sorted_vector_map\",\"req\":\"^0.2\"},{\"name\":\"static_assertions\",\"req\":\"^1.1.0\"},{\"name\":\"static_interner\",\"req\":\"^0.1.2\"},{\"name\":\"strong_hash\",\"req\":\"^0.1.0\"},{\"name\":\"take_mut\",\"req\":\"^0.2\"},{\"features\":[\"full\",\"test-util\",\"tracing\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.52.1\"},{\"features\":[\"full\",\"test-util\",\"tracing\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.52.1\"},{\"name\":\"triomphe\",\"req\":\"^0.1.11\"}],\"features\":{\"default\":[],\"tokio\":[\"dep:tokio\"]}}", + "pagable_derive_0.4.1": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.106\"},{\"name\":\"quote\",\"req\":\"^1.0.45\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0.117\"}],\"features\":{}}", "parking_2.2.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"easy-parallel\",\"req\":\"^3.0.0\"},{\"name\":\"loom\",\"optional\":true,\"req\":\"^0.7\",\"target\":\"cfg(loom)\"}],\"features\":{}}", "parking_lot_0.12.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.3.3\"},{\"name\":\"lock_api\",\"req\":\"^0.4.14\"},{\"name\":\"parking_lot_core\",\"req\":\"^0.9.12\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.3\"}],\"features\":{\"arc_lock\":[\"lock_api/arc_lock\"],\"deadlock_detection\":[\"parking_lot_core/deadlock_detection\"],\"default\":[],\"hardware-lock-elision\":[],\"nightly\":[\"parking_lot_core/nightly\",\"lock_api/nightly\"],\"owning_ref\":[\"lock_api/owning_ref\"],\"send_guard\":[],\"serde\":[\"lock_api/serde\"]}}", "parking_lot_core_0.9.12": "{\"dependencies\":[{\"name\":\"backtrace\",\"optional\":true,\"req\":\"^0.3.60\"},{\"name\":\"cfg-if\",\"req\":\"^1.0.0\"},{\"name\":\"libc\",\"req\":\"^0.2.95\",\"target\":\"cfg(unix)\"},{\"name\":\"petgraph\",\"optional\":true,\"req\":\"^0.6.0\"},{\"name\":\"redox_syscall\",\"req\":\"^0.5\",\"target\":\"cfg(target_os = \\\"redox\\\")\"},{\"name\":\"smallvec\",\"req\":\"^1.6.1\"},{\"name\":\"windows-link\",\"req\":\"^0.2.0\",\"target\":\"cfg(windows)\"}],\"features\":{\"deadlock_detection\":[\"petgraph\",\"backtrace\"],\"nightly\":[]}}", @@ -1322,7 +1335,6 @@ "percent-encoding_2.3.2": "{\"dependencies\":[],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"std\":[\"alloc\"]}}", "petgraph_0.6.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"ahash\",\"req\":\"^0.7.2\"},{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.3.3\"},{\"kind\":\"dev\",\"name\":\"defmac\",\"req\":\"^0.2.1\"},{\"default_features\":false,\"name\":\"fixedbitset\",\"req\":\"^0.4.0\"},{\"kind\":\"dev\",\"name\":\"fxhash\",\"req\":\"^0.2.1\"},{\"name\":\"indexmap\",\"req\":\"^2.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.12.1\"},{\"kind\":\"dev\",\"name\":\"odds\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"quickcheck\",\"optional\":true,\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.5.5\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.5.3\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"serde_derive\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"all\":[\"unstable\",\"quickcheck\",\"matrix_graph\",\"stable_graph\",\"graphmap\",\"rayon\"],\"default\":[\"graphmap\",\"stable_graph\",\"matrix_graph\"],\"generate\":[],\"graphmap\":[],\"matrix_graph\":[],\"rayon\":[\"dep:rayon\",\"indexmap/rayon\"],\"serde-1\":[\"serde\",\"serde_derive\"],\"stable_graph\":[],\"unstable\":[\"generate\"]}}", "petgraph_0.8.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"ahash\",\"req\":\"^0.7.2\"},{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.3.3\"},{\"kind\":\"dev\",\"name\":\"defmac\",\"req\":\"^0.2.1\"},{\"name\":\"dot-parser\",\"optional\":true,\"req\":\"^0.5.1\"},{\"name\":\"dot-parser-macros\",\"optional\":true,\"req\":\"^0.5.1\"},{\"default_features\":false,\"name\":\"fixedbitset\",\"req\":\"^0.5.7\"},{\"kind\":\"dev\",\"name\":\"fxhash\",\"req\":\"^0.2.1\"},{\"default_features\":false,\"features\":[\"default-hasher\",\"inline-more\"],\"name\":\"hashbrown\",\"req\":\"^0.15.0\"},{\"default_features\":false,\"name\":\"indexmap\",\"req\":\"^2.5.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.12.1\"},{\"kind\":\"dev\",\"name\":\"odds\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"name\":\"quickcheck\",\"optional\":true,\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.5.5\"},{\"name\":\"rayon\",\"optional\":true,\"req\":\"^1.5.3\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_derive\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"all\":[\"unstable\",\"quickcheck\",\"matrix_graph\",\"stable_graph\",\"graphmap\",\"rayon\",\"dot_parser\"],\"default\":[\"std\",\"graphmap\",\"stable_graph\",\"matrix_graph\"],\"dot_parser\":[\"std\",\"dep:dot-parser\",\"dep:dot-parser-macros\"],\"generate\":[],\"graphmap\":[],\"matrix_graph\":[],\"quickcheck\":[\"std\",\"dep:quickcheck\",\"graphmap\",\"stable_graph\"],\"rayon\":[\"std\",\"dep:rayon\",\"indexmap/rayon\",\"hashbrown/rayon\"],\"serde-1\":[\"serde\",\"serde_derive\"],\"stable_graph\":[\"serde?/alloc\"],\"std\":[\"indexmap/std\"],\"unstable\":[\"generate\"]}}", - "phf_shared_0.11.3": "{\"dependencies\":[{\"name\":\"siphasher\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"uncased\",\"optional\":true,\"req\":\"^0.9.9\"},{\"name\":\"unicase\",\"optional\":true,\"req\":\"^2.4.0\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", "pin-project-internal_1.1.10": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"name\":\"quote\",\"req\":\"^1.0.25\"},{\"default_features\":false,\"features\":[\"parsing\",\"printing\",\"clone-impls\",\"proc-macro\",\"full\",\"visit-mut\"],\"name\":\"syn\",\"req\":\"^2.0.1\"}],\"features\":{}}", "pin-project-internal_1.1.11": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"name\":\"quote\",\"req\":\"^1.0.25\"},{\"default_features\":false,\"features\":[\"parsing\",\"printing\",\"clone-impls\",\"proc-macro\",\"full\",\"visit-mut\"],\"name\":\"syn\",\"req\":\"^2.0.1\"}],\"features\":{}}", "pin-project-lite_0.2.16": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"static_assertions\",\"req\":\"^1\"}],\"features\":{}}", @@ -1342,10 +1354,10 @@ "portable-atomic-util_0.2.6": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"build-context\",\"req\":\"^0.1\"},{\"default_features\":false,\"features\":[\"require-cas\"],\"name\":\"portable-atomic\",\"req\":\"^1.5.1\"}],\"features\":{\"alloc\":[],\"default\":[],\"std\":[\"alloc\"]}}", "portable-atomic_1.13.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"build-context\",\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"crabgrind\",\"req\":\"^0.1\",\"target\":\"cfg(valgrind)\"},{\"name\":\"critical-section\",\"optional\":true,\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"crossbeam-utils\",\"req\":\"=0.8.16\"},{\"kind\":\"dev\",\"name\":\"fastrand\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"=0.2.163\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"paste\",\"req\":\"^1\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.60\"},{\"kind\":\"dev\",\"name\":\"sptr\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"static_assertions\",\"req\":\"^1\"},{\"features\":[\"Win32_Foundation\",\"Win32_System_Threading\"],\"kind\":\"dev\",\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[\"fallback\"],\"disable-fiq\":[],\"fallback\":[],\"float\":[],\"force-amo\":[],\"require-cas\":[],\"s-mode\":[],\"std\":[],\"unsafe-assume-privileged\":[],\"unsafe-assume-single-core\":[]}}", "portable-pty_0.9.0": "{\"dependencies\":[{\"name\":\"anyhow\",\"req\":\"^1.0\"},{\"name\":\"bitflags\",\"req\":\"^1.3\",\"target\":\"cfg(windows)\"},{\"name\":\"downcast-rs\",\"req\":\"^1.0\"},{\"name\":\"filedescriptor\",\"req\":\"^0.8.3\"},{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"name\":\"lazy_static\",\"req\":\"^1.4\",\"target\":\"cfg(windows)\"},{\"name\":\"libc\",\"req\":\"^0.2\"},{\"name\":\"log\",\"req\":\"^0.4\"},{\"features\":[\"term\",\"fs\"],\"name\":\"nix\",\"req\":\"^0.28\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"serde_derive\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"serial2\",\"req\":\"^0.2\"},{\"name\":\"shared_library\",\"req\":\"^0.1\",\"target\":\"cfg(windows)\"},{\"name\":\"shell-words\",\"req\":\"^1.1\"},{\"kind\":\"dev\",\"name\":\"smol\",\"req\":\"^2.0\"},{\"features\":[\"winuser\",\"consoleapi\",\"handleapi\",\"fileapi\",\"namedpipeapi\",\"synchapi\"],\"name\":\"winapi\",\"req\":\"^0.3\",\"target\":\"cfg(windows)\"},{\"name\":\"winreg\",\"req\":\"^0.10\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[],\"serde_support\":[\"serde\",\"serde_derive\"]}}", + "postcard_1.1.3": "{\"dependencies\":[{\"default_features\":false,\"name\":\"cobs\",\"req\":\"^0.3.0\"},{\"name\":\"crc\",\"optional\":true,\"req\":\"^3.0.1\"},{\"name\":\"defmt\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"embedded-io-04\",\"optional\":true,\"package\":\"embedded-io\",\"req\":\"^0.4\"},{\"name\":\"embedded-io-06\",\"optional\":true,\"package\":\"embedded-io\",\"req\":\"^0.6\"},{\"default_features\":false,\"features\":[\"serde\"],\"name\":\"heapless\",\"optional\":true,\"req\":\"^0.7.0\"},{\"default_features\":false,\"name\":\"nalgebra_v0_33\",\"optional\":true,\"package\":\"nalgebra\",\"req\":\"^0.33.0\"},{\"name\":\"postcard-derive\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0.100\"}],\"features\":{\"alloc\":[\"serde/alloc\",\"embedded-io-04?/alloc\",\"embedded-io-06?/alloc\"],\"core-num-saturating\":[],\"crc\":[\"dep:crc\"],\"default\":[\"heapless-cas\"],\"defmt\":[\"dep:defmt\"],\"embedded-io\":[\"dep:embedded-io-04\"],\"embedded-io-04\":[\"dep:embedded-io-04\"],\"embedded-io-06\":[\"dep:embedded-io-06\"],\"experimental-derive\":[\"postcard-derive\"],\"heapless\":[\"dep:heapless\"],\"heapless-cas\":[\"heapless\",\"dep:heapless\",\"heapless/cas\"],\"nalgebra-v0_33\":[\"nalgebra_v0_33\"],\"paste\":[],\"postcard-derive\":[\"dep:postcard-derive\"],\"use-crc\":[\"crc\"],\"use-defmt\":[\"defmt\"],\"use-std\":[\"serde/std\",\"alloc\"]}}", "potential_utf_0.1.4": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.3.1\"},{\"default_features\":false,\"name\":\"databake\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.45\"},{\"default_features\":false,\"name\":\"writeable\",\"optional\":true,\"req\":\"^0.6.0\"},{\"default_features\":false,\"name\":\"zerovec\",\"optional\":true,\"req\":\"^0.11.3\"}],\"features\":{\"alloc\":[\"serde_core?/alloc\",\"writeable/alloc\",\"zerovec?/alloc\"],\"databake\":[\"dep:databake\"],\"default\":[\"alloc\"],\"serde\":[\"dep:serde_core\"],\"writeable\":[\"dep:writeable\"],\"zerovec\":[\"dep:zerovec\"]}}", "powerfmt_0.2.0": "{\"dependencies\":[{\"name\":\"powerfmt-macros\",\"optional\":true,\"req\":\"=0.1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"std\",\"macros\"],\"macros\":[\"dep:powerfmt-macros\"],\"std\":[\"alloc\"]}}", "ppv-lite86_0.2.21": "{\"dependencies\":[{\"features\":[\"simd\"],\"name\":\"zerocopy\",\"req\":\"^0.8.23\"}],\"features\":{\"default\":[\"std\"],\"no_simd\":[],\"simd\":[],\"std\":[]}}", - "precomputed-hash_0.1.1": "{\"dependencies\":[],\"features\":{}}", "predicates-core_1.0.9": "{\"dependencies\":[],\"features\":{}}", "predicates-tree_1.0.12": "{\"dependencies\":[{\"features\":[\"color\"],\"kind\":\"dev\",\"name\":\"predicates\",\"req\":\"^3.1\"},{\"name\":\"predicates-core\",\"req\":\"^1.0\"},{\"name\":\"termtree\",\"req\":\"^0.5.0\"}],\"features\":{}}", "predicates_3.1.3": "{\"dependencies\":[{\"name\":\"anstyle\",\"req\":\"^1.0.0\"},{\"name\":\"difflib\",\"optional\":true,\"req\":\"^0.4\"},{\"name\":\"float-cmp\",\"optional\":true,\"req\":\"^0.10\"},{\"name\":\"normalize-line-endings\",\"optional\":true,\"req\":\"^0.3.0\"},{\"name\":\"predicates-core\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"predicates-tree\",\"req\":\"^1.0\"},{\"name\":\"regex\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"color\":[],\"default\":[\"diff\",\"regex\",\"float-cmp\",\"normalize-line-endings\",\"color\"],\"diff\":[\"dep:difflib\"],\"unstable\":[]}}", @@ -1381,10 +1393,10 @@ "pxfm_0.1.27": "{\"dependencies\":[{\"name\":\"num-traits\",\"req\":\"^0.2.3\"}],\"features\":{}}", "quick-error_2.0.1": "{\"dependencies\":[],\"features\":{}}", "quick-xml_0.38.4": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\">=0.4, <0.8\"},{\"name\":\"document-features\",\"optional\":true,\"req\":\"^0.2\"},{\"name\":\"encoding_rs\",\"optional\":true,\"req\":\"^0.8\"},{\"name\":\"memchr\",\"req\":\"^2.1\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^1.4\"},{\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1\"},{\"name\":\"serde\",\"optional\":true,\"req\":\">=1.0.139\"},{\"kind\":\"dev\",\"name\":\"serde-value\",\"req\":\"^0.7\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.206\"},{\"default_features\":false,\"features\":[\"io-util\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.10\"},{\"default_features\":false,\"features\":[\"macros\",\"rt\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.21\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4\"}],\"features\":{\"async-tokio\":[\"tokio\"],\"default\":[],\"encoding\":[\"encoding_rs\"],\"escape-html\":[],\"overlapped-lists\":[],\"serde-types\":[\"serde/derive\"],\"serialize\":[\"serde\"]}}", + "quickcheck_1.1.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"env_logger\",\"optional\":true,\"req\":\"^0.11\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4\"},{\"default_features\":false,\"features\":[\"sys_rng\"],\"name\":\"rand\",\"req\":\"^0.10\"}],\"features\":{\"default\":[\"regex\",\"use_logging\"],\"regex\":[\"env_logger/regex\"],\"use_logging\":[\"log\",\"env_logger\"]}}", "quinn-proto_0.11.14": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.0.1\"},{\"kind\":\"dev\",\"name\":\"assert_matches\",\"req\":\"^1.1\"},{\"default_features\":false,\"name\":\"aws-lc-rs\",\"optional\":true,\"req\":\"^1.9\"},{\"name\":\"bytes\",\"req\":\"^1\"},{\"name\":\"fastbloom\",\"optional\":true,\"req\":\"^0.14\"},{\"default_features\":false,\"features\":[\"wasm_js\"],\"name\":\"getrandom\",\"req\":\"^0.3\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\"))\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1\"},{\"name\":\"lru-slab\",\"req\":\"^0.1.2\"},{\"name\":\"qlog\",\"optional\":true,\"req\":\"^0.15.2\"},{\"name\":\"rand\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rand_pcg\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rcgen\",\"req\":\"^0.14\"},{\"features\":[\"wasm32_unknown_unknown_js\"],\"name\":\"ring\",\"req\":\"^0.17\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\"))\"},{\"name\":\"ring\",\"optional\":true,\"req\":\"^0.17\"},{\"name\":\"rustc-hash\",\"req\":\"^2\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"rustls\",\"optional\":true,\"req\":\"^0.23.5\"},{\"features\":[\"web\"],\"name\":\"rustls-pki-types\",\"req\":\"^1.7\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\"))\"},{\"name\":\"rustls-platform-verifier\",\"optional\":true,\"req\":\"^0.6\"},{\"name\":\"slab\",\"req\":\"^0.4.6\"},{\"name\":\"thiserror\",\"req\":\"^2.0.3\"},{\"features\":[\"alloc\",\"alloc\"],\"name\":\"tinyvec\",\"req\":\"^1.1\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"req\":\"^0.1.10\"},{\"default_features\":false,\"features\":[\"env-filter\",\"fmt\",\"ansi\",\"time\",\"local-time\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3.45\"},{\"name\":\"web-time\",\"req\":\"^1\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\"))\"}],\"features\":{\"__rustls-post-quantum-test\":[],\"aws-lc-rs\":[\"dep:aws-lc-rs\",\"aws-lc-rs?/aws-lc-sys\",\"aws-lc-rs?/prebuilt-nasm\"],\"aws-lc-rs-fips\":[\"aws-lc-rs\",\"aws-lc-rs?/fips\"],\"bloom\":[\"dep:fastbloom\"],\"default\":[\"rustls-ring\",\"log\",\"bloom\"],\"log\":[\"tracing/log\"],\"platform-verifier\":[\"dep:rustls-platform-verifier\"],\"qlog\":[\"dep:qlog\"],\"ring\":[\"dep:ring\"],\"rustls\":[\"rustls-ring\"],\"rustls-aws-lc-rs\":[\"dep:rustls\",\"rustls?/aws-lc-rs\",\"aws-lc-rs\"],\"rustls-aws-lc-rs-fips\":[\"rustls-aws-lc-rs\",\"aws-lc-rs-fips\"],\"rustls-log\":[\"rustls?/logging\"],\"rustls-ring\":[\"dep:rustls\",\"rustls?/ring\",\"ring\"]}}", "quinn-udp_0.5.14": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"cfg_aliases\",\"req\":\"^0.2\"},{\"default_features\":false,\"features\":[\"async_tokio\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.7\"},{\"name\":\"libc\",\"req\":\"^0.2.158\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4\"},{\"name\":\"once_cell\",\"req\":\"^1.19\",\"target\":\"cfg(windows)\"},{\"name\":\"socket2\",\"req\":\">=0.5, <0.7\",\"target\":\"cfg(not(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\")))\"},{\"features\":[\"sync\",\"rt\",\"rt-multi-thread\",\"net\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.28.1\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1.10\"},{\"features\":[\"Win32_Foundation\",\"Win32_System_IO\",\"Win32_Networking_WinSock\"],\"name\":\"windows-sys\",\"req\":\">=0.52, <=0.60\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[\"tracing\",\"log\"],\"direct-log\":[\"dep:log\"],\"fast-apple-datapath\":[],\"log\":[\"tracing/log\"]}}", "quinn_0.11.9": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.22\"},{\"name\":\"async-io\",\"optional\":true,\"req\":\"^2\"},{\"name\":\"async-std\",\"optional\":true,\"req\":\"^1.11\"},{\"kind\":\"dev\",\"name\":\"bencher\",\"req\":\"^0.1.5\"},{\"name\":\"bytes\",\"req\":\"^1\"},{\"kind\":\"build\",\"name\":\"cfg_aliases\",\"req\":\"^0.2\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"clap\",\"req\":\"^4\"},{\"kind\":\"dev\",\"name\":\"crc\",\"req\":\"^3\"},{\"kind\":\"dev\",\"name\":\"directories-next\",\"req\":\"^2\"},{\"name\":\"futures-io\",\"optional\":true,\"req\":\"^0.3.19\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2\"},{\"default_features\":false,\"name\":\"proto\",\"package\":\"quinn-proto\",\"req\":\"^0.11.12\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\"},{\"kind\":\"dev\",\"name\":\"rcgen\",\"req\":\"^0.14\"},{\"name\":\"rustc-hash\",\"req\":\"^2\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"rustls\",\"optional\":true,\"req\":\"^0.23.5\"},{\"kind\":\"dev\",\"name\":\"rustls-pemfile\",\"req\":\"^2\"},{\"name\":\"smol\",\"optional\":true,\"req\":\"^2\"},{\"name\":\"socket2\",\"req\":\">=0.5, <0.7\",\"target\":\"cfg(not(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\")))\"},{\"name\":\"thiserror\",\"req\":\"^2.0.3\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"req\":\"^1.28.1\"},{\"features\":[\"sync\",\"rt\",\"rt-multi-thread\",\"time\",\"macros\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.28.1\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"req\":\"^0.1.10\"},{\"default_features\":false,\"features\":[\"std-future\"],\"kind\":\"dev\",\"name\":\"tracing-futures\",\"req\":\"^0.2.0\"},{\"default_features\":false,\"features\":[\"env-filter\",\"fmt\",\"ansi\",\"time\",\"local-time\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3.0\"},{\"default_features\":false,\"features\":[\"tracing\"],\"name\":\"udp\",\"package\":\"quinn-udp\",\"req\":\"^0.5\"},{\"kind\":\"dev\",\"name\":\"url\",\"req\":\"^2\"},{\"name\":\"web-time\",\"req\":\"^1\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\"))\"}],\"features\":{\"aws-lc-rs\":[\"proto/aws-lc-rs\"],\"aws-lc-rs-fips\":[\"proto/aws-lc-rs-fips\"],\"bloom\":[\"proto/bloom\"],\"default\":[\"log\",\"platform-verifier\",\"runtime-tokio\",\"rustls-ring\",\"bloom\"],\"lock_tracking\":[],\"log\":[\"tracing/log\",\"proto/log\",\"udp/log\"],\"platform-verifier\":[\"proto/platform-verifier\"],\"qlog\":[\"proto/qlog\"],\"ring\":[\"proto/ring\"],\"runtime-async-std\":[\"async-io\",\"async-std\"],\"runtime-smol\":[\"async-io\",\"smol\"],\"runtime-tokio\":[\"tokio/time\",\"tokio/rt\",\"tokio/net\"],\"rustls\":[\"rustls-ring\"],\"rustls-aws-lc-rs\":[\"dep:rustls\",\"aws-lc-rs\",\"proto/rustls-aws-lc-rs\",\"proto/aws-lc-rs\"],\"rustls-aws-lc-rs-fips\":[\"dep:rustls\",\"aws-lc-rs-fips\",\"proto/rustls-aws-lc-rs-fips\",\"proto/aws-lc-rs-fips\"],\"rustls-log\":[\"rustls?/logging\"],\"rustls-ring\":[\"dep:rustls\",\"ring\",\"proto/rustls-ring\",\"proto/ring\"]}}", - "quote_1.0.44": "{\"dependencies\":[{\"default_features\":false,\"name\":\"proc-macro2\",\"req\":\"^1.0.80\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"}],\"features\":{\"default\":[\"proc-macro\"],\"proc-macro\":[\"proc-macro2/proc-macro\"]}}", "quote_1.0.45": "{\"dependencies\":[{\"default_features\":false,\"name\":\"proc-macro2\",\"req\":\"^1.0.80\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1.0\"},{\"features\":[\"diff\"],\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.108\"}],\"features\":{\"default\":[\"proc-macro\"],\"proc-macro\":[\"proc-macro2/proc-macro\"]}}", "r-efi_5.3.0": "{\"dependencies\":[{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"}],\"features\":{\"efiapi\":[],\"examples\":[\"native\"],\"native\":[],\"rustc-dep-of-std\":[\"core\"]}}", "r-efi_6.0.0": "{\"dependencies\":[{\"name\":\"core\",\"optional\":true,\"package\":\"rustc-std-workspace-core\",\"req\":\"^1.0.0\"}],\"features\":{\"native\":[],\"rustc-dep-of-std\":[\"core\"]}}", @@ -1408,6 +1420,7 @@ "rama-utils_0.3.0-alpha.4": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"ahash\",\"req\":\"^0.8\"},{\"name\":\"const_format\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"name\":\"parking_lot\",\"req\":\"^0.12\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0\"},{\"name\":\"rama-macros\",\"req\":\"^0.3.0-alpha.4\"},{\"name\":\"regex\",\"req\":\"^1.12\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1\"},{\"features\":[\"write\",\"serde\",\"const_generics\",\"const_new\"],\"name\":\"smallvec\",\"req\":\"^1.15\"},{\"name\":\"smol_str\",\"req\":\"^0.3\"},{\"features\":[\"time\",\"macros\"],\"name\":\"tokio\",\"req\":\"^1.48\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0\"},{\"name\":\"wildcard\",\"req\":\"^0.3\"}],\"features\":{}}", "rand_0.10.1": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"rng\"],\"name\":\"chacha20\",\"optional\":true,\"req\":\"^0.10.0\"},{\"name\":\"getrandom\",\"optional\":true,\"req\":\"^0.4.0\"},{\"default_features\":false,\"features\":[\"alloc\"],\"kind\":\"dev\",\"name\":\"postcard\",\"req\":\"^1.1.3\"},{\"default_features\":false,\"name\":\"rand_core\",\"req\":\"^0.10.0\"},{\"kind\":\"dev\",\"name\":\"rand_pcg\",\"req\":\"^0.10\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.7\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.103\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.140\"}],\"features\":{\"alloc\":[],\"chacha\":[\"dep:chacha20\"],\"default\":[\"std\",\"std_rng\",\"sys_rng\",\"thread_rng\"],\"log\":[],\"serde\":[\"dep:serde\"],\"simd_support\":[],\"std\":[\"alloc\",\"getrandom?/std\"],\"std_rng\":[\"dep:chacha20\"],\"sys_rng\":[\"dep:getrandom\",\"getrandom/sys_rng\"],\"thread_rng\":[\"std\",\"std_rng\",\"sys_rng\"],\"unbiased\":[]}}", "rand_0.8.5": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.2.1\"},{\"default_features\":false,\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.22\",\"target\":\"cfg(unix)\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.4\"},{\"features\":[\"into_bits\"],\"name\":\"packed_simd\",\"optional\":true,\"package\":\"packed_simd_2\",\"req\":\"^0.3.7\"},{\"default_features\":false,\"name\":\"rand_chacha\",\"optional\":true,\"req\":\"^0.3.0\"},{\"name\":\"rand_core\",\"req\":\"^0.6.0\"},{\"kind\":\"dev\",\"name\":\"rand_pcg\",\"req\":\"^0.3.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.103\"}],\"features\":{\"alloc\":[\"rand_core/alloc\"],\"default\":[\"std\",\"std_rng\"],\"getrandom\":[\"rand_core/getrandom\"],\"min_const_gen\":[],\"nightly\":[],\"serde1\":[\"serde\",\"rand_core/serde1\"],\"simd_support\":[\"packed_simd\"],\"small_rng\":[],\"std\":[\"rand_core/std\",\"rand_chacha/std\",\"alloc\",\"getrandom\",\"libc\"],\"std_rng\":[\"rand_chacha\"]}}", + "rand_0.8.6": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.2.1\"},{\"default_features\":false,\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.22\",\"target\":\"cfg(unix)\"},{\"default_features\":false,\"name\":\"rand_chacha\",\"optional\":true,\"req\":\"^0.3.0\"},{\"name\":\"rand_core\",\"req\":\"^0.6.0\"},{\"kind\":\"dev\",\"name\":\"rand_pcg\",\"req\":\"^0.3.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.103\"}],\"features\":{\"alloc\":[\"rand_core/alloc\"],\"default\":[\"std\",\"std_rng\"],\"getrandom\":[\"rand_core/getrandom\"],\"log\":[],\"min_const_gen\":[],\"nightly\":[],\"serde1\":[\"serde\",\"rand_core/serde1\"],\"small_rng\":[],\"std\":[\"rand_core/std\",\"rand_chacha/std\",\"alloc\",\"getrandom\",\"libc\"],\"std_rng\":[\"rand_chacha\"]}}", "rand_0.9.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.2.1\"},{\"default_features\":false,\"name\":\"rand_chacha\",\"optional\":true,\"req\":\"^0.9.0\"},{\"default_features\":false,\"name\":\"rand_core\",\"req\":\"^0.9.0\"},{\"kind\":\"dev\",\"name\":\"rand_pcg\",\"req\":\"^0.9.0\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.7\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.103\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.140\"}],\"features\":{\"alloc\":[],\"default\":[\"std\",\"std_rng\",\"os_rng\",\"small_rng\",\"thread_rng\"],\"log\":[],\"nightly\":[],\"os_rng\":[\"rand_core/os_rng\"],\"serde\":[\"dep:serde\",\"rand_core/serde\"],\"simd_support\":[],\"small_rng\":[],\"std\":[\"rand_core/std\",\"rand_chacha?/std\",\"alloc\"],\"std_rng\":[\"dep:rand_chacha\"],\"thread_rng\":[\"std\",\"std_rng\",\"os_rng\"],\"unbiased\":[]}}", "rand_chacha_0.3.1": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"simd\"],\"name\":\"ppv-lite86\",\"req\":\"^0.2.8\"},{\"name\":\"rand_core\",\"req\":\"^0.6.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"std\"],\"serde1\":[\"serde\"],\"simd\":[],\"std\":[\"ppv-lite86/std\"]}}", "rand_chacha_0.9.0": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"simd\"],\"name\":\"ppv-lite86\",\"req\":\"^0.2.14\"},{\"name\":\"rand_core\",\"req\":\"^0.9.0\"},{\"features\":[\"os_rng\"],\"kind\":\"dev\",\"name\":\"rand_core\",\"req\":\"^0.9.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"std\"],\"os_rng\":[\"rand_core/os_rng\"],\"serde\":[\"dep:serde\"],\"std\":[\"ppv-lite86/std\",\"rand_core/std\"]}}", @@ -1429,7 +1442,6 @@ "regex-automata_0.4.13": "{\"dependencies\":[{\"default_features\":false,\"name\":\"aho-corasick\",\"optional\":true,\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.69\"},{\"default_features\":false,\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"bstr\",\"req\":\"^1.3.0\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.3\"},{\"default_features\":false,\"features\":[\"atty\",\"humantime\",\"termcolor\"],\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.9.3\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.14\"},{\"default_features\":false,\"name\":\"memchr\",\"optional\":true,\"req\":\"^2.6.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"default_features\":false,\"name\":\"regex-syntax\",\"optional\":true,\"req\":\"^0.8.5\"},{\"kind\":\"dev\",\"name\":\"regex-test\",\"req\":\"^0.1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"std\",\"syntax\",\"perf\",\"unicode\",\"meta\",\"nfa\",\"dfa\",\"hybrid\"],\"dfa\":[\"dfa-build\",\"dfa-search\",\"dfa-onepass\"],\"dfa-build\":[\"nfa-thompson\",\"dfa-search\"],\"dfa-onepass\":[\"nfa-thompson\"],\"dfa-search\":[],\"hybrid\":[\"alloc\",\"nfa-thompson\"],\"internal-instrument\":[\"internal-instrument-pikevm\"],\"internal-instrument-pikevm\":[\"logging\",\"std\"],\"logging\":[\"dep:log\",\"aho-corasick?/logging\",\"memchr?/logging\"],\"meta\":[\"syntax\",\"nfa-pikevm\"],\"nfa\":[\"nfa-thompson\",\"nfa-pikevm\",\"nfa-backtrack\"],\"nfa-backtrack\":[\"nfa-thompson\"],\"nfa-pikevm\":[\"nfa-thompson\"],\"nfa-thompson\":[\"alloc\"],\"perf\":[\"perf-inline\",\"perf-literal\"],\"perf-inline\":[],\"perf-literal\":[\"perf-literal-substring\",\"perf-literal-multisubstring\"],\"perf-literal-multisubstring\":[\"dep:aho-corasick\"],\"perf-literal-substring\":[\"aho-corasick?/perf-literal\",\"dep:memchr\"],\"std\":[\"regex-syntax?/std\",\"memchr?/std\",\"aho-corasick?/std\",\"alloc\"],\"syntax\":[\"dep:regex-syntax\",\"alloc\"],\"unicode\":[\"unicode-age\",\"unicode-bool\",\"unicode-case\",\"unicode-gencat\",\"unicode-perl\",\"unicode-script\",\"unicode-segment\",\"unicode-word-boundary\",\"regex-syntax?/unicode\"],\"unicode-age\":[\"regex-syntax?/unicode-age\"],\"unicode-bool\":[\"regex-syntax?/unicode-bool\"],\"unicode-case\":[\"regex-syntax?/unicode-case\"],\"unicode-gencat\":[\"regex-syntax?/unicode-gencat\"],\"unicode-perl\":[\"regex-syntax?/unicode-perl\"],\"unicode-script\":[\"regex-syntax?/unicode-script\"],\"unicode-segment\":[\"regex-syntax?/unicode-segment\"],\"unicode-word-boundary\":[]}}", "regex-automata_0.4.14": "{\"dependencies\":[{\"default_features\":false,\"name\":\"aho-corasick\",\"optional\":true,\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.69\"},{\"default_features\":false,\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"bstr\",\"req\":\"^1.3.0\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3.3\"},{\"default_features\":false,\"features\":[\"atty\",\"humantime\",\"termcolor\"],\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.9.3\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.14\"},{\"default_features\":false,\"name\":\"memchr\",\"optional\":true,\"req\":\"^2.6.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"default_features\":false,\"name\":\"regex-syntax\",\"optional\":true,\"req\":\"^0.8.5\"},{\"kind\":\"dev\",\"name\":\"regex-test\",\"req\":\"^0.1.0\"}],\"features\":{\"alloc\":[],\"default\":[\"std\",\"syntax\",\"perf\",\"unicode\",\"meta\",\"nfa\",\"dfa\",\"hybrid\"],\"dfa\":[\"dfa-build\",\"dfa-search\",\"dfa-onepass\"],\"dfa-build\":[\"nfa-thompson\",\"dfa-search\"],\"dfa-onepass\":[\"nfa-thompson\"],\"dfa-search\":[],\"hybrid\":[\"alloc\",\"nfa-thompson\"],\"internal-instrument\":[\"internal-instrument-pikevm\"],\"internal-instrument-pikevm\":[\"logging\",\"std\"],\"logging\":[\"dep:log\",\"aho-corasick?/logging\",\"memchr?/logging\"],\"meta\":[\"syntax\",\"nfa-pikevm\"],\"nfa\":[\"nfa-thompson\",\"nfa-pikevm\",\"nfa-backtrack\"],\"nfa-backtrack\":[\"nfa-thompson\"],\"nfa-pikevm\":[\"nfa-thompson\"],\"nfa-thompson\":[\"alloc\"],\"perf\":[\"perf-inline\",\"perf-literal\"],\"perf-inline\":[],\"perf-literal\":[\"perf-literal-substring\",\"perf-literal-multisubstring\"],\"perf-literal-multisubstring\":[\"dep:aho-corasick\"],\"perf-literal-substring\":[\"aho-corasick?/perf-literal\",\"dep:memchr\"],\"std\":[\"regex-syntax?/std\",\"memchr?/std\",\"aho-corasick?/std\",\"alloc\"],\"syntax\":[\"dep:regex-syntax\",\"alloc\"],\"unicode\":[\"unicode-age\",\"unicode-bool\",\"unicode-case\",\"unicode-gencat\",\"unicode-perl\",\"unicode-script\",\"unicode-segment\",\"unicode-word-boundary\",\"regex-syntax?/unicode\"],\"unicode-age\":[\"regex-syntax?/unicode-age\"],\"unicode-bool\":[\"regex-syntax?/unicode-bool\"],\"unicode-case\":[\"regex-syntax?/unicode-case\"],\"unicode-gencat\":[\"regex-syntax?/unicode-gencat\"],\"unicode-perl\":[\"regex-syntax?/unicode-perl\"],\"unicode-script\":[\"regex-syntax?/unicode-script\"],\"unicode-segment\":[\"regex-syntax?/unicode-segment\"],\"unicode-word-boundary\":[]}}", "regex-lite_0.1.8": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.69\"},{\"kind\":\"dev\",\"name\":\"regex-test\",\"req\":\"^0.1.0\"}],\"features\":{\"default\":[\"std\",\"string\"],\"std\":[],\"string\":[]}}", - "regex-syntax_0.6.29": "{\"dependencies\":[],\"features\":{\"default\":[\"unicode\"],\"unicode\":[\"unicode-age\",\"unicode-bool\",\"unicode-case\",\"unicode-gencat\",\"unicode-perl\",\"unicode-script\",\"unicode-segment\"],\"unicode-age\":[],\"unicode-bool\":[],\"unicode-case\":[],\"unicode-gencat\":[],\"unicode-perl\":[],\"unicode-script\":[],\"unicode-segment\":[]}}", "regex-syntax_0.8.10": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.3.0\"}],\"features\":{\"arbitrary\":[\"dep:arbitrary\"],\"default\":[\"std\",\"unicode\"],\"std\":[],\"unicode\":[\"unicode-age\",\"unicode-bool\",\"unicode-case\",\"unicode-gencat\",\"unicode-perl\",\"unicode-script\",\"unicode-segment\"],\"unicode-age\":[],\"unicode-bool\":[],\"unicode-case\":[],\"unicode-gencat\":[],\"unicode-perl\":[],\"unicode-script\":[],\"unicode-segment\":[]}}", "regex-syntax_0.8.8": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.3.0\"}],\"features\":{\"arbitrary\":[\"dep:arbitrary\"],\"default\":[\"std\",\"unicode\"],\"std\":[],\"unicode\":[\"unicode-age\",\"unicode-bool\",\"unicode-case\",\"unicode-gencat\",\"unicode-perl\",\"unicode-script\",\"unicode-segment\"],\"unicode-age\":[],\"unicode-bool\":[],\"unicode-case\":[],\"unicode-gencat\":[],\"unicode-perl\":[],\"unicode-script\":[],\"unicode-segment\":[]}}", "regex_1.12.3": "{\"dependencies\":[{\"default_features\":false,\"name\":\"aho-corasick\",\"optional\":true,\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.69\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3\"},{\"default_features\":false,\"features\":[\"atty\",\"humantime\",\"termcolor\"],\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.9.3\"},{\"default_features\":false,\"name\":\"memchr\",\"optional\":true,\"req\":\"^2.6.0\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"default_features\":false,\"features\":[\"alloc\",\"syntax\",\"meta\",\"nfa-pikevm\"],\"name\":\"regex-automata\",\"req\":\"^0.4.12\"},{\"default_features\":false,\"name\":\"regex-syntax\",\"req\":\"^0.8.5\"},{\"kind\":\"dev\",\"name\":\"regex-test\",\"req\":\"^0.1.0\"}],\"features\":{\"default\":[\"std\",\"perf\",\"unicode\",\"regex-syntax/default\"],\"logging\":[\"aho-corasick?/logging\",\"memchr?/logging\",\"regex-automata/logging\"],\"pattern\":[],\"perf\":[\"perf-cache\",\"perf-dfa\",\"perf-onepass\",\"perf-backtrack\",\"perf-inline\",\"perf-literal\"],\"perf-backtrack\":[\"regex-automata/nfa-backtrack\"],\"perf-cache\":[],\"perf-dfa\":[\"regex-automata/hybrid\"],\"perf-dfa-full\":[\"regex-automata/dfa-build\",\"regex-automata/dfa-search\"],\"perf-inline\":[\"regex-automata/perf-inline\"],\"perf-literal\":[\"dep:aho-corasick\",\"dep:memchr\",\"regex-automata/perf-literal\"],\"perf-onepass\":[\"regex-automata/dfa-onepass\"],\"std\":[\"aho-corasick?/std\",\"memchr?/std\",\"regex-automata/std\",\"regex-syntax/std\"],\"unicode\":[\"unicode-age\",\"unicode-bool\",\"unicode-case\",\"unicode-gencat\",\"unicode-perl\",\"unicode-script\",\"unicode-segment\",\"regex-automata/unicode\",\"regex-syntax/unicode\"],\"unicode-age\":[\"regex-automata/unicode-age\",\"regex-syntax/unicode-age\"],\"unicode-bool\":[\"regex-automata/unicode-bool\",\"regex-syntax/unicode-bool\"],\"unicode-case\":[\"regex-automata/unicode-case\",\"regex-syntax/unicode-case\"],\"unicode-gencat\":[\"regex-automata/unicode-gencat\",\"regex-syntax/unicode-gencat\"],\"unicode-perl\":[\"regex-automata/unicode-perl\",\"regex-automata/unicode-word-boundary\",\"regex-syntax/unicode-perl\"],\"unicode-script\":[\"regex-automata/unicode-script\",\"regex-syntax/unicode-script\"],\"unicode-segment\":[\"regex-automata/unicode-segment\",\"regex-syntax/unicode-segment\"],\"unstable\":[\"pattern\"],\"use_std\":[\"std\"]}}", @@ -1500,6 +1512,7 @@ "sentry-tracing_0.46.1": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2.9.4\"},{\"kind\":\"dev\",\"name\":\"log\",\"req\":\"^0.4\"},{\"name\":\"sentry-backtrace\",\"optional\":true,\"req\":\"^0.46.1\"},{\"features\":[\"client\"],\"name\":\"sentry-core\",\"req\":\"^0.46.1\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1\"},{\"features\":[\"rt-multi-thread\",\"macros\",\"time\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.44\"},{\"kind\":\"dev\",\"name\":\"tracing\",\"req\":\"^0.1\"},{\"name\":\"tracing-core\",\"req\":\"^0.1\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing-subscriber\",\"req\":\"^0.3.20\"},{\"features\":[\"fmt\",\"registry\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3.20\"}],\"features\":{\"backtrace\":[\"dep:sentry-backtrace\"],\"default\":[],\"logs\":[\"sentry-core/logs\"]}}", "sentry-types_0.46.1": "{\"dependencies\":[{\"features\":[\"serde\"],\"name\":\"debugid\",\"req\":\"^0.8.0\"},{\"name\":\"hex\",\"req\":\"^0.4.3\"},{\"name\":\"rand\",\"req\":\"^0.9.0\"},{\"kind\":\"dev\",\"name\":\"rstest\",\"req\":\"^0.25.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0.104\"},{\"name\":\"serde_json\",\"req\":\"^1.0.46\"},{\"name\":\"thiserror\",\"req\":\"^2.0.12\"},{\"features\":[\"formatting\",\"parsing\"],\"name\":\"time\",\"req\":\"^0.3.5\"},{\"features\":[\"serde\"],\"name\":\"url\",\"req\":\"^2.1.1\"},{\"features\":[\"serde\"],\"name\":\"uuid\",\"req\":\"^1.0.0\"}],\"features\":{\"default\":[\"protocol\"],\"protocol\":[]}}", "sentry_0.46.1": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"actix-web\",\"req\":\"^4\"},{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.30\"},{\"name\":\"curl\",\"optional\":true,\"req\":\"^0.4.25\"},{\"name\":\"embedded-svc\",\"optional\":true,\"req\":\"^0.28.1\"},{\"name\":\"esp-idf-svc\",\"optional\":true,\"req\":\"^0.51.0\",\"target\":\"cfg(target_os = \\\"espidf\\\")\"},{\"name\":\"httpdate\",\"optional\":true,\"req\":\"^1.0.0\"},{\"features\":[\"std\"],\"kind\":\"dev\",\"name\":\"log\",\"req\":\"^0.4.8\"},{\"name\":\"native-tls\",\"optional\":true,\"req\":\"^0.2.8\"},{\"kind\":\"dev\",\"name\":\"pretty_env_logger\",\"req\":\"^0.5.0\"},{\"default_features\":false,\"features\":[\"blocking\",\"json\"],\"name\":\"reqwest\",\"optional\":true,\"req\":\"^0.12.25\"},{\"default_features\":false,\"name\":\"rustls\",\"optional\":true,\"req\":\"^0.23.18\"},{\"default_features\":false,\"name\":\"sentry-actix\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-anyhow\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-backtrace\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-contexts\",\"optional\":true,\"req\":\"^0.46.1\"},{\"features\":[\"client\"],\"name\":\"sentry-core\",\"req\":\"^0.46.1\"},{\"name\":\"sentry-debug-images\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-log\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-opentelemetry\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-panic\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-slog\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-tower\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"sentry-tracing\",\"optional\":true,\"req\":\"^0.46.1\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.48\"},{\"kind\":\"dev\",\"name\":\"slog\",\"req\":\"^2.5.2\"},{\"features\":[\"rt\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.44\"},{\"features\":[\"macros\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.44\"},{\"features\":[\"util\"],\"kind\":\"dev\",\"name\":\"tower\",\"req\":\"^0.5.2\"},{\"kind\":\"dev\",\"name\":\"tracing\",\"req\":\"^0.1\"},{\"features\":[\"fmt\",\"tracing-log\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"ureq\",\"optional\":true,\"req\":\"^3.0.11\"}],\"features\":{\"actix\":[\"sentry-actix\"],\"anyhow\":[\"sentry-anyhow\"],\"backtrace\":[\"sentry-backtrace\",\"sentry-tracing?/backtrace\"],\"contexts\":[\"sentry-contexts\"],\"curl\":[\"dep:curl\",\"httpdate\"],\"debug-images\":[\"sentry-debug-images\"],\"default\":[\"backtrace\",\"contexts\",\"debug-images\",\"panic\",\"transport\",\"release-health\"],\"embedded-svc-http\":[\"dep:embedded-svc\",\"dep:esp-idf-svc\"],\"log\":[\"sentry-log\"],\"logs\":[\"sentry-core/logs\",\"sentry-tracing?/logs\",\"sentry-log?/logs\"],\"native-tls\":[\"dep:native-tls\",\"reqwest?/default-tls\",\"ureq?/native-tls\"],\"opentelemetry\":[\"sentry-opentelemetry\"],\"panic\":[\"sentry-panic\"],\"release-health\":[\"sentry-core/release-health\",\"sentry-actix?/release-health\"],\"reqwest\":[\"dep:reqwest\",\"httpdate\",\"tokio\"],\"rustls\":[\"dep:rustls\",\"reqwest?/rustls-tls\",\"ureq?/rustls\"],\"slog\":[\"sentry-slog\"],\"test\":[\"sentry-core/test\"],\"tower\":[\"sentry-tower\"],\"tower-axum-matched-path\":[\"tower-http\",\"sentry-tower/axum-matched-path\"],\"tower-http\":[\"tower\",\"sentry-tower/http\"],\"tracing\":[\"sentry-tracing\"],\"transport\":[\"reqwest\",\"native-tls\"],\"ureq\":[\"dep:ureq\",\"httpdate\"]}}", + "sequence_trie_0.3.6": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"btreemap\":[]}}", "serde_1.0.228": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"result\"],\"name\":\"serde_core\",\"req\":\"=1.0.228\"},{\"name\":\"serde_derive\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"alloc\":[\"serde_core/alloc\"],\"default\":[\"std\"],\"derive\":[\"serde_derive\"],\"rc\":[\"serde_core/rc\"],\"std\":[\"serde_core/std\"],\"unstable\":[\"serde_core/unstable\"]}}", "serde_core_1.0.228": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1\"},{\"name\":\"serde_derive\",\"req\":\"=1.0.228\",\"target\":\"cfg(any())\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1\"}],\"features\":{\"alloc\":[],\"default\":[\"std\",\"result\"],\"rc\":[],\"result\":[],\"std\":[],\"unstable\":[]}}", "serde_derive_1.0.228": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"proc-macro\"],\"name\":\"proc-macro2\",\"req\":\"^1.0.74\"},{\"default_features\":false,\"features\":[\"proc-macro\"],\"name\":\"quote\",\"req\":\"^1.0.35\"},{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"clone-impls\",\"derive\",\"parsing\",\"printing\",\"proc-macro\"],\"name\":\"syn\",\"req\":\"^2.0.81\"}],\"features\":{\"default\":[],\"deserialize_in_place\":[]}}", @@ -1536,14 +1549,13 @@ "simdutf8_0.1.5": "{\"dependencies\":[],\"features\":{\"aarch64_neon\":[],\"aarch64_neon_prefetch\":[],\"default\":[\"std\"],\"hints\":[],\"public_imp\":[],\"std\":[]}}", "similar_2.7.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"bstr\",\"optional\":true,\"req\":\"^1.5.0\"},{\"kind\":\"dev\",\"name\":\"console\",\"req\":\"^0.15.0\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1.10.0\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.130\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.68\"},{\"name\":\"unicode-segmentation\",\"optional\":true,\"req\":\"^1.7.1\"},{\"name\":\"web-time\",\"optional\":true,\"req\":\"^1.1\"}],\"features\":{\"bytes\":[\"bstr\",\"text\"],\"default\":[\"text\"],\"inline\":[\"text\"],\"text\":[],\"unicode\":[\"text\",\"unicode-segmentation\",\"bstr?/unicode\",\"bstr?/std\"],\"wasm32_web_time\":[\"web-time\"]}}", "simple_asn1_0.6.4": "{\"dependencies\":[{\"default_features\":false,\"name\":\"num-bigint\",\"req\":\"^0.4\"},{\"default_features\":false,\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"quickcheck\",\"req\":\"^1.0.3\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.4\"},{\"default_features\":false,\"name\":\"thiserror\",\"req\":\"^2\"},{\"default_features\":false,\"features\":[\"formatting\",\"macros\",\"parsing\"],\"name\":\"time\",\"req\":\"^0.3.47\"},{\"default_features\":false,\"features\":[\"formatting\",\"macros\",\"parsing\",\"quickcheck\"],\"kind\":\"dev\",\"name\":\"time\",\"req\":\"^0.3\"}],\"features\":{}}", - "siphasher_1.0.2": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"default\":[\"std\"],\"serde_no_std\":[\"serde/alloc\"],\"serde_std\":[\"std\",\"serde/std\"],\"std\":[]}}", "slab_0.4.12": "{\"dependencies\":[{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.95\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1\"}],\"features\":{\"default\":[\"std\"],\"std\":[]}}", "smallvec_1.15.1": "{\"dependencies\":[{\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1\"},{\"default_features\":false,\"name\":\"bincode\",\"optional\":true,\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"bincode1\",\"package\":\"bincode\",\"req\":\"^1.0.1\"},{\"kind\":\"dev\",\"name\":\"debugger_test\",\"req\":\"^0.1.0\"},{\"kind\":\"dev\",\"name\":\"debugger_test_parser\",\"req\":\"^0.1.0\"},{\"default_features\":false,\"name\":\"malloc_size_of\",\"optional\":true,\"req\":\"^0.1\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"},{\"default_features\":false,\"name\":\"unty\",\"optional\":true,\"req\":\"^0.0.4\"}],\"features\":{\"const_generics\":[],\"const_new\":[\"const_generics\"],\"debugger_visualizer\":[],\"drain_filter\":[],\"drain_keep_rest\":[\"drain_filter\"],\"impl_bincode\":[\"bincode\",\"unty\"],\"may_dangle\":[],\"specialization\":[],\"union\":[],\"write\":[]}}", "smawk_0.3.2": "{\"dependencies\":[{\"name\":\"ndarray\",\"optional\":true,\"req\":\"^0.15.4\"},{\"kind\":\"dev\",\"name\":\"num-traits\",\"req\":\"^0.2.14\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.4\"},{\"kind\":\"dev\",\"name\":\"rand_chacha\",\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"version-sync\",\"req\":\"^0.9.4\"}],\"features\":{}}", "smol_str_0.3.5": "{\"dependencies\":[{\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.3\"},{\"default_features\":false,\"name\":\"borsh\",\"optional\":true,\"req\":\"^1.4.0\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.7\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1.5\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9.2\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"default\":[\"std\"],\"serde\":[\"dep:serde_core\"],\"std\":[\"serde_core?/std\",\"borsh?/std\"]}}", "socket2_0.5.10": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2.171\",\"target\":\"cfg(unix)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_System_IO\",\"Win32_System_Threading\",\"Win32_System_WindowsProgramming\"],\"name\":\"windows-sys\",\"req\":\"^0.52\",\"target\":\"cfg(windows)\"}],\"features\":{\"all\":[]}}", - "socket2_0.6.2": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2.172\",\"target\":\"cfg(unix)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_System_IO\",\"Win32_System_Threading\",\"Win32_System_WindowsProgramming\"],\"name\":\"windows-sys\",\"req\":\"^0.60\",\"target\":\"cfg(windows)\"}],\"features\":{\"all\":[]}}", "socket2_0.6.3": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2.172\",\"target\":\"cfg(any(unix, target_os = \\\"wasi\\\"))\"},{\"features\":[\"Win32_Foundation\",\"Win32_Networking_WinSock\",\"Win32_System_IO\",\"Win32_System_Threading\",\"Win32_System_WindowsProgramming\"],\"name\":\"windows-sys\",\"req\":\">=0.60, <0.62\",\"target\":\"cfg(windows)\"}],\"features\":{\"all\":[]}}", + "sorted_vector_map_0.2.1": "{\"dependencies\":[{\"name\":\"itertools\",\"req\":\"^0.14.0\"},{\"name\":\"quickcheck\",\"req\":\"^1.0\"}],\"features\":{}}", "spin_0.9.8": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.4\"},{\"name\":\"lock_api_crate\",\"optional\":true,\"package\":\"lock_api\",\"req\":\"^0.4\"},{\"default_features\":false,\"name\":\"portable-atomic\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"barrier\":[\"mutex\"],\"default\":[\"lock_api\",\"mutex\",\"spin_mutex\",\"rwlock\",\"once\",\"lazy\",\"barrier\"],\"fair_mutex\":[\"mutex\"],\"lazy\":[\"once\"],\"lock_api\":[\"lock_api_crate\"],\"mutex\":[],\"once\":[],\"portable_atomic\":[\"portable-atomic\"],\"rwlock\":[],\"spin_mutex\":[\"mutex\"],\"std\":[],\"ticket_mutex\":[\"mutex\"],\"use_ticket_mutex\":[\"mutex\",\"ticket_mutex\"]}}", "spki_0.7.3": "{\"dependencies\":[{\"features\":[\"derive\"],\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.2\"},{\"default_features\":false,\"name\":\"base64ct\",\"optional\":true,\"req\":\"^1\"},{\"features\":[\"oid\"],\"name\":\"der\",\"req\":\"^0.7.2\"},{\"kind\":\"dev\",\"name\":\"hex-literal\",\"req\":\"^0.4\"},{\"default_features\":false,\"name\":\"sha2\",\"optional\":true,\"req\":\"^0.10\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"}],\"features\":{\"alloc\":[\"base64ct?/alloc\",\"der/alloc\"],\"arbitrary\":[\"std\",\"dep:arbitrary\",\"der/arbitrary\"],\"base64\":[\"dep:base64ct\"],\"fingerprint\":[\"sha2\"],\"pem\":[\"alloc\",\"der/pem\"],\"std\":[\"der/std\",\"alloc\"]}}", "sqlx-core_0.9.0": "{\"dependencies\":[{\"name\":\"async-fs\",\"optional\":true,\"req\":\"^2.1\"},{\"default_features\":false,\"features\":[\"async-io\"],\"name\":\"async-global-executor\",\"optional\":true,\"req\":\"^3.1\"},{\"name\":\"async-io\",\"optional\":true,\"req\":\"^2.4.1\"},{\"name\":\"async-std\",\"optional\":true,\"req\":\"^1.13\"},{\"name\":\"async-task\",\"optional\":true,\"req\":\"^4.7.1\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"base64\",\"req\":\"^0.22.1\"},{\"name\":\"bigdecimal\",\"optional\":true,\"req\":\"^0.4.0\"},{\"name\":\"bit-vec\",\"optional\":true,\"req\":\"^0.8\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"bstr\",\"optional\":true,\"req\":\"^1.0.1\"},{\"name\":\"bytes\",\"req\":\"^1.2.0\"},{\"name\":\"cfg-if\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"features\":[\"std\",\"clock\"],\"name\":\"chrono\",\"optional\":true,\"req\":\"^0.4.34\"},{\"name\":\"crc\",\"optional\":true,\"req\":\"^3\"},{\"name\":\"crossbeam-queue\",\"req\":\"^0.3.2\"},{\"name\":\"either\",\"req\":\"^1.6.1\"},{\"name\":\"event-listener\",\"req\":\"^5.2.0\"},{\"default_features\":false,\"name\":\"futures-core\",\"req\":\"^0.3.32\"},{\"name\":\"futures-intrusive\",\"req\":\"^0.5.0\"},{\"name\":\"futures-io\",\"req\":\"^0.3.32\"},{\"default_features\":false,\"features\":[\"alloc\",\"sink\",\"io\"],\"name\":\"futures-util\",\"req\":\"^0.3.32\"},{\"name\":\"hashbrown\",\"req\":\"^0.16.0\"},{\"name\":\"hashlink\",\"req\":\"^0.11.0\"},{\"name\":\"indexmap\",\"req\":\"^2.0\"},{\"name\":\"ipnet\",\"optional\":true,\"req\":\"^2.3.0\"},{\"name\":\"ipnetwork\",\"optional\":true,\"req\":\"^0.21.1\"},{\"default_features\":false,\"name\":\"log\",\"req\":\"^0.4.18\"},{\"name\":\"mac_address\",\"optional\":true,\"req\":\"^1.1.5\"},{\"default_features\":false,\"name\":\"memchr\",\"req\":\"^2.5.0\"},{\"name\":\"native-tls\",\"optional\":true,\"req\":\"^0.2.10\"},{\"name\":\"percent-encoding\",\"req\":\"^2.3.0\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"rust_decimal\",\"optional\":true,\"req\":\"^1.36.0\"},{\"default_features\":false,\"features\":[\"std\",\"tls12\"],\"name\":\"rustls\",\"optional\":true,\"req\":\"^0.23.24\"},{\"name\":\"rustls-native-certs\",\"optional\":true,\"req\":\"^0.8.0\"},{\"features\":[\"derive\",\"rc\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.219\"},{\"features\":[\"raw_value\"],\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.142\"},{\"default_features\":false,\"name\":\"sha2\",\"optional\":true,\"req\":\"^0.10.0\"},{\"name\":\"smallvec\",\"req\":\"^1.13.1\"},{\"default_features\":false,\"name\":\"smol\",\"optional\":true,\"req\":\"^2.0\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"thiserror\",\"req\":\"^2.0.18\"},{\"features\":[\"formatting\",\"parsing\",\"macros\"],\"name\":\"time\",\"optional\":true,\"req\":\"^0.3.47\"},{\"default_features\":false,\"features\":[\"time\",\"net\",\"sync\",\"fs\",\"io-util\",\"rt\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1.25.0\"},{\"features\":[\"rt\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.25.0\"},{\"features\":[\"fs\"],\"name\":\"tokio-stream\",\"optional\":true,\"req\":\"^0.1.8\"},{\"name\":\"toml\",\"optional\":true,\"req\":\"^0.8.16\"},{\"features\":[\"log\"],\"name\":\"tracing\",\"req\":\"^0.1.37\"},{\"name\":\"url\",\"req\":\"^2.2.2\"},{\"name\":\"uuid\",\"optional\":true,\"req\":\"^1.12.1\"},{\"name\":\"webpki-roots\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"_rt-async-global-executor\":[\"async-global-executor\",\"_rt-async-io\",\"_rt-async-task\"],\"_rt-async-io\":[\"async-io\",\"async-fs\"],\"_rt-async-std\":[\"async-std\",\"_rt-async-io\"],\"_rt-async-task\":[\"async-task\"],\"_rt-smol\":[\"smol\",\"_rt-async-io\",\"_rt-async-task\"],\"_rt-tokio\":[\"tokio\",\"tokio-stream\"],\"_tls-native-tls\":[\"native-tls\"],\"_tls-none\":[],\"_tls-rustls\":[\"rustls\"],\"_tls-rustls-aws-lc-rs\":[\"_tls-rustls\",\"rustls/aws-lc-rs\",\"webpki-roots\"],\"_tls-rustls-ring-native-roots\":[\"_tls-rustls\",\"rustls/ring\",\"rustls-native-certs\"],\"_tls-rustls-ring-webpki\":[\"_tls-rustls\",\"rustls/ring\",\"webpki-roots\"],\"_unstable-doc\":[\"sqlx-toml\"],\"any\":[],\"default\":[],\"json\":[\"serde\",\"serde_json\"],\"migrate\":[\"sha2\",\"crc\"],\"offline\":[\"serde\",\"either/serde\"],\"sqlx-toml\":[\"serde\",\"toml/parse\"]}}", @@ -1555,16 +1567,18 @@ "sqlx_0.9.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0.58\"},{\"features\":[\"attributes\"],\"kind\":\"dev\",\"name\":\"async-std\",\"req\":\"^1.13\"},{\"features\":[\"async_tokio\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5.1\"},{\"kind\":\"dev\",\"name\":\"dotenvy\",\"req\":\"^0.15.7\"},{\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.11\"},{\"default_features\":false,\"features\":[\"alloc\"],\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.32\"},{\"kind\":\"dev\",\"name\":\"hex\",\"req\":\"^0.4.3\"},{\"kind\":\"dev\",\"name\":\"libsqlite3-sys\",\"req\":\"^0.37.0\"},{\"features\":[\"bundled-sqlcipher\"],\"kind\":\"dev\",\"name\":\"libsqlite3-sys\",\"req\":\"^0.37.0\",\"target\":\"cfg(sqlite_test_sqlcipher)\"},{\"kind\":\"dev\",\"name\":\"paste\",\"req\":\"^1.0.6\"},{\"default_features\":false,\"features\":[\"thread_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.10.1\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.219\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.142\"},{\"features\":[\"migrate\"],\"name\":\"sqlx-core\",\"req\":\"=0.9.0\"},{\"name\":\"sqlx-macros\",\"optional\":true,\"req\":\"=0.9.0\"},{\"default_features\":false,\"name\":\"sqlx-mysql\",\"optional\":true,\"req\":\"=0.9.0\"},{\"name\":\"sqlx-postgres\",\"optional\":true,\"req\":\"=0.9.0\"},{\"name\":\"sqlx-sqlite\",\"optional\":true,\"req\":\"=0.9.0\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.10.1\"},{\"kind\":\"dev\",\"name\":\"time_\",\"package\":\"time\",\"req\":\"^0.3.47\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.25.0\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.53\"},{\"kind\":\"dev\",\"name\":\"url\",\"req\":\"^2.2.2\"}],\"features\":{\"_rt-async-global-executor\":[],\"_rt-async-std\":[],\"_rt-smol\":[],\"_rt-tokio\":[],\"_sqlite\":[],\"_unstable-all-types\":[\"bigdecimal\",\"rust_decimal\",\"json\",\"time\",\"chrono\",\"ipnet\",\"ipnetwork\",\"mac_address\",\"uuid\",\"bit-vec\",\"bstr\"],\"_unstable-docs\":[\"all-databases\",\"_unstable-all-types\",\"sqlx-sqlite/_unstable-docs\"],\"all-databases\":[\"mysql\",\"sqlite\",\"postgres\",\"any\"],\"any\":[\"sqlx-core/any\",\"sqlx-mysql?/any\",\"sqlx-postgres?/any\",\"sqlx-sqlite?/any\"],\"bigdecimal\":[\"sqlx-core/bigdecimal\",\"sqlx-macros?/bigdecimal\",\"sqlx-mysql?/bigdecimal\",\"sqlx-postgres?/bigdecimal\"],\"bit-vec\":[\"sqlx-core/bit-vec\",\"sqlx-macros?/bit-vec\",\"sqlx-postgres?/bit-vec\"],\"bstr\":[\"sqlx-core/bstr\"],\"chrono\":[\"sqlx-core/chrono\",\"sqlx-macros?/chrono\",\"sqlx-mysql?/chrono\",\"sqlx-postgres?/chrono\",\"sqlx-sqlite?/chrono\"],\"default\":[\"any\",\"macros\",\"migrate\",\"json\"],\"derive\":[\"sqlx-macros/derive\"],\"ipnet\":[\"sqlx-core/ipnet\",\"sqlx-macros?/ipnet\",\"sqlx-postgres?/ipnet\"],\"ipnetwork\":[\"sqlx-core/ipnetwork\",\"sqlx-macros?/ipnetwork\",\"sqlx-postgres?/ipnetwork\"],\"json\":[\"sqlx-core/json\",\"sqlx-macros?/json\",\"sqlx-mysql?/json\",\"sqlx-postgres?/json\",\"sqlx-sqlite?/json\"],\"mac_address\":[\"sqlx-core/mac_address\",\"sqlx-macros?/mac_address\",\"sqlx-postgres?/mac_address\"],\"macros\":[\"derive\",\"sqlx-macros/macros\",\"sqlx-core/offline\",\"sqlx-mysql?/offline\",\"sqlx-postgres?/offline\",\"sqlx-sqlite?/offline\"],\"migrate\":[\"sqlx-core/migrate\",\"sqlx-macros?/migrate\",\"sqlx-mysql?/migrate\",\"sqlx-postgres?/migrate\",\"sqlx-sqlite?/migrate\"],\"mysql\":[\"sqlx-mysql\",\"sqlx-macros?/mysql\"],\"mysql-rsa\":[\"mysql\",\"sqlx-mysql/rsa\",\"sqlx-macros?/mysql-rsa\"],\"postgres\":[\"sqlx-postgres\",\"sqlx-macros?/postgres\"],\"regexp\":[\"sqlx-sqlite?/regexp\"],\"runtime-async-global-executor\":[\"_rt-async-global-executor\",\"sqlx-core/_rt-async-global-executor\",\"sqlx-macros?/_rt-async-global-executor\"],\"runtime-async-std\":[\"_rt-async-std\",\"sqlx-core/_rt-async-std\",\"sqlx-macros?/_rt-async-std\"],\"runtime-smol\":[\"_rt-smol\",\"sqlx-core/_rt-smol\",\"sqlx-macros?/_rt-smol\"],\"runtime-tokio\":[\"_rt-tokio\",\"sqlx-core/_rt-tokio\",\"sqlx-macros?/_rt-tokio\"],\"rust_decimal\":[\"sqlx-core/rust_decimal\",\"sqlx-macros?/rust_decimal\",\"sqlx-mysql?/rust_decimal\",\"sqlx-postgres?/rust_decimal\"],\"sqlite\":[\"sqlite-bundled\",\"sqlite-deserialize\",\"sqlite-load-extension\",\"sqlite-unlock-notify\"],\"sqlite-bundled\":[\"_sqlite\",\"sqlx-sqlite/bundled\",\"sqlx-macros?/sqlite\"],\"sqlite-deserialize\":[\"sqlx-sqlite/deserialize\"],\"sqlite-load-extension\":[\"sqlx-sqlite/load-extension\",\"sqlx-macros?/sqlite-load-extension\"],\"sqlite-preupdate-hook\":[\"sqlx-sqlite/preupdate-hook\"],\"sqlite-unbundled\":[\"_sqlite\",\"sqlx-sqlite/unbundled\",\"sqlx-macros?/sqlite-unbundled\"],\"sqlite-unlock-notify\":[\"sqlx-sqlite/unlock-notify\"],\"sqlx-toml\":[\"sqlx-core/sqlx-toml\",\"sqlx-macros?/sqlx-toml\",\"sqlx-sqlite?/sqlx-toml\"],\"time\":[\"sqlx-core/time\",\"sqlx-macros?/time\",\"sqlx-mysql?/time\",\"sqlx-postgres?/time\",\"sqlx-sqlite?/time\"],\"tls-native-tls\":[\"sqlx-core/_tls-native-tls\",\"sqlx-macros?/_tls-native-tls\"],\"tls-none\":[],\"tls-rustls\":[\"tls-rustls-ring\"],\"tls-rustls-aws-lc-rs\":[\"sqlx-core/_tls-rustls-aws-lc-rs\",\"sqlx-macros?/_tls-rustls-aws-lc-rs\"],\"tls-rustls-ring\":[\"tls-rustls-ring-webpki\"],\"tls-rustls-ring-native-roots\":[\"sqlx-core/_tls-rustls-ring-native-roots\",\"sqlx-macros?/_tls-rustls-ring-native-roots\"],\"tls-rustls-ring-webpki\":[\"sqlx-core/_tls-rustls-ring-webpki\",\"sqlx-macros?/_tls-rustls-ring-webpki\"],\"uuid\":[\"sqlx-core/uuid\",\"sqlx-macros?/uuid\",\"sqlx-mysql?/uuid\",\"sqlx-postgres?/uuid\",\"sqlx-sqlite?/uuid\"]}}", "sse-stream_0.2.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1\"},{\"features\":[\"tracing\"],\"kind\":\"dev\",\"name\":\"axum\",\"req\":\"^0.8\"},{\"name\":\"bytes\",\"req\":\"^1\"},{\"name\":\"futures-util\",\"req\":\"^0.3\"},{\"name\":\"http-body\",\"req\":\"^1\"},{\"name\":\"http-body-util\",\"req\":\"^0.1\"},{\"features\":[\"client\",\"http1\"],\"kind\":\"dev\",\"name\":\"hyper\",\"req\":\"^1\"},{\"features\":[\"tokio\"],\"kind\":\"dev\",\"name\":\"hyper-util\",\"req\":\"^0.1\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2\"},{\"features\":[\"stream\"],\"kind\":\"dev\",\"name\":\"reqwest\",\"req\":\"^0.12\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"io\"],\"kind\":\"dev\",\"name\":\"tokio-util\",\"req\":\"^0.7\"},{\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"tracing\",\"req\":\"^0.1\"},{\"features\":[\"env-filter\",\"std\",\"fmt\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3\"}],\"features\":{\"default\":[],\"tracing\":[\"dep:tracing\"]}}", "stable_deref_trait_1.2.1": "{\"dependencies\":[],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"std\":[\"alloc\"]}}", - "starlark_0.13.0": "{\"dependencies\":[{\"features\":[\"bumpalo\",\"num-bigint\"],\"name\":\"allocative\",\"req\":\"^0.3.4\"},{\"name\":\"anyhow\",\"req\":\"^1.0.65\"},{\"name\":\"bumpalo\",\"req\":\"^3.8\"},{\"name\":\"cmp_any\",\"req\":\"^0.8.1\"},{\"name\":\"debugserver-types\",\"req\":\"^0.5.0\"},{\"name\":\"derivative\",\"req\":\"^2.2\"},{\"features\":[\"full\"],\"name\":\"derive_more\",\"req\":\"^1.0.0\"},{\"name\":\"display_container\",\"req\":\"^0.9.0\"},{\"name\":\"dupe\",\"req\":\"^0.9.0\"},{\"name\":\"either\",\"req\":\"^1.8\"},{\"name\":\"erased-serde\",\"req\":\"^0.3.12\"},{\"features\":[\"raw\"],\"name\":\"hashbrown\",\"req\":\"^0.14.3\"},{\"name\":\"inventory\",\"req\":\"^0.3.8\"},{\"name\":\"itertools\",\"req\":\"^0.13.0\"},{\"name\":\"maplit\",\"req\":\"^1.0.2\"},{\"name\":\"memoffset\",\"req\":\"^0.6.4\"},{\"name\":\"num-bigint\",\"req\":\"^0.4.3\"},{\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"name\":\"once_cell\",\"req\":\"^1.8\"},{\"name\":\"paste\",\"req\":\"^1.0\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.4\"},{\"name\":\"ref-cast\",\"req\":\"^1.0.18\"},{\"name\":\"regex\",\"req\":\"^1.5.4\"},{\"name\":\"rustyline\",\"req\":\"^14.0\",\"target\":\"cfg(not(target_arch = \\\"wasm32\\\"))\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0\"},{\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"starlark_derive\",\"req\":\"^0.13.0\"},{\"name\":\"starlark_map\",\"req\":\"^0.13.0\"},{\"name\":\"starlark_syntax\",\"req\":\"^0.13.0\"},{\"name\":\"static_assertions\",\"req\":\"^1.1.0\"},{\"name\":\"strsim\",\"req\":\"^0.10.0\"},{\"name\":\"textwrap\",\"req\":\"^0.11\"},{\"name\":\"thiserror\",\"req\":\"^1.0.36\"}],\"features\":{}}", - "starlark_derive_0.13.0": "{\"dependencies\":[{\"name\":\"dupe\",\"req\":\"^0.9.0\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0\"},{\"name\":\"quote\",\"req\":\"^1.0\"},{\"features\":[\"extra-traits\",\"full\",\"visit\",\"visit-mut\"],\"name\":\"syn\",\"req\":\"^2\"}],\"features\":{}}", - "starlark_map_0.13.0": "{\"dependencies\":[{\"features\":[\"hashbrown\"],\"name\":\"allocative\",\"req\":\"^0.3.4\"},{\"name\":\"dupe\",\"req\":\"^0.9.0\"},{\"name\":\"equivalent\",\"req\":\"^1.0.0\"},{\"name\":\"fxhash\",\"req\":\"^0.2.1\"},{\"features\":[\"raw\"],\"name\":\"hashbrown\",\"req\":\"^0.14.3\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.48\"}],\"features\":{}}", - "starlark_syntax_0.13.0": "{\"dependencies\":[{\"name\":\"allocative\",\"req\":\"^0.3.4\"},{\"name\":\"annotate-snippets\",\"req\":\"^0.9.0\"},{\"name\":\"anyhow\",\"req\":\"^1.0.65\"},{\"name\":\"derivative\",\"req\":\"^2.2\"},{\"features\":[\"full\"],\"name\":\"derive_more\",\"req\":\"^1.0.0\"},{\"name\":\"dupe\",\"req\":\"^0.9.0\"},{\"kind\":\"build\",\"name\":\"lalrpop\",\"req\":\"^0.19.7\"},{\"name\":\"lalrpop-util\",\"req\":\"^0.19.7\"},{\"name\":\"logos\",\"req\":\"^0.12\"},{\"name\":\"lsp-types\",\"req\":\"^0.94.1\"},{\"name\":\"memchr\",\"req\":\"^2.4.1\"},{\"name\":\"num-bigint\",\"req\":\"^0.4.3\"},{\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"name\":\"once_cell\",\"req\":\"^1.8\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"starlark_map\",\"req\":\"^0.13.0\"},{\"name\":\"thiserror\",\"req\":\"^1.0.36\"}],\"features\":{}}", + "starlark_0.14.2": "{\"dependencies\":[{\"features\":[\"bumpalo\",\"num-bigint\"],\"name\":\"allocative\",\"req\":\"^0.3.6\"},{\"name\":\"anyhow\",\"req\":\"^1.0.65\"},{\"features\":[\"default\",\"rayon\",\"std\",\"traits-preview\"],\"name\":\"blake3\",\"req\":\"=1.8.2\"},{\"name\":\"bumpalo\",\"req\":\"^3.8\"},{\"name\":\"cmp_any\",\"req\":\"^0.8.1\"},{\"name\":\"dashmap\",\"req\":\"^6.1.0\"},{\"name\":\"debugserver-types\",\"req\":\"^0.5.0\"},{\"name\":\"derivative\",\"req\":\"^2.2\"},{\"features\":[\"full\"],\"name\":\"derive_more\",\"req\":\"^1.0.0\"},{\"name\":\"display_container\",\"req\":\"^0.9.0\"},{\"name\":\"dupe\",\"req\":\"^0.9.1\"},{\"name\":\"either\",\"req\":\"^1.8\"},{\"name\":\"erased-serde\",\"req\":\"^0.3.12\"},{\"name\":\"hashbrown\",\"req\":\"^0.16.1\"},{\"name\":\"indexmap\",\"req\":\"^2.2\"},{\"name\":\"inventory\",\"req\":\"^0.3.8\"},{\"name\":\"itertools\",\"req\":\"^0.14.0\"},{\"name\":\"maplit\",\"req\":\"^1.0.2\"},{\"name\":\"memoffset\",\"req\":\"^0.9.1\"},{\"features\":[\"serde\"],\"name\":\"num-bigint\",\"req\":\"^0.4.6\"},{\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"name\":\"once_cell\",\"req\":\"^1.21.4\"},{\"name\":\"pagable\",\"req\":\"^0.4.1\"},{\"name\":\"paste\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.10\"},{\"name\":\"ref-cast\",\"req\":\"^1.0.18\"},{\"name\":\"regex\",\"req\":\"^1.5.4\"},{\"name\":\"rustyline\",\"req\":\"^14.0\",\"target\":\"cfg(not(target_arch = \\\"wasm32\\\"))\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0\"},{\"features\":[\"arbitrary_precision\"],\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"starlark_derive\",\"req\":\"=0.14.2\"},{\"features\":[\"pagable_dep\"],\"name\":\"starlark_map\",\"req\":\"^0.14.2\"},{\"name\":\"starlark_syntax\",\"req\":\"^0.14.2\"},{\"name\":\"static_assertions\",\"req\":\"^1.1.0\"},{\"name\":\"strong_hash\",\"req\":\"^0.1.0\"},{\"name\":\"strsim\",\"req\":\"^0.10.0\"},{\"name\":\"textwrap\",\"req\":\"^0.11\"},{\"name\":\"thiserror\",\"req\":\"^2.0.18\"}],\"features\":{\"default\":[],\"pagable\":[]}}", + "starlark_derive_0.14.2": "{\"dependencies\":[{\"name\":\"dupe\",\"req\":\"^0.9.1\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0\"},{\"name\":\"quote\",\"req\":\"^1.0\"},{\"features\":[\"extra-traits\",\"full\",\"visit\",\"visit-mut\"],\"name\":\"syn\",\"req\":\"^2\"}],\"features\":{}}", + "starlark_map_0.14.2": "{\"dependencies\":[{\"features\":[\"hashbrown\"],\"name\":\"allocative\",\"req\":\"^0.3.6\"},{\"name\":\"dupe\",\"req\":\"^0.9.1\"},{\"name\":\"equivalent\",\"req\":\"^1.0.2\"},{\"name\":\"fxhash\",\"req\":\"^0.2.1\"},{\"name\":\"hashbrown\",\"req\":\"^0.16.1\"},{\"name\":\"pagable\",\"optional\":true,\"req\":\"^0.4.1\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.48\"},{\"name\":\"strong_hash\",\"req\":\"^0.1.0\"}],\"features\":{\"default\":[],\"pagable_dep\":[\"dep:pagable\"]}}", + "starlark_syntax_0.14.2": "{\"dependencies\":[{\"name\":\"allocative\",\"req\":\"^0.3.6\"},{\"name\":\"annotate-snippets\",\"req\":\"^0.9.0\"},{\"name\":\"anyhow\",\"req\":\"^1.0.102\"},{\"name\":\"derivative\",\"req\":\"^2.2\"},{\"features\":[\"full\"],\"name\":\"derive_more\",\"req\":\"^1.0.0\"},{\"name\":\"dupe\",\"req\":\"^0.9.1\"},{\"name\":\"logos\",\"req\":\"^0.15\"},{\"name\":\"lsp-types\",\"req\":\"^0.97.0\"},{\"name\":\"memchr\",\"req\":\"^2.8.0\"},{\"features\":[\"serde\"],\"name\":\"num-bigint\",\"req\":\"^0.4.6\"},{\"name\":\"num-traits\",\"req\":\"^0.2\"},{\"name\":\"once_cell\",\"req\":\"^1.21.4\"},{\"name\":\"pagable\",\"req\":\"^0.4.1\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"starlark_map\",\"req\":\"^0.14.2\"},{\"name\":\"thiserror\",\"req\":\"^2.0.18\"}],\"features\":{}}", "static_assertions_1.1.0": "{\"dependencies\":[],\"features\":{\"nightly\":[]}}", + "static_interner_0.1.2": "{\"dependencies\":[{\"features\":[\"anyhow\",\"bumpalo\",\"dashmap\",\"either\",\"futures\",\"hashbrown\",\"indexmap\",\"num-bigint\",\"once_cell\",\"parking_lot\",\"prost-types\",\"relative-path\",\"serde_json\",\"slab\",\"smallvec\",\"compact_str\",\"sorted_vector_map\",\"tokio\",\"triomphe\"],\"name\":\"allocative\",\"optional\":true,\"req\":\"^0.3.1\"},{\"name\":\"dupe\",\"optional\":true,\"req\":\"^0.9.0\"},{\"name\":\"equivalent\",\"req\":\"^1.0.2\"},{\"name\":\"lock_free_hashtable\",\"req\":\"^0.1.0\"},{\"features\":[\"num-bigint\",\"triomphe\"],\"name\":\"strong_hash\",\"optional\":true,\"req\":\"^0.1.0\"}],\"features\":{\"allocative\":[\"dep:allocative\"],\"default\":[],\"dupe\":[\"dep:dupe\"],\"strong_hash\":[\"dep:strong_hash\"]}}", "stop-words_0.9.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"human_regex\",\"req\":\"^0.3.0\"},{\"kind\":\"build\",\"name\":\"serde_json\",\"req\":\"^1\"}],\"features\":{\"constructed\":[],\"default\":[\"iso\"],\"iso\":[],\"nltk\":[],\"unimplemented\":[]}}", "strck_1.0.0": "{\"dependencies\":[{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"smol_str\",\"req\":\"^0.3\"},{\"name\":\"unicode-ident\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"ident\":[\"dep:unicode-ident\"]}}", "streaming-iterator_0.1.9": "{\"dependencies\":[],\"features\":{\"alloc\":[],\"std\":[\"alloc\"]}}", - "string_cache_0.8.9": "{\"dependencies\":[{\"default_features\":false,\"name\":\"malloc_size_of\",\"optional\":true,\"req\":\"^0.1\"},{\"name\":\"new_debug_unreachable\",\"req\":\"^1.0.2\"},{\"name\":\"parking_lot\",\"req\":\"^0.12\"},{\"name\":\"phf_shared\",\"req\":\"^0.11\"},{\"name\":\"precomputed-hash\",\"req\":\"^0.1\"},{\"name\":\"serde\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"default\":[\"serde_support\"],\"serde_support\":[\"serde\"]}}", "stringprep_0.1.5": "{\"dependencies\":[{\"name\":\"unicode-bidi\",\"req\":\"^0.3\"},{\"name\":\"unicode-normalization\",\"req\":\"^0.1\"},{\"name\":\"unicode-properties\",\"req\":\"^0.1.1\"}],\"features\":{}}", + "strong_hash_0.1.0": "{\"dependencies\":[{\"name\":\"num-bigint\",\"optional\":true,\"req\":\"^0.4.3\"},{\"name\":\"ref-cast\",\"req\":\"^1.0.18\"},{\"name\":\"strong_hash_derive\",\"req\":\"^0.1.0\"},{\"name\":\"triomphe\",\"optional\":true,\"req\":\"^0.1.8\"}],\"features\":{}}", + "strong_hash_derive_0.1.0": "{\"dependencies\":[{\"name\":\"quote\",\"req\":\"^1.0.44\"},{\"features\":[\"extra-traits\",\"full\",\"visit\"],\"name\":\"syn\",\"req\":\"^2.0.110\"}],\"features\":{}}", "strsim_0.10.0": "{\"dependencies\":[],\"features\":{}}", "strsim_0.11.1": "{\"dependencies\":[],\"features\":{}}", "strum_0.26.3": "{\"dependencies\":[{\"features\":[\"macros\"],\"name\":\"phf\",\"optional\":true,\"req\":\"^0.10\"},{\"name\":\"strum_macros\",\"optional\":true,\"req\":\"^0.26.3\"},{\"kind\":\"dev\",\"name\":\"strum_macros\",\"req\":\"^0.26\"}],\"features\":{\"default\":[\"std\"],\"derive\":[\"strum_macros\"],\"std\":[]}}", @@ -1576,7 +1590,6 @@ "supports-color_2.1.0": "{\"dependencies\":[{\"name\":\"is-terminal\",\"req\":\"^0.4.0\"},{\"name\":\"is_ci\",\"req\":\"^1.1.1\"}],\"features\":{}}", "supports-color_3.0.2": "{\"dependencies\":[{\"name\":\"is_ci\",\"req\":\"^1.2.0\"}],\"features\":{}}", "syn_1.0.109": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"automod\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"flate2\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"proc-macro2\",\"req\":\"^1.0.46\"},{\"default_features\":false,\"name\":\"quote\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"ref-cast\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1.0\"},{\"features\":[\"blocking\"],\"kind\":\"dev\",\"name\":\"reqwest\",\"req\":\"^0.11\"},{\"kind\":\"dev\",\"name\":\"syn-test-suite\",\"req\":\"^0\"},{\"kind\":\"dev\",\"name\":\"tar\",\"req\":\"^0.4.16\"},{\"kind\":\"dev\",\"name\":\"termcolor\",\"req\":\"^1.0\"},{\"name\":\"unicode-ident\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.1\"}],\"features\":{\"clone-impls\":[],\"default\":[\"derive\",\"parsing\",\"printing\",\"clone-impls\",\"proc-macro\"],\"derive\":[],\"extra-traits\":[],\"fold\":[],\"full\":[],\"parsing\":[],\"printing\":[\"quote\"],\"proc-macro\":[\"proc-macro2/proc-macro\",\"quote/proc-macro\"],\"test\":[\"syn-test-suite/all-features\"],\"visit\":[],\"visit-mut\":[]}}", - "syn_2.0.114": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"automod\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"flate2\",\"req\":\"^1\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1\"},{\"default_features\":false,\"name\":\"proc-macro2\",\"req\":\"^1.0.91\"},{\"default_features\":false,\"name\":\"quote\",\"optional\":true,\"req\":\"^1.0.35\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"ref-cast\",\"req\":\"^1\"},{\"features\":[\"blocking\"],\"kind\":\"dev\",\"name\":\"reqwest\",\"req\":\"^0.13\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"syn-test-suite\",\"req\":\"^0\"},{\"kind\":\"dev\",\"name\":\"tar\",\"req\":\"^0.4.16\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"termcolor\",\"req\":\"^1\"},{\"name\":\"unicode-ident\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.3.2\",\"target\":\"cfg(not(miri))\"}],\"features\":{\"clone-impls\":[],\"default\":[\"derive\",\"parsing\",\"printing\",\"clone-impls\",\"proc-macro\"],\"derive\":[],\"extra-traits\":[],\"fold\":[],\"full\":[],\"parsing\":[],\"printing\":[\"dep:quote\"],\"proc-macro\":[\"proc-macro2/proc-macro\",\"quote?/proc-macro\"],\"test\":[\"syn-test-suite/all-features\"],\"visit\":[],\"visit-mut\":[]}}", "syn_2.0.117": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"anyhow\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"automod\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"flate2\",\"req\":\"^1\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1\"},{\"default_features\":false,\"name\":\"proc-macro2\",\"req\":\"^1.0.91\"},{\"default_features\":false,\"name\":\"quote\",\"optional\":true,\"req\":\"^1.0.35\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"ref-cast\",\"req\":\"^1\"},{\"features\":[\"blocking\"],\"kind\":\"dev\",\"name\":\"reqwest\",\"req\":\"^0.13\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"syn-test-suite\",\"req\":\"^0\"},{\"kind\":\"dev\",\"name\":\"tar\",\"req\":\"^0.4.16\",\"target\":\"cfg(not(miri))\"},{\"kind\":\"dev\",\"name\":\"termcolor\",\"req\":\"^1\"},{\"name\":\"unicode-ident\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.3.2\",\"target\":\"cfg(not(miri))\"}],\"features\":{\"clone-impls\":[],\"default\":[\"derive\",\"parsing\",\"printing\",\"clone-impls\",\"proc-macro\"],\"derive\":[],\"extra-traits\":[],\"fold\":[],\"full\":[],\"parsing\":[],\"printing\":[\"dep:quote\"],\"proc-macro\":[\"proc-macro2/proc-macro\",\"quote?/proc-macro\"],\"test\":[\"syn-test-suite/all-features\"],\"visit\":[],\"visit-mut\":[]}}", "sync_wrapper_1.0.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-core\",\"optional\":true,\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"pin-project-lite\",\"req\":\"^0.2.7\"}],\"features\":{\"futures\":[\"futures-core\"]}}", "synstructure_0.13.2": "{\"dependencies\":[{\"default_features\":false,\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"default_features\":false,\"name\":\"quote\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"derive\",\"parsing\",\"printing\",\"clone-impls\",\"visit\",\"extra-traits\"],\"name\":\"syn\",\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"synstructure_test_traits\",\"req\":\"^0.1\"}],\"features\":{\"default\":[\"proc-macro\"],\"proc-macro\":[\"proc-macro2/proc-macro\",\"syn/proc-macro\",\"quote/proc-macro\"]}}", @@ -1586,6 +1599,7 @@ "system-configuration_0.7.0": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2\"},{\"name\":\"core-foundation\",\"req\":\"^0.9\"},{\"name\":\"system-configuration-sys\",\"req\":\"^0.6\"}],\"features\":{}}", "system-deps_7.0.7": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"assert_matches\",\"req\":\"^1.5\"},{\"features\":[\"targets\"],\"name\":\"cfg-expr\",\"req\":\">=0.17, <0.21\"},{\"name\":\"heck\",\"req\":\"^0.5\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.14\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1\"},{\"name\":\"pkg-config\",\"req\":\"^0.3.25\"},{\"default_features\":false,\"features\":[\"parse\",\"std\"],\"name\":\"toml\",\"req\":\"^0.9\"},{\"name\":\"version-compare\",\"req\":\"^0.2\"}],\"features\":{}}", "tagptr_0.2.0": "{\"dependencies\":[],\"features\":{}}", + "take_mut_0.2.2": "{\"dependencies\":[],\"features\":{}}", "tar_0.4.44": "{\"dependencies\":[{\"name\":\"filetime\",\"req\":\"^0.2.8\"},{\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"},{\"name\":\"xattr\",\"optional\":true,\"req\":\"^1.1.3\",\"target\":\"cfg(unix)\"}],\"features\":{\"default\":[\"xattr\"]}}", "tar_0.4.45": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"astral-tokio-tar\",\"req\":\"^0.5\"},{\"name\":\"filetime\",\"req\":\"^0.2.8\"},{\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(unix)\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"},{\"features\":[\"macros\",\"rt\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tokio-stream\",\"req\":\"^0.1\"},{\"name\":\"xattr\",\"optional\":true,\"req\":\"^1.1.3\",\"target\":\"cfg(unix)\"}],\"features\":{\"default\":[\"xattr\"]}}", "target-lexicon_0.13.3": "{\"dependencies\":[{\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"arch_z80\":[],\"arch_zkasm\":[],\"default\":[],\"serde_support\":[\"serde\",\"std\"],\"std\":[]}}", @@ -1614,7 +1628,6 @@ "time-macros_0.2.27": "{\"dependencies\":[{\"name\":\"num-conv\",\"req\":\"^0.2.0\"},{\"name\":\"time-core\",\"req\":\"=0.1.8\"}],\"features\":{\"formatting\":[],\"large-dates\":[],\"parsing\":[],\"serde\":[]}}", "time_0.3.47": "{\"dependencies\":[{\"default_features\":false,\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.8.1\",\"target\":\"cfg(bench)\"},{\"features\":[\"powerfmt\"],\"name\":\"deranged\",\"req\":\"^0.5.2\"},{\"name\":\"itoa\",\"optional\":true,\"req\":\"^1.0.1\"},{\"name\":\"js-sys\",\"optional\":true,\"req\":\"^0.3.58\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(any(target_os = \\\"emscripten\\\", target_os = \\\"wasi\\\"))))\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.98\",\"target\":\"cfg(target_family = \\\"unix\\\")\"},{\"name\":\"num-conv\",\"req\":\"^0.2.0\"},{\"kind\":\"dev\",\"name\":\"num-conv\",\"req\":\"^0.2.0\"},{\"name\":\"num_threads\",\"optional\":true,\"req\":\"^0.1.2\",\"target\":\"cfg(target_family = \\\"unix\\\")\"},{\"default_features\":false,\"name\":\"powerfmt\",\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"quickcheck\",\"optional\":true,\"req\":\"^1.0.3\"},{\"kind\":\"dev\",\"name\":\"quickcheck_macros\",\"req\":\"^1.0.0\"},{\"default_features\":false,\"name\":\"rand08\",\"optional\":true,\"package\":\"rand\",\"req\":\"^0.8.4\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"rand08\",\"package\":\"rand\",\"req\":\"^0.8.4\"},{\"default_features\":false,\"name\":\"rand09\",\"optional\":true,\"package\":\"rand\",\"req\":\"^0.9.2\"},{\"default_features\":false,\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand09\",\"package\":\"rand\",\"req\":\"^0.9.2\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"rstest\",\"req\":\"^0.26.1\"},{\"kind\":\"dev\",\"name\":\"rstest_reuse\",\"req\":\"^0.7.0\"},{\"default_features\":false,\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.184\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.68\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0.126\"},{\"name\":\"time-core\",\"req\":\"=0.1.8\"},{\"name\":\"time-macros\",\"optional\":true,\"req\":\"=0.2.27\"},{\"kind\":\"dev\",\"name\":\"time-macros\",\"req\":\"=0.2.27\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.102\",\"target\":\"cfg(__ui_tests)\"}],\"features\":{\"alloc\":[\"serde_core?/alloc\"],\"default\":[\"std\"],\"formatting\":[\"dep:itoa\",\"std\",\"time-macros?/formatting\"],\"large-dates\":[\"time-core/large-dates\",\"time-macros?/large-dates\"],\"local-offset\":[\"std\",\"dep:libc\",\"dep:num_threads\"],\"macros\":[\"dep:time-macros\"],\"parsing\":[\"time-macros?/parsing\"],\"quickcheck\":[\"dep:quickcheck\",\"alloc\",\"deranged/quickcheck\"],\"rand\":[\"rand08\",\"rand09\"],\"rand08\":[\"dep:rand08\",\"deranged/rand08\"],\"rand09\":[\"dep:rand09\",\"deranged/rand09\"],\"serde\":[\"dep:serde_core\",\"time-macros?/serde\",\"deranged/serde\"],\"serde-human-readable\":[\"serde\",\"formatting\",\"parsing\"],\"serde-well-known\":[\"serde\",\"formatting\",\"parsing\"],\"std\":[\"alloc\"],\"wasm-bindgen\":[\"dep:js-sys\"]}}", "timezone_provider_0.2.3": "{\"dependencies\":[{\"name\":\"combine\",\"optional\":true,\"req\":\"^4.6.7\"},{\"features\":[\"derive\"],\"name\":\"databake\",\"optional\":true,\"req\":\"^0.2.0\"},{\"features\":[\"compiled_data\"],\"kind\":\"dev\",\"name\":\"icu_time\",\"req\":\"^2\"},{\"name\":\"jiff-tzdb\",\"optional\":true,\"req\":\"^0.1.4\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0.225\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0.145\"},{\"features\":[\"zerovec\"],\"name\":\"tinystr\",\"req\":\"^0.8.0\"},{\"name\":\"tzif\",\"optional\":true,\"req\":\"^0.4.0\"},{\"features\":[\"derive\"],\"name\":\"yoke\",\"optional\":true,\"req\":\"^0.8.0\"},{\"name\":\"zerofrom\",\"optional\":true,\"req\":\"^0.1.6\"},{\"name\":\"zerotrie\",\"req\":\"^0.2.0\"},{\"features\":[\"derive\",\"alloc\"],\"name\":\"zerovec\",\"req\":\"^0.11.0\"},{\"name\":\"zoneinfo64\",\"optional\":true,\"req\":\"^0.3.0\"},{\"default_features\":false,\"features\":[\"std\",\"unstable\"],\"name\":\"zoneinfo_rs\",\"optional\":true,\"req\":\"^0.1.0\"}],\"features\":{\"datagen\":[\"std\",\"dep:serde\",\"dep:databake\",\"dep:yoke\",\"dep:serde_json\",\"tinystr/serde\",\"tinystr/databake\",\"zerotrie/serde\",\"zerotrie/databake\",\"zerovec/serde\",\"zerovec/databake\",\"zerovec/derive\",\"dep:zoneinfo_rs\",\"experimental_tzif\"],\"default\":[],\"experimental_tzif\":[\"dep:zerofrom\",\"zerofrom/derive\"],\"std\":[],\"tzif\":[\"dep:tzif\",\"dep:jiff-tzdb\",\"dep:combine\",\"std\"],\"zoneinfo64\":[\"dep:zoneinfo64\"]}}", - "tiny-keccak_2.0.2": "{\"dependencies\":[{\"name\":\"crunchy\",\"req\":\"^0.2.2\"}],\"features\":{\"cshake\":[],\"default\":[],\"fips202\":[\"keccak\",\"shake\",\"sha3\"],\"k12\":[],\"keccak\":[],\"kmac\":[\"cshake\"],\"parallel_hash\":[\"cshake\"],\"sha3\":[],\"shake\":[],\"sp800\":[\"cshake\",\"kmac\",\"tuple_hash\"],\"tuple_hash\":[\"cshake\"]}}", "tiny_http_0.12.0": "{\"dependencies\":[{\"name\":\"ascii\",\"req\":\"^1.0\"},{\"name\":\"chunked_transfer\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"fdlimit\",\"req\":\"^0.1\"},{\"name\":\"httpdate\",\"req\":\"^1.0.2\"},{\"name\":\"log\",\"req\":\"^0.4.4\"},{\"name\":\"openssl\",\"optional\":true,\"req\":\"^0.10\"},{\"kind\":\"dev\",\"name\":\"rustc-serialize\",\"req\":\"^0.3\"},{\"name\":\"rustls\",\"optional\":true,\"req\":\"^0.20\"},{\"name\":\"rustls-pemfile\",\"optional\":true,\"req\":\"^0.2.1\"},{\"kind\":\"dev\",\"name\":\"sha1\",\"req\":\"^0.6.0\"},{\"name\":\"zeroize\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"default\":[],\"ssl\":[\"ssl-openssl\"],\"ssl-openssl\":[\"openssl\",\"zeroize\"],\"ssl-rustls\":[\"rustls\",\"rustls-pemfile\",\"zeroize\"]}}", "tinystr_0.8.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.3.1\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5.0\",\"target\":\"cfg(not(target_arch = \\\"wasm32\\\"))\"},{\"default_features\":false,\"name\":\"databake\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"displaydoc\",\"req\":\"^0.2.3\"},{\"default_features\":false,\"features\":[\"use-std\"],\"kind\":\"dev\",\"name\":\"postcard\",\"req\":\"^1.0.3\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"features\":[\"alloc\"],\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.45\"},{\"default_features\":false,\"name\":\"zerovec\",\"optional\":true,\"req\":\"^0.11.3\"}],\"features\":{\"alloc\":[\"serde_core?/alloc\",\"zerovec?/alloc\"],\"databake\":[\"dep:databake\"],\"default\":[\"alloc\"],\"serde\":[\"dep:serde_core\"],\"std\":[],\"zerovec\":[\"dep:zerovec\"]}}", "tinystr_0.8.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bincode\",\"req\":\"^1.3.1\"},{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.5.0\",\"target\":\"cfg(not(target_arch = \\\"wasm32\\\"))\"},{\"default_features\":false,\"name\":\"databake\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"displaydoc\",\"req\":\"^0.2.3\"},{\"default_features\":false,\"features\":[\"use-std\"],\"kind\":\"dev\",\"name\":\"postcard\",\"req\":\"^1.0.3\"},{\"features\":[\"small_rng\"],\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.220\"},{\"features\":[\"alloc\"],\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.45\"},{\"default_features\":false,\"name\":\"zerovec\",\"optional\":true,\"req\":\"^0.11.6\"}],\"features\":{\"alloc\":[\"serde_core?/alloc\",\"zerovec?/alloc\"],\"databake\":[\"dep:databake\"],\"default\":[\"alloc\"],\"serde\":[\"dep:serde_core\"],\"std\":[],\"zerovec\":[\"dep:zerovec\"]}}", @@ -1622,7 +1635,7 @@ "tinyvec_macros_0.1.1": "{\"dependencies\":[],\"features\":{}}", "tokio-graceful_0.2.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bytes\",\"req\":\"^1\",\"target\":\"cfg(not(loom))\"},{\"kind\":\"dev\",\"name\":\"http-body-util\",\"req\":\"^0.1\",\"target\":\"cfg(not(loom))\"},{\"features\":[\"server\",\"http1\",\"http2\"],\"kind\":\"dev\",\"name\":\"hyper\",\"req\":\"^1.0.1\",\"target\":\"cfg(not(loom))\"},{\"features\":[\"server\",\"server-auto\",\"http1\",\"http2\",\"tokio\"],\"kind\":\"dev\",\"name\":\"hyper-util\",\"req\":\"^0.1.1\",\"target\":\"cfg(not(loom))\"},{\"features\":[\"futures\",\"checkpoint\"],\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8\"},{\"name\":\"slab\",\"req\":\"^0.4\"},{\"features\":[\"rt\",\"signal\",\"sync\",\"macros\",\"time\"],\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"net\",\"rt-multi-thread\",\"io-util\",\"test-util\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"name\":\"tracing\",\"req\":\"^0.1\"},{\"features\":[\"env-filter\"],\"kind\":\"dev\",\"name\":\"tracing-subscriber\",\"req\":\"^0.3\"}],\"features\":{}}", "tokio-macros_2.4.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"name\":\"quote\",\"req\":\"^1\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.0\"}],\"features\":{}}", - "tokio-macros_2.6.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"name\":\"quote\",\"req\":\"^1\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.0\"}],\"features\":{}}", + "tokio-macros_2.7.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1.0.60\"},{\"name\":\"quote\",\"req\":\"^1\"},{\"features\":[\"full\"],\"name\":\"syn\",\"req\":\"^2.0\"},{\"features\":[\"full\",\"test-util\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.0\"}],\"features\":{}}", "tokio-native-tls_0.3.1": "{\"dependencies\":[{\"name\":\"native-tls\",\"req\":\"^0.2\"},{\"name\":\"tokio\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"cfg-if\",\"req\":\"^0.1\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.6\"},{\"features\":[\"async-await\"],\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.4.0\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1\"},{\"features\":[\"macros\",\"rt\",\"rt-multi-thread\",\"io-util\",\"net\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio-util\",\"req\":\"^0.6.0\"},{\"kind\":\"dev\",\"name\":\"openssl\",\"req\":\"^0.10\",\"target\":\"cfg(all(not(target_os = \\\"macos\\\"), not(windows), not(target_os = \\\"ios\\\")))\"},{\"kind\":\"dev\",\"name\":\"security-framework\",\"req\":\"^0.2\",\"target\":\"cfg(any(target_os = \\\"macos\\\", target_os = \\\"ios\\\"))\"},{\"kind\":\"dev\",\"name\":\"schannel\",\"req\":\"^0.1\",\"target\":\"cfg(windows)\"},{\"features\":[\"lmcons\",\"basetsd\",\"minwinbase\",\"minwindef\",\"ntdef\",\"sysinfoapi\",\"timezoneapi\",\"wincrypt\",\"winerror\"],\"kind\":\"dev\",\"name\":\"winapi\",\"req\":\"^0.3\",\"target\":\"cfg(windows)\"}],\"features\":{\"vendored\":[\"native-tls/vendored\"]}}", "tokio-rustls_0.26.4": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"argh\",\"req\":\"^0.1.1\"},{\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.1\"},{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1.1\"},{\"features\":[\"pem\"],\"kind\":\"dev\",\"name\":\"rcgen\",\"req\":\"^0.14\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"rustls\",\"req\":\"^0.23.27\"},{\"name\":\"tokio\",\"req\":\"^1.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"webpki-roots\",\"req\":\"^1\"}],\"features\":{\"aws-lc-rs\":[\"aws_lc_rs\"],\"aws_lc_rs\":[\"rustls/aws_lc_rs\"],\"brotli\":[\"rustls/brotli\"],\"default\":[\"logging\",\"tls12\",\"aws_lc_rs\"],\"early-data\":[],\"fips\":[\"rustls/fips\"],\"logging\":[\"rustls/logging\"],\"ring\":[\"rustls/ring\"],\"tls12\":[\"rustls/tls12\"],\"zlib\":[\"rustls/zlib\"]}}", "tokio-stream_0.1.15": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3\"},{\"default_features\":false,\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3\"},{\"name\":\"futures-core\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"parking_lot\",\"req\":\"^0.12.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.11\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"req\":\"^1.15.0\"},{\"features\":[\"full\",\"test-util\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.2.0\"},{\"name\":\"tokio-util\",\"optional\":true,\"req\":\"^0.7.0\"}],\"features\":{\"default\":[\"time\"],\"fs\":[\"tokio/fs\"],\"full\":[\"time\",\"net\",\"io-util\",\"fs\",\"sync\",\"signal\"],\"io-util\":[\"tokio/io-util\"],\"net\":[\"tokio/net\"],\"signal\":[\"tokio/signal\"],\"sync\":[\"tokio/sync\",\"tokio-util\"],\"time\":[\"tokio/time\"]}}", @@ -1631,7 +1644,7 @@ "tokio-util_0.7.17": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3.0\"},{\"name\":\"bytes\",\"req\":\"^1.5.0\"},{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.0\"},{\"name\":\"futures-core\",\"req\":\"^0.3.0\"},{\"name\":\"futures-io\",\"optional\":true,\"req\":\"^0.3.0\"},{\"name\":\"futures-sink\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"futures-test\",\"req\":\"^0.3.5\"},{\"name\":\"futures-util\",\"optional\":true,\"req\":\"^0.3.0\"},{\"default_features\":false,\"name\":\"hashbrown\",\"optional\":true,\"req\":\"^0.15.0\"},{\"kind\":\"dev\",\"name\":\"parking_lot\",\"req\":\"^0.12.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.11\"},{\"name\":\"slab\",\"optional\":true,\"req\":\"^0.4.4\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"req\":\"^1.28.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"tokio-stream\",\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1.29\"}],\"features\":{\"__docs_rs\":[\"futures-util\"],\"codec\":[],\"compat\":[\"futures-io\"],\"default\":[],\"full\":[\"codec\",\"compat\",\"io-util\",\"time\",\"net\",\"rt\",\"join-map\"],\"io\":[],\"io-util\":[\"io\",\"tokio/rt\",\"tokio/io-util\"],\"join-map\":[\"rt\",\"hashbrown\"],\"net\":[\"tokio/net\"],\"rt\":[\"tokio/rt\",\"tokio/sync\",\"futures-util\"],\"time\":[\"tokio/time\",\"slab\"]}}", "tokio-util_0.7.18": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3.0\"},{\"name\":\"bytes\",\"req\":\"^1.5.0\"},{\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.0\"},{\"name\":\"futures-core\",\"req\":\"^0.3.0\"},{\"name\":\"futures-io\",\"optional\":true,\"req\":\"^0.3.0\"},{\"name\":\"futures-sink\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"futures-test\",\"req\":\"^0.3.5\"},{\"name\":\"futures-util\",\"optional\":true,\"req\":\"^0.3.0\"},{\"default_features\":false,\"name\":\"hashbrown\",\"optional\":true,\"req\":\"^0.15.0\"},{\"features\":[\"futures\",\"checkpoint\"],\"kind\":\"dev\",\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"kind\":\"dev\",\"name\":\"parking_lot\",\"req\":\"^0.12.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.11\"},{\"name\":\"slab\",\"optional\":true,\"req\":\"^0.4.4\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"req\":\"^1.44.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"tokio-stream\",\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1.29\"}],\"features\":{\"__docs_rs\":[\"futures-util\"],\"codec\":[],\"compat\":[\"futures-io\"],\"default\":[],\"full\":[\"codec\",\"compat\",\"io-util\",\"time\",\"net\",\"rt\",\"join-map\"],\"io\":[],\"io-util\":[\"io\",\"tokio/rt\",\"tokio/io-util\"],\"join-map\":[\"rt\",\"hashbrown\"],\"net\":[\"tokio/net\"],\"rt\":[\"tokio/rt\",\"tokio/sync\",\"futures-util\"],\"time\":[\"tokio/time\",\"slab\"]}}", "tokio_1.39.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3\"},{\"name\":\"backtrace\",\"req\":\"^0.3.58\",\"target\":\"cfg(tokio_taskdump)\"},{\"name\":\"bytes\",\"optional\":true,\"req\":\"^1.0.0\"},{\"features\":[\"async-await\"],\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.0\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.149\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.149\",\"target\":\"cfg(unix)\"},{\"features\":[\"futures\",\"checkpoint\"],\"kind\":\"dev\",\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"default_features\":false,\"name\":\"mio\",\"optional\":true,\"req\":\"^1.0.1\"},{\"features\":[\"tokio\"],\"kind\":\"dev\",\"name\":\"mio-aio\",\"req\":\"^0.9.0\",\"target\":\"cfg(target_os = \\\"freebsd\\\")\"},{\"kind\":\"dev\",\"name\":\"mockall\",\"req\":\"^0.11.1\"},{\"default_features\":false,\"features\":[\"aio\",\"fs\",\"socket\"],\"kind\":\"dev\",\"name\":\"nix\",\"req\":\"^0.29.0\",\"target\":\"cfg(unix)\"},{\"name\":\"parking_lot\",\"optional\":true,\"req\":\"^0.12.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.11\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.8.0\",\"target\":\"cfg(not(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\")))\"},{\"name\":\"signal-hook-registry\",\"optional\":true,\"req\":\"^1.1.1\",\"target\":\"cfg(unix)\"},{\"features\":[\"all\"],\"name\":\"socket2\",\"optional\":true,\"req\":\"^0.5.5\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"socket2\",\"req\":\"^0.5.5\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"name\":\"tokio-macros\",\"optional\":true,\"req\":\"~2.4.0\"},{\"kind\":\"dev\",\"name\":\"tokio-stream\",\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4.0\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1.25\",\"target\":\"cfg(tokio_unstable)\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3.0\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(target_os = \\\"wasi\\\")))\"},{\"name\":\"windows-sys\",\"optional\":true,\"req\":\"^0.52\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Security_Authorization\"],\"kind\":\"dev\",\"name\":\"windows-sys\",\"req\":\"^0.52\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[],\"fs\":[],\"full\":[\"fs\",\"io-util\",\"io-std\",\"macros\",\"net\",\"parking_lot\",\"process\",\"rt\",\"rt-multi-thread\",\"signal\",\"sync\",\"time\"],\"io-std\":[],\"io-util\":[\"bytes\"],\"macros\":[\"tokio-macros\"],\"net\":[\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"mio/net\",\"socket2\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_Security\",\"windows-sys/Win32_Storage_FileSystem\",\"windows-sys/Win32_System_Pipes\",\"windows-sys/Win32_System_SystemServices\"],\"process\":[\"bytes\",\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"mio/net\",\"signal-hook-registry\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_System_Threading\",\"windows-sys/Win32_System_WindowsProgramming\"],\"rt\":[],\"rt-multi-thread\":[\"rt\"],\"signal\":[\"libc\",\"mio/os-poll\",\"mio/net\",\"mio/os-ext\",\"signal-hook-registry\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_System_Console\"],\"sync\":[],\"test-util\":[\"rt\",\"sync\",\"time\"],\"time\":[]}}", - "tokio_1.49.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3\"},{\"name\":\"backtrace\",\"optional\":true,\"req\":\"^0.3.58\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"name\":\"bytes\",\"optional\":true,\"req\":\"^1.2.1\"},{\"features\":[\"async-await\"],\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"futures-concurrency\",\"req\":\"^7.6.3\"},{\"kind\":\"dev\",\"name\":\"futures-test\",\"req\":\"^0.3.31\"},{\"default_features\":false,\"name\":\"io-uring\",\"optional\":true,\"req\":\"^0.7.6\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.168\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.168\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.168\",\"target\":\"cfg(unix)\"},{\"features\":[\"futures\",\"checkpoint\"],\"kind\":\"dev\",\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"default_features\":false,\"name\":\"mio\",\"optional\":true,\"req\":\"^1.0.1\"},{\"default_features\":false,\"features\":[\"os-poll\",\"os-ext\"],\"name\":\"mio\",\"optional\":true,\"req\":\"^1.0.1\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"features\":[\"tokio\"],\"kind\":\"dev\",\"name\":\"mio-aio\",\"req\":\"^1\",\"target\":\"cfg(target_os = \\\"freebsd\\\")\"},{\"kind\":\"dev\",\"name\":\"mockall\",\"req\":\"^0.13.0\"},{\"default_features\":false,\"features\":[\"aio\",\"fs\",\"socket\"],\"kind\":\"dev\",\"name\":\"nix\",\"req\":\"^0.29.0\",\"target\":\"cfg(unix)\"},{\"name\":\"parking_lot\",\"optional\":true,\"req\":\"^0.12.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.11\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\",\"target\":\"cfg(not(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\")))\"},{\"name\":\"signal-hook-registry\",\"optional\":true,\"req\":\"^1.1.1\",\"target\":\"cfg(unix)\"},{\"name\":\"slab\",\"optional\":true,\"req\":\"^0.4.9\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"features\":[\"all\"],\"name\":\"socket2\",\"optional\":true,\"req\":\"^0.6.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"socket2\",\"req\":\"^0.6.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"name\":\"tokio-macros\",\"optional\":true,\"req\":\"~2.6.0\"},{\"kind\":\"dev\",\"name\":\"tokio-stream\",\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4.0\"},{\"features\":[\"rt\"],\"kind\":\"dev\",\"name\":\"tokio-util\",\"req\":\"^0.7\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1.29\",\"target\":\"cfg(tokio_unstable)\"},{\"kind\":\"dev\",\"name\":\"tracing-mock\",\"req\":\"=0.1.0-beta.1\",\"target\":\"cfg(all(tokio_unstable, target_has_atomic = \\\"64\\\"))\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3.0\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(target_os = \\\"wasi\\\")))\"},{\"name\":\"windows-sys\",\"optional\":true,\"req\":\"^0.61\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Security_Authorization\"],\"kind\":\"dev\",\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[],\"fs\":[],\"full\":[\"fs\",\"io-util\",\"io-std\",\"macros\",\"net\",\"parking_lot\",\"process\",\"rt\",\"rt-multi-thread\",\"signal\",\"sync\",\"time\"],\"io-std\":[],\"io-uring\":[\"dep:io-uring\",\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"dep:slab\"],\"io-util\":[\"bytes\"],\"macros\":[\"tokio-macros\"],\"net\":[\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"mio/net\",\"socket2\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_Security\",\"windows-sys/Win32_Storage_FileSystem\",\"windows-sys/Win32_System_Pipes\",\"windows-sys/Win32_System_SystemServices\"],\"process\":[\"bytes\",\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"mio/net\",\"signal-hook-registry\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_System_Threading\",\"windows-sys/Win32_System_WindowsProgramming\"],\"rt\":[],\"rt-multi-thread\":[\"rt\"],\"signal\":[\"libc\",\"mio/os-poll\",\"mio/net\",\"mio/os-ext\",\"signal-hook-registry\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_System_Console\"],\"sync\":[],\"taskdump\":[\"dep:backtrace\"],\"test-util\":[\"rt\",\"sync\",\"time\"],\"time\":[]}}", + "tokio_1.52.3": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"async-stream\",\"req\":\"^0.3\"},{\"name\":\"backtrace\",\"optional\":true,\"req\":\"^0.3.58\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"kind\":\"dev\",\"name\":\"backtrace\",\"req\":\"^0.3.58\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"name\":\"bytes\",\"optional\":true,\"req\":\"^1.2.1\"},{\"features\":[\"async-await\"],\"kind\":\"dev\",\"name\":\"futures\",\"req\":\"^0.3.0\"},{\"kind\":\"dev\",\"name\":\"futures-concurrency\",\"req\":\"^7.6.3\"},{\"kind\":\"dev\",\"name\":\"futures-test\",\"req\":\"^0.3.31\"},{\"default_features\":false,\"name\":\"io-uring\",\"optional\":true,\"req\":\"^0.7.11\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.168\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.168\",\"target\":\"cfg(target_os = \\\"wasi\\\")\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2.168\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"libc\",\"req\":\"^0.2.168\",\"target\":\"cfg(unix)\"},{\"features\":[\"futures\",\"checkpoint\"],\"kind\":\"dev\",\"name\":\"loom\",\"req\":\"^0.7\",\"target\":\"cfg(loom)\"},{\"default_features\":false,\"name\":\"mio\",\"optional\":true,\"req\":\"^1.2.0\"},{\"default_features\":false,\"features\":[\"os-poll\",\"os-ext\"],\"name\":\"mio\",\"optional\":true,\"req\":\"^1.2.0\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"features\":[\"tokio\"],\"kind\":\"dev\",\"name\":\"mio-aio\",\"req\":\"^2\",\"target\":\"cfg(target_os = \\\"freebsd\\\")\"},{\"kind\":\"dev\",\"name\":\"mockall\",\"req\":\"^0.13.0\"},{\"default_features\":false,\"features\":[\"aio\",\"fs\",\"socket\"],\"kind\":\"dev\",\"name\":\"nix\",\"req\":\"^0.31.0\",\"target\":\"cfg(unix)\"},{\"name\":\"parking_lot\",\"optional\":true,\"req\":\"^0.12.0\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.11\"},{\"kind\":\"dev\",\"name\":\"proptest\",\"req\":\"^1\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"rand\",\"req\":\"^0.9\",\"target\":\"cfg(not(all(target_family = \\\"wasm\\\", target_os = \\\"unknown\\\")))\"},{\"name\":\"signal-hook-registry\",\"optional\":true,\"req\":\"^1.1.1\",\"target\":\"cfg(unix)\"},{\"name\":\"slab\",\"optional\":true,\"req\":\"^0.4.9\",\"target\":\"cfg(all(tokio_unstable, target_os = \\\"linux\\\"))\"},{\"features\":[\"all\"],\"name\":\"socket2\",\"optional\":true,\"req\":\"^0.6.3\",\"target\":\"cfg(any(not(target_family = \\\"wasm\\\"), all(target_os = \\\"wasi\\\", not(target_env = \\\"p1\\\"))))\"},{\"kind\":\"dev\",\"name\":\"socket2\",\"req\":\"^0.6.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3.1.0\",\"target\":\"cfg(not(target_family = \\\"wasm\\\"))\"},{\"name\":\"tokio-macros\",\"optional\":true,\"req\":\"~2.7.0\"},{\"kind\":\"dev\",\"name\":\"tokio-stream\",\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4.0\"},{\"features\":[\"rt\"],\"kind\":\"dev\",\"name\":\"tokio-util\",\"req\":\"^0.7\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1.29\",\"target\":\"cfg(tokio_unstable)\"},{\"kind\":\"dev\",\"name\":\"tracing-mock\",\"req\":\"=0.1.0-beta.1\",\"target\":\"cfg(all(tokio_unstable, target_has_atomic = \\\"64\\\"))\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3.0\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(target_os = \\\"wasi\\\")))\"},{\"name\":\"windows-sys\",\"optional\":true,\"req\":\"^0.61\",\"target\":\"cfg(windows)\"},{\"features\":[\"Win32_Foundation\",\"Win32_Security_Authorization\"],\"kind\":\"dev\",\"name\":\"windows-sys\",\"req\":\"^0.61\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[],\"fs\":[],\"full\":[\"fs\",\"io-util\",\"io-std\",\"macros\",\"net\",\"parking_lot\",\"process\",\"rt\",\"rt-multi-thread\",\"signal\",\"sync\",\"time\"],\"io-std\":[],\"io-uring\":[\"dep:io-uring\",\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"dep:slab\"],\"io-util\":[\"bytes\"],\"macros\":[\"tokio-macros\"],\"net\":[\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"mio/net\",\"socket2\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_Security\",\"windows-sys/Win32_Storage_FileSystem\",\"windows-sys/Win32_System_Pipes\",\"windows-sys/Win32_System_SystemServices\"],\"process\":[\"bytes\",\"libc\",\"mio/os-poll\",\"mio/os-ext\",\"mio/net\",\"signal-hook-registry\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_System_Threading\",\"windows-sys/Win32_System_WindowsProgramming\"],\"rt\":[],\"rt-multi-thread\":[\"rt\"],\"signal\":[\"libc\",\"mio/os-poll\",\"mio/net\",\"mio/os-ext\",\"signal-hook-registry\",\"windows-sys/Win32_Foundation\",\"windows-sys/Win32_System_Console\"],\"sync\":[],\"taskdump\":[\"dep:backtrace\"],\"test-util\":[\"rt\",\"sync\",\"time\"],\"time\":[]}}", "toml_0.5.11": "{\"dependencies\":[{\"name\":\"indexmap\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"serde\",\"req\":\"^1.0.97\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"}],\"features\":{\"default\":[],\"preserve_order\":[\"indexmap\"]}}", "toml_0.9.11+spec-1.1.0": "{\"dependencies\":[{\"name\":\"anstream\",\"optional\":true,\"req\":\"^0.6.20\"},{\"name\":\"anstyle\",\"optional\":true,\"req\":\"^1.0.11\"},{\"default_features\":false,\"name\":\"foldhash\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"indexmap\",\"optional\":true,\"req\":\"^2.11.4\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.14.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.225\"},{\"kind\":\"dev\",\"name\":\"serde-untagged\",\"req\":\"^0.1.9\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.225\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.145\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde_spanned\",\"req\":\"^1.0.4\"},{\"kind\":\"dev\",\"name\":\"snapbox\",\"req\":\"^0.6.21\"},{\"kind\":\"dev\",\"name\":\"toml-test-data\",\"req\":\"^2.3.3\"},{\"features\":[\"snapshot\"],\"kind\":\"dev\",\"name\":\"toml-test-harness\",\"req\":\"^1.3.3\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"toml_datetime\",\"req\":\"^0.7.5\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"toml_parser\",\"optional\":true,\"req\":\"^1.0.6\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"toml_writer\",\"optional\":true,\"req\":\"^1.0.6\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.5.0\"},{\"default_features\":false,\"name\":\"winnow\",\"optional\":true,\"req\":\"^0.7.13\"}],\"features\":{\"debug\":[\"std\",\"toml_parser?/debug\",\"dep:anstream\",\"dep:anstyle\"],\"default\":[\"std\",\"serde\",\"parse\",\"display\"],\"display\":[\"dep:toml_writer\"],\"fast_hash\":[\"preserve_order\",\"dep:foldhash\"],\"parse\":[\"dep:toml_parser\",\"dep:winnow\"],\"preserve_order\":[\"dep:indexmap\",\"std\"],\"serde\":[\"dep:serde_core\",\"toml_datetime/serde\",\"serde_spanned/serde\"],\"std\":[\"indexmap?/std\",\"serde_core?/std\",\"toml_parser?/std\",\"toml_writer?/std\",\"toml_datetime/std\",\"serde_spanned/std\"],\"unbounded\":[]}}", "toml_0.9.12+spec-1.1.0": "{\"dependencies\":[{\"name\":\"anstream\",\"optional\":true,\"req\":\"^0.6.20\"},{\"name\":\"anstyle\",\"optional\":true,\"req\":\"^1.0.11\"},{\"default_features\":false,\"name\":\"foldhash\",\"optional\":true,\"req\":\"^0.2.0\"},{\"default_features\":false,\"name\":\"indexmap\",\"optional\":true,\"req\":\"^2.11.4\"},{\"kind\":\"dev\",\"name\":\"itertools\",\"req\":\"^0.14.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.225\"},{\"kind\":\"dev\",\"name\":\"serde-untagged\",\"req\":\"^0.1.9\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.225\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0.145\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"serde_spanned\",\"req\":\"^1.0.4\"},{\"kind\":\"dev\",\"name\":\"snapbox\",\"req\":\"^0.6.21\"},{\"kind\":\"dev\",\"name\":\"toml-test-data\",\"req\":\"^2.3.3\"},{\"features\":[\"snapshot\"],\"kind\":\"dev\",\"name\":\"toml-test-harness\",\"req\":\"^1.3.3\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"toml_datetime\",\"req\":\"^0.7.5\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"toml_parser\",\"optional\":true,\"req\":\"^1.0.7\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"toml_writer\",\"optional\":true,\"req\":\"^1.0.6\"},{\"kind\":\"dev\",\"name\":\"walkdir\",\"req\":\"^2.5.0\"},{\"default_features\":false,\"name\":\"winnow\",\"optional\":true,\"req\":\"^0.7.13\"}],\"features\":{\"debug\":[\"std\",\"toml_parser?/debug\",\"dep:anstream\",\"dep:anstyle\"],\"default\":[\"std\",\"serde\",\"parse\",\"display\"],\"display\":[\"dep:toml_writer\"],\"fast_hash\":[\"preserve_order\",\"dep:foldhash\"],\"parse\":[\"dep:toml_parser\",\"dep:winnow\"],\"preserve_order\":[\"dep:indexmap\",\"std\"],\"serde\":[\"dep:serde_core\",\"toml_datetime/serde\",\"serde_spanned/serde\"],\"std\":[\"indexmap?/std\",\"serde_core?/std\",\"toml_parser?/std\",\"toml_writer?/std\",\"toml_datetime/std\",\"serde_spanned/std\"],\"unbounded\":[]}}", @@ -1667,11 +1680,13 @@ "tree-sitter-language_0.1.7": "{\"dependencies\":[],\"features\":{}}", "tree-sitter_0.25.10": "{\"dependencies\":[{\"kind\":\"build\",\"name\":\"bindgen\",\"optional\":true,\"req\":\"^0.71.1\"},{\"kind\":\"build\",\"name\":\"cc\",\"req\":\"^1.2.10\"},{\"default_features\":false,\"features\":[\"unicode\"],\"name\":\"regex\",\"req\":\"^1.11.1\"},{\"default_features\":false,\"name\":\"regex-syntax\",\"req\":\"^0.8.5\"},{\"features\":[\"preserve_order\"],\"kind\":\"build\",\"name\":\"serde_json\",\"req\":\"^1.0.137\"},{\"name\":\"streaming-iterator\",\"req\":\"^0.1.9\"},{\"name\":\"tree-sitter-language\",\"req\":\"^0.1\"},{\"default_features\":false,\"features\":[\"cranelift\",\"gc-drc\"],\"name\":\"wasmtime-c-api\",\"optional\":true,\"package\":\"wasmtime-c-api-impl\",\"req\":\"^29.0.1\"}],\"features\":{\"default\":[\"std\"],\"std\":[\"regex/std\",\"regex/perf\",\"regex-syntax/unicode\"],\"wasm\":[\"std\",\"wasmtime-c-api\"]}}", "tree_magic_mini_3.2.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"bencher\",\"req\":\"^0.1.0\"},{\"name\":\"memchr\",\"req\":\"^2.0\"},{\"name\":\"nom\",\"req\":\"^8.0\"},{\"default_features\":false,\"name\":\"petgraph\",\"req\":\"^0.8.0\"},{\"name\":\"tree_magic_db\",\"optional\":true,\"req\":\"^3.0\"}],\"features\":{\"with-gpl-data\":[\"dep:tree_magic_db\"]}}", + "triomphe_0.1.15": "{\"dependencies\":[{\"name\":\"arc-swap\",\"optional\":true,\"req\":\"^1.3.0\"},{\"default_features\":false,\"name\":\"serde\",\"optional\":true,\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"stable_deref_trait\",\"optional\":true,\"req\":\"^1.1.1\"},{\"name\":\"unsize\",\"optional\":true,\"req\":\"^1.1\"}],\"features\":{\"default\":[\"serde\",\"stable_deref_trait\",\"std\"],\"std\":[],\"unstable_dropck_eyepatch\":[]}}", "try-lock_0.2.5": "{\"dependencies\":[],\"features\":{}}", "ts-rs-macros_11.1.0": "{\"dependencies\":[{\"name\":\"proc-macro2\",\"req\":\"^1\"},{\"name\":\"quote\",\"req\":\"^1\"},{\"features\":[\"full\",\"extra-traits\"],\"name\":\"syn\",\"req\":\"^2.0.28\"},{\"name\":\"termcolor\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"no-serde-warnings\":[],\"serde-compat\":[\"termcolor\"]}}", "ts-rs_11.1.0": "{\"dependencies\":[{\"features\":[\"serde\"],\"name\":\"bigdecimal\",\"optional\":true,\"req\":\">=0.0.13, <0.5\"},{\"name\":\"bson\",\"optional\":true,\"req\":\"^2\"},{\"name\":\"bytes\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"chrono\",\"optional\":true,\"req\":\"^0.4\"},{\"features\":[\"serde\"],\"kind\":\"dev\",\"name\":\"chrono\",\"req\":\"^0.4\"},{\"name\":\"dprint-plugin-typescript\",\"optional\":true,\"req\":\"=0.95\"},{\"name\":\"heapless\",\"optional\":true,\"req\":\">=0.7, <0.9\"},{\"name\":\"indexmap\",\"optional\":true,\"req\":\"^2\"},{\"name\":\"ordered-float\",\"optional\":true,\"req\":\">=3, <6\"},{\"name\":\"semver\",\"optional\":true,\"req\":\"^1\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1\"},{\"name\":\"smol_str\",\"optional\":true,\"req\":\"^0.3\"},{\"name\":\"thiserror\",\"req\":\"^2\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"optional\":true,\"req\":\"^1\"},{\"features\":[\"sync\",\"rt\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.40\"},{\"name\":\"ts-rs-macros\",\"req\":\"=11.1.0\"},{\"name\":\"url\",\"optional\":true,\"req\":\"^2\"},{\"name\":\"uuid\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"bigdecimal-impl\":[\"bigdecimal\"],\"bson-uuid-impl\":[\"bson\"],\"bytes-impl\":[\"bytes\"],\"chrono-impl\":[\"chrono\"],\"default\":[\"serde-compat\"],\"format\":[\"dprint-plugin-typescript\"],\"heapless-impl\":[\"heapless\"],\"import-esm\":[],\"indexmap-impl\":[\"indexmap\"],\"no-serde-warnings\":[\"ts-rs-macros/no-serde-warnings\"],\"ordered-float-impl\":[\"ordered-float\"],\"semver-impl\":[\"semver\"],\"serde-compat\":[\"ts-rs-macros/serde-compat\"],\"serde-json-impl\":[\"serde_json\"],\"smol_str-impl\":[\"smol_str\"],\"tokio-impl\":[\"tokio\"],\"url-impl\":[\"url\"],\"uuid-impl\":[\"uuid\"]}}", "two-face_0.5.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"cargo-lock\",\"req\":\"^10.1.0\"},{\"kind\":\"dev\",\"name\":\"insta\",\"req\":\"^1.44.3\"},{\"default_features\":false,\"features\":[\"read\"],\"kind\":\"dev\",\"name\":\"object\",\"req\":\"^0.36.7\"},{\"name\":\"serde\",\"req\":\"^1.0.228\"},{\"name\":\"serde_derive\",\"req\":\"^1.0.228\"},{\"kind\":\"dev\",\"name\":\"similar\",\"req\":\"^2.7.0\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"strum\",\"req\":\"^0.26.3\"},{\"default_features\":false,\"features\":[\"dump-load\",\"parsing\"],\"name\":\"syntect\",\"req\":\"^5.3.0\"},{\"default_features\":false,\"features\":[\"html\"],\"kind\":\"dev\",\"name\":\"syntect\",\"req\":\"^5.3.0\"},{\"kind\":\"dev\",\"name\":\"toml\",\"req\":\"^0.8.23\"},{\"default_features\":false,\"features\":[\"std\",\"xxhash64\"],\"kind\":\"dev\",\"name\":\"twox-hash\",\"req\":\"^2.1.2\"}],\"features\":{\"default\":[\"syntect-onig\"],\"syntect-default-fancy\":[\"syntect-fancy\",\"syntect/default-fancy\"],\"syntect-default-onig\":[\"syntect-onig\",\"syntect/default-onig\"],\"syntect-fancy\":[\"syntect/regex-fancy\"],\"syntect-onig\":[\"syntect/regex-onig\"]}}", "type-map_0.5.1": "{\"dependencies\":[{\"name\":\"rustc-hash\",\"req\":\"^2\"}],\"features\":{}}", + "typeid_1.0.3": "{\"dependencies\":[],\"features\":{}}", "typenum_1.20.0": "{\"dependencies\":[{\"default_features\":false,\"name\":\"scale-info\",\"optional\":true,\"req\":\"^1.0\"}],\"features\":{\"const-generics\":[],\"i128\":[],\"scale_info\":[\"scale-info/derive\"],\"strict\":[]}}", "uds_windows_1.1.0": "{\"dependencies\":[{\"name\":\"memoffset\",\"req\":\"^0.9.0\"},{\"name\":\"tempfile\",\"req\":\"^3\",\"target\":\"cfg(windows)\"},{\"features\":[\"winsock2\",\"ws2def\",\"minwinbase\",\"ntdef\",\"processthreadsapi\",\"handleapi\",\"ws2tcpip\",\"winbase\"],\"name\":\"winapi\",\"req\":\"^0.3.9\",\"target\":\"cfg(windows)\"}],\"features\":{}}", "uname_0.1.1": "{\"dependencies\":[{\"name\":\"libc\",\"req\":\"^0.2\"}],\"features\":{}}", @@ -1704,7 +1719,7 @@ "utf8_iter_1.0.4": "{\"dependencies\":[],\"features\":{}}", "utf8parse_0.2.2": "{\"dependencies\":[],\"features\":{\"default\":[],\"nightly\":[]}}", "uuid_1.20.0": "{\"dependencies\":[{\"name\":\"arbitrary\",\"optional\":true,\"req\":\"^1.1.3\"},{\"default_features\":false,\"name\":\"atomic\",\"optional\":true,\"req\":\"^0.6\"},{\"default_features\":false,\"name\":\"borsh\",\"optional\":true,\"req\":\"^1\"},{\"default_features\":false,\"name\":\"borsh-derive\",\"optional\":true,\"req\":\"^1\"},{\"features\":[\"derive\"],\"name\":\"bytemuck\",\"optional\":true,\"req\":\"^1.20.0\"},{\"name\":\"getrandom\",\"optional\":true,\"req\":\"^0.3\",\"target\":\"cfg(not(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\"))))\"},{\"default_features\":false,\"name\":\"js-sys\",\"optional\":true,\"req\":\"^0.3\",\"target\":\"cfg(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\"), target_feature = \\\"atomics\\\"))\"},{\"default_features\":false,\"name\":\"md-5\",\"optional\":true,\"req\":\"^0.10\"},{\"name\":\"rand\",\"optional\":true,\"req\":\"^0.9\",\"target\":\"cfg(not(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\"))))\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0.221\"},{\"default_features\":false,\"name\":\"serde_core\",\"optional\":true,\"req\":\"^1.0.221\"},{\"kind\":\"dev\",\"name\":\"serde_derive\",\"req\":\"^1.0.221\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_test\",\"req\":\"^1.0.56\"},{\"default_features\":false,\"name\":\"sha1_smol\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"slog\",\"optional\":true,\"req\":\"^2\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.52\"},{\"name\":\"uuid-rng-internal-lib\",\"optional\":true,\"package\":\"uuid-rng-internal\",\"req\":\"^1.20.0\",\"target\":\"cfg(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\")))\"},{\"default_features\":false,\"features\":[\"msrv\"],\"name\":\"wasm-bindgen\",\"optional\":true,\"req\":\"^0.2\",\"target\":\"cfg(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\")))\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen\",\"req\":\"^0.2\",\"target\":\"cfg(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\")))\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3\",\"target\":\"cfg(all(target_arch = \\\"wasm32\\\", any(target_os = \\\"unknown\\\", target_os = \\\"none\\\")))\"},{\"features\":[\"derive\"],\"name\":\"zerocopy\",\"optional\":true,\"req\":\"^0.8\"}],\"features\":{\"atomic\":[\"dep:atomic\"],\"borsh\":[\"dep:borsh\",\"dep:borsh-derive\"],\"default\":[\"std\"],\"fast-rng\":[\"rng\",\"dep:rand\"],\"js\":[\"dep:wasm-bindgen\",\"dep:js-sys\"],\"macro-diagnostics\":[],\"md5\":[\"dep:md-5\"],\"rng\":[\"dep:getrandom\"],\"rng-getrandom\":[\"rng\",\"dep:getrandom\",\"uuid-rng-internal-lib\",\"uuid-rng-internal-lib/getrandom\"],\"rng-rand\":[\"rng\",\"dep:rand\",\"uuid-rng-internal-lib\",\"uuid-rng-internal-lib/rand\"],\"serde\":[\"dep:serde_core\"],\"sha1\":[\"dep:sha1_smol\"],\"std\":[\"wasm-bindgen?/std\",\"js-sys?/std\"],\"v1\":[\"atomic\"],\"v3\":[\"md5\"],\"v4\":[\"rng\"],\"v5\":[\"sha1\"],\"v6\":[\"atomic\"],\"v7\":[\"rng\"],\"v8\":[]}}", - "v8_147.4.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"align-data\",\"req\":\"^0.1.0\"},{\"kind\":\"build\",\"name\":\"bindgen\",\"req\":\"^0.72\"},{\"kind\":\"dev\",\"name\":\"bindgen\",\"req\":\"^0.72\"},{\"name\":\"bitflags\",\"req\":\"^2.5\"},{\"kind\":\"dev\",\"name\":\"bytes\",\"req\":\"^1\"},{\"kind\":\"build\",\"name\":\"fslock\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"fslock\",\"req\":\"^0.2\"},{\"kind\":\"build\",\"name\":\"gzip-header\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"gzip-header\",\"req\":\"^1.0.0\"},{\"kind\":\"build\",\"name\":\"home\",\"req\":\"^0\"},{\"kind\":\"dev\",\"name\":\"home\",\"req\":\"^0\"},{\"kind\":\"build\",\"name\":\"miniz_oxide\",\"req\":\"^0.8.8\"},{\"kind\":\"dev\",\"name\":\"miniz_oxide\",\"req\":\"^0.8.8\"},{\"name\":\"paste\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"features\":[\"zoneinfo64\"],\"name\":\"temporal_capi\",\"req\":\"^0.2.3\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.96\"},{\"kind\":\"build\",\"name\":\"which\",\"req\":\"^6\"},{\"kind\":\"dev\",\"name\":\"which\",\"req\":\"^6\"}],\"features\":{\"default\":[\"use_custom_libcxx\"],\"simdutf\":[],\"use_custom_libcxx\":[],\"v8_enable_pointer_compression\":[],\"v8_enable_sandbox\":[\"v8_enable_pointer_compression\"],\"v8_enable_v8_checks\":[]}}", + "v8_149.2.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"align-data\",\"req\":\"^0.1.0\"},{\"kind\":\"build\",\"name\":\"bindgen\",\"req\":\"^0.72\"},{\"kind\":\"dev\",\"name\":\"bindgen\",\"req\":\"^0.72\"},{\"name\":\"bitflags\",\"req\":\"^2.5\"},{\"kind\":\"dev\",\"name\":\"bytes\",\"req\":\"^1\"},{\"kind\":\"build\",\"name\":\"fslock\",\"req\":\"^0.2\"},{\"kind\":\"dev\",\"name\":\"fslock\",\"req\":\"^0.2\"},{\"kind\":\"build\",\"name\":\"gzip-header\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"gzip-header\",\"req\":\"^1.0.0\"},{\"kind\":\"build\",\"name\":\"home\",\"req\":\"^0\"},{\"kind\":\"dev\",\"name\":\"home\",\"req\":\"^0\"},{\"kind\":\"build\",\"name\":\"miniz_oxide\",\"req\":\"^0.8.8\"},{\"kind\":\"dev\",\"name\":\"miniz_oxide\",\"req\":\"^0.8.8\"},{\"name\":\"paste\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rustversion\",\"req\":\"^1\"},{\"features\":[\"zoneinfo64\"],\"name\":\"temporal_capi\",\"req\":\"^0.2.3\"},{\"kind\":\"dev\",\"name\":\"trybuild\",\"req\":\"^1.0.96\"},{\"kind\":\"build\",\"name\":\"which\",\"req\":\"^6\"},{\"kind\":\"dev\",\"name\":\"which\",\"req\":\"^6\"}],\"features\":{\"default\":[\"use_custom_libcxx\"],\"simdutf\":[],\"use_custom_libcxx\":[],\"v8_enable_pointer_compression\":[],\"v8_enable_sandbox\":[\"v8_enable_pointer_compression\"],\"v8_enable_v8_checks\":[]}}", "valuable_0.1.1": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"name\":\"valuable-derive\",\"optional\":true,\"req\":\"=0.1.1\"}],\"features\":{\"alloc\":[],\"default\":[\"std\"],\"derive\":[\"valuable-derive\"],\"std\":[\"alloc\"]}}", "vcpkg_0.2.15": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"lazy_static\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tempdir\",\"req\":\"^0.3.7\"}],\"features\":{}}", "version-compare_0.2.1": "{\"dependencies\":[],\"features\":{}}", diff --git a/bazel/platforms/BUILD.bazel b/bazel/platforms/BUILD.bazel new file mode 100644 index 00000000000..398d5d80837 --- /dev/null +++ b/bazel/platforms/BUILD.bazel @@ -0,0 +1 @@ +# Release platform rules live in this package. diff --git a/bazel/platforms/release_binaries.bzl b/bazel/platforms/release_binaries.bzl new file mode 100644 index 00000000000..2e2f4450364 --- /dev/null +++ b/bazel/platforms/release_binaries.bzl @@ -0,0 +1,27 @@ +"""Rules for building release binaries across supported target platforms.""" + +load("@rules_platform//platform_data:defs.bzl", "platform_data") + +PLATFORMS = [ + "linux_arm64_musl", + "linux_amd64_musl", + "macos_amd64", + "macos_arm64", + "windows_amd64", + "windows_arm64", +] + +def multiplatform_binaries(name, platforms = PLATFORMS): + for platform in platforms: + platform_data( + name = name + "_" + platform, + platform = "@llvm//platforms:" + platform, + target = name, + tags = ["manual"], + ) + + native.filegroup( + name = "release_binaries", + srcs = [name + "_" + platform for platform in platforms], + tags = ["manual"], + ) diff --git a/codex-rs/.cargo/audit.toml b/codex-rs/.cargo/audit.toml index 9f029ada1d7..c1d8ff87ee8 100644 --- a/codex-rs/.cargo/audit.toml +++ b/codex-rs/.cargo/audit.toml @@ -1,11 +1,13 @@ [advisories] -# Reviewed 2026-04-15. Keep this list in sync with ../deny.toml. +# Reviewed 2026-06-07. Keep this list in sync with ../deny.toml. ignore = [ - "RUSTSEC-2024-0388", # derivative 2.2.0 via starlark; upstream crate is unmaintained - "RUSTSEC-2025-0057", # fxhash 0.2.1 via starlark_map; upstream crate is unmaintained + "RUSTSEC-2024-0388", # derivative 2.2.0 via starlark/starlark_syntax; upstream crate is unmaintained + "RUSTSEC-2025-0057", # fxhash 0.2.1 via starlark_map/bm25; upstream crate is unmaintained "RUSTSEC-2024-0436", # paste 1.0.15 via starlark/ratatui; upstream crate is unmaintained + "RUSTSEC-2023-0089", # atomic-polyfill via postcard/heapless/pagable; upstream crate is unmaintained "RUSTSEC-2024-0320", # yaml-rust via syntect; remove when syntect drops or updates it "RUSTSEC-2025-0141", # bincode via syntect; remove when syntect drops or updates it "RUSTSEC-2026-0118", # hickory-proto via rama-dns/rama-tcp; remove when rama updates to hickory 0.26.1 or hickory-net "RUSTSEC-2026-0119", # hickory-proto via rama-dns/rama-tcp; remove when rama updates to hickory 0.26.1 or hickory-net + "RUSTSEC-2026-0173", # proc-macro-error2 via i18n-embed-fl/age/codex-secrets; remove when local secrets storage migrates off age or age drops i18n-embed-fl ] diff --git a/codex-rs/.config/nextest.toml b/codex-rs/.config/nextest.toml index 01f4a98dc83..f3f3ca26071 100644 --- a/codex-rs/.config/nextest.toml +++ b/codex-rs/.config/nextest.toml @@ -8,12 +8,20 @@ retries = 1 [profile.default.junit] path = "junit.xml" +[profile.local] +inherits = "default" + [test-groups.app_server_protocol_codegen] max-threads = 1 [test-groups.app_server_integration] max-threads = 1 +# Higher concurrency causes integration test timeouts under resource contention +# on common developer machines. +[test-groups.app_server_integration_local] +max-threads = 4 + [test-groups.core_apply_patch_cli_integration] max-threads = 1 @@ -42,6 +50,12 @@ test-group = 'app_server_protocol_codegen' filter = 'package(codex-app-server) & kind(test)' test-group = 'app_server_integration' +[[profile.local.overrides]] +# Use up to four app-server subprocesses locally. The global nextest pool still +# limits this to the machine's logical CPU count. +filter = 'package(codex-app-server) & kind(test)' +test-group = 'app_server_integration_local' + [[profile.default.overrides]] # These tests exercise full Codex turns and apply_patch execution, and they are # sensitive to Windows runner process-startup stalls when many cases launch at once. diff --git a/codex-rs/Cargo.lock b/codex-rs/Cargo.lock index f5e8b562303..dfd339083fd 100644 --- a/codex-rs/Cargo.lock +++ b/codex-rs/Cargo.lock @@ -154,7 +154,7 @@ dependencies = [ "serde_json", "serde_urlencoded", "smallvec", - "socket2 0.6.2", + "socket2 0.6.3", "time", "tracing", "url", @@ -213,7 +213,7 @@ dependencies = [ "lazy_static", "nom 7.1.3", "pin-project", - "rand 0.8.5", + "rand 0.8.6", "rust-embed", "scrypt", "sha2 0.10.9", @@ -234,7 +234,7 @@ dependencies = [ "hkdf 0.12.4", "io_tee", "nom 7.1.3", - "rand 0.8.5", + "rand 0.8.6", "secrecy", "sha2 0.10.9", ] @@ -263,26 +263,26 @@ dependencies = [ [[package]] name = "allocative" -version = "0.3.4" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fac2ce611db8b8cee9b2aa886ca03c924e9da5e5295d0dbd0526e5d0b0710f7" +checksum = "d8cf9afc79c83d514444b55df3935d317da54b1ce3b17a133c646889cc260de8" dependencies = [ "allocative_derive", "bumpalo", - "ctor 0.1.26", - "hashbrown 0.14.5", + "ctor 1.0.6", + "hashbrown 0.16.1", "num-bigint", ] [[package]] name = "allocative_derive" -version = "0.3.3" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe233a377643e0fc1a56421d7c90acdec45c291b30345eb9f08e8d0ddce5a4ab" +checksum = "614043c56c1173b800acb007b81fd0cbc0a0d7d717b71ba705fc2230d0760a23" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -396,9 +396,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.101" +version = "1.0.102" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f0e0fee31ef5ed1ba1316088939cea399010ed7731dba877ed44aeb407a75ea" +checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c" [[package]] name = "app_test_support" @@ -463,6 +463,12 @@ dependencies = [ "rustversion", ] +[[package]] +name = "arrayref" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb" + [[package]] name = "arrayvec" version = "0.7.6" @@ -475,15 +481,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d92bec98840b8f03a5ff5413de5293bfcd8bf96467cf5452609f939ec6f5de16" -[[package]] -name = "ascii-canvas" -version = "3.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8824ecca2e851cec16968d54a01dd372ef8f95b244fb84b84e70128be347c3c6" -dependencies = [ - "term", -] - [[package]] name = "asn1-rs" version = "0.7.1" @@ -508,7 +505,7 @@ checksum = "3109e49b1e4909e9db6515a30c633684d68cdeaa252f215214cb4fa1a5bfee2c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "synstructure", ] @@ -520,7 +517,7 @@ checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -658,7 +655,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -698,7 +695,7 @@ checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -715,7 +712,7 @@ checksum = "9035ad2d096bed7955a320ee7e2230574d28fd3c3a0f186cbea1ff3c7eed5dbb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -737,6 +734,21 @@ dependencies = [ "num-traits", ] +[[package]] +name = "atomic" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c59bdb34bc650a32731b31bd8f0829cc15d24a708ee31559e0bb34f2bc320cba" + +[[package]] +name = "atomic-polyfill" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8cf2bce30dfe09ef0bfaef228b9d414faaf7e563035494d7fe092dba54b300f4" +dependencies = [ + "critical-section", +] + [[package]] name = "atomic-waker" version = "1.1.2" @@ -774,7 +786,7 @@ dependencies = [ "hex", "http 1.4.0", "p256", - "rand 0.8.5", + "rand 0.8.6", "ring", "sha2 0.10.9", "time", @@ -1089,7 +1101,7 @@ checksum = "8d7396fd9500589e62e460e987ecb671bad374934e55ec3b5f498cc7a8a8a7b7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -1285,23 +1297,23 @@ dependencies = [ "regex", "rustc-hash 2.1.1", "shlex", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] name = "bit-set" -version = "0.5.3" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1" +checksum = "08807e080ed7f9d5433fa9b275196cfc35414f66a0c79d864dc51a0d825231a3" dependencies = [ "bit-vec", ] [[package]] name = "bit-vec" -version = "0.6.3" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" +checksum = "5e764a1d40d510daf35e07be9eb06e75770908c27d411ee6c92109c9840eaaf7" [[package]] name = "bitflags" @@ -1327,6 +1339,21 @@ dependencies = [ "digest 0.10.7", ] +[[package]] +name = "blake3" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3888aaa89e4b2a40fca9848e400f6a658a5a3978de7be858e209cafa8be9a4a0" +dependencies = [ + "arrayref", + "arrayvec", + "cc", + "cfg-if", + "constant_time_eq 0.3.1", + "digest 0.10.7", + "rayon-core", +] + [[package]] name = "block-buffer" version = "0.10.4" @@ -1421,6 +1448,20 @@ name = "bytemuck" version = "1.25.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c8efb64bd706a16a1bdde310ae86b351e4d21550d98d056f22f8a7f7a2183fec" +dependencies = [ + "bytemuck_derive", +] + +[[package]] +name = "bytemuck_derive" +version = "1.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9abbd1bc6865053c427f7198e6af43bfdedc55ab791faed4fbd361d789575ff" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.117", +] [[package]] name = "byteorder" @@ -1512,7 +1553,7 @@ dependencies = [ "darling 0.20.11", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -1739,7 +1780,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -1787,6 +1828,15 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e9b18233253483ce2f65329a24072ec414db782531bdbb7d0bbc4bd2ce6b7e21" +[[package]] +name = "cobs" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fa961b519f0b462e3a3b4a34b64d119eeaca1d59af726fe450bbba07a9fc0a1" +dependencies = [ + "thiserror 2.0.18", +] + [[package]] name = "codespan-reporting" version = "0.13.1" @@ -1802,7 +1852,6 @@ dependencies = [ name = "codex-agent-graph-store" version = "0.0.0" dependencies = [ - "async-trait", "codex-protocol", "codex-state", "pretty_assertions", @@ -1842,6 +1891,7 @@ dependencies = [ "codex-model-provider", "codex-plugin", "codex-protocol", + "codex-state", "codex-utils-absolute-path", "os_info", "pretty_assertions", @@ -1868,7 +1918,6 @@ dependencies = [ "anyhow", "assert_matches", "async-channel", - "async-trait", "base64 0.22.1", "bytes", "chrono", @@ -1902,7 +1951,6 @@ version = "0.0.0" dependencies = [ "anyhow", "app_test_support", - "async-trait", "axum", "base64 0.22.1", "chrono", @@ -1926,11 +1974,14 @@ dependencies = [ "codex-file-search", "codex-file-watcher", "codex-git-utils", + "codex-goal-extension", "codex-guardian", + "codex-home", "codex-hooks", "codex-image-generation-extension", "codex-login", "codex-mcp", + "codex-mcp-extension", "codex-memories-extension", "codex-memories-write", "codex-model-provider", @@ -1943,6 +1994,7 @@ dependencies = [ "codex-rollout", "codex-sandboxing", "codex-shell-command", + "codex-skills-extension", "codex-state", "codex-thread-store", "codex-tools", @@ -1950,6 +2002,7 @@ dependencies = [ "codex-utils-cargo-bin", "codex-utils-cli", "codex-utils-json-to-toml", + "codex-utils-path-uri", "codex-utils-pty", "codex-web-search-extension", "codex-windows-sandbox", @@ -2129,6 +2182,7 @@ dependencies = [ "codex-exec-server", "codex-utils-absolute-path", "codex-utils-cargo-bin", + "codex-utils-path-uri", "pretty_assertions", "similar", "tempfile", @@ -2161,7 +2215,6 @@ dependencies = [ name = "codex-async-utils" version = "0.0.0" dependencies = [ - "async-trait", "pretty_assertions", "tokio", "tokio-util", @@ -2265,6 +2318,7 @@ dependencies = [ "codex-execpolicy", "codex-features", "codex-git-utils", + "codex-home", "codex-install-context", "codex-login", "codex-mcp", @@ -2318,7 +2372,6 @@ dependencies = [ name = "codex-client" version = "0.0.0" dependencies = [ - "async-trait", "bytes", "codex-utils-cargo-bin", "codex-utils-rustls-provider", @@ -2373,7 +2426,6 @@ name = "codex-cloud-tasks" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "chrono", "clap", "codex-client", @@ -2405,7 +2457,6 @@ name = "codex-cloud-tasks-client" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "chrono", "codex-api", "codex-backend-client", @@ -2419,7 +2470,6 @@ dependencies = [ name = "codex-cloud-tasks-mock-client" version = "0.0.0" dependencies = [ - "async-trait", "chrono", "codex-cloud-tasks-client", "diffy", @@ -2449,7 +2499,6 @@ name = "codex-config" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "base64 0.22.1", "codex-app-server-protocol", "codex-execpolicy", @@ -2461,12 +2510,13 @@ dependencies = [ "codex-protocol", "codex-utils-absolute-path", "codex-utils-path", + "codex-utils-path-uri", "core-foundation 0.9.4", "dns-lookup", "dunce", "futures", "gethostname", - "indexmap 2.13.0", + "indexmap 2.14.0", "libc", "multimap", "pretty_assertions", @@ -2525,7 +2575,6 @@ dependencies = [ "assert_cmd", "assert_matches", "async-channel", - "async-trait", "base64 0.22.1", "bm25", "chrono", @@ -2547,7 +2596,9 @@ dependencies = [ "codex-features", "codex-feedback", "codex-git-utils", + "codex-home", "codex-hooks", + "codex-image-generation-extension", "codex-install-context", "codex-login", "codex-mcp", @@ -2579,10 +2630,12 @@ dependencies = [ "codex-utils-image", "codex-utils-output-truncation", "codex-utils-path", + "codex-utils-path-uri", "codex-utils-plugins", "codex-utils-pty", "codex-utils-stream-parser", "codex-utils-string", + "codex-web-search-extension", "codex-windows-sandbox", "core_test_support", "csv", @@ -2594,7 +2647,7 @@ dependencies = [ "http 1.4.0", "iana-time-zone", "image", - "indexmap 2.13.0", + "indexmap 2.14.0", "insta", "libc", "maplit", @@ -2648,6 +2701,7 @@ dependencies = [ "codex-exec-server", "codex-extension-api", "codex-features", + "codex-home", "codex-login", "codex-model-provider-info", "codex-models-manager", @@ -2677,7 +2731,7 @@ dependencies = [ "codex-utils-plugins", "dirs", "flate2", - "indexmap 2.13.0", + "indexmap 2.14.0", "libc", "pretty_assertions", "reqwest 0.12.28", @@ -2712,6 +2766,7 @@ dependencies = [ "codex-skills", "codex-utils-absolute-path", "codex-utils-output-truncation", + "codex-utils-path-uri", "codex-utils-plugins", "dirs", "dunce", @@ -2779,7 +2834,6 @@ version = "0.0.0" dependencies = [ "anyhow", "arc-swap", - "async-trait", "axum", "base64 0.22.1", "bytes", @@ -2789,8 +2843,10 @@ dependencies = [ "codex-file-system", "codex-protocol", "codex-sandboxing", + "codex-shell-command", "codex-test-binary-support", "codex-utils-absolute-path", + "codex-utils-path-uri", "codex-utils-pty", "codex-utils-rustls-provider", "ctor 0.6.3", @@ -2857,17 +2913,20 @@ version = "0.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] name = "codex-extension-api" version = "0.0.0" dependencies = [ - "async-trait", + "codex-config", "codex-context-fragments", "codex-protocol", "codex-tools", + "codex-utils-absolute-path", + "pretty_assertions", + "tokio", ] [[package]] @@ -2942,9 +3001,9 @@ dependencies = [ name = "codex-file-system" version = "0.0.0" dependencies = [ - "async-trait", "codex-protocol", "codex-utils-absolute-path", + "codex-utils-path-uri", "serde", ] @@ -2968,6 +3027,7 @@ dependencies = [ "codex-file-system", "codex-protocol", "codex-utils-absolute-path", + "codex-utils-path-uri", "futures", "gix", "once_cell", @@ -2988,8 +3048,8 @@ name = "codex-goal-extension" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "chrono", + "codex-analytics", "codex-core", "codex-extension-api", "codex-otel", @@ -3009,12 +3069,22 @@ dependencies = [ name = "codex-guardian" version = "0.0.0" dependencies = [ - "async-trait", "codex-core", "codex-extension-api", "codex-protocol", ] +[[package]] +name = "codex-home" +version = "0.0.0" +dependencies = [ + "codex-extension-api", + "codex-utils-absolute-path", + "pretty_assertions", + "tempfile", + "tokio", +] + [[package]] name = "codex-hooks" version = "0.0.0" @@ -3042,21 +3112,23 @@ dependencies = [ name = "codex-image-generation-extension" version = "0.0.0" dependencies = [ - "async-trait", "codex-api", "codex-core", "codex-extension-api", - "codex-features", "codex-login", "codex-model-provider", "codex-model-provider-info", "codex-protocol", "codex-tools", + "codex-utils-absolute-path", + "codex-utils-image", + "codex-utils-path-uri", "http 1.4.0", "pretty_assertions", "schemars 0.8.22", "serde", "serde_json", + "tokio", ] [[package]] @@ -3120,7 +3192,6 @@ name = "codex-login" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "base64 0.22.1", "chrono", "codex-agent-identity", @@ -3162,6 +3233,7 @@ name = "codex-mcp" version = "0.0.0" dependencies = [ "anyhow", + "arc-swap", "async-channel", "codex-api", "codex-async-utils", @@ -3189,6 +3261,22 @@ dependencies = [ "url", ] +[[package]] +name = "codex-mcp-extension" +version = "0.0.0" +dependencies = [ + "codex-config", + "codex-core", + "codex-core-plugins", + "codex-extension-api", + "codex-features", + "codex-login", + "codex-mcp", + "pretty_assertions", + "tempfile", + "tokio", +] + [[package]] name = "codex-mcp-server" version = "0.0.0" @@ -3199,6 +3287,7 @@ dependencies = [ "codex-core", "codex-exec-server", "codex-extension-api", + "codex-home", "codex-login", "codex-protocol", "codex-shell-command", @@ -3225,7 +3314,6 @@ dependencies = [ name = "codex-memories-extension" version = "0.0.0" dependencies = [ - "async-trait", "codex-core", "codex-extension-api", "codex-features", @@ -3265,6 +3353,8 @@ dependencies = [ "codex-features", "codex-git-utils", "codex-login", + "codex-model-provider", + "codex-model-provider-info", "codex-models-manager", "codex-otel", "codex-protocol", @@ -3306,7 +3396,6 @@ dependencies = [ name = "codex-model-provider" version = "0.0.0" dependencies = [ - "async-trait", "codex-agent-identity", "codex-api", "codex-aws-auth", @@ -3347,7 +3436,6 @@ dependencies = [ name = "codex-models-manager" version = "0.0.0" dependencies = [ - "async-trait", "chrono", "codex-app-server-protocol", "codex-collaboration-mode-templates", @@ -3369,7 +3457,6 @@ name = "codex-network-proxy" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "base64 0.22.1", "chrono", "clap", @@ -3596,6 +3683,7 @@ dependencies = [ "urlencoding", "webbrowser", "which 8.0.0", + "wiremock", ] [[package]] @@ -3603,7 +3691,6 @@ name = "codex-rollout" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "chrono", "codex-file-search", "codex-git-utils", @@ -3645,7 +3732,6 @@ name = "codex-sandboxing" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "codex-network-proxy", "codex-protocol", "codex-utils-absolute-path", @@ -3690,6 +3776,7 @@ dependencies = [ "base64 0.22.1", "codex-protocol", "codex-utils-absolute-path", + "libc", "once_cell", "pretty_assertions", "regex", @@ -3707,7 +3794,6 @@ name = "codex-shell-escalation" version = "0.0.0" dependencies = [ "anyhow", - "async-trait", "clap", "codex-protocol", "codex-utils-absolute-path", @@ -3715,7 +3801,7 @@ dependencies = [ "pretty_assertions", "serde", "serde_json", - "socket2 0.6.2", + "socket2 0.6.3", "tempfile", "tokio", "tokio-util", @@ -3736,13 +3822,22 @@ dependencies = [ name = "codex-skills-extension" version = "0.0.0" dependencies = [ - "async-trait", - "codex-core", "codex-core-skills", + "codex-exec-server", "codex-extension-api", + "codex-mcp", "codex-protocol", + "codex-tools", + "codex-utils-absolute-path", + "codex-utils-path-uri", + "codex-utils-string", "pretty_assertions", + "schemars 0.8.22", + "serde", + "serde_json", "tokio", + "tracing", + "url", ] [[package]] @@ -3811,7 +3906,6 @@ dependencies = [ name = "codex-thread-store" version = "0.0.0" dependencies = [ - "async-trait", "chrono", "codex-git-utils", "codex-install-context", @@ -3833,10 +3927,10 @@ dependencies = [ name = "codex-tools" version = "0.0.0" dependencies = [ - "async-trait", "codex-app-server-protocol", "codex-code-mode", "codex-features", + "codex-file-system", "codex-protocol", "codex-utils-absolute-path", "codex-utils-cargo-bin", @@ -4095,6 +4189,21 @@ dependencies = [ "tempfile", ] +[[package]] +name = "codex-utils-path-uri" +version = "0.0.0" +dependencies = [ + "codex-utils-absolute-path", + "pretty_assertions", + "schemars 0.8.22", + "serde", + "serde_json", + "thiserror 2.0.18", + "ts-rs", + "url", + "urlencoding", +] + [[package]] name = "codex-utils-plugins" version = "0.0.0" @@ -4102,6 +4211,7 @@ dependencies = [ "codex-exec-server", "codex-login", "codex-utils-absolute-path", + "codex-utils-path-uri", "serde", "serde_json", "tempfile", @@ -4129,7 +4239,6 @@ name = "codex-utils-readiness" version = "0.0.0" dependencies = [ "assert_matches", - "async-trait", "thiserror 2.0.18", "time", "tokio", @@ -4199,11 +4308,9 @@ dependencies = [ name = "codex-web-search-extension" version = "0.0.0" dependencies = [ - "async-trait", "codex-api", "codex-core", "codex-extension-api", - "codex-features", "codex-login", "codex-model-provider", "codex-model-provider-info", @@ -4232,7 +4339,7 @@ dependencies = [ "dunce", "glob", "pretty_assertions", - "rand 0.8.5", + "rand 0.8.6", "serde", "serde_json", "tempfile", @@ -4486,6 +4593,7 @@ dependencies = [ "codex-exec-server", "codex-extension-api", "codex-features", + "codex-home", "codex-hooks", "codex-login", "codex-model-provider-info", @@ -4493,6 +4601,7 @@ dependencies = [ "codex-protocol", "codex-utils-absolute-path", "codex-utils-cargo-bin", + "codex-utils-path-uri", "ctor 0.6.3", "futures", "notify", @@ -4765,22 +4874,22 @@ dependencies = [ [[package]] name = "ctor" -version = "0.1.26" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d2301688392eb071b0bf1a37be05c469d3cc4dbbd95df672fe28ab021e6a096" +checksum = "424e0138278faeb2b401f174ad17e715c829512d74f3d1e81eb43365c2e0590e" dependencies = [ - "quote", - "syn 1.0.109", + "ctor-proc-macro", + "dtor", ] [[package]] name = "ctor" -version = "0.6.3" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "424e0138278faeb2b401f174ad17e715c829512d74f3d1e81eb43365c2e0590e" +checksum = "6d765eb1c0bda10d31e0ea185f5ee15da532d60b0912d2bd1441783439e749c5" dependencies = [ - "ctor-proc-macro", - "dtor", + "link-section", + "linktime-proc-macro", ] [[package]] @@ -4822,7 +4931,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4848,11 +4957,11 @@ checksum = "b0f4697d190a142477b16aef7da8a99bfdc41e7e8b1687583c0d23a79c7afc1e" dependencies = [ "cc", "codespan-reporting", - "indexmap 2.13.0", + "indexmap 2.14.0", "proc-macro2", "quote", "scratch", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4863,10 +4972,10 @@ checksum = "d0956799fa8678d4c50eed028f2de1c0552ae183c76e976cf7ca8c4e36a7c328" dependencies = [ "clap", "codespan-reporting", - "indexmap 2.13.0", + "indexmap 2.14.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4881,10 +4990,10 @@ version = "1.0.194" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6acc6b5822b9526adfb4fc377b67128fdd60aac757cc4a741a6278603f763cf" dependencies = [ - "indexmap 2.13.0", + "indexmap 2.14.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4928,7 +5037,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.11.1", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4942,7 +5051,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.11.1", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4955,7 +5064,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.11.1", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4966,7 +5075,7 @@ checksum = "fc34b93ccb385b40dc71c6fceac4b2ad23662c7eeb248cf10d529b7e055b6ead" dependencies = [ "darling_core 0.20.11", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4977,7 +5086,7 @@ checksum = "d38308df82d1080de0afee5d069fa14b0326a88c14f15c5ccda35b4a6c414c81" dependencies = [ "darling_core 0.21.3", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -4988,7 +5097,7 @@ checksum = "ac3984ec7bd6cfa798e62b4a642426a5be0e68f9401cfc2a01e3fa9ea2fcdb8d" dependencies = [ "darling_core 0.23.0", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5151,7 +5260,7 @@ checksum = "1e567bd82dcff979e4b03460c307b3cdc9e96fde3d73bed1496d2bc75d9dd62a" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5181,7 +5290,7 @@ dependencies = [ "convert_case 0.6.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "unicode-xid", ] @@ -5195,7 +5304,7 @@ dependencies = [ "proc-macro2", "quote", "rustc_version", - "syn 2.0.114", + "syn 2.0.117", "unicode-xid", ] @@ -5258,7 +5367,7 @@ dependencies = [ "diplomat_core", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5278,7 +5387,7 @@ dependencies = [ "serde", "smallvec", "strck", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5351,7 +5460,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5376,7 +5485,7 @@ checksum = "9556bc800956545d6420a640173e5ba7dfa82f38d3ea5a167eb555bc69ac3323" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5387,7 +5496,7 @@ checksum = "6e39034cee21a2f5bbb66ba0e3689819c4bb5d00382a282006e802a7ffa6c41d" dependencies = [ "cfg-if", "libc", - "socket2 0.6.2", + "socket2 0.6.3", "windows-sys 0.60.2", ] @@ -5450,7 +5559,7 @@ checksum = "83e195b4945e88836d826124af44fdcb262ec01ef94d44f14f4fb5103f19892a" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5527,13 +5636,16 @@ dependencies = [ ] [[package]] -name = "ena" -version = "0.14.3" +name = "embedded-io" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d248bdd43ce613d87415282f69b9bb99d947d290b10962dd6c56233312c2ad5" -dependencies = [ - "log", -] +checksum = "ef1a6892d9eef45c8fa6b9e0086428a2cca8491aca8f787c534a3d6d0bcb3ced" + +[[package]] +name = "embedded-io" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edd0f118536f44f5ccd48bcb8b111bdc3de888b58c74639dfb034a357d0f206d" [[package]] name = "encode_unicode" @@ -5577,7 +5689,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5598,7 +5710,7 @@ checksum = "67c78a4d8fdf9953a5c9d458f9efe940fd97a0cab0941c075a813ac594733827" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5645,6 +5757,17 @@ dependencies = [ "serde", ] +[[package]] +name = "erased-serde" +version = "0.4.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2add8a07dd6a8d93ff627029c51de145e12686fbc36ecb298ac22e74cf02dec" +dependencies = [ + "serde", + "serde_core", + "typeid", +] + [[package]] name = "errno" version = "0.3.14" @@ -5713,13 +5836,24 @@ dependencies = [ "once_cell", ] +[[package]] +name = "fancy-regex" +version = "0.16.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "998b056554fbe42e03ae0e152895cd1a7e1002aec800fdc6635d20270260c46f" +dependencies = [ + "bit-set", + "regex-automata", + "regex-syntax", +] + [[package]] name = "faster-hex" version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7223ae2d2f179b803433d9c830478527e92b8117eab39460edae7f1614d9fb73" dependencies = [ - "heapless", + "heapless 0.8.0", "serde", ] @@ -5749,7 +5883,7 @@ checksum = "a0aca10fb742cb43f9e7bb8467c91aa9bcb8e3ffbc6a6f7389bb93ffc920577d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -5924,6 +6058,15 @@ dependencies = [ "thiserror 1.0.69", ] +[[package]] +name = "fluent-uri" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17c704e9dbe1ddd863da1e6ff3567795087b1eb201ce80d8fa81162e1516500d" +dependencies = [ + "bitflags 1.3.2", +] + [[package]] name = "flume" version = "0.12.0" @@ -6093,7 +6236,7 @@ checksum = "e835b70203e41293343137df5c0664546da5745f82ec9b84d40be8336958447b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -7135,7 +7278,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -7164,7 +7307,7 @@ dependencies = [ "bstr", "log", "regex-automata", - "regex-syntax 0.8.8", + "regex-syntax", ] [[package]] @@ -7210,7 +7353,7 @@ dependencies = [ "futures-core", "futures-sink", "http 1.4.0", - "indexmap 2.13.0", + "indexmap 2.14.0", "slab", "tokio", "tokio-util", @@ -7228,6 +7371,15 @@ dependencies = [ "zerocopy", ] +[[package]] +name = "hash32" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0c35f58762feb77d74ebe43bdbc3210f09be9fe6742234d573bacc26ed92b67" +dependencies = [ + "byteorder", +] + [[package]] name = "hash32" version = "0.3.1" @@ -7248,10 +7400,6 @@ name = "hashbrown" version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" -dependencies = [ - "ahash", - "allocator-api2", -] [[package]] name = "hashbrown" @@ -7275,6 +7423,12 @@ dependencies = [ "foldhash 0.2.0", ] +[[package]] +name = "hashbrown" +version = "0.17.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed5909b6e89a2db4456e54cd5f673791d7eca6732202bbf2a9cc504fe2f9b84a" + [[package]] name = "hashlink" version = "0.11.0" @@ -7308,13 +7462,27 @@ dependencies = [ "http 1.4.0", ] +[[package]] +name = "heapless" +version = "0.7.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdc6457c0eb62c71aac4bc17216026d8410337c4126773b9c5daba343f17964f" +dependencies = [ + "atomic-polyfill", + "hash32 0.2.1", + "rustc_version", + "serde", + "spin", + "stable_deref_trait", +] + [[package]] name = "heapless" version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0bfb9eb618601c89945a70e254898da93b13be0388091d42117462b265bb3fad" dependencies = [ - "hash32", + "hash32 0.3.1", "stable_deref_trait", ] @@ -7613,7 +7781,7 @@ dependencies = [ "libc", "percent-encoding", "pin-project-lite", - "socket2 0.6.2", + "socket2 0.6.3", "system-configuration", "tokio", "tower-service", @@ -7670,7 +7838,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.11.1", - "syn 2.0.114", + "syn 2.0.117", "unic-langid", ] @@ -7684,7 +7852,7 @@ dependencies = [ "i18n-config", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -8022,12 +8190,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.13.0" +version = "2.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7714e70437a7dc3ac8eb7e6f8df75fd8eb422675fc7678aff7364301092b1017" +checksum = "d466e9454f08e4a911e14806c24e16fba1b4c121d1ea474396f396069cf949d9" dependencies = [ "equivalent", - "hashbrown 0.16.1", + "hashbrown 0.17.1", "serde", "serde_core", ] @@ -8093,7 +8261,7 @@ dependencies = [ "indoc", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -8117,9 +8285,9 @@ dependencies = [ [[package]] name = "inventory" -version = "0.3.21" +version = "0.3.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc61209c082fbeb19919bee74b176221b27223e27b65d781eb91af24eb1fb46e" +checksum = "a4f0c30c76f2f4ccee3fe55a2435f691ca00c0e4bd87abe4f4a851b1d4dac39b" dependencies = [ "rustversion", ] @@ -8191,15 +8359,6 @@ version = "1.70.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a6cb138bb79a146c1bd460005623e142ef0181e3d0219cb493e02f7d08a35695" -[[package]] -name = "itertools" -version = "0.10.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" -dependencies = [ - "either", -] - [[package]] name = "itertools" version = "0.11.0" @@ -8262,7 +8421,7 @@ checksum = "2a8c8b344124222efd714b73bb41f8b5120b27a7cc1c75593a6ff768d9d05aa4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -8323,7 +8482,7 @@ dependencies = [ "quote", "rustc_version", "simd_cesu8", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -8348,7 +8507,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "38c0b942f458fe50cdac086d2f946512305e5631e720728f2a61aabcd47a6264" dependencies = [ "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -8439,37 +8598,6 @@ dependencies = [ "static_assertions", ] -[[package]] -name = "lalrpop" -version = "0.19.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a1cbf952127589f2851ab2046af368fd20645491bb4b376f04b7f94d7a9837b" -dependencies = [ - "ascii-canvas", - "bit-set", - "diff", - "ena", - "is-terminal", - "itertools 0.10.5", - "lalrpop-util", - "petgraph 0.6.5", - "regex", - "regex-syntax 0.6.29", - "string_cache", - "term", - "tiny-keccak", - "unicode-xid", -] - -[[package]] -name = "lalrpop-util" -version = "0.19.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3c48237b9604c5a4702de6b824e02006c3214327564636aef27c1028a8fa0ed" -dependencies = [ - "regex", -] - [[package]] name = "landlock" version = "0.4.4" @@ -8501,9 +8629,9 @@ checksum = "09edd9e8b54e49e587e4f6295a7d29c3ea94d469cb40ab8ca70b288248a81db2" [[package]] name = "libc" -version = "0.2.182" +version = "0.2.186" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6800badb6cb2082ffd7b6a67e6125bb39f18782f793520caee8cb8846be06112" +checksum = "68ab91017fe16c622486840e4c83c9a37afeff978bd239b5293d61ece587de66" [[package]] name = "libdbus-sys" @@ -8543,9 +8671,9 @@ dependencies = [ [[package]] name = "libsqlite3-sys" -version = "0.37.0" +version = "0.35.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1f111c8c41e7c61a49cd34e44c7619462967221a6443b0ec299e0ac30cfb9b1" +checksum = "133c182a6a2c87864fe97778797e46c7e999672690dc9fa3ee8e241aa4a9c13f" dependencies = [ "cc", "pkg-config", @@ -8597,12 +8725,24 @@ dependencies = [ "cc", ] +[[package]] +name = "link-section" +version = "0.17.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d1e908a416d6e9f725743b84a36feea40c4c131e805fbc26d61f9f451f36080" + [[package]] name = "linked-hash-map" version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" +[[package]] +name = "linktime-proc-macro" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a44cd706ff0d503ee32b2071166510ca27e281228de10cd3aa8d35ff94560f81" + [[package]] name = "linux-keyutils" version = "0.2.4" @@ -8677,6 +8817,16 @@ dependencies = [ "scopeguard", ] +[[package]] +name = "lock_free_hashtable" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebf3631712f5b790675292ff827af269f5d9f920c920b77dc41d0485e3719612" +dependencies = [ + "atomic", + "parking_lot", +] + [[package]] name = "log" version = "0.4.29" @@ -8685,25 +8835,36 @@ checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897" [[package]] name = "logos" -version = "0.12.1" +version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf8b031682c67a8e3d5446840f9573eb7fe26efe7ec8d195c9ac4c0647c502f1" +checksum = "ff472f899b4ec2d99161c51f60ff7075eeb3097069a36050d8037a6325eb8154" dependencies = [ "logos-derive", ] [[package]] -name = "logos-derive" -version = "0.12.1" +name = "logos-codegen" +version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1d849148dbaf9661a6151d1ca82b13bb4c4c128146a88d05253b38d4e2f496c" +checksum = "192a3a2b90b0c05b27a0b2c43eecdb7c415e29243acc3f89cc8247a5b693045c" dependencies = [ "beef", "fnv", + "lazy_static", "proc-macro2", "quote", - "regex-syntax 0.6.29", - "syn 1.0.109", + "regex-syntax", + "rustc_version", + "syn 2.0.117", +] + +[[package]] +name = "logos-derive" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "605d9697bcd5ef3a42d38efc51541aa3d6a4a25f7ab6d1ed0da5ac632a26b470" +dependencies = [ + "logos-codegen", ] [[package]] @@ -8748,15 +8909,15 @@ checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154" [[package]] name = "lsp-types" -version = "0.94.1" +version = "0.97.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c66bfd44a06ae10647fe3f8214762e9369fd4248df1350924b4ef9e770a85ea1" +checksum = "53353550a17c04ac46c585feb189c2db82154fc84b79c7a66c96c2c644f66071" dependencies = [ "bitflags 1.3.2", + "fluent-uri", "serde", "serde_json", "serde_repr", - "url", ] [[package]] @@ -8824,7 +8985,7 @@ checksum = "5cf92c10c7e361d6b99666ec1c6f9805b0bea2c3bd8c78dc6fe98ac5bd78db11" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -8865,9 +9026,9 @@ checksum = "ae960838283323069879657ca3de837e9f7bbb4c7bf6ea7f1b290d5e9476d2e0" [[package]] name = "memchr" -version = "2.7.6" +version = "2.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f52b00d39961fc5b2736ea853c9cc86238e165017a493d1d5c8eac6bdc4cc273" +checksum = "6b947ae49db0d222b1dbc6b113ce7248a3fc3a6ca21b696717bfc000ba4484d8" [[package]] name = "memmap2" @@ -8878,15 +9039,6 @@ dependencies = [ "libc", ] -[[package]] -name = "memoffset" -version = "0.6.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" -dependencies = [ - "autocfg", -] - [[package]] name = "memoffset" version = "0.9.1" @@ -8930,9 +9082,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a69bcab0ad47271a0234d9422b131806bf3968021e5dc9328caf2d4cd58557fc" +checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1" dependencies = [ "libc", "log", @@ -9022,12 +9174,6 @@ dependencies = [ "jni-sys 0.3.0", ] -[[package]] -name = "new_debug_unreachable" -version = "1.0.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086" - [[package]] name = "nibble_vec" version = "0.1.0" @@ -9059,7 +9205,7 @@ dependencies = [ "cfg-if", "cfg_aliases 0.2.1", "libc", - "memoffset 0.9.1", + "memoffset", ] [[package]] @@ -9182,6 +9328,7 @@ checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9" dependencies = [ "num-integer", "num-traits", + "serde", ] [[package]] @@ -9207,7 +9354,7 @@ checksum = "ed3955f1a9c7c0c15e092f9c887db08b1fc683305fdf6eb6684f22555355e202" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -9279,7 +9426,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -9301,7 +9448,7 @@ dependencies = [ "chrono", "getrandom 0.2.17", "http 1.4.0", - "rand 0.8.5", + "rand 0.8.6", "reqwest 0.12.28", "serde", "serde_json", @@ -9525,9 +9672,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.21.3" +version = "1.21.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" +checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50" dependencies = [ "critical-section", "portable-atomic", @@ -9590,7 +9737,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -9796,6 +9943,53 @@ dependencies = [ "sha2 0.10.9", ] +[[package]] +name = "pagable" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3658968938a4d1eaa1987e69dcd84b01fb067c5b3416dccc8d71373b6ded6821" +dependencies = [ + "allocative", + "anyhow", + "async-trait", + "blake3", + "bytemuck", + "dashmap", + "dupe", + "either", + "erased-serde 0.4.10", + "fancy-regex", + "indexmap 2.14.0", + "inventory", + "num-bigint", + "once_cell", + "pagable_derive", + "parking_lot", + "postcard", + "regex", + "sequence_trie", + "serde", + "serde_json", + "smallvec", + "sorted_vector_map", + "static_assertions", + "static_interner", + "strong_hash", + "take_mut", + "triomphe", +] + +[[package]] +name = "pagable_derive" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "838d17166587914f4e99353766c29160462b681511f08679545a0d07a0dc9415" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.117", +] + [[package]] name = "parking" version = "2.2.1" @@ -9963,7 +10157,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4c5cc86750666a3ed20bdaf5ca2a0344f9c67674cae0515bec2da16fbaa47db" dependencies = [ "fixedbitset 0.4.2", - "indexmap 2.13.0", + "indexmap 2.14.0", ] [[package]] @@ -9974,16 +10168,7 @@ checksum = "8701b58ea97060d5e5b155d383a69952a60943f0e6dfe30b04c287beb0b27455" dependencies = [ "fixedbitset 0.5.7", "hashbrown 0.15.5", - "indexmap 2.13.0", -] - -[[package]] -name = "phf_shared" -version = "0.11.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67eabc2ef2a60eb7faa00097bd1ffdb5bd28e62bf39990626a582201b7a754e5" -dependencies = [ - "siphasher", + "indexmap 2.14.0", ] [[package]] @@ -10003,7 +10188,7 @@ checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -10052,7 +10237,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "740ebea15c5d1428f910cd1a5f52cebf8d25006245ed8ade92702f4943d91e07" dependencies = [ "base64 0.22.1", - "indexmap 2.13.0", + "indexmap 2.14.0", "quick-xml", "serde", "time", @@ -10132,6 +10317,20 @@ dependencies = [ "winreg 0.10.1", ] +[[package]] +name = "postcard" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6764c3b5dd454e283a30e6dfe78e9b31096d9e32036b5d1eaac7a6119ccb9a24" +dependencies = [ + "cobs", + "crc", + "embedded-io 0.4.0", + "embedded-io 0.6.1", + "heapless 0.7.17", + "serde", +] + [[package]] name = "potential_utf" version = "0.1.4" @@ -10158,12 +10357,6 @@ dependencies = [ "zerocopy", ] -[[package]] -name = "precomputed-hash" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" - [[package]] name = "predicates" version = "3.1.3" @@ -10211,7 +10404,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "479ca8adacdd7ce8f1fb39ce9ecccbfe93a3f1344b3d0d97f20bc0196208f62b" dependencies = [ "proc-macro2", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -10251,7 +10444,7 @@ dependencies = [ "proc-macro-error-attr2", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -10270,7 +10463,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fd1395947e69c07400ef4d43db0051d6f773c21f647ad8b97382fc01f0204c60" dependencies = [ "futures", - "indexmap 2.13.0", + "indexmap 2.14.0", "nix 0.30.1", "tokio", "tracing", @@ -10297,7 +10490,7 @@ dependencies = [ "rand 0.9.3", "rand_chacha 0.9.0", "rand_xorshift", - "regex-syntax 0.8.8", + "regex-syntax", "unarray", ] @@ -10328,7 +10521,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22505a5c94da8e3b7c2996394d1c933236c4d743e81a410bcca4e6989fc066a4" dependencies = [ "bytes", - "heck 0.4.1", + "heck 0.5.0", "itertools 0.11.0", "log", "multimap", @@ -10338,7 +10531,7 @@ dependencies = [ "prost 0.12.6", "prost-types 0.12.6", "regex", - "syn 2.0.114", + "syn 2.0.117", "tempfile", ] @@ -10348,7 +10541,7 @@ version = "0.14.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "343d3bd7056eda839b03204e68deff7d1b13aba7af2b2fd16890697274262ee7" dependencies = [ - "heck 0.4.1", + "heck 0.5.0", "itertools 0.14.0", "log", "multimap", @@ -10357,7 +10550,7 @@ dependencies = [ "prost 0.14.3", "prost-types 0.14.3", "regex", - "syn 2.0.114", + "syn 2.0.117", "tempfile", ] @@ -10371,7 +10564,7 @@ dependencies = [ "itertools 0.11.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -10384,7 +10577,7 @@ dependencies = [ "itertools 0.14.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -10474,6 +10667,17 @@ dependencies = [ "serde", ] +[[package]] +name = "quickcheck" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95c589f335db0f6aaa168a7cd27b1fc6920f5e1470c804f814d9cd6e62a0f70b" +dependencies = [ + "env_logger", + "log", + "rand 0.10.1", +] + [[package]] name = "quinn" version = "0.11.9" @@ -10487,7 +10691,7 @@ dependencies = [ "quinn-udp", "rustc-hash 2.1.1", "rustls", - "socket2 0.6.2", + "socket2 0.6.3", "thiserror 2.0.18", "tokio", "tracing", @@ -10525,16 +10729,16 @@ dependencies = [ "cfg_aliases 0.2.1", "libc", "once_cell", - "socket2 0.6.2", + "socket2 0.6.3", "tracing", "windows-sys 0.60.2", ] [[package]] name = "quote" -version = "1.0.44" +version = "1.0.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4" +checksum = "41f2619966050689382d2b44f664f4bc593e129785a36d6ee376ddf37259b924" dependencies = [ "proc-macro2", ] @@ -10681,7 +10885,7 @@ dependencies = [ "futures-channel", "httparse", "httpdate", - "indexmap 2.13.0", + "indexmap 2.14.0", "itoa", "parking_lot", "pin-project-lite", @@ -10756,7 +10960,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -10783,7 +10987,7 @@ dependencies = [ "rama-utils", "serde", "sha2 0.10.9", - "socket2 0.6.2", + "socket2 0.6.3", "tokio", ] @@ -10883,9 +11087,9 @@ dependencies = [ [[package]] name = "rand" -version = "0.8.5" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a" dependencies = [ "libc", "rand_chacha 0.3.1", @@ -11086,7 +11290,7 @@ checksum = "b7186006dcb21920990093f30e3dea63b7d6e977bf1256be20c3563a5db070da" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -11098,7 +11302,7 @@ dependencies = [ "aho-corasick", "memchr", "regex-automata", - "regex-syntax 0.8.8", + "regex-syntax", ] [[package]] @@ -11109,7 +11313,7 @@ checksum = "5276caf25ac86c8d810222b3dbb938e512c55c6831a10f3e6ed1c93b84041f1c" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.8", + "regex-syntax", ] [[package]] @@ -11118,12 +11322,6 @@ version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d942b98df5e658f56f20d592c7f868833fe38115e65c33003d8cd224b0155da" -[[package]] -name = "regex-syntax" -version = "0.6.29" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" - [[package]] name = "regex-syntax" version = "0.8.8" @@ -11306,7 +11504,7 @@ dependencies = [ "proc-macro2", "quote", "serde_json", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -11340,7 +11538,7 @@ dependencies = [ "proc-macro2", "quote", "rust-embed-utils", - "syn 2.0.114", + "syn 2.0.117", "walkdir", ] @@ -11482,7 +11680,7 @@ dependencies = [ "security-framework 3.5.1", "security-framework-sys", "webpki-root-certs", - "windows-sys 0.52.0", + "windows-sys 0.61.2", ] [[package]] @@ -11662,7 +11860,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -11674,7 +11872,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -11757,7 +11955,7 @@ dependencies = [ "hkdf 0.12.4", "num", "once_cell", - "rand 0.8.5", + "rand 0.8.6", "serde", "sha2 0.10.9", "zbus", @@ -11941,6 +12139,12 @@ dependencies = [ "uuid", ] +[[package]] +name = "sequence_trie" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ee22067b7ccd072eeb64454b9c6e1b33b61cd0d49e895fd48676a184580e0c3" + [[package]] name = "serde" version = "1.0.228" @@ -11968,7 +12172,7 @@ checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -11979,7 +12183,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -11989,7 +12193,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2acf96b1d9364968fce46ebb548f1c0e1d7eceae27bdff73865d42e6c7369d94" dependencies = [ "form_urlencoded", - "indexmap 2.13.0", + "indexmap 2.14.0", "itoa", "ryu", "serde_core", @@ -12011,7 +12215,7 @@ version = "1.0.149" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "83fc039473c5595ace860d8c4fafa220ff474b3fc6bfdb4293327f1a37e94d86" dependencies = [ - "indexmap 2.13.0", + "indexmap 2.14.0", "itoa", "memchr", "serde", @@ -12038,7 +12242,7 @@ checksum = "175ee3e80ae9982737ca543e96133087cbd9a485eecc3bc4de9c1a37b47ea59c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12072,7 +12276,7 @@ dependencies = [ "chrono", "hex", "indexmap 1.9.3", - "indexmap 2.13.0", + "indexmap 2.14.0", "schemars 0.9.0", "schemars 1.2.1", "serde_core", @@ -12090,7 +12294,7 @@ dependencies = [ "darling 0.21.3", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12099,7 +12303,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.13.0", + "indexmap 2.14.0", "itoa", "ryu", "serde", @@ -12140,7 +12344,7 @@ checksum = "6f50427f258fb77356e4cd4aa0e87e2bd2c66dbcee41dc405282cae2bfc26c83" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12315,12 +12519,6 @@ dependencies = [ "time", ] -[[package]] -name = "siphasher" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b2aa850e253778c88a04c3d7323b043aeda9d3e30d5971937c1855769763678e" - [[package]] name = "slab" version = "0.4.12" @@ -12364,12 +12562,22 @@ dependencies = [ [[package]] name = "socket2" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86f4aa3ad99f2088c990dfa82d367e19cb29268ed67c574d10d0a4bfe71f07e0" +checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e" dependencies = [ "libc", - "windows-sys 0.60.2", + "windows-sys 0.61.2", +] + +[[package]] +name = "sorted_vector_map" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94bf565ee1681b4473aa5a9d71d807347c28021bd1d8947cb626b02f42a0141f" +dependencies = [ + "itertools 0.14.0", + "quickcheck", ] [[package]] @@ -12424,7 +12632,7 @@ dependencies = [ "futures-util", "hashbrown 0.16.1", "hashlink", - "indexmap 2.13.0", + "indexmap 2.14.0", "log", "memchr", "percent-encoding", @@ -12453,7 +12661,7 @@ dependencies = [ "quote", "sqlx-core", "sqlx-macros-core", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12476,7 +12684,7 @@ dependencies = [ "sqlx-mysql", "sqlx-postgres", "sqlx-sqlite", - "syn 2.0.114", + "syn 2.0.117", "thiserror 2.0.18", "tokio", "url", @@ -12597,29 +12805,33 @@ checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" [[package]] name = "starlark" -version = "0.13.0" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f53849859f05d9db705b221bd92eede93877fd426c1b4a3c3061403a5912a8f" +checksum = "9062e866918dc4c9701c98ac99f7f4fa9e4b3b4edce306e147393bc75458c4fc" dependencies = [ "allocative", "anyhow", + "blake3", "bumpalo", "cmp_any", + "dashmap", "debugserver-types", "derivative", "derive_more 1.0.0", "display_container", "dupe", "either", - "erased-serde", - "hashbrown 0.14.5", + "erased-serde 0.3.31", + "hashbrown 0.16.1", + "indexmap 2.14.0", "inventory", - "itertools 0.13.0", + "itertools 0.14.0", "maplit", - "memoffset 0.6.5", + "memoffset", "num-bigint", "num-traits", "once_cell", + "pagable", "paste", "ref-cast", "regex", @@ -12630,42 +12842,45 @@ dependencies = [ "starlark_map", "starlark_syntax", "static_assertions", + "strong_hash", "strsim 0.10.0", "textwrap 0.11.0", - "thiserror 1.0.69", + "thiserror 2.0.18", ] [[package]] name = "starlark_derive" -version = "0.13.0" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe58bc6c8b7980a1fe4c9f8f48200c3212db42ebfe21ae6a0336385ab53f082a" +checksum = "797e235eb70936bfa14fabf490bf7453e6f0caaf6b9c56fe4c9aff02aee7e66d" dependencies = [ "dupe", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] name = "starlark_map" -version = "0.13.0" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92659970f120df0cc1c0bb220b33587b7a9a90e80d4eecc5c5af5debb950173d" +checksum = "234877898fd216af93b2f5798b08cbbdc1a2e8f16a622a258b1db23a61a1c4ba" dependencies = [ "allocative", "dupe", "equivalent", "fxhash", - "hashbrown 0.14.5", + "hashbrown 0.16.1", + "pagable", "serde", + "strong_hash", ] [[package]] name = "starlark_syntax" -version = "0.13.0" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe53b3690d776aafd7cb6b9fed62d94f83280e3b87d88e3719cc0024638461b3" +checksum = "7492c571c531e68099c911cfd909d32659f1cc0910cf3adee9fce66e39d21f14" dependencies = [ "allocative", "annotate-snippets", @@ -12673,16 +12888,15 @@ dependencies = [ "derivative", "derive_more 1.0.0", "dupe", - "lalrpop", - "lalrpop-util", "logos", "lsp-types", "memchr", "num-bigint", "num-traits", "once_cell", + "pagable", "starlark_map", - "thiserror 1.0.69", + "thiserror 2.0.18", ] [[package]] @@ -12691,6 +12905,16 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" +[[package]] +name = "static_interner" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fab44341fbf4deae6e8d5ab450f24e1b34e0b2439d39ac0e9b5215a4e5493263" +dependencies = [ + "equivalent", + "lock_free_hashtable", +] + [[package]] name = "stop-words" version = "0.9.0" @@ -12715,18 +12939,6 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2b2231b7c3057d5e4ad0156fb3dc807d900806020c5ffa3ee6ff2c8c76fb8520" -[[package]] -name = "string_cache" -version = "0.8.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf776ba3fa74f83bf4b63c3dcbbf82173db2632ed8452cb2d891d33f459de70f" -dependencies = [ - "new_debug_unreachable", - "parking_lot", - "phf_shared", - "precomputed-hash", -] - [[package]] name = "stringprep" version = "0.1.5" @@ -12738,6 +12950,26 @@ dependencies = [ "unicode-properties", ] +[[package]] +name = "strong_hash" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0831334aea34390b6b6ec7af0a27f9ee6324ad3a69463e6b240d83d6b7bce9c9" +dependencies = [ + "ref-cast", + "strong_hash_derive", +] + +[[package]] +name = "strong_hash_derive" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ace6b48b7c4383a39bd3b966cca41bc999003aab9f690a2f355525c924296928" +dependencies = [ + "quote", + "syn 2.0.117", +] + [[package]] name = "strsim" version = "0.10.0" @@ -12778,7 +13010,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12790,7 +13022,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12802,7 +13034,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12843,9 +13075,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.114" +version = "2.0.117" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4d107df263a3013ef9b1879b0df87d706ff80f65a86ea879bd9c31f9b307c2a" +checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99" dependencies = [ "proc-macro2", "quote", @@ -12869,7 +13101,7 @@ checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -12884,7 +13116,7 @@ dependencies = [ "once_cell", "onig", "plist", - "regex-syntax 0.8.8", + "regex-syntax", "serde", "serde_derive", "serde_json", @@ -12942,6 +13174,12 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7b2093cf4c8eb1e67749a6762251bc9cd836b6fc171623bd0a9d324d37af2417" +[[package]] +name = "take_mut" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f764005d11ee5f36500a149ace24e00e3da98b0158b3e2d53a7495660d3f4d60" + [[package]] name = "tar" version = "0.4.45" @@ -13005,17 +13243,6 @@ dependencies = [ "writeable", ] -[[package]] -name = "term" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c59df8ac95d96ff9bede18eb7300b0fda5e5d8d90960e76f8e14ae765eedbf1f" -dependencies = [ - "dirs-next", - "rustversion", - "winapi", -] - [[package]] name = "termcolor" version = "1.4.1" @@ -13059,7 +13286,7 @@ dependencies = [ "cfg-if", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13070,7 +13297,7 @@ checksum = "5c89e72a01ed4c579669add59014b9a524d609c0c88c6a585ce37485879f6ffb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "test-case-core", ] @@ -13093,7 +13320,7 @@ checksum = "be35209fd0781c5401458ab66e4f98accf63553e8fae7425503e92fdd319783b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13142,7 +13369,7 @@ checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13153,7 +13380,7 @@ checksum = "ebc4ee7f67670e9b64d05fa4253e753e016c6c95ff35b89b7941d6b856dec1d5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13224,15 +13451,6 @@ dependencies = [ "zoneinfo64", ] -[[package]] -name = "tiny-keccak" -version = "2.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" -dependencies = [ - "crunchy", -] - [[package]] name = "tiny_http" version = "0.12.0" @@ -13273,9 +13491,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.49.0" +version = "1.52.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72a2903cd7736441aac9df9d7688bd0ce48edccaadf181c3b90be801e81d3d86" +checksum = "8fc7f01b389ac15039e4dc9531aa973a135d7a4135281b12d7c1bc79fd57fffe" dependencies = [ "bytes", "libc", @@ -13283,7 +13501,7 @@ dependencies = [ "parking_lot", "pin-project-lite", "signal-hook-registry", - "socket2 0.6.2", + "socket2 0.6.3", "tokio-macros", "windows-sys 0.61.2", ] @@ -13303,13 +13521,13 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "2.6.0" +version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af407857209536a95c8e56f8231ef2c2e2aff839b22e07a1ffcbc617e9db9fa5" +checksum = "385a6cb71ab9ab790c5fe8d67f1645e6c450a7ce006a33de03daa956cf70a496" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13401,7 +13619,7 @@ version = "0.9.11+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3afc9a848309fe1aaffaed6e1546a7a14de1f935dc9d89d32afd9a44bab7c46" dependencies = [ - "indexmap 2.13.0", + "indexmap 2.14.0", "serde_core", "serde_spanned", "toml_datetime", @@ -13425,7 +13643,7 @@ version = "0.23.10+spec-1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "84c8b9f757e028cee9fa244aea147aab2a9ec09d5325a9b01e0a49730c2b5269" dependencies = [ - "indexmap 2.13.0", + "indexmap 2.14.0", "toml_datetime", "toml_parser", "winnow", @@ -13437,7 +13655,7 @@ version = "0.24.0+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c740b185920170a6d9191122cafef7010bd6270a3824594bff6784c04d7f09e" dependencies = [ - "indexmap 2.13.0", + "indexmap 2.14.0", "toml_datetime", "toml_parser", "toml_writer", @@ -13479,7 +13697,7 @@ dependencies = [ "percent-encoding", "pin-project", "rustls-native-certs", - "socket2 0.6.2", + "socket2 0.6.3", "sync_wrapper", "tokio", "tokio-rustls", @@ -13499,7 +13717,7 @@ dependencies = [ "prettyplease", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13524,7 +13742,7 @@ dependencies = [ "prost-build 0.14.3", "prost-types 0.14.3", "quote", - "syn 2.0.114", + "syn 2.0.117", "tempfile", "tonic-build", ] @@ -13537,7 +13755,7 @@ checksum = "ebe5ef63511595f1344e2d5cfa636d973292adc0eec1f0ad45fae9f0851ab1d4" dependencies = [ "futures-core", "futures-util", - "indexmap 2.13.0", + "indexmap 2.14.0", "pin-project-lite", "slab", "sync_wrapper", @@ -13610,7 +13828,7 @@ checksum = "7490cfa5ec963746568740651ac6781f701c9c5ea257c58e057f3ba8cf69e8da" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13709,7 +13927,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04659ddb06c87d233c566112c1c9c5b9e98256d9af50ec3bc9c8327f873a7568" dependencies = [ "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -13720,7 +13938,7 @@ checksum = "78f873475d258561b06f1c595d93308a7ed124d9977cb26b148c2084a4a3cc87" dependencies = [ "cc", "regex", - "regex-syntax 0.8.8", + "regex-syntax", "serde_json", "streaming-iterator", "tree-sitter-language", @@ -13753,6 +13971,16 @@ dependencies = [ "petgraph 0.8.3", ] +[[package]] +name = "triomphe" +version = "0.1.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd69c5aa8f924c7519d6372789a74eac5b94fb0f8fcf0d4a97eb0bfc3e785f39" +dependencies = [ + "serde", + "stable_deref_trait", +] + [[package]] name = "try-lock" version = "0.2.5" @@ -13779,7 +14007,7 @@ checksum = "ee6ff59666c9cbaec3533964505d39154dc4e0a56151fdea30a09ed0301f62e2" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "termcolor", ] @@ -13823,6 +14051,12 @@ dependencies = [ "rustc-hash 2.1.1", ] +[[package]] +name = "typeid" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc7d623258602320d5c55d1bc22793b57daff0ec7efc270ea7d55ce1d5f5471c" + [[package]] name = "typenum" version = "1.20.0" @@ -13835,7 +14069,7 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "89daebc3e6fd160ac4aa9fc8b3bf71e1f74fbf92367ae71fb83a037e8bf164b9" dependencies = [ - "memoffset 0.9.1", + "memoffset", "tempfile", "winapi", ] @@ -14063,9 +14297,9 @@ dependencies = [ [[package]] name = "v8" -version = "147.4.0" +version = "149.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2df8fffd507fb18ed000673a83d937f58e60fb07f3306b2274284125b15137cd" +checksum = "46dccf61a364b61bbaac70a8ba64a1a1006e87123b7d62eaeec999a3ba31ecdb" dependencies = [ "bindgen", "bitflags 2.10.0", @@ -14233,7 +14467,7 @@ dependencies = [ "bumpalo", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "wasm-bindgen-shared", ] @@ -14263,7 +14497,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bb0e353e6a2fbdc176932bbaab493762eb1255a7900fe0fea1a2f96c296cc909" dependencies = [ "anyhow", - "indexmap 2.13.0", + "indexmap 2.14.0", "wasm-encoder", "wasmparser", ] @@ -14302,7 +14536,7 @@ checksum = "47b807c72e1bac69382b3a6fb3dbe8ea4c0ed87ff5629b8685ae6b9a611028fe" dependencies = [ "bitflags 2.10.0", "hashbrown 0.15.5", - "indexmap 2.13.0", + "indexmap 2.14.0", "semver", ] @@ -14652,7 +14886,7 @@ checksum = "2bbd5b46c938e506ecbce286b6628a02171d56153ba733b6c741fc627ec9579b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -14663,7 +14897,7 @@ checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -14674,7 +14908,7 @@ checksum = "053c4c462dc91d3b1504c6fe5a726dd15e216ba718e84a0e46a88fbe5ded3515" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -14685,7 +14919,7 @@ checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -15158,9 +15392,9 @@ checksum = "b7c566e0f4b284dd6561c786d9cb0142da491f46a9fbed79ea69cdad5db17f21" dependencies = [ "anyhow", "heck 0.5.0", - "indexmap 2.13.0", + "indexmap 2.14.0", "prettyplease", - "syn 2.0.114", + "syn 2.0.117", "wasm-metadata", "wit-bindgen-core", "wit-component", @@ -15176,7 +15410,7 @@ dependencies = [ "prettyplease", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "wit-bindgen-core", "wit-bindgen-rust", ] @@ -15189,7 +15423,7 @@ checksum = "9d66ea20e9553b30172b5e831994e35fbde2d165325bec84fc43dbf6f4eb9cb2" dependencies = [ "anyhow", "bitflags 2.10.0", - "indexmap 2.13.0", + "indexmap 2.14.0", "log", "serde", "serde_derive", @@ -15208,7 +15442,7 @@ checksum = "ecc8ac4bc1dc3381b7f59c34f00b67e18f910c2c0f50015669dde7def656a736" dependencies = [ "anyhow", "id-arena", - "indexmap 2.13.0", + "indexmap 2.14.0", "log", "semver", "serde", @@ -15358,7 +15592,7 @@ checksum = "de844c262c8848816172cef550288e7dc6c7b7814b4ee56b3e1553f275f1858e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "synstructure", ] @@ -15386,7 +15620,7 @@ dependencies = [ "hex", "nix 0.29.0", "ordered-stream", - "rand 0.8.5", + "rand 0.8.6", "serde", "serde_repr", "sha1 0.10.6", @@ -15409,7 +15643,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "zvariant_utils", ] @@ -15441,7 +15675,7 @@ checksum = "1328722bbf2115db7e19d69ebcc15e795719e2d66b60827c6a69a117365e37a0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -15461,7 +15695,7 @@ checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "synstructure", ] @@ -15482,7 +15716,7 @@ checksum = "85a5b4158499876c763cb03bc4e49185d3cccbabb15b33c627f7884f43db852e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -15517,7 +15751,7 @@ checksum = "625dc425cab0dca6dc3c3319506e6593dcb08a9f387ea3b284dbd52a92c40555" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] [[package]] @@ -15557,7 +15791,7 @@ dependencies = [ "flate2", "getrandom 0.3.4", "hmac 0.12.1", - "indexmap 2.13.0", + "indexmap 2.14.0", "lzma-rs", "memchr", "pbkdf2 0.12.2", @@ -15706,7 +15940,7 @@ dependencies = [ "proc-macro-crate", "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", "zvariant_utils", ] @@ -15718,5 +15952,5 @@ checksum = "c51bcff7cc3dbb5055396bcf774748c3dab426b4b8659046963523cee4808340" dependencies = [ "proc-macro2", "quote", - "syn 2.0.114", + "syn 2.0.117", ] diff --git a/codex-rs/Cargo.toml b/codex-rs/Cargo.toml index 15e0e2c0102..bdbdf4de158 100644 --- a/codex-rs/Cargo.toml +++ b/codex-rs/Cargo.toml @@ -21,6 +21,7 @@ members = [ "install-context", "codex-backend-openapi-models", "code-mode", + "codex-home", "cloud-config", "cloud-tasks", "cloud-tasks-client", @@ -49,6 +50,7 @@ members = [ "ext/guardian", "ext/image-generation", "ext/memories", + "ext/mcp", "ext/skills", "ext/web-search", "external-agent-migration", @@ -83,7 +85,9 @@ members = [ "tools", "v8-poc", "utils/absolute-path", + "utils/path-uri", "utils/cargo-bin", + "utils/file-lock", "git-utils", "utils/cache", "utils/image", @@ -120,7 +124,7 @@ members = [ resolver = "2" [workspace.package] -version = "0.0.0" +version = "0.140.0-alpha.14" # Track the edition for all workspace crates in one place. Individual # crates can still override this value, but keeping it here means new # crates created with `cargo new -w ...` automatically inherit the 2024 @@ -155,6 +159,7 @@ codex-cloud-config = { path = "cloud-config" } codex-cloud-tasks-client = { path = "cloud-tasks-client" } codex-cloud-tasks-mock-client = { path = "cloud-tasks-mock-client" } codex-code-mode = { path = "code-mode" } +codex-home = { path = "codex-home" } codex-config = { path = "config" } codex-connectors = { path = "connectors" } codex-context-fragments = { path = "context-fragments" } @@ -190,6 +195,7 @@ codex-web-search-extension = { path = "ext/web-search" } codex-memories-read = { path = "memories/read" } codex-memories-write = { path = "memories/write" } codex-mcp = { path = "codex-mcp" } +codex-mcp-extension = { path = "ext/mcp" } codex-mcp-server = { path = "mcp-server" } codex-model-provider-info = { path = "model-provider-info" } codex-models-manager = { path = "models-manager" } @@ -211,6 +217,7 @@ codex-sandboxing = { path = "sandboxing" } codex-secrets = { path = "secrets" } codex-shell-command = { path = "shell-command" } codex-shell-escalation = { path = "shell-escalation" } +codex-skills-extension = { path = "ext/skills" } codex-skills = { path = "skills" } codex-state = { path = "state" } codex-stdio-to-uds = { path = "stdio-to-uds" } @@ -226,6 +233,7 @@ codex-utils-cache = { path = "utils/cache" } codex-utils-cargo-bin = { path = "utils/cargo-bin" } codex-utils-cli = { path = "utils/cli" } codex-utils-elapsed = { path = "utils/elapsed" } +codex-utils-file-lock = { path = "utils/file-lock" } codex-utils-fuzzy-match = { path = "utils/fuzzy-match" } codex-utils-home-dir = { path = "utils/home-dir" } codex-utils-image = { path = "utils/image" } @@ -233,6 +241,7 @@ codex-utils-json-to-toml = { path = "utils/json-to-toml" } codex-utils-oss = { path = "utils/oss" } codex-utils-output-truncation = { path = "utils/output-truncation" } codex-utils-path = { path = "utils/path-utils" } +codex-utils-path-uri = { path = "utils/path-uri" } codex-utils-plugins = { path = "utils/plugins" } codex-utils-pty = { path = "utils/pty" } codex-utils-rustls-provider = { path = "utils/rustls-provider" } @@ -258,7 +267,6 @@ assert_matches = "1.5.0" async-channel = "2.3.1" async-io = "2.6.0" async-stream = "0.3.6" -async-trait = "0.1.89" aws-config = "1" aws-credential-types = "1" aws-sigv4 = "1" @@ -384,7 +392,7 @@ sqlx = { version = "0.9.0", default-features = false, features = [ "time", "uuid", ] } -starlark = "0.13.0" +starlark = { version = "0.14.2", default-features = false } strum = "0.27.2" strum_macros = "0.28.0" supports-color = "3.0.2" @@ -424,7 +432,7 @@ unicode-width = "0.2" url = "2" urlencoding = "2.1" uuid = "1" -v8 = "=147.4.0" +v8 = "=149.2.0" vt100 = "0.16.2" walkdir = "2.5.0" webbrowser = "1.0" @@ -483,7 +491,6 @@ unwrap_used = "deny" [workspace.metadata.cargo-shear] ignored = [ "codex-agent-graph-store", - "codex-goal-extension", "icu_provider", "openssl-sys", "codex-v8-poc", @@ -501,14 +508,15 @@ debug = "none" strip = "symbols" [profile.release] -lto = "fat" +lto = "thin" +debug = "line-tables-only" split-debuginfo = "off" -# Because we bundle some of these executables with the TypeScript CLI, we -# remove everything to make the binary as small as possible. -strip = "symbols" +# Keep release binaries symbolicateable until packaging has archived the +# sidecar symbols and stripped the binaries. +strip = false -# See https://github.com/openai/codex/issues/1411 for details. -codegen-units = 1 +# Balance parallel release code generation against binary size. +codegen-units = 4 [profile.profiling] inherits = "release" diff --git a/codex-rs/README.md b/codex-rs/README.md index 18bffd9f642..8c2ae94040d 100644 --- a/codex-rs/README.md +++ b/codex-rs/README.md @@ -1,99 +1,3 @@ -# Codex CLI (Rust Implementation) +# Codex CLI -We provide Codex CLI as a standalone executable to ensure a zero-dependency install. - -## Installing Codex - -Today, the easiest way to install Codex is via `npm`: - -```shell -npm i -g @openai/codex -codex -``` - -You can also install via Homebrew (`brew install --cask codex`) or download a platform-specific release directly from our [GitHub Releases](https://github.com/openai/codex/releases). - -## Documentation quickstart - -- First run with Codex? Start with [`docs/getting-started.md`](../docs/getting-started.md) (links to the walkthrough for prompts, keyboard shortcuts, and session management). -- Want deeper control? See [`docs/config.md`](../docs/config.md) and [`docs/install.md`](../docs/install.md). - -## What's new in the Rust CLI - -The Rust implementation is now the maintained Codex CLI and serves as the default experience. It includes a number of features that the legacy TypeScript CLI never supported. - -### Config - -Codex supports a rich set of configuration options. Note that the Rust CLI uses `config.toml` instead of `config.json`. See [`docs/config.md`](../docs/config.md) for details. - -### Model Context Protocol Support - -#### MCP client - -Codex CLI functions as an MCP client that allows the Codex CLI and IDE extension to connect to MCP servers on startup. See the [`configuration documentation`](../docs/config.md#connecting-to-mcp-servers) for details. - -#### MCP server (experimental) - -Codex can be launched as an MCP _server_ by running `codex mcp-server`. This allows _other_ MCP clients to use Codex as a tool for another agent. - -Use the [`@modelcontextprotocol/inspector`](https://github.com/modelcontextprotocol/inspector) to try it out: - -```shell -npx @modelcontextprotocol/inspector codex mcp-server -``` - -Use `codex mcp` to add/list/get/remove MCP server launchers defined in `config.toml`, and `codex mcp-server` to run the MCP server directly. - -### Notifications - -You can enable notifications by configuring a script that is run whenever the agent finishes a turn. The [notify documentation](../docs/config.md#notify) includes a detailed example that explains how to get desktop notifications via [terminal-notifier](https://github.com/julienXX/terminal-notifier) on macOS. When Codex detects that it is running under WSL 2 inside Windows Terminal (`WT_SESSION` is set), the TUI automatically falls back to native Windows toast notifications so approval prompts and completed turns surface even though Windows Terminal does not implement OSC 9. - -### `codex exec` to run Codex programmatically/non-interactively - -To run Codex non-interactively, run `codex exec PROMPT` (you can also pass the prompt via `stdin`) and Codex will work on your task until it decides that it is done and exits. If you provide both a prompt argument and piped stdin, Codex appends stdin as a `` block after the prompt so patterns like `echo "my output" | codex exec "Summarize this concisely"` work naturally. Output is printed to the terminal directly. You can set the `RUST_LOG` environment variable to see more about what's going on. -Use `codex exec --ephemeral ...` to run without persisting session rollout files to disk. - -### Experimenting with the Codex Sandbox - -To test to see what happens when a command is run under the sandbox provided by Codex, use the `sandbox` subcommand in Codex CLI: - -``` -# Uses the sandbox implementation for the current host OS: -# Seatbelt on macOS, the Linux sandbox on Linux, and Windows restricted token on Windows. -codex sandbox [COMMAND]... - -# macOS-only diagnostic option -codex sandbox --log-denials [COMMAND]... -``` - -`codex sandbox` also accepts `--profile NAME` (`-p NAME`) to layer -`$CODEX_HOME/NAME.config.toml` onto the base user config for the sandboxed -command. - -### Selecting a sandbox policy via `--sandbox` - -The Rust CLI exposes a dedicated `--sandbox` (`-s`) flag that lets you pick the sandbox policy **without** having to reach for the generic `-c/--config` option: - -```shell -# Run Codex with the default, read-only sandbox -codex --sandbox read-only - -# Allow the agent to write within the current workspace while still blocking network access -codex --sandbox workspace-write - -# Danger! Disable sandboxing entirely (only do this if you are already running in a container or other isolated env) -codex --sandbox danger-full-access -``` - -In `workspace-write`, Codex also includes `~/.codex/memories` in its writable roots so memory maintenance does not require an extra approval. - -## Code Organization - -This folder is the root of a Cargo workspace. It contains quite a bit of experimental code, but here are the key crates: - -- [`core/`](./core) contains the business logic for Codex. Ultimately, we hope this becomes a library crate that is generally useful for building other Rust/native applications that use Codex. -- [`exec/`](./exec) "headless" CLI for use in automation. -- [`tui/`](./tui) CLI that launches a fullscreen TUI built with [Ratatui](https://ratatui.rs/). -- [`cli/`](./cli) CLI multitool that provides the aforementioned CLIs via subcommands. - -If you want to contribute or inspect behavior in detail, start by reading the module-level `README.md` files under each crate and run the project workspace from the top-level `codex-rs` directory so shared config, features, and build scripts stay aligned. +[**Codex CLI Documentation**](https://developers.openai.com/codex/cli) diff --git a/codex-rs/agent-graph-store/Cargo.toml b/codex-rs/agent-graph-store/Cargo.toml index 9ecd827194b..f676959add7 100644 --- a/codex-rs/agent-graph-store/Cargo.toml +++ b/codex-rs/agent-graph-store/Cargo.toml @@ -13,7 +13,6 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } codex-protocol = { workspace = true } codex-state = { workspace = true } serde = { workspace = true, features = ["derive"] } diff --git a/codex-rs/agent-graph-store/src/local.rs b/codex-rs/agent-graph-store/src/local.rs index f45874855c6..b90aaf4f478 100644 --- a/codex-rs/agent-graph-store/src/local.rs +++ b/codex-rs/agent-graph-store/src/local.rs @@ -1,4 +1,3 @@ -use async_trait::async_trait; use codex_protocol::ThreadId; use codex_state::StateRuntime; use std::sync::Arc; @@ -29,7 +28,6 @@ impl LocalAgentGraphStore { } } -#[async_trait] impl AgentGraphStore for LocalAgentGraphStore { async fn upsert_thread_spawn_edge( &self, diff --git a/codex-rs/agent-graph-store/src/store.rs b/codex-rs/agent-graph-store/src/store.rs index c421182110f..2e0ba20733b 100644 --- a/codex-rs/agent-graph-store/src/store.rs +++ b/codex-rs/agent-graph-store/src/store.rs @@ -1,4 +1,3 @@ -use async_trait::async_trait; use codex_protocol::ThreadId; use crate::AgentGraphStoreResult; @@ -8,38 +7,37 @@ use crate::ThreadSpawnEdgeStatus; /// /// Implementations are expected to return stable ordering for list methods so callers can merge /// persisted graph state with live in-memory state without introducing nondeterministic output. -#[async_trait] pub trait AgentGraphStore: Send + Sync { /// Insert or replace the directional parent/child edge for a spawned thread. /// /// `child_thread_id` has at most one persisted parent. Re-inserting the same child should /// update both the parent and status to match the supplied values. - async fn upsert_thread_spawn_edge( + fn upsert_thread_spawn_edge( &self, parent_thread_id: ThreadId, child_thread_id: ThreadId, status: ThreadSpawnEdgeStatus, - ) -> AgentGraphStoreResult<()>; + ) -> impl std::future::Future> + Send; /// Update the persisted lifecycle status of a spawned thread's incoming edge. /// /// Implementations should treat missing children as a successful no-op. - async fn set_thread_spawn_edge_status( + fn set_thread_spawn_edge_status( &self, child_thread_id: ThreadId, status: ThreadSpawnEdgeStatus, - ) -> AgentGraphStoreResult<()>; + ) -> impl std::future::Future> + Send; /// List direct spawned children of a parent thread. /// /// When `status_filter` is `Some`, only child edges with that exact status are returned. When /// it is `None`, all direct child edges are returned regardless of status, including statuses /// that may be added by a future store implementation. - async fn list_thread_spawn_children( + fn list_thread_spawn_children( &self, parent_thread_id: ThreadId, status_filter: Option, - ) -> AgentGraphStoreResult>; + ) -> impl std::future::Future>> + Send; /// List spawned descendants breadth-first by depth, then by thread id. /// @@ -47,9 +45,9 @@ pub trait AgentGraphStore: Send + Sync { /// For example, `Some(Open)` walks only open edges, so descendants under a closed edge are not /// included even if their own incoming edge is open. `None` walks and returns every persisted /// edge regardless of status. - async fn list_thread_spawn_descendants( + fn list_thread_spawn_descendants( &self, root_thread_id: ThreadId, status_filter: Option, - ) -> AgentGraphStoreResult>; + ) -> impl std::future::Future>> + Send; } diff --git a/codex-rs/analytics/Cargo.toml b/codex-rs/analytics/Cargo.toml index 918e7edc720..85464274692 100644 --- a/codex-rs/analytics/Cargo.toml +++ b/codex-rs/analytics/Cargo.toml @@ -19,6 +19,7 @@ codex-login = { workspace = true } codex-model-provider = { workspace = true } codex-plugin = { workspace = true } codex-protocol = { workspace = true } +codex-state = { workspace = true } os_info = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } diff --git a/codex-rs/analytics/src/analytics_client_tests.rs b/codex-rs/analytics/src/analytics_client_tests.rs index 59e3f50467a..c0983a3dba8 100644 --- a/codex-rs/analytics/src/analytics_client_tests.rs +++ b/codex-rs/analytics/src/analytics_client_tests.rs @@ -43,6 +43,7 @@ use crate::facts::AppInvocation; use crate::facts::AppMentionedInput; use crate::facts::AppUsedInput; use crate::facts::CodexCompactionEvent; +use crate::facts::CodexErrKind; use crate::facts::CompactionImplementation; use crate::facts::CompactionPhase; use crate::facts::CompactionReason; @@ -63,6 +64,8 @@ use crate::facts::SubAgentThreadStartedInput; use crate::facts::ThreadInitializationMode; use crate::facts::TrackEventsContext; use crate::facts::TurnCodexErrorFact; +use crate::facts::TurnProfile; +use crate::facts::TurnProfileFact; use crate::facts::TurnResolvedConfigFact; use crate::facts::TurnStatus; use crate::facts::TurnSteerRequestError; @@ -106,6 +109,7 @@ use codex_app_server_protocol::ServerNotification; use codex_app_server_protocol::ServerRequest; use codex_app_server_protocol::ServerResponse; use codex_app_server_protocol::SessionSource as AppServerSessionSource; +use codex_app_server_protocol::SubAgentActivityKind; use codex_app_server_protocol::Thread; use codex_app_server_protocol::ThreadArchiveParams; use codex_app_server_protocol::ThreadArchiveResponse; @@ -396,6 +400,18 @@ fn sample_turn_resolved_config(thread_id: &str, turn_id: &str) -> TurnResolvedCo } } +fn sample_turn_profile() -> TurnProfile { + TurnProfile { + before_first_sampling_ms: 100, + sampling_ms: 700, + between_sampling_overhead_ms: 50, + tool_blocking_ms: 250, + after_last_sampling_ms: 134, + sampling_request_count: 2, + sampling_retry_count: 1, + } +} + fn sample_turn_steer_request( thread_id: &str, expected_turn_id: &str, @@ -649,6 +665,18 @@ async fn ingest_turn_prerequisites( ) .await; } + + reducer + .ingest( + AnalyticsFact::Custom(CustomAnalyticsFact::TurnProfile(Box::new( + TurnProfileFact { + turn_id: "turn-2".to_string(), + profile: sample_turn_profile(), + }, + ))), + out, + ) + .await; } async fn ingest_review_prerequisites( @@ -751,6 +779,33 @@ fn sample_initialize_fact(connection_id: u64) -> AnalyticsFact { } } +async fn ingest_complete_child_turn( + reducer: &mut AnalyticsReducer, + events: &mut Vec, + thread_id: &str, + turn_id: &str, +) { + for fact in [ + AnalyticsFact::Custom(CustomAnalyticsFact::TurnResolvedConfig(Box::new( + sample_turn_resolved_config(thread_id, turn_id), + ))), + AnalyticsFact::Custom(CustomAnalyticsFact::TurnProfile(Box::new( + TurnProfileFact { + turn_id: turn_id.to_string(), + profile: sample_turn_profile(), + }, + ))), + AnalyticsFact::Notification(Box::new(sample_turn_completed_notification( + thread_id, + turn_id, + AppServerTurnStatus::Completed, + /*codex_error_info*/ None, + ))), + ] { + reducer.ingest(fact, events).await; + } +} + fn sample_command_execution_item( status: CommandExecutionStatus, exit_code: Option, @@ -1224,9 +1279,13 @@ fn compaction_event_serializes_expected_shape() { phase: CompactionPhase::MidTurn, strategy: CompactionStrategy::Memento, status: CompactionStatus::Completed, - error: None, + codex_error_kind: None, + codex_error_http_status_code: None, active_context_tokens_before: 120_000, active_context_tokens_after: 18_000, + retained_image_count: None, + compaction_summary_tokens: None, + cached_input_tokens: None, started_at: 100, completed_at: 106, duration_ms: Some(6543), @@ -1272,9 +1331,13 @@ fn compaction_event_serializes_expected_shape() { "phase": "mid_turn", "strategy": "memento", "status": "completed", - "error": null, + "codex_error_kind": null, + "codex_error_http_status_code": null, "active_context_tokens_before": 120000, "active_context_tokens_after": 18000, + "retained_image_count": null, + "compaction_summary_tokens": null, + "cached_input_tokens": null, "started_at": 100, "completed_at": 106, "duration_ms": 6543 @@ -1343,10 +1406,11 @@ fn thread_initialized_event_serializes_expected_shape() { }, model: "gpt-5".to_string(), ephemeral: true, - thread_source: Some(ThreadSource::User), + thread_source: Some(ThreadSource::Feature("automation".to_string())), initialization_mode: ThreadInitializationMode::New, subagent_source: None, parent_thread_id: None, + forked_from_thread_id: None, created_at: 1, }, }); @@ -1375,10 +1439,11 @@ fn thread_initialized_event_serializes_expected_shape() { }, "model": "gpt-5", "ephemeral": true, - "thread_source": "user", + "thread_source": "automation", "initialization_mode": "new", "subagent_source": null, "parent_thread_id": null, + "forked_from_thread_id": null, "created_at": 1 } }) @@ -1790,9 +1855,13 @@ async fn compaction_event_ingests_custom_fact() { phase: CompactionPhase::StandaloneTurn, strategy: CompactionStrategy::Memento, status: CompactionStatus::Failed, - error: Some("context limit exceeded".to_string()), + codex_error_kind: Some(CodexErrKind::ContextWindowExceeded), + codex_error_http_status_code: None, active_context_tokens_before: 131_000, active_context_tokens_after: 131_000, + retained_image_count: None, + compaction_summary_tokens: None, + cached_input_tokens: None, started_at: 100, completed_at: 101, duration_ms: Some(1200), @@ -1808,6 +1877,14 @@ async fn compaction_event_ingests_custom_fact() { assert_eq!(payload[0]["event_params"]["session_id"], "session-thread-1"); assert_eq!(payload[0]["event_params"]["thread_id"], "thread-1"); assert_eq!(payload[0]["event_params"]["turn_id"], "turn-compact"); + assert_eq!( + payload[0]["event_params"]["codex_error_kind"], + json!("context_window_exceeded") + ); + assert_eq!( + payload[0]["event_params"]["codex_error_http_status_code"], + json!(null) + ); assert_eq!( payload[0]["event_params"]["app_server_client"]["product_client_id"], DEFAULT_ORIGINATOR @@ -1902,6 +1979,7 @@ async fn guardian_review_event_ingests_custom_fact_with_optional_target_item() { decision: GuardianReviewDecision::Denied, terminal_status: GuardianReviewTerminalStatus::TimedOut, failure_reason: Some(GuardianReviewFailureReason::Timeout), + attempt_count: 1, risk_level: None, user_authorization: None, outcome: None, @@ -1973,6 +2051,7 @@ async fn guardian_review_event_ingests_custom_fact_with_optional_target_item() { ); assert_eq!(payload[0]["event_params"]["terminal_status"], "timed_out"); assert_eq!(payload[0]["event_params"]["failure_reason"], "timeout"); + assert_eq!(payload[0]["event_params"]["attempt_count"], 1); assert_eq!(payload[0]["event_params"]["review_timeout_ms"], 90_000); } @@ -2429,6 +2508,7 @@ fn subagent_thread_started_review_serializes_expected_shape() { session_id: "session-root".to_string(), thread_id: "thread-review".to_string(), parent_thread_id: None, + forked_from_thread_id: None, product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -2461,18 +2541,26 @@ fn subagent_thread_started_review_serializes_expected_shape() { assert_eq!(payload["event_params"]["initialization_mode"], "new"); assert_eq!(payload["event_params"]["subagent_source"], "review"); assert_eq!(payload["event_params"]["parent_thread_id"], json!(null)); + assert_eq!( + payload["event_params"]["forked_from_thread_id"], + json!(null) + ); } #[test] -fn subagent_thread_started_thread_spawn_serializes_parent_thread_id() { +fn subagent_thread_started_thread_spawn_serializes_thread_lineage() { let parent_thread_id = codex_protocol::ThreadId::from_string("11111111-1111-1111-1111-111111111111") .expect("valid thread id"); + let forked_from_thread_id = + codex_protocol::ThreadId::from_string("22222222-2222-4222-8222-222222222222") + .expect("valid thread id"); let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request( SubAgentThreadStartedInput { session_id: "session-root".to_string(), thread_id: "thread-spawn".to_string(), parent_thread_id: Some(parent_thread_id.to_string()), + forked_from_thread_id: Some(forked_from_thread_id.to_string()), product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -2497,6 +2585,10 @@ fn subagent_thread_started_thread_spawn_serializes_parent_thread_id() { payload["event_params"]["parent_thread_id"], "11111111-1111-1111-1111-111111111111" ); + assert_eq!( + payload["event_params"]["forked_from_thread_id"], + "22222222-2222-4222-8222-222222222222" + ); assert_eq!(payload["event_params"]["session_id"], "session-root"); } @@ -2507,6 +2599,7 @@ fn subagent_thread_started_memory_consolidation_serializes_expected_shape() { session_id: "session-root".to_string(), thread_id: "thread-memory".to_string(), parent_thread_id: None, + forked_from_thread_id: None, product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -2533,6 +2626,7 @@ fn subagent_thread_started_other_serializes_expected_shape() { session_id: "session-root".to_string(), thread_id: "thread-guardian".to_string(), parent_thread_id: None, + forked_from_thread_id: None, product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -2558,6 +2652,7 @@ fn subagent_thread_started_other_serializes_explicit_parent_thread_id() { session_id: "session-root".to_string(), thread_id: "thread-guardian".to_string(), parent_thread_id: Some(parent_thread_id.to_string()), + forked_from_thread_id: None, product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -2588,6 +2683,7 @@ async fn subagent_thread_started_publishes_without_initialize() { session_id: "session-root".to_string(), thread_id: "thread-review".to_string(), parent_thread_id: None, + forked_from_thread_id: None, product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -2613,7 +2709,7 @@ async fn subagent_thread_started_publishes_without_initialize() { } #[tokio::test] -async fn subagent_thread_started_inherits_parent_connection_for_new_thread() { +async fn subagent_events_use_inherited_connection_unless_turn_connection_is_explicit() { let mut reducer = AnalyticsReducer::default(); let mut events = Vec::new(); let parent_thread_id = @@ -2662,6 +2758,7 @@ async fn subagent_thread_started_inherits_parent_connection_for_new_thread() { session_id: "session-root".to_string(), thread_id: "thread-review".to_string(), parent_thread_id: Some(parent_thread_id.to_string()), + forked_from_thread_id: None, product_client_id: "parent-client".to_string(), client_name: "parent-client".to_string(), client_version: "1.0.0".to_string(), @@ -2694,9 +2791,13 @@ async fn subagent_thread_started_inherits_parent_connection_for_new_thread() { phase: CompactionPhase::StandaloneTurn, strategy: CompactionStrategy::Memento, status: CompactionStatus::Completed, - error: None, + codex_error_kind: None, + codex_error_http_status_code: None, active_context_tokens_before: 131_000, active_context_tokens_after: 64_000, + retained_image_count: None, + compaction_summary_tokens: None, + cached_input_tokens: None, started_at: 100, completed_at: 101, duration_ms: Some(1200), @@ -2717,6 +2818,68 @@ async fn subagent_thread_started_inherits_parent_connection_for_new_thread() { payload[0]["event_params"]["parent_thread_id"], "44444444-4444-4444-4444-444444444444" ); + + events.clear(); + ingest_complete_child_turn(&mut reducer, &mut events, "thread-review", "turn-inherited").await; + let [TrackEventRequest::TurnEvent(event)] = events.as_slice() else { + panic!("expected one turn event"); + }; + let params = &event.event_params; + assert_eq!(params.session_id, "session-root"); + assert_eq!(params.thread_source, Some(ThreadSource::Subagent)); + assert_eq!(params.subagent_source.as_deref(), Some("thread_spawn")); + assert_eq!( + params.parent_thread_id.as_deref(), + Some("44444444-4444-4444-4444-444444444444") + ); + assert_eq!(params.app_server_client.product_client_id, "parent-client"); + assert_eq!(params.runtime.codex_rs_version, "0.1.0"); + + reducer + .ingest( + AnalyticsFact::Custom(CustomAnalyticsFact::TurnTokenUsage(Box::new( + sample_turn_token_usage_fact("thread-review", "turn-inherited"), + ))), + &mut events, + ) + .await; + assert_eq!(events.len(), 1); + + events.clear(); + reducer + .ingest(sample_initialize_fact(/*connection_id*/ 8), &mut events) + .await; + reducer + .ingest( + AnalyticsFact::ClientRequest { + connection_id: 8, + request_id: RequestId::Integer(3), + request: Box::new(sample_turn_start_request( + "thread-review", + /*request_id*/ 3, + )), + }, + &mut events, + ) + .await; + reducer + .ingest( + AnalyticsFact::ClientResponse { + connection_id: 8, + request_id: RequestId::Integer(3), + response: Box::new(sample_turn_start_response("turn-explicit")), + }, + &mut events, + ) + .await; + ingest_complete_child_turn(&mut reducer, &mut events, "thread-review", "turn-explicit").await; + let [TrackEventRequest::TurnEvent(event)] = events.as_slice() else { + panic!("expected one turn event"); + }; + assert_eq!( + event.event_params.app_server_client.product_client_id, + DEFAULT_ORIGINATOR + ); } #[tokio::test] @@ -2732,6 +2895,7 @@ async fn subagent_tool_items_inherit_parent_connection_metadata() { session_id: "session-root".to_string(), thread_id: "thread-subagent".to_string(), parent_thread_id: Some("thread-1".to_string()), + forked_from_thread_id: None, product_client_id: "codex-tui".to_string(), client_name: "codex-tui".to_string(), client_version: "1.0.0".to_string(), @@ -3263,7 +3427,6 @@ fn turn_event_serializes_expected_shape() { status: Some(TurnStatus::Completed), turn_error: None, codex_error_kind: None, - codex_error_subreason: None, codex_error_http_status_code: None, steer_count: Some(0), total_tool_call_count: None, @@ -3279,6 +3442,13 @@ fn turn_event_serializes_expected_shape() { output_tokens: None, reasoning_output_tokens: None, total_tokens: None, + before_first_sampling_ms: 100, + sampling_ms: 700, + between_sampling_overhead_ms: 50, + tool_blocking_ms: 250, + after_last_sampling_ms: 134, + sampling_request_count: 2, + sampling_retry_count: 1, duration_ms: Some(1234), started_at: Some(455), completed_at: Some(456), @@ -3329,7 +3499,6 @@ fn turn_event_serializes_expected_shape() { "status": "completed", "turn_error": null, "codex_error_kind": null, - "codex_error_subreason": null, "codex_error_http_status_code": null, "steer_count": 0, "total_tool_call_count": null, @@ -3345,6 +3514,13 @@ fn turn_event_serializes_expected_shape() { "output_tokens": null, "reasoning_output_tokens": null, "total_tokens": null, + "before_first_sampling_ms": 100, + "sampling_ms": 700, + "between_sampling_overhead_ms": 50, + "tool_blocking_ms": 250, + "after_last_sampling_ms": 134, + "sampling_request_count": 2, + "sampling_retry_count": 1, "duration_ms": 1234, "started_at": 455, "completed_at": 456 @@ -3687,6 +3863,32 @@ async fn turn_event_counts_completed_tool_items() { ) .await; + let mcp_tool_call_item = |status, duration_ms| ThreadItem::McpToolCall { + id: "mcp-1".to_string(), + server: "server".to_string(), + tool: "search".to_string(), + status, + arguments: json!({}), + mcp_app_resource_uri: None, + plugin_id: Some("sample@test".to_string()), + result: None, + error: None, + duration_ms, + }; + reducer + .ingest( + AnalyticsFact::Notification(Box::new(ServerNotification::ItemStarted( + ItemStartedNotification { + thread_id: "thread-2".to_string(), + turn_id: "turn-2".to_string(), + started_at_ms: 998, + item: mcp_tool_call_item(McpToolCallStatus::InProgress, None), + }, + ))), + &mut out, + ) + .await; + let completed_tool_items = vec![ sample_command_execution_item(CommandExecutionStatus::Completed, Some(0), Some(1)), ThreadItem::FileChange { @@ -3694,18 +3896,7 @@ async fn turn_event_counts_completed_tool_items() { changes: Vec::new(), status: PatchApplyStatus::Completed, }, - ThreadItem::McpToolCall { - id: "mcp-1".to_string(), - server: "server".to_string(), - tool: "search".to_string(), - status: McpToolCallStatus::Completed, - arguments: json!({}), - mcp_app_resource_uri: None, - plugin_id: None, - result: None, - error: None, - duration_ms: Some(2), - }, + mcp_tool_call_item(McpToolCallStatus::Completed, Some(2)), ThreadItem::DynamicToolCall { id: "dynamic-1".to_string(), namespace: None, @@ -3727,6 +3918,12 @@ async fn turn_event_counts_completed_tool_items() { reasoning_effort: None, agents_states: Default::default(), }, + ThreadItem::SubAgentActivity { + id: "sub-agent-activity-1".to_string(), + kind: SubAgentActivityKind::Interacted, + agent_thread_id: "thread-child".to_string(), + agent_path: "/root/child".to_string(), + }, ThreadItem::WebSearch { id: "web-1".to_string(), query: "codex".to_string(), @@ -3757,6 +3954,13 @@ async fn turn_event_counts_completed_tool_items() { .await; } + let mcp_tool_call_event = out + .iter() + .find(|event| matches!(event, TrackEventRequest::McpToolCall(_))) + .expect("MCP tool call event should be emitted"); + let payload = serde_json::to_value(mcp_tool_call_event).expect("serialize MCP tool call event"); + assert_eq!(payload["event_params"]["plugin_id"], json!("sample@test")); + reducer .ingest( AnalyticsFact::Notification(Box::new(sample_turn_completed_notification( @@ -3774,14 +3978,14 @@ async fn turn_event_counts_completed_tool_items() { .find(|event| matches!(event, TrackEventRequest::TurnEvent(_))) .expect("turn event should be emitted"); let payload = serde_json::to_value(turn_event).expect("serialize turn event"); - assert_eq!(payload["event_params"]["total_tool_call_count"], json!(7)); + assert_eq!(payload["event_params"]["total_tool_call_count"], json!(8)); assert_eq!(payload["event_params"]["shell_command_count"], json!(1)); assert_eq!(payload["event_params"]["file_change_count"], json!(1)); assert_eq!(payload["event_params"]["mcp_tool_call_count"], json!(1)); assert_eq!(payload["event_params"]["dynamic_tool_call_count"], json!(1)); assert_eq!( payload["event_params"]["subagent_tool_call_count"], - json!(1) + json!(2) ); assert_eq!(payload["event_params"]["web_search_count"], json!(1)); assert_eq!(payload["event_params"]["image_generation_count"], json!(1)); @@ -4029,10 +4233,6 @@ async fn turn_lifecycle_emits_failed_turn_event() { payload["event_params"]["codex_error_kind"], json!("invalid_request") ); - assert_eq!( - payload["event_params"]["codex_error_subreason"], - json!("unknown turn environment id `env-2`") - ); assert_eq!( payload["event_params"]["codex_error_http_status_code"], json!(null) diff --git a/codex-rs/analytics/src/client.rs b/codex-rs/analytics/src/client.rs index bd0726b28ee..193de9ef65c 100644 --- a/codex-rs/analytics/src/client.rs +++ b/codex-rs/analytics/src/client.rs @@ -9,6 +9,7 @@ use crate::facts::AnalyticsJsonRpcError; use crate::facts::AppInvocation; use crate::facts::AppMentionedInput; use crate::facts::AppUsedInput; +use crate::facts::CodexGoalEvent; use crate::facts::CustomAnalyticsFact; use crate::facts::HookRunFact; use crate::facts::HookRunInput; @@ -19,6 +20,7 @@ use crate::facts::SkillInvokedInput; use crate::facts::SubAgentThreadStartedInput; use crate::facts::TrackEventsContext; use crate::facts::TurnCodexErrorFact; +use crate::facts::TurnProfileFact; use crate::facts::TurnResolvedConfigFact; use crate::facts::TurnTokenUsageFact; use crate::reducer::AnalyticsReducer; @@ -245,6 +247,12 @@ impl AnalyticsEventsClient { ))); } + pub fn track_goal_event(&self, event: CodexGoalEvent) { + self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::Goal(Box::new( + event, + )))); + } + pub fn track_turn_resolved_config(&self, fact: TurnResolvedConfigFact) { self.record_fact(AnalyticsFact::Custom( CustomAnalyticsFact::TurnResolvedConfig(Box::new(fact)), @@ -257,6 +265,12 @@ impl AnalyticsEventsClient { ))); } + pub fn track_turn_profile(&self, fact: TurnProfileFact) { + self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::TurnProfile( + Box::new(fact), + ))); + } + pub fn track_turn_codex_error(&self, fact: TurnCodexErrorFact) { self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::TurnCodexError( Box::new(fact), diff --git a/codex-rs/analytics/src/events.rs b/codex-rs/analytics/src/events.rs index 5367e651e4c..2df113a43a3 100644 --- a/codex-rs/analytics/src/events.rs +++ b/codex-rs/analytics/src/events.rs @@ -4,12 +4,14 @@ use crate::facts::AcceptedLineFingerprint; use crate::facts::AppInvocation; use crate::facts::CodexCompactionEvent; use crate::facts::CodexErrKind; +use crate::facts::CodexGoalEvent; use crate::facts::CompactionImplementation; use crate::facts::CompactionPhase; use crate::facts::CompactionReason; use crate::facts::CompactionStatus; use crate::facts::CompactionStrategy; use crate::facts::CompactionTrigger; +use crate::facts::GoalEventKind; use crate::facts::HookRunFact; use crate::facts::InvocationType; use crate::facts::PluginState; @@ -63,6 +65,7 @@ pub(crate) enum TrackEventRequest { AppUsed(CodexAppUsedEventRequest), HookRun(CodexHookRunEventRequest), Compaction(Box), + Goal(Box), TurnEvent(Box), TurnSteer(CodexTurnSteerEventRequest), CommandExecution(CodexCommandExecutionEventRequest), @@ -157,6 +160,7 @@ pub(crate) struct ThreadInitializedEventParams { pub(crate) initialization_mode: ThreadInitializationMode, pub(crate) subagent_source: Option, pub(crate) parent_thread_id: Option, + pub(crate) forked_from_thread_id: Option, pub(crate) created_at: u64, } @@ -262,6 +266,7 @@ pub struct GuardianReviewEventParams { pub decision: GuardianReviewDecision, pub terminal_status: GuardianReviewTerminalStatus, pub failure_reason: Option, + pub attempt_count: i64, pub risk_level: Option, pub user_authorization: Option, pub outcome: Option, @@ -334,6 +339,7 @@ impl GuardianReviewTrackContext { decision: result.decision, terminal_status: result.terminal_status, failure_reason: result.failure_reason, + attempt_count: result.attempt_count, risk_level: result.risk_level, user_authorization: result.user_authorization, outcome: result.outcome, @@ -369,6 +375,7 @@ pub struct GuardianReviewAnalyticsResult { pub decision: GuardianReviewDecision, pub terminal_status: GuardianReviewTerminalStatus, pub failure_reason: Option, + pub attempt_count: i64, pub risk_level: Option, pub user_authorization: Option, pub outcome: Option, @@ -388,6 +395,7 @@ impl GuardianReviewAnalyticsResult { decision: GuardianReviewDecision::Denied, terminal_status: GuardianReviewTerminalStatus::FailedClosed, failure_reason: None, + attempt_count: 1, risk_level: None, user_authorization: None, outcome: None, @@ -625,6 +633,7 @@ pub(crate) struct CodexMcpToolCallEventParams { pub(crate) mcp_server_name: String, pub(crate) mcp_tool_name: String, pub(crate) mcp_error_present: bool, + pub(crate) plugin_id: Option, } #[derive(Serialize)] @@ -754,9 +763,13 @@ pub(crate) struct CodexCompactionEventParams { pub(crate) phase: CompactionPhase, pub(crate) strategy: CompactionStrategy, pub(crate) status: CompactionStatus, - pub(crate) error: Option, + pub(crate) codex_error_kind: Option, + pub(crate) codex_error_http_status_code: Option, pub(crate) active_context_tokens_before: i64, pub(crate) active_context_tokens_after: i64, + pub(crate) retained_image_count: Option, + pub(crate) compaction_summary_tokens: Option, + pub(crate) cached_input_tokens: Option, pub(crate) started_at: u64, pub(crate) completed_at: u64, pub(crate) duration_ms: Option, @@ -768,6 +781,30 @@ pub(crate) struct CodexCompactionEventRequest { pub(crate) event_params: CodexCompactionEventParams, } +#[derive(Serialize)] +pub(crate) struct CodexGoalEventParams { + pub(crate) thread_id: String, + pub(crate) session_id: String, + pub(crate) turn_id: Option, + pub(crate) app_server_client: CodexAppServerClientMetadata, + pub(crate) runtime: CodexRuntimeMetadata, + pub(crate) thread_source: Option, + pub(crate) subagent_source: Option, + pub(crate) parent_thread_id: Option, + pub(crate) goal_id: String, + pub(crate) event_kind: GoalEventKind, + pub(crate) goal_status: codex_state::ThreadGoalStatus, + pub(crate) has_token_budget: bool, + pub(crate) cumulative_tokens_accounted: Option, + pub(crate) cumulative_time_accounted_seconds: Option, +} + +#[derive(Serialize)] +pub(crate) struct CodexGoalEventRequest { + pub(crate) event_type: &'static str, + pub(crate) event_params: CodexGoalEventParams, +} + #[derive(Serialize)] pub(crate) struct CodexTurnEventParams { pub(crate) thread_id: String, @@ -800,7 +837,6 @@ pub(crate) struct CodexTurnEventParams { pub(crate) status: Option, pub(crate) turn_error: Option, pub(crate) codex_error_kind: Option, - pub(crate) codex_error_subreason: Option, pub(crate) codex_error_http_status_code: Option, pub(crate) steer_count: Option, pub(crate) total_tool_call_count: Option, @@ -816,6 +852,13 @@ pub(crate) struct CodexTurnEventParams { pub(crate) output_tokens: Option, pub(crate) reasoning_output_tokens: Option, pub(crate) total_tokens: Option, + pub(crate) before_first_sampling_ms: u64, + pub(crate) sampling_ms: u64, + pub(crate) between_sampling_overhead_ms: u64, + pub(crate) tool_blocking_ms: u64, + pub(crate) after_last_sampling_ms: u64, + pub(crate) sampling_request_count: u32, + pub(crate) sampling_retry_count: u32, pub(crate) duration_ms: Option, pub(crate) started_at: Option, pub(crate) completed_at: Option, @@ -959,15 +1002,46 @@ pub(crate) fn codex_compaction_event_params( phase: input.phase, strategy: input.strategy, status: input.status, - error: input.error, + codex_error_kind: input.codex_error_kind, + codex_error_http_status_code: input.codex_error_http_status_code, active_context_tokens_before: input.active_context_tokens_before, active_context_tokens_after: input.active_context_tokens_after, + retained_image_count: input.retained_image_count, + compaction_summary_tokens: input.compaction_summary_tokens, + cached_input_tokens: input.cached_input_tokens, started_at: input.started_at, completed_at: input.completed_at, duration_ms: input.duration_ms, } } +pub(crate) fn codex_goal_event_params( + input: CodexGoalEvent, + session_id: String, + app_server_client: CodexAppServerClientMetadata, + runtime: CodexRuntimeMetadata, + thread_source: Option, + subagent_source: Option, + parent_thread_id: Option, +) -> CodexGoalEventParams { + CodexGoalEventParams { + thread_id: input.thread_id, + session_id, + turn_id: input.turn_id, + app_server_client, + runtime, + thread_source, + subagent_source, + parent_thread_id, + goal_id: input.goal_id, + event_kind: input.event_kind, + goal_status: input.goal_status, + has_token_budget: input.has_token_budget, + cumulative_tokens_accounted: input.cumulative_tokens_accounted, + cumulative_time_accounted_seconds: input.cumulative_time_accounted_seconds, + } +} + pub(crate) fn codex_plugin_used_metadata( tracking: &TrackEventsContext, plugin: PluginTelemetryMetadata, @@ -1060,6 +1134,7 @@ pub(crate) fn subagent_thread_started_event_request( initialization_mode: ThreadInitializationMode::New, subagent_source: Some(subagent_source_name(&input.subagent_source)), parent_thread_id: input.parent_thread_id, + forked_from_thread_id: input.forked_from_thread_id, created_at: input.created_at, }; ThreadInitializedEvent { diff --git a/codex-rs/analytics/src/facts.rs b/codex-rs/analytics/src/facts.rs index b0561085078..ab278e223cf 100644 --- a/codex-rs/analytics/src/facts.rs +++ b/codex-rs/analytics/src/facts.rs @@ -30,9 +30,6 @@ use codex_protocol::request_permissions::RequestPermissionsResponse; use serde::Serialize; use std::path::PathBuf; -const INVALID_REQUEST_SUBREASON_MAX_BYTES: usize = 512; -const INVALID_REQUEST_SUBREASON_TRUNCATION_SUFFIX: &str = "..."; - #[derive(Clone, Debug, PartialEq, Eq, Serialize)] pub struct AcceptedLineFingerprint { pub path_hash: String, @@ -104,6 +101,23 @@ pub struct TurnTokenUsageFact { pub token_usage: TokenUsage, } +#[derive(Clone, Debug, PartialEq, Eq, Serialize)] +pub struct TurnProfile { + pub before_first_sampling_ms: u64, + pub sampling_ms: u64, + pub between_sampling_overhead_ms: u64, + pub tool_blocking_ms: u64, + pub after_last_sampling_ms: u64, + pub sampling_request_count: u32, + pub sampling_retry_count: u32, +} + +#[derive(Clone)] +pub struct TurnProfileFact { + pub turn_id: String, + pub profile: TurnProfile, +} + #[derive(Clone)] pub struct TurnCodexErrorFact { pub(crate) turn_id: String, @@ -123,7 +137,7 @@ impl TurnCodexErrorFact { #[derive(Clone, Copy, Debug, Serialize)] #[serde(rename_all = "snake_case")] -pub(crate) enum CodexErrKind { +pub enum CodexErrKind { TurnAborted, Stream, ContextWindowExceeded, @@ -165,7 +179,6 @@ pub(crate) enum CodexErrKind { #[derive(Clone)] pub(crate) struct TurnCodexError { pub(crate) kind: CodexErrKind, - pub(crate) subreason: Option, pub(crate) http_status_code: Option, } @@ -173,26 +186,6 @@ impl TurnCodexError { fn from_codex_err(error: &CodexErr) -> Self { Self { kind: error.into(), - subreason: match error { - CodexErr::InvalidRequest(message) => { - // InvalidRequest can contain raw provider response bodies, so bound the - // analytics copy without changing the source CodexErr. - let subreason = if message.len() <= INVALID_REQUEST_SUBREASON_MAX_BYTES { - message.clone() - } else { - let truncated_len = message.floor_char_boundary( - INVALID_REQUEST_SUBREASON_MAX_BYTES - .saturating_sub(INVALID_REQUEST_SUBREASON_TRUNCATION_SUFFIX.len()), - ); - format!( - "{}{INVALID_REQUEST_SUBREASON_TRUNCATION_SUFFIX}", - &message[..truncated_len] - ) - }; - Some(subreason) - } - _ => None, - }, http_status_code: error.http_status_code_value(), } } @@ -348,6 +341,7 @@ pub struct SubAgentThreadStartedInput { pub session_id: String, pub thread_id: String, pub parent_thread_id: Option, + pub forked_from_thread_id: Option, pub product_client_id: String, pub client_name: String, pub client_version: String, @@ -370,6 +364,7 @@ pub enum CompactionReason { UserRequested, ContextLimit, ModelDownshift, + CompHashChanged, } #[derive(Clone, Copy, Debug, Serialize)] @@ -413,14 +408,39 @@ pub struct CodexCompactionEvent { pub phase: CompactionPhase, pub strategy: CompactionStrategy, pub status: CompactionStatus, - pub error: Option, + pub codex_error_kind: Option, + pub codex_error_http_status_code: Option, pub active_context_tokens_before: i64, pub active_context_tokens_after: i64, + pub retained_image_count: Option, + pub compaction_summary_tokens: Option, + pub cached_input_tokens: Option, pub started_at: u64, pub completed_at: u64, pub duration_ms: Option, } +#[derive(Clone, Copy, Debug, Serialize)] +#[serde(rename_all = "snake_case")] +pub enum GoalEventKind { + Created, + UsageAccounted, + StatusChanged, + Cleared, +} + +#[derive(Clone)] +pub struct CodexGoalEvent { + pub thread_id: String, + pub turn_id: Option, + pub goal_id: String, + pub event_kind: GoalEventKind, + pub goal_status: codex_state::ThreadGoalStatus, + pub has_token_budget: bool, + pub cumulative_tokens_accounted: Option, + pub cumulative_time_accounted_seconds: Option, +} + #[allow(dead_code)] pub(crate) enum AnalyticsFact { Initialize { @@ -472,9 +492,11 @@ pub(crate) enum AnalyticsFact { pub(crate) enum CustomAnalyticsFact { SubAgentThreadStarted(SubAgentThreadStartedInput), Compaction(Box), + Goal(Box), GuardianReview(Box), TurnResolvedConfig(Box), TurnTokenUsage(Box), + TurnProfile(Box), TurnCodexError(Box), SkillInvoked(SkillInvokedInput), AppMentioned(AppMentionedInput), diff --git a/codex-rs/analytics/src/lib.rs b/codex-rs/analytics/src/lib.rs index c227f4daf18..fd236cbce9f 100644 --- a/codex-rs/analytics/src/lib.rs +++ b/codex-rs/analytics/src/lib.rs @@ -24,6 +24,8 @@ pub use facts::AcceptedLineFingerprint; pub use facts::AnalyticsJsonRpcError; pub use facts::AppInvocation; pub use facts::CodexCompactionEvent; +pub use facts::CodexErrKind; +pub use facts::CodexGoalEvent; pub use facts::CodexTurnSteerEvent; pub use facts::CompactionImplementation; pub use facts::CompactionPhase; @@ -31,6 +33,7 @@ pub use facts::CompactionReason; pub use facts::CompactionStatus; pub use facts::CompactionStrategy; pub use facts::CompactionTrigger; +pub use facts::GoalEventKind; pub use facts::HookRunFact; pub use facts::InputError; pub use facts::InvocationType; @@ -39,6 +42,8 @@ pub use facts::SubAgentThreadStartedInput; pub use facts::ThreadInitializationMode; pub use facts::TrackEventsContext; pub use facts::TurnCodexErrorFact; +pub use facts::TurnProfile; +pub use facts::TurnProfileFact; pub use facts::TurnResolvedConfigFact; pub use facts::TurnStatus; pub use facts::TurnSteerRejectionReason; diff --git a/codex-rs/analytics/src/reducer.rs b/codex-rs/analytics/src/reducer.rs index 5b411785309..a621051fb51 100644 --- a/codex-rs/analytics/src/reducer.rs +++ b/codex-rs/analytics/src/reducer.rs @@ -15,6 +15,7 @@ use crate::events::CodexDynamicToolCallEventParams; use crate::events::CodexDynamicToolCallEventRequest; use crate::events::CodexFileChangeEventParams; use crate::events::CodexFileChangeEventRequest; +use crate::events::CodexGoalEventRequest; use crate::events::CodexHookRunEventRequest; use crate::events::CodexImageGenerationEventParams; use crate::events::CodexImageGenerationEventRequest; @@ -51,6 +52,7 @@ use crate::events::TrackEventRequest; use crate::events::WebSearchActionKind; use crate::events::codex_app_metadata; use crate::events::codex_compaction_event_params; +use crate::events::codex_goal_event_params; use crate::events::codex_hook_run_metadata; use crate::events::codex_plugin_metadata; use crate::events::codex_plugin_used_metadata; @@ -62,6 +64,7 @@ use crate::facts::AnalyticsJsonRpcError; use crate::facts::AppMentionedInput; use crate::facts::AppUsedInput; use crate::facts::CodexCompactionEvent; +use crate::facts::CodexGoalEvent; use crate::facts::CustomAnalyticsFact; use crate::facts::HookRunInput; use crate::facts::PluginState; @@ -72,6 +75,8 @@ use crate::facts::SubAgentThreadStartedInput; use crate::facts::ThreadInitializationMode; use crate::facts::TurnCodexError; use crate::facts::TurnCodexErrorFact; +use crate::facts::TurnProfile; +use crate::facts::TurnProfileFact; use crate::facts::TurnResolvedConfigFact; use crate::facts::TurnStatus; use crate::facts::TurnSteerRejectionReason; @@ -190,6 +195,16 @@ impl<'a> AnalyticsDropSite<'a> { } } + fn goal(input: &'a CodexGoalEvent) -> Self { + Self { + event_name: "goal", + thread_id: &input.thread_id, + turn_id: input.turn_id.as_deref(), + review_id: None, + item_id: None, + } + } + fn tool_item( notification: &'a codex_app_server_protocol::ItemCompletedNotification, item_id: &'a str, @@ -316,6 +331,7 @@ struct CompletedTurnState { duration_ms: Option, } +#[derive(Default)] struct TurnState { connection_id: Option, thread_id: Option, @@ -323,6 +339,7 @@ struct TurnState { resolved_config: Option, started_at: Option, token_usage: Option, + profile: Option, completed: Option, codex_error: Option, latest_diff: Option, @@ -356,7 +373,9 @@ impl TurnToolCounts { ThreadItem::FileChange { .. } => self.file_change += 1, ThreadItem::McpToolCall { .. } => self.mcp_tool_call += 1, ThreadItem::DynamicToolCall { .. } => self.dynamic_tool_call += 1, - ThreadItem::CollabAgentToolCall { .. } => self.subagent_tool_call += 1, + ThreadItem::CollabAgentToolCall { .. } | ThreadItem::SubAgentActivity { .. } => { + self.subagent_tool_call += 1; + } ThreadItem::WebSearch { .. } => self.web_search += 1, ThreadItem::ImageGeneration { .. } => self.image_generation += 1, ThreadItem::UserMessage { .. } @@ -455,6 +474,9 @@ impl AnalyticsReducer { CustomAnalyticsFact::Compaction(input) => { self.ingest_compaction(*input, out); } + CustomAnalyticsFact::Goal(input) => { + self.ingest_goal(*input, out); + } CustomAnalyticsFact::GuardianReview(input) => { self.ingest_guardian_review(*input, out); } @@ -464,6 +486,9 @@ impl AnalyticsReducer { CustomAnalyticsFact::TurnTokenUsage(input) => { self.ingest_turn_token_usage(*input, out).await; } + CustomAnalyticsFact::TurnProfile(input) => { + self.ingest_turn_profile(*input, out).await; + } CustomAnalyticsFact::TurnCodexError(input) => { self.ingest_turn_codex_error(*input); } @@ -604,19 +629,7 @@ impl AnalyticsReducer { let turn_id = input.turn_id.clone(); let thread_id = input.thread_id.clone(); let num_input_images = input.num_input_images; - let turn_state = self.turns.entry(turn_id.clone()).or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(turn_id.clone()).or_default(); turn_state.thread_id = Some(thread_id); turn_state.num_input_images = Some(num_input_images); turn_state.resolved_config = Some(input); @@ -629,43 +642,30 @@ impl AnalyticsReducer { out: &mut Vec, ) { let turn_id = input.turn_id.clone(); - let turn_state = self.turns.entry(turn_id.clone()).or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(turn_id.clone()).or_default(); turn_state.thread_id = Some(input.thread_id); turn_state.token_usage = Some(input.token_usage); self.maybe_emit_turn_event(&turn_id, out).await; } + async fn ingest_turn_profile( + &mut self, + input: TurnProfileFact, + out: &mut Vec, + ) { + let TurnProfileFact { turn_id, profile } = input; + let turn_state = self.turns.entry(turn_id.clone()).or_default(); + turn_state.profile = Some(profile); + self.maybe_emit_turn_event(&turn_id, out).await; + } + fn ingest_turn_codex_error(&mut self, input: TurnCodexErrorFact) { let TurnCodexErrorFact { turn_id, thread_id, error, } = input; - let turn_state = self.turns.entry(turn_id).or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(turn_id).or_default(); turn_state.thread_id.get_or_insert(thread_id); turn_state.codex_error = Some(error); } @@ -818,19 +818,7 @@ impl AnalyticsReducer { else { return; }; - let turn_state = self.turns.entry(turn_id.clone()).or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(turn_id.clone()).or_default(); turn_state.connection_id = Some(connection_id); turn_state.thread_id = Some(pending_request.thread_id); turn_state.num_input_images = Some(pending_request.num_input_images); @@ -1121,6 +1109,18 @@ impl AnalyticsReducer { ); } ServerNotification::ItemCompleted(notification) => { + if matches!(notification.item, ThreadItem::SubAgentActivity { .. }) { + let Some(turn_state) = self.turns.get_mut(¬ification.turn_id) else { + tracing::warn!( + thread_id = %notification.thread_id, + turn_id = %notification.turn_id, + "dropping sub-agent activity tool count update: missing turn state" + ); + return; + }; + turn_state.tool_counts.record(¬ification.item); + return; + } let Some(item_id) = tracked_tool_item_id(¬ification.item) else { return; }; @@ -1178,61 +1178,19 @@ impl AnalyticsReducer { self.ingest_guardian_review_completed(notification, out); } ServerNotification::TurnStarted(notification) => { - let turn_state = self.turns.entry(notification.turn.id).or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(notification.turn.id).or_default(); turn_state.started_at = notification .turn .started_at .and_then(|started_at| u64::try_from(started_at).ok()); } ServerNotification::TurnDiffUpdated(notification) => { - let turn_state = - self.turns - .entry(notification.turn_id.clone()) - .or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(notification.turn_id.clone()).or_default(); turn_state.thread_id = Some(notification.thread_id); turn_state.latest_diff = Some(notification.diff); } ServerNotification::TurnCompleted(notification) => { - let turn_state = - self.turns - .entry(notification.turn.id.clone()) - .or_insert(TurnState { - connection_id: None, - thread_id: None, - num_input_images: None, - resolved_config: None, - started_at: None, - token_usage: None, - completed: None, - codex_error: None, - latest_diff: None, - steer_count: 0, - tool_counts: TurnToolCounts::default(), - }); + let turn_state = self.turns.entry(notification.turn.id.clone()).or_default(); turn_state.completed = Some(CompletedTurnState { status: analytics_turn_status(notification.turn.status), turn_error: notification @@ -1268,6 +1226,7 @@ impl AnalyticsReducer { let session_id = thread.session_id; let thread_id = thread.id; let parent_thread_id = thread.parent_thread_id; + let forked_from_thread_id = thread.forked_from_id; let Some(connection_state) = self.connections.get(&connection_id) else { return; }; @@ -1299,6 +1258,7 @@ impl AnalyticsReducer { initialization_mode, subagent_source: thread_metadata.subagent_source.clone(), parent_thread_id: thread_metadata.parent_thread_id, + forked_from_thread_id, created_at: u64::try_from(thread.created_at).unwrap_or_default(), }, }, @@ -1319,7 +1279,7 @@ impl AnalyticsReducer { thread_metadata.session_id.clone(), connection_state.app_server_client.clone(), connection_state.runtime.clone(), - thread_metadata.thread_source, + thread_metadata.thread_source.clone(), thread_metadata.subagent_source.clone(), thread_metadata.parent_thread_id.clone(), ), @@ -1327,6 +1287,26 @@ impl AnalyticsReducer { ))); } + fn ingest_goal(&mut self, input: CodexGoalEvent, out: &mut Vec) { + let Some((connection_state, thread_metadata)) = + self.thread_context_or_warn(AnalyticsDropSite::goal(&input)) + else { + return; + }; + out.push(TrackEventRequest::Goal(Box::new(CodexGoalEventRequest { + event_type: "codex_goal_event", + event_params: codex_goal_event_params( + input, + thread_metadata.session_id.clone(), + connection_state.app_server_client.clone(), + connection_state.runtime.clone(), + thread_metadata.thread_source.clone(), + thread_metadata.subagent_source.clone(), + thread_metadata.parent_thread_id.clone(), + ), + }))); + } + fn ingest_guardian_review_completed( &mut self, notification: codex_app_server_protocol::ItemGuardianApprovalReviewCompletedNotification, @@ -1424,7 +1404,7 @@ impl AnalyticsReducer { accepted_turn_id, app_server_client: connection_state.app_server_client.clone(), runtime: connection_state.runtime.clone(), - thread_source: thread_metadata.thread_source, + thread_source: thread_metadata.thread_source.clone(), subagent_source: thread_metadata.subagent_source.clone(), parent_thread_id: thread_metadata.parent_thread_id.clone(), num_input_images: pending_request.num_input_images, @@ -1467,7 +1447,7 @@ impl AnalyticsReducer { review_id: pending_review.review_id, app_server_client: connection_state.app_server_client.clone(), runtime: connection_state.runtime.clone(), - thread_source: thread_metadata.thread_source, + thread_source: thread_metadata.thread_source.clone(), subagent_source: thread_metadata.subagent_source.clone(), parent_thread_id: thread_metadata.parent_thread_id.clone(), subject_kind: pending_review.subject_kind, @@ -1509,6 +1489,7 @@ impl AnalyticsReducer { if turn_state.thread_id.is_none() || turn_state.num_input_images.is_none() || turn_state.resolved_config.is_none() + || turn_state.profile.is_none() || turn_state.completed.is_none() { return; @@ -1516,17 +1497,23 @@ impl AnalyticsReducer { let Some(thread_id) = turn_state.thread_id.as_ref() else { return; }; - let Some(connection_id) = turn_state.connection_id else { + let drop_site = AnalyticsDropSite::turn(thread_id, turn_id); + let connection_id = turn_state.connection_id.or_else(|| { + self.threads + .get(drop_site.thread_id) + .and_then(|thread| thread.connection_id) + }); + let Some(connection_id) = connection_id else { + warn_missing_analytics_context(&drop_site, MissingAnalyticsContext::ThreadConnection); return; }; let Some(connection_state) = self.connections.get(&connection_id) else { warn_missing_analytics_context( - &AnalyticsDropSite::turn(thread_id, turn_id), + &drop_site, MissingAnalyticsContext::Connection { connection_id }, ); return; }; - let drop_site = AnalyticsDropSite::turn(thread_id, turn_id); let Some(thread_metadata) = self .threads .get(drop_site.thread_id) @@ -1631,6 +1618,7 @@ fn tracked_tool_item_id(item: &ThreadItem) -> Option<&str> { | ThreadItem::AgentMessage { .. } | ThreadItem::Plan { .. } | ThreadItem::Reasoning { .. } + | ThreadItem::SubAgentActivity { .. } | ThreadItem::ImageView { .. } | ThreadItem::EnteredReviewMode { .. } | ThreadItem::ExitedReviewMode { .. } @@ -1763,6 +1751,7 @@ fn tool_item_event(input: ToolItemEventInput<'_>) -> Option { status, error, duration_ms, + plugin_id, .. } => { let (terminal_status, failure_kind) = mcp_tool_call_outcome(status)?; @@ -1792,6 +1781,7 @@ fn tool_item_event(input: ToolItemEventInput<'_>) -> Option { mcp_server_name: server.clone(), mcp_tool_name: tool.clone(), mcp_error_present: error.is_some(), + plugin_id: plugin_id.clone(), }, }, )) @@ -2033,7 +2023,7 @@ fn tool_item_base( item_id, app_server_client: context.connection_state.app_server_client.clone(), runtime: context.connection_state.runtime.clone(), - thread_source: thread_metadata.thread_source, + thread_source: thread_metadata.thread_source.clone(), subagent_source: thread_metadata.subagent_source.clone(), parent_thread_id: thread_metadata.parent_thread_id.clone(), tool_name, @@ -2455,12 +2445,20 @@ fn codex_turn_event_params( turn_state: &TurnState, thread_metadata: &ThreadMetadataState, ) -> CodexTurnEventParams { - let (Some(thread_id), Some(num_input_images), Some(resolved_config), Some(completed)) = ( + let ( + Some(thread_id), + Some(num_input_images), + Some(resolved_config), + Some(profile), + Some(completed), + ) = ( turn_state.thread_id.clone(), turn_state.num_input_images, turn_state.resolved_config.clone(), + turn_state.profile.clone(), turn_state.completed.clone(), - ) else { + ) + else { unreachable!("turn event params require a fully populated turn state"); }; let started_at = turn_state.started_at; @@ -2486,6 +2484,15 @@ fn codex_turn_event_params( workspace_kind, is_first_turn, } = resolved_config; + let TurnProfile { + before_first_sampling_ms, + sampling_ms, + between_sampling_overhead_ms, + tool_blocking_ms, + after_last_sampling_ms, + sampling_request_count, + sampling_retry_count, + } = profile; let token_usage = turn_state.token_usage.clone(); let codex_error = turn_state.codex_error.as_ref(); CodexTurnEventParams { @@ -2496,7 +2503,7 @@ fn codex_turn_event_params( runtime, submission_type, ephemeral, - thread_source: thread_metadata.thread_source, + thread_source: thread_metadata.thread_source.clone(), initialization_mode: thread_metadata.initialization_mode, subagent_source: thread_metadata.subagent_source.clone(), parent_thread_id: thread_metadata.parent_thread_id.clone(), @@ -2522,7 +2529,6 @@ fn codex_turn_event_params( status: completed.status, turn_error: completed.turn_error, codex_error_kind: codex_error.map(|error| error.kind), - codex_error_subreason: codex_error.and_then(|error| error.subreason.clone()), codex_error_http_status_code: codex_error.and_then(|error| error.http_status_code), steer_count: Some(turn_state.steer_count), total_tool_call_count: Some(turn_state.tool_counts.total), @@ -2548,6 +2554,13 @@ fn codex_turn_event_params( total_tokens: token_usage .as_ref() .map(|token_usage| token_usage.total_tokens), + before_first_sampling_ms, + sampling_ms, + between_sampling_overhead_ms, + tool_blocking_ms, + after_last_sampling_ms, + sampling_request_count, + sampling_retry_count, duration_ms: completed.duration_ms, started_at, completed_at: Some(completed.completed_at), diff --git a/codex-rs/app-server-client/src/lib.rs b/codex-rs/app-server-client/src/lib.rs index c75915629cb..1faae917eb9 100644 --- a/codex-rs/app-server-client/src/lib.rs +++ b/codex-rs/app-server-client/src/lib.rs @@ -22,6 +22,7 @@ use std::fmt; use std::io::Error as IoError; use std::io::ErrorKind; use std::io::Result as IoResult; +use std::path::Path; use std::sync::Arc; use std::time::Duration; @@ -48,7 +49,11 @@ use codex_config::LoaderOverrides; use codex_config::NoopThreadConfigLoader; use codex_config::RemoteThreadConfigLoader; use codex_config::ThreadConfigLoader; +use codex_config::config_toml::ConfigToml; use codex_core::config::Config; +pub use codex_core::otel_init::build_provider as build_otel_provider; +use codex_core::personality_migration::PersonalityMigrationStatus; +use codex_core::personality_migration::maybe_migrate_personality; pub use codex_exec_server::EnvironmentManager; pub use codex_exec_server::ExecServerRuntimePaths; use codex_feedback::CodexFeedback; @@ -70,13 +75,8 @@ pub use crate::remote::RemoteAppServerEndpoint; /// module exists so clients can remove a direct `codex-core` dependency /// while legacy startup/config paths are migrated to RPCs. pub mod legacy_core { - pub use codex_core::DEFAULT_AGENTS_MD_FILENAME; - pub use codex_core::LOCAL_AGENTS_MD_FILENAME; - pub use codex_core::McpManager; pub use codex_core::check_execpolicy_for_warnings; pub use codex_core::format_exec_policy_error_with_source; - pub use codex_core::grant_read_root_non_elevated; - pub use codex_core::web_search_detail; pub mod config { pub use codex_core::config::*; @@ -85,42 +85,27 @@ pub mod legacy_core { pub use codex_core::config::edit::*; } } +} - pub mod connectors { - pub use codex_core::connectors::*; - } - - pub mod otel_init { - pub use codex_core::otel_init::*; - } - - pub mod personality_migration { - pub use codex_core::personality_migration::*; - } - - pub mod review_format { - pub use codex_core::review_format::*; - } - - pub mod review_prompts { - pub use codex_core::review_prompts::*; - } - - pub mod test_support { - pub use codex_core::test_support::*; - } - - pub mod util { - pub use codex_core::util::*; - } +const SHUTDOWN_TIMEOUT: Duration = Duration::from_secs(5); - pub mod windows_sandbox { - pub use codex_core::windows_sandbox::*; +/// Runs the embedded app-server personality migration. +/// +/// Returns `true` when the migration changed config and the caller should reload it. +pub async fn migrate_personality_if_needed( + codex_home: &Path, + config_toml: &ConfigToml, + state_db: Option, +) -> IoResult { + let status = maybe_migrate_personality(codex_home, config_toml, state_db).await?; + match status { + PersonalityMigrationStatus::Applied => Ok(true), + PersonalityMigrationStatus::SkippedMarker + | PersonalityMigrationStatus::SkippedExplicitPersonality + | PersonalityMigrationStatus::SkippedNoSessions => Ok(false), } } -const SHUTDOWN_TIMEOUT: Duration = Duration::from_secs(5); - /// Raw app-server request result for typed in-process requests. /// /// Even on the in-process path, successful responses still travel back through @@ -178,6 +163,7 @@ pub(crate) fn server_notification_requires_delivery(notification: &ServerNotific ServerNotification::TurnCompleted(_) | ServerNotification::ThreadSettingsUpdated(_) | ServerNotification::ItemCompleted(_) + | ServerNotification::ExternalAgentConfigImportCompleted(_) | ServerNotification::AgentMessageDelta(_) | ServerNotification::PlanDelta(_) | ServerNotification::ReasoningSummaryTextDelta(_) @@ -2159,6 +2145,13 @@ mod tests { ) ) )); + assert!(event_requires_delivery( + &InProcessServerEvent::ServerNotification( + codex_app_server_protocol::ServerNotification::ExternalAgentConfigImportCompleted( + codex_app_server_protocol::ExternalAgentConfigImportCompletedNotification {}, + ) + ) + )); assert!(!event_requires_delivery(&InProcessServerEvent::Lagged { skipped: 1 })); diff --git a/codex-rs/app-server-protocol/schema/json/ClientRequest.json b/codex-rs/app-server-protocol/schema/json/ClientRequest.json index dc5dd6ad604..6bdf1953619 100644 --- a/codex-rs/app-server-protocol/schema/json/ClientRequest.json +++ b/codex-rs/app-server-protocol/schema/json/ClientRequest.json @@ -34,6 +34,30 @@ ], "type": "string" }, + "AgentMessageInputContent": { + "oneOf": [ + { + "properties": { + "encrypted_content": { + "type": "string" + }, + "type": { + "enum": [ + "encrypted_content" + ], + "title": "EncryptedContentAgentMessageInputContentType", + "type": "string" + } + }, + "required": [ + "encrypted_content", + "type" + ], + "title": "EncryptedContentAgentMessageInputContent", + "type": "object" + } + ] + }, "ApprovalsReviewer": { "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `auto_review` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request. The legacy value `guardian_subagent` is accepted for compatibility.", "enum": [ @@ -156,6 +180,36 @@ ], "type": "object" }, + "CapabilityRootLocation": { + "description": "Location used to resolve a selected capability root.", + "oneOf": [ + { + "description": "A path owned by an execution environment.", + "properties": { + "environmentId": { + "type": "string" + }, + "path": { + "type": "string" + }, + "type": { + "enum": [ + "environment" + ], + "title": "EnvironmentCapabilityRootLocationType", + "type": "string" + } + }, + "required": [ + "environmentId", + "path", + "type" + ], + "title": "EnvironmentCapabilityRootLocation", + "type": "object" + } + ] + }, "ClientInfo": { "properties": { "name": { @@ -1939,6 +1993,13 @@ ], "type": "object" }, + "RealtimeConversationVersion": { + "enum": [ + "v1", + "v2" + ], + "type": "string" + }, "RealtimeOutputModality": { "enum": [ "text", @@ -1971,15 +2032,8 @@ "type": "string" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningItemContent": { @@ -2127,6 +2181,37 @@ "title": "MessageResponseItem", "type": "object" }, + { + "properties": { + "author": { + "type": "string" + }, + "content": { + "items": { + "$ref": "#/definitions/AgentMessageInputContent" + }, + "type": "array" + }, + "recipient": { + "type": "string" + }, + "type": { + "enum": [ + "agent_message" + ], + "title": "AgentMessageResponseItemType", + "type": "string" + } + }, + "required": [ + "author", + "content", + "recipient", + "type" + ], + "title": "AgentMessageResponseItem", + "type": "object" + }, { "properties": { "content": { @@ -2899,6 +2984,28 @@ } ] }, + "SelectedCapabilityRoot": { + "description": "A user-selected root that can expose one or more runtime capabilities.", + "properties": { + "id": { + "description": "Stable identifier supplied by the capability selection platform.", + "type": "string" + }, + "location": { + "allOf": [ + { + "$ref": "#/definitions/CapabilityRootLocation" + } + ], + "description": "Where the selected root can be resolved." + } + }, + "required": [ + "id", + "location" + ], + "type": "object" + }, "SendAddCreditsNudgeEmailParams": { "properties": { "creditType": { @@ -3096,6 +3203,17 @@ ], "type": "object" }, + "ThreadDeleteParams": { + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "type": "object" + }, "ThreadForkParams": { "description": "There are two ways to fork a thread: 1. By thread_id: load the thread from disk by thread_id and fork it into a new thread. 2. By path: load the thread from disk by path and fork it into a new thread.\n\nIf using a non-empty path, the thread_id param will be ignored. Empty string path values are treated as absent.\n\nPrefer using thread_id whenever possible.", "properties": { @@ -3747,11 +3865,6 @@ "type": "string" }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadSourceKind": { @@ -4412,6 +4525,30 @@ "title": "Thread/archiveRequest", "type": "object" }, + { + "properties": { + "id": { + "$ref": "#/definitions/RequestId" + }, + "method": { + "enum": [ + "thread/delete" + ], + "title": "Thread/deleteRequestMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/ThreadDeleteParams" + } + }, + "required": [ + "id", + "method", + "params" + ], + "title": "Thread/deleteRequest", + "type": "object" + }, { "properties": { "id": { @@ -5921,6 +6058,29 @@ "title": "Account/rateLimits/readRequest", "type": "object" }, + { + "properties": { + "id": { + "$ref": "#/definitions/RequestId" + }, + "method": { + "enum": [ + "account/usage/read" + ], + "title": "Account/usage/readRequestMethod", + "type": "string" + }, + "params": { + "type": "null" + } + }, + "required": [ + "id", + "method" + ], + "title": "Account/usage/readRequest", + "type": "object" + }, { "properties": { "id": { diff --git a/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json b/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json index 961e24c2c28..f2ab7833420 100644 --- a/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json +++ b/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json @@ -288,8 +288,8 @@ "environmentId": { "default": null, "type": [ - "null", - "string" + "string", + "null" ] }, "itemId": { @@ -326,4 +326,4 @@ ], "title": "PermissionsRequestApprovalParams", "type": "object" -} +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/ServerNotification.json b/codex-rs/app-server-protocol/schema/json/ServerNotification.json index faf5a96879d..1c37ea6f335 100644 --- a/codex-rs/app-server-protocol/schema/json/ServerNotification.json +++ b/codex-rs/app-server-protocol/schema/json/ServerNotification.json @@ -525,6 +525,20 @@ "agentIdentity" ], "type": "string" + }, + { + "description": "Programmatic Codex auth backed by a personal access token.", + "enum": [ + "personalAccessToken" + ], + "type": "string" + }, + { + "description": "Amazon Bedrock bearer token managed by Codex.", + "enum": [ + "bedrockApiKey" + ], + "type": "string" } ] }, @@ -2227,6 +2241,12 @@ }, "status": { "$ref": "#/definitions/McpServerStartupState" + }, + "threadId": { + "type": [ + "string", + "null" + ] } }, "required": [ @@ -2777,15 +2797,8 @@ "type": "string" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningSummary": { @@ -3171,6 +3184,14 @@ ], "type": "object" }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -3509,6 +3530,17 @@ ], "type": "object" }, + "ThreadDeletedNotification": { + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "type": "object" + }, "ThreadGoal": { "properties": { "createdAt": { @@ -4101,6 +4133,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -4569,11 +4633,6 @@ "type": "object" }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStartedNotification": { @@ -4916,6 +4975,23 @@ } ] }, + "TurnModerationMetadataNotification": { + "properties": { + "metadata": true, + "threadId": { + "type": "string" + }, + "turnId": { + "type": "string" + } + }, + "required": [ + "metadata", + "threadId", + "turnId" + ], + "type": "object" + }, "TurnPlanStep": { "properties": { "status": { @@ -5389,6 +5465,26 @@ "title": "Thread/archivedNotification", "type": "object" }, + { + "properties": { + "method": { + "enum": [ + "thread/deleted" + ], + "title": "Thread/deletedNotificationMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/ThreadDeletedNotification" + } + }, + "required": [ + "method", + "params" + ], + "title": "Thread/deletedNotification", + "type": "object" + }, { "properties": { "method": { @@ -6255,6 +6351,26 @@ "title": "Model/verificationNotification", "type": "object" }, + { + "properties": { + "method": { + "enum": [ + "turn/moderationMetadata" + ], + "title": "Turn/moderationMetadataNotificationMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/TurnModerationMetadataNotification" + } + }, + "required": [ + "method", + "params" + ], + "title": "Turn/moderationMetadataNotification", + "type": "object" + }, { "properties": { "method": { diff --git a/codex-rs/app-server-protocol/schema/json/ServerRequest.json b/codex-rs/app-server-protocol/schema/json/ServerRequest.json index 13bac2e118a..dbfca64f4cf 100644 --- a/codex-rs/app-server-protocol/schema/json/ServerRequest.json +++ b/codex-rs/app-server-protocol/schema/json/ServerRequest.json @@ -1593,8 +1593,8 @@ "environmentId": { "default": null, "type": [ - "null", - "string" + "string", + "null" ] }, "itemId": { @@ -2005,4 +2005,4 @@ } ], "title": "ServerRequest" -} +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json index 6aa4c5f35e0..62b07176910 100644 --- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json +++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json @@ -324,6 +324,30 @@ "title": "Thread/archiveRequest", "type": "object" }, + { + "properties": { + "id": { + "$ref": "#/definitions/v2/RequestId" + }, + "method": { + "enum": [ + "thread/delete" + ], + "title": "Thread/deleteRequestMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/v2/ThreadDeleteParams" + } + }, + "required": [ + "id", + "method", + "params" + ], + "title": "Thread/deleteRequest", + "type": "object" + }, { "properties": { "id": { @@ -1833,6 +1857,29 @@ "title": "Account/rateLimits/readRequest", "type": "object" }, + { + "properties": { + "id": { + "$ref": "#/definitions/v2/RequestId" + }, + "method": { + "enum": [ + "account/usage/read" + ], + "title": "Account/usage/readRequestMethod", + "type": "string" + }, + "params": { + "type": "null" + } + }, + "required": [ + "id", + "method" + ], + "title": "Account/usage/readRequest", + "type": "object" + }, { "properties": { "id": { @@ -3786,8 +3833,8 @@ "environmentId": { "default": null, "type": [ - "null", - "string" + "string", + "null" ] }, "itemId": { @@ -4038,6 +4085,26 @@ "title": "Thread/archivedNotification", "type": "object" }, + { + "properties": { + "method": { + "enum": [ + "thread/deleted" + ], + "title": "Thread/deletedNotificationMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/v2/ThreadDeletedNotification" + } + }, + "required": [ + "method", + "params" + ], + "title": "Thread/deletedNotification", + "type": "object" + }, { "properties": { "method": { @@ -4904,6 +4971,26 @@ "title": "Model/verificationNotification", "type": "object" }, + { + "properties": { + "method": { + "enum": [ + "turn/moderationMetadata" + ], + "title": "Turn/moderationMetadataNotificationMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/v2/TurnModerationMetadataNotification" + } + }, + "required": [ + "method", + "params" + ], + "title": "Turn/moderationMetadataNotification", + "type": "object" + }, { "properties": { "method": { @@ -5739,6 +5826,62 @@ "title": "AccountRateLimitsUpdatedNotification", "type": "object" }, + "AccountTokenUsageDailyBucket": { + "properties": { + "startDate": { + "type": "string" + }, + "tokens": { + "format": "int64", + "type": "integer" + } + }, + "required": [ + "startDate", + "tokens" + ], + "type": "object" + }, + "AccountTokenUsageSummary": { + "properties": { + "currentStreakDays": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "lifetimeTokens": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "longestRunningTurnSec": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "longestStreakDays": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "peakDailyTokens": { + "format": "int64", + "type": [ + "integer", + "null" + ] + } + }, + "type": "object" + }, "AccountUpdatedNotification": { "$schema": "http://json-schema.org/draft-07/schema#", "properties": { @@ -5900,6 +6043,30 @@ "title": "AgentMessageDeltaNotification", "type": "object" }, + "AgentMessageInputContent": { + "oneOf": [ + { + "properties": { + "encrypted_content": { + "type": "string" + }, + "type": { + "enum": [ + "encrypted_content" + ], + "title": "EncryptedContentAgentMessageInputContentType", + "type": "string" + } + }, + "required": [ + "encrypted_content", + "type" + ], + "title": "EncryptedContentAgentMessageInputContent", + "type": "object" + } + ] + }, "AgentPath": { "type": "string" }, @@ -6249,6 +6416,12 @@ "AppSummary": { "description": "EXPERIMENTAL - app metadata summary for plugin responses.", "properties": { + "category": { + "type": [ + "string", + "null" + ] + }, "description": { "type": [ "string", @@ -6266,18 +6439,83 @@ }, "name": { "type": "string" - }, - "needsAuth": { - "type": "boolean" } }, "required": [ "id", + "name" + ], + "type": "object" + }, + "AppTemplateSummary": { + "properties": { + "canonicalConnectorId": { + "type": [ + "string", + "null" + ] + }, + "category": { + "type": [ + "string", + "null" + ] + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "logoUrl": { + "type": [ + "string", + "null" + ] + }, + "logoUrlDark": { + "type": [ + "string", + "null" + ] + }, + "materializedAppIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "reason": { + "anyOf": [ + { + "$ref": "#/definitions/v2/AppTemplateUnavailableReason" + }, + { + "type": "null" + } + ] + }, + "templateId": { + "type": "string" + } + }, + "required": [ + "materializedAppIds", "name", - "needsAuth" + "templateId" ], "type": "object" }, + "AppTemplateUnavailableReason": { + "enum": [ + "NOT_CONFIGURED_FOR_WORKSPACE", + "NO_ACTIVE_WORKSPACE" + ], + "type": "string" + }, "AppToolApproval": { "enum": [ "auto", @@ -6491,6 +6729,20 @@ "agentIdentity" ], "type": "string" + }, + { + "description": "Programmatic Codex auth backed by a personal access token.", + "enum": [ + "personalAccessToken" + ], + "type": "string" + }, + { + "description": "Amazon Bedrock bearer token managed by Codex.", + "enum": [ + "bedrockApiKey" + ], + "type": "string" } ] }, @@ -6572,6 +6824,36 @@ ], "type": "string" }, + "CapabilityRootLocation": { + "description": "Location used to resolve a selected capability root.", + "oneOf": [ + { + "description": "A path owned by an execution environment.", + "properties": { + "environmentId": { + "type": "string" + }, + "path": { + "type": "string" + }, + "type": { + "enum": [ + "environment" + ], + "title": "EnvironmentCapabilityRootLocationType", + "type": "string" + } + }, + "required": [ + "environmentId", + "path", + "type" + ], + "title": "EnvironmentCapabilityRootLocation", + "type": "object" + } + ] + }, "CodexErrorInfo": { "description": "This translation layer make sure that we expose codex error code in camel case.\n\nWhen an upstream HTTP status is available (for example, from the Responses API or a provider), it is forwarded in `httpStatusCode` on the relevant `codexErrorInfo` variant.", "oneOf": [ @@ -7827,12 +8109,12 @@ "null" ] }, - "allowedPermissions": { - "items": { - "type": "string" + "allowedPermissionProfiles": { + "additionalProperties": { + "type": "boolean" }, "type": [ - "array", + "object", "null" ] }, @@ -7873,6 +8155,12 @@ } ] }, + "defaultPermissions": { + "type": [ + "string", + "null" + ] + }, "enforceResidency": { "anyOf": [ { @@ -9519,6 +9807,28 @@ "title": "GetAccountResponse", "type": "object" }, + "GetAccountTokenUsageResponse": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "dailyUsageBuckets": { + "items": { + "$ref": "#/definitions/v2/AccountTokenUsageDailyBucket" + }, + "type": [ + "array", + "null" + ] + }, + "summary": { + "$ref": "#/definitions/v2/AccountTokenUsageSummary" + } + }, + "required": [ + "summary" + ], + "title": "GetAccountTokenUsageResponse", + "type": "object" + }, "GitInfo": { "properties": { "branch": { @@ -11241,6 +11551,12 @@ }, "status": { "$ref": "#/definitions/v2/McpServerStartupState" + }, + "threadId": { + "type": [ + "string", + "null" + ] } }, "required": [ @@ -12168,6 +12484,12 @@ }, "PluginDetail": { "properties": { + "appTemplates": { + "items": { + "$ref": "#/definitions/v2/AppTemplateSummary" + }, + "type": "array" + }, "apps": { "items": { "$ref": "#/definitions/v2/AppSummary" @@ -12216,6 +12538,7 @@ } }, "required": [ + "appTemplates", "apps", "hooks", "marketplaceName", @@ -13525,15 +13848,8 @@ "type": "object" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningEffortOption": { @@ -13987,6 +14303,37 @@ "title": "MessageResponseItem", "type": "object" }, + { + "properties": { + "author": { + "type": "string" + }, + "content": { + "items": { + "$ref": "#/definitions/v2/AgentMessageInputContent" + }, + "type": "array" + }, + "recipient": { + "type": "string" + }, + "type": { + "enum": [ + "agent_message" + ], + "title": "AgentMessageResponseItemType", + "type": "string" + } + }, + "required": [ + "author", + "content", + "recipient", + "type" + ], + "title": "AgentMessageResponseItem", + "type": "object" + }, { "properties": { "content": { @@ -14803,6 +15150,28 @@ }, "type": "object" }, + "SelectedCapabilityRoot": { + "description": "A user-selected root that can expose one or more runtime capabilities.", + "properties": { + "id": { + "description": "Stable identifier supplied by the capability selection platform.", + "type": "string" + }, + "location": { + "allOf": [ + { + "$ref": "#/definitions/v2/CapabilityRootLocation" + } + ], + "description": "Where the selected root can be resolved." + } + }, + "required": [ + "id", + "location" + ], + "type": "object" + }, "SendAddCreditsNudgeEmailParams": { "$schema": "http://json-schema.org/draft-07/schema#", "properties": { @@ -15322,6 +15691,14 @@ ], "type": "object" }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -15735,6 +16112,37 @@ "title": "ThreadCompactStartResponse", "type": "object" }, + "ThreadDeleteParams": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "title": "ThreadDeleteParams", + "type": "object" + }, + "ThreadDeleteResponse": { + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "ThreadDeleteResponse", + "type": "object" + }, + "ThreadDeletedNotification": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "title": "ThreadDeletedNotification", + "type": "object" + }, "ThreadForkParams": { "$schema": "http://json-schema.org/draft-07/schema#", "description": "There are two ways to fork a thread: 1. By thread_id: load the thread from disk by thread_id and fork it into a new thread. 2. By path: load the thread from disk by path and fork it into a new thread.\n\nIf using a non-empty path, the thread_id param will be ignored. Empty string path values are treated as absent.\n\nPrefer using thread_id whenever possible.", @@ -16634,6 +17042,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/v2/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -17759,11 +18199,6 @@ "type": "string" }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadSourceKind": { @@ -18483,6 +18918,25 @@ } ] }, + "TurnModerationMetadataNotification": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "metadata": true, + "threadId": { + "type": "string" + }, + "turnId": { + "type": "string" + } + }, + "required": [ + "metadata", + "threadId", + "turnId" + ], + "title": "TurnModerationMetadataNotification", + "type": "object" + }, "TurnPlanStep": { "properties": { "status": { @@ -19239,4 +19693,4 @@ }, "title": "CodexAppServerProtocol", "type": "object" -} +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json index 6d859ee5f38..d9f0b91798a 100644 --- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json +++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json @@ -104,6 +104,62 @@ "title": "AccountRateLimitsUpdatedNotification", "type": "object" }, + "AccountTokenUsageDailyBucket": { + "properties": { + "startDate": { + "type": "string" + }, + "tokens": { + "format": "int64", + "type": "integer" + } + }, + "required": [ + "startDate", + "tokens" + ], + "type": "object" + }, + "AccountTokenUsageSummary": { + "properties": { + "currentStreakDays": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "lifetimeTokens": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "longestRunningTurnSec": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "longestStreakDays": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "peakDailyTokens": { + "format": "int64", + "type": [ + "integer", + "null" + ] + } + }, + "type": "object" + }, "AccountUpdatedNotification": { "$schema": "http://json-schema.org/draft-07/schema#", "properties": { @@ -265,6 +321,30 @@ "title": "AgentMessageDeltaNotification", "type": "object" }, + "AgentMessageInputContent": { + "oneOf": [ + { + "properties": { + "encrypted_content": { + "type": "string" + }, + "type": { + "enum": [ + "encrypted_content" + ], + "title": "EncryptedContentAgentMessageInputContentType", + "type": "string" + } + }, + "required": [ + "encrypted_content", + "type" + ], + "title": "EncryptedContentAgentMessageInputContent", + "type": "object" + } + ] + }, "AgentPath": { "type": "string" }, @@ -614,6 +694,12 @@ "AppSummary": { "description": "EXPERIMENTAL - app metadata summary for plugin responses.", "properties": { + "category": { + "type": [ + "string", + "null" + ] + }, "description": { "type": [ "string", @@ -631,18 +717,83 @@ }, "name": { "type": "string" - }, - "needsAuth": { - "type": "boolean" } }, "required": [ "id", + "name" + ], + "type": "object" + }, + "AppTemplateSummary": { + "properties": { + "canonicalConnectorId": { + "type": [ + "string", + "null" + ] + }, + "category": { + "type": [ + "string", + "null" + ] + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "logoUrl": { + "type": [ + "string", + "null" + ] + }, + "logoUrlDark": { + "type": [ + "string", + "null" + ] + }, + "materializedAppIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "reason": { + "anyOf": [ + { + "$ref": "#/definitions/AppTemplateUnavailableReason" + }, + { + "type": "null" + } + ] + }, + "templateId": { + "type": "string" + } + }, + "required": [ + "materializedAppIds", "name", - "needsAuth" + "templateId" ], "type": "object" }, + "AppTemplateUnavailableReason": { + "enum": [ + "NOT_CONFIGURED_FOR_WORKSPACE", + "NO_ACTIVE_WORKSPACE" + ], + "type": "string" + }, "AppToolApproval": { "enum": [ "auto", @@ -856,6 +1007,20 @@ "agentIdentity" ], "type": "string" + }, + { + "description": "Programmatic Codex auth backed by a personal access token.", + "enum": [ + "personalAccessToken" + ], + "type": "string" + }, + { + "description": "Amazon Bedrock bearer token managed by Codex.", + "enum": [ + "bedrockApiKey" + ], + "type": "string" } ] }, @@ -937,6 +1102,36 @@ ], "type": "string" }, + "CapabilityRootLocation": { + "description": "Location used to resolve a selected capability root.", + "oneOf": [ + { + "description": "A path owned by an execution environment.", + "properties": { + "environmentId": { + "type": "string" + }, + "path": { + "type": "string" + }, + "type": { + "enum": [ + "environment" + ], + "title": "EnvironmentCapabilityRootLocationType", + "type": "string" + } + }, + "required": [ + "environmentId", + "path", + "type" + ], + "title": "EnvironmentCapabilityRootLocation", + "type": "object" + } + ] + }, "ClientInfo": { "properties": { "name": { @@ -1083,6 +1278,30 @@ "title": "Thread/archiveRequest", "type": "object" }, + { + "properties": { + "id": { + "$ref": "#/definitions/RequestId" + }, + "method": { + "enum": [ + "thread/delete" + ], + "title": "Thread/deleteRequestMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/ThreadDeleteParams" + } + }, + "required": [ + "id", + "method", + "params" + ], + "title": "Thread/deleteRequest", + "type": "object" + }, { "properties": { "id": { @@ -2592,6 +2811,29 @@ "title": "Account/rateLimits/readRequest", "type": "object" }, + { + "properties": { + "id": { + "$ref": "#/definitions/RequestId" + }, + "method": { + "enum": [ + "account/usage/read" + ], + "title": "Account/usage/readRequestMethod", + "type": "string" + }, + "params": { + "type": "null" + } + }, + "required": [ + "id", + "method" + ], + "title": "Account/usage/readRequest", + "type": "object" + }, { "properties": { "id": { @@ -4189,12 +4431,12 @@ "null" ] }, - "allowedPermissions": { - "items": { - "type": "string" + "allowedPermissionProfiles": { + "additionalProperties": { + "type": "boolean" }, "type": [ - "array", + "object", "null" ] }, @@ -4235,6 +4477,12 @@ } ] }, + "defaultPermissions": { + "type": [ + "string", + "null" + ] + }, "enforceResidency": { "anyOf": [ { @@ -5992,6 +6240,28 @@ "title": "GetAccountResponse", "type": "object" }, + "GetAccountTokenUsageResponse": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "dailyUsageBuckets": { + "items": { + "$ref": "#/definitions/AccountTokenUsageDailyBucket" + }, + "type": [ + "array", + "null" + ] + }, + "summary": { + "$ref": "#/definitions/AccountTokenUsageSummary" + } + }, + "required": [ + "summary" + ], + "title": "GetAccountTokenUsageResponse", + "type": "object" + }, "GitInfo": { "properties": { "branch": { @@ -7763,6 +8033,12 @@ }, "status": { "$ref": "#/definitions/McpServerStartupState" + }, + "threadId": { + "type": [ + "string", + "null" + ] } }, "required": [ @@ -8690,6 +8966,12 @@ }, "PluginDetail": { "properties": { + "appTemplates": { + "items": { + "$ref": "#/definitions/AppTemplateSummary" + }, + "type": "array" + }, "apps": { "items": { "$ref": "#/definitions/AppSummary" @@ -8738,6 +9020,7 @@ } }, "required": [ + "appTemplates", "apps", "hooks", "marketplaceName", @@ -10047,15 +10330,8 @@ "type": "object" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningEffortOption": { @@ -10509,6 +10785,37 @@ "title": "MessageResponseItem", "type": "object" }, + { + "properties": { + "author": { + "type": "string" + }, + "content": { + "items": { + "$ref": "#/definitions/AgentMessageInputContent" + }, + "type": "array" + }, + "recipient": { + "type": "string" + }, + "type": { + "enum": [ + "agent_message" + ], + "title": "AgentMessageResponseItemType", + "type": "string" + } + }, + "required": [ + "author", + "content", + "recipient", + "type" + ], + "title": "AgentMessageResponseItem", + "type": "object" + }, { "properties": { "content": { @@ -11325,6 +11632,28 @@ }, "type": "object" }, + "SelectedCapabilityRoot": { + "description": "A user-selected root that can expose one or more runtime capabilities.", + "properties": { + "id": { + "description": "Stable identifier supplied by the capability selection platform.", + "type": "string" + }, + "location": { + "allOf": [ + { + "$ref": "#/definitions/CapabilityRootLocation" + } + ], + "description": "Where the selected root can be resolved." + } + }, + "required": [ + "id", + "location" + ], + "type": "object" + }, "SendAddCreditsNudgeEmailParams": { "$schema": "http://json-schema.org/draft-07/schema#", "properties": { @@ -11436,6 +11765,26 @@ "title": "Thread/archivedNotification", "type": "object" }, + { + "properties": { + "method": { + "enum": [ + "thread/deleted" + ], + "title": "Thread/deletedNotificationMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/ThreadDeletedNotification" + } + }, + "required": [ + "method", + "params" + ], + "title": "Thread/deletedNotification", + "type": "object" + }, { "properties": { "method": { @@ -12302,6 +12651,26 @@ "title": "Model/verificationNotification", "type": "object" }, + { + "properties": { + "method": { + "enum": [ + "turn/moderationMetadata" + ], + "title": "Turn/moderationMetadataNotificationMethod", + "type": "string" + }, + "params": { + "$ref": "#/definitions/TurnModerationMetadataNotification" + } + }, + "required": [ + "method", + "params" + ], + "title": "Turn/moderationMetadataNotification", + "type": "object" + }, { "properties": { "method": { @@ -13139,6 +13508,14 @@ ], "type": "object" }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -13552,6 +13929,37 @@ "title": "ThreadCompactStartResponse", "type": "object" }, + "ThreadDeleteParams": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "title": "ThreadDeleteParams", + "type": "object" + }, + "ThreadDeleteResponse": { + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "ThreadDeleteResponse", + "type": "object" + }, + "ThreadDeletedNotification": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "title": "ThreadDeletedNotification", + "type": "object" + }, "ThreadForkParams": { "$schema": "http://json-schema.org/draft-07/schema#", "description": "There are two ways to fork a thread: 1. By thread_id: load the thread from disk by thread_id and fork it into a new thread. 2. By path: load the thread from disk by path and fork it into a new thread.\n\nIf using a non-empty path, the thread_id param will be ignored. Empty string path values are treated as absent.\n\nPrefer using thread_id whenever possible.", @@ -14451,6 +14859,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -15576,11 +16016,6 @@ "type": "string" }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadSourceKind": { @@ -16300,6 +16735,25 @@ } ] }, + "TurnModerationMetadataNotification": { + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "metadata": true, + "threadId": { + "type": "string" + }, + "turnId": { + "type": "string" + } + }, + "required": [ + "metadata", + "threadId", + "turnId" + ], + "title": "TurnModerationMetadataNotification", + "type": "object" + }, "TurnPlanStep": { "properties": { "status": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/AccountUpdatedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/AccountUpdatedNotification.json index e7546f5570e..5c1847c56cd 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/AccountUpdatedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/AccountUpdatedNotification.json @@ -31,6 +31,20 @@ "agentIdentity" ], "type": "string" + }, + { + "description": "Programmatic Codex auth backed by a personal access token.", + "enum": [ + "personalAccessToken" + ], + "type": "string" + }, + { + "description": "Amazon Bedrock bearer token managed by Codex.", + "enum": [ + "bedrockApiKey" + ], + "type": "string" } ] }, diff --git a/codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json index 09cf8978988..e311090f2c8 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json @@ -667,15 +667,8 @@ "type": "string" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningSummary": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json index 0b8170d659c..def89d64e36 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json @@ -94,12 +94,12 @@ "null" ] }, - "allowedPermissions": { - "items": { - "type": "string" + "allowedPermissionProfiles": { + "additionalProperties": { + "type": "boolean" }, "type": [ - "array", + "object", "null" ] }, @@ -140,6 +140,12 @@ } ] }, + "defaultPermissions": { + "type": [ + "string", + "null" + ] + }, "enforceResidency": { "anyOf": [ { diff --git a/codex-rs/app-server-protocol/schema/json/v2/GetAccountTokenUsageResponse.json b/codex-rs/app-server-protocol/schema/json/v2/GetAccountTokenUsageResponse.json new file mode 100644 index 00000000000..557a297ce11 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/json/v2/GetAccountTokenUsageResponse.json @@ -0,0 +1,80 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "definitions": { + "AccountTokenUsageDailyBucket": { + "properties": { + "startDate": { + "type": "string" + }, + "tokens": { + "format": "int64", + "type": "integer" + } + }, + "required": [ + "startDate", + "tokens" + ], + "type": "object" + }, + "AccountTokenUsageSummary": { + "properties": { + "currentStreakDays": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "lifetimeTokens": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "longestRunningTurnSec": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "longestStreakDays": { + "format": "int64", + "type": [ + "integer", + "null" + ] + }, + "peakDailyTokens": { + "format": "int64", + "type": [ + "integer", + "null" + ] + } + }, + "type": "object" + } + }, + "properties": { + "dailyUsageBuckets": { + "items": { + "$ref": "#/definitions/AccountTokenUsageDailyBucket" + }, + "type": [ + "array", + "null" + ] + }, + "summary": { + "$ref": "#/definitions/AccountTokenUsageSummary" + } + }, + "required": [ + "summary" + ], + "title": "GetAccountTokenUsageResponse", + "type": "object" +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/v2/ItemCompletedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/ItemCompletedNotification.json index 8ba25f9a07d..162f3aa3d92 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ItemCompletedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ItemCompletedNotification.json @@ -462,14 +462,15 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, + "type": "string" + }, + "SubAgentActivityKind": { "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" + "started", + "interacted", + "interrupted" ], "type": "string" }, @@ -996,6 +997,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ItemStartedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/ItemStartedNotification.json index 70fc43f7b8a..af3b1ddd1b4 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ItemStartedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ItemStartedNotification.json @@ -462,14 +462,15 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, + "type": "string" + }, + "SubAgentActivityKind": { "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" + "started", + "interacted", + "interrupted" ], "type": "string" }, @@ -996,6 +997,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/McpServerStatusUpdatedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/McpServerStatusUpdatedNotification.json index b0e2cd5a072..87dab90cff3 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/McpServerStatusUpdatedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/McpServerStatusUpdatedNotification.json @@ -23,6 +23,12 @@ }, "status": { "$ref": "#/definitions/McpServerStartupState" + }, + "threadId": { + "type": [ + "string", + "null" + ] } }, "required": [ diff --git a/codex-rs/app-server-protocol/schema/json/v2/ModelListResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ModelListResponse.json index 32ec2e76796..ce6c976d340 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ModelListResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ModelListResponse.json @@ -185,15 +185,8 @@ "type": "object" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningEffortOption": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/PluginInstallResponse.json b/codex-rs/app-server-protocol/schema/json/v2/PluginInstallResponse.json index 2ca7fda4613..c9b4f6caf03 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/PluginInstallResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/PluginInstallResponse.json @@ -4,6 +4,12 @@ "AppSummary": { "description": "EXPERIMENTAL - app metadata summary for plugin responses.", "properties": { + "category": { + "type": [ + "string", + "null" + ] + }, "description": { "type": [ "string", @@ -21,15 +27,11 @@ }, "name": { "type": "string" - }, - "needsAuth": { - "type": "boolean" } }, "required": [ "id", - "name", - "needsAuth" + "name" ], "type": "object" }, diff --git a/codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json b/codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json index c9fe43c34f9..04919f85920 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json @@ -8,6 +8,12 @@ "AppSummary": { "description": "EXPERIMENTAL - app metadata summary for plugin responses.", "properties": { + "category": { + "type": [ + "string", + "null" + ] + }, "description": { "type": [ "string", @@ -25,18 +31,83 @@ }, "name": { "type": "string" - }, - "needsAuth": { - "type": "boolean" } }, "required": [ "id", + "name" + ], + "type": "object" + }, + "AppTemplateSummary": { + "properties": { + "canonicalConnectorId": { + "type": [ + "string", + "null" + ] + }, + "category": { + "type": [ + "string", + "null" + ] + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "logoUrl": { + "type": [ + "string", + "null" + ] + }, + "logoUrlDark": { + "type": [ + "string", + "null" + ] + }, + "materializedAppIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "reason": { + "anyOf": [ + { + "$ref": "#/definitions/AppTemplateUnavailableReason" + }, + { + "type": "null" + } + ] + }, + "templateId": { + "type": "string" + } + }, + "required": [ + "materializedAppIds", "name", - "needsAuth" + "templateId" ], "type": "object" }, + "AppTemplateUnavailableReason": { + "enum": [ + "NOT_CONFIGURED_FOR_WORKSPACE", + "NO_ACTIVE_WORKSPACE" + ], + "type": "string" + }, "HookEventName": { "enum": [ "preToolUse", @@ -78,6 +149,12 @@ }, "PluginDetail": { "properties": { + "appTemplates": { + "items": { + "$ref": "#/definitions/AppTemplateSummary" + }, + "type": "array" + }, "apps": { "items": { "$ref": "#/definitions/AppSummary" @@ -126,6 +203,7 @@ } }, "required": [ + "appTemplates", "apps", "hooks", "marketplaceName", diff --git a/codex-rs/app-server-protocol/schema/json/v2/RawResponseItemCompletedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/RawResponseItemCompletedNotification.json index f82acbae64c..c18f9aeb159 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/RawResponseItemCompletedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/RawResponseItemCompletedNotification.json @@ -1,6 +1,30 @@ { "$schema": "http://json-schema.org/draft-07/schema#", "definitions": { + "AgentMessageInputContent": { + "oneOf": [ + { + "properties": { + "encrypted_content": { + "type": "string" + }, + "type": { + "enum": [ + "encrypted_content" + ], + "title": "EncryptedContentAgentMessageInputContentType", + "type": "string" + } + }, + "required": [ + "encrypted_content", + "type" + ], + "title": "EncryptedContentAgentMessageInputContent", + "type": "object" + } + ] + }, "ContentItem": { "oneOf": [ { @@ -369,6 +393,37 @@ "title": "MessageResponseItem", "type": "object" }, + { + "properties": { + "author": { + "type": "string" + }, + "content": { + "items": { + "$ref": "#/definitions/AgentMessageInputContent" + }, + "type": "array" + }, + "recipient": { + "type": "string" + }, + "type": { + "enum": [ + "agent_message" + ], + "title": "AgentMessageResponseItemType", + "type": "string" + } + }, + "required": [ + "author", + "content", + "recipient", + "type" + ], + "title": "AgentMessageResponseItem", + "type": "object" + }, { "properties": { "content": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ReviewStartResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ReviewStartResponse.json index a644ce8c4e6..8918f6cae40 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ReviewStartResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ReviewStartResponse.json @@ -606,14 +606,15 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, + "type": "string" + }, + "SubAgentActivityKind": { "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" + "started", + "interacted", + "interrupted" ], "type": "string" }, @@ -1140,6 +1141,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadDeleteParams.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadDeleteParams.json new file mode 100644 index 00000000000..1711e11a2f3 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadDeleteParams.json @@ -0,0 +1,13 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "title": "ThreadDeleteParams", + "type": "object" +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadDeleteResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadDeleteResponse.json new file mode 100644 index 00000000000..ff9f485338d --- /dev/null +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadDeleteResponse.json @@ -0,0 +1,5 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "ThreadDeleteResponse", + "type": "object" +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadDeletedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadDeletedNotification.json new file mode 100644 index 00000000000..53011ea0145 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadDeletedNotification.json @@ -0,0 +1,13 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "threadId": { + "type": "string" + } + }, + "required": [ + "threadId" + ], + "title": "ThreadDeletedNotification", + "type": "object" +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json index 9d2f834dd8c..e72522a26a9 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json @@ -1,6 +1,10 @@ { "$schema": "http://json-schema.org/draft-07/schema#", "definitions": { + "AbsolutePathBuf": { + "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.", + "type": "string" + }, "ApprovalsReviewer": { "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `auto_review` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request. The legacy value `guardian_subagent` is accepted for compatibility.", "enum": [ @@ -69,11 +73,6 @@ "type": "string" }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" } }, diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json index 0d3a3fe8db1..fa1277b0ef5 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json @@ -718,15 +718,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SandboxPolicy": { @@ -868,6 +861,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1624,6 +1625,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1797,11 +1830,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json index a500c21587c..1b53d4ca2ec 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json @@ -632,15 +632,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SessionSource": { @@ -683,6 +676,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1439,6 +1440,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1612,11 +1645,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json index 6e08edb962f..c98fa1f2a55 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json @@ -632,15 +632,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SessionSource": { @@ -683,6 +676,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1439,6 +1440,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1612,11 +1645,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json index eed031d1e4b..345d84d794c 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json @@ -632,15 +632,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SessionSource": { @@ -683,6 +676,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1439,6 +1440,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1612,11 +1645,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json index 364cb36617d..dc5ef5cdaa1 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json @@ -1,6 +1,34 @@ { "$schema": "http://json-schema.org/draft-07/schema#", "definitions": { + "AbsolutePathBuf": { + "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.", + "type": "string" + }, + "AgentMessageInputContent": { + "oneOf": [ + { + "properties": { + "encrypted_content": { + "type": "string" + }, + "type": { + "enum": [ + "encrypted_content" + ], + "title": "EncryptedContentAgentMessageInputContentType", + "type": "string" + } + }, + "required": [ + "encrypted_content", + "type" + ], + "title": "EncryptedContentAgentMessageInputContent", + "type": "object" + } + ] + }, "ApprovalsReviewer": { "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `auto_review` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request. The legacy value `guardian_subagent` is accepted for compatibility.", "enum": [ @@ -436,6 +464,37 @@ "title": "MessageResponseItem", "type": "object" }, + { + "properties": { + "author": { + "type": "string" + }, + "content": { + "items": { + "$ref": "#/definitions/AgentMessageInputContent" + }, + "type": "array" + }, + "recipient": { + "type": "string" + }, + "type": { + "enum": [ + "agent_message" + ], + "title": "AgentMessageResponseItemType", + "type": "string" + } + }, + "required": [ + "author", + "content", + "recipient", + "type" + ], + "title": "AgentMessageResponseItem", + "type": "object" + }, { "properties": { "content": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json index 3a9e51f2a7b..98ef79517bb 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json @@ -718,15 +718,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SandboxPolicy": { @@ -868,6 +861,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1624,6 +1625,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1797,11 +1830,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json index 9bc687fbfb0..f63dfe6ffbc 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json @@ -632,15 +632,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SessionSource": { @@ -683,6 +676,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1439,6 +1440,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1612,11 +1645,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadSettingsUpdatedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadSettingsUpdatedNotification.json index 42a76ae3643..fbcaee3ee8b 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadSettingsUpdatedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadSettingsUpdatedNotification.json @@ -124,15 +124,8 @@ "type": "string" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningSummary": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json index 99b25490ab1..57e6e0ab1b7 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json @@ -64,6 +64,36 @@ } ] }, + "CapabilityRootLocation": { + "description": "Location used to resolve a selected capability root.", + "oneOf": [ + { + "description": "A path owned by an execution environment.", + "properties": { + "environmentId": { + "type": "string" + }, + "path": { + "type": "string" + }, + "type": { + "enum": [ + "environment" + ], + "title": "EnvironmentCapabilityRootLocationType", + "type": "string" + } + }, + "required": [ + "environmentId", + "path", + "type" + ], + "title": "EnvironmentCapabilityRootLocation", + "type": "object" + } + ] + }, "DynamicToolSpec": { "properties": { "deferLoading": { @@ -106,12 +136,29 @@ ], "type": "string" }, - "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" + "SelectedCapabilityRoot": { + "description": "A user-selected root that can expose one or more runtime capabilities.", + "properties": { + "id": { + "description": "Stable identifier supplied by the capability selection platform.", + "type": "string" + }, + "location": { + "allOf": [ + { + "$ref": "#/definitions/CapabilityRootLocation" + } + ], + "description": "Where the selected root can be resolved." + } + }, + "required": [ + "id", + "location" ], + "type": "object" + }, + "ThreadSource": { "type": "string" }, "ThreadStartSource": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json index 8640c4e9ed5..052023361ae 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json @@ -718,15 +718,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SandboxPolicy": { @@ -868,6 +861,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1624,6 +1625,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1797,11 +1830,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json index f7830e221e2..cdeda64b7cd 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json @@ -632,15 +632,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SessionSource": { @@ -683,6 +676,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1439,6 +1440,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1612,11 +1645,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json b/codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json index 9a634c11105..2a7281fcbbb 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json @@ -632,15 +632,8 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "SessionSource": { @@ -683,6 +676,14 @@ } ] }, + "SubAgentActivityKind": { + "enum": [ + "started", + "interacted", + "interrupted" + ], + "type": "string" + }, "SubAgentSource": { "oneOf": [ { @@ -1439,6 +1440,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { @@ -1612,11 +1645,6 @@ ] }, "ThreadSource": { - "enum": [ - "user", - "subagent", - "memory_consolidation" - ], "type": "string" }, "ThreadStatus": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/TurnCompletedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/TurnCompletedNotification.json index 6c64eb32753..3cc329c9e52 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/TurnCompletedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/TurnCompletedNotification.json @@ -606,14 +606,15 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, + "type": "string" + }, + "SubAgentActivityKind": { "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" + "started", + "interacted", + "interrupted" ], "type": "string" }, @@ -1140,6 +1141,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/TurnModerationMetadataNotification.json b/codex-rs/app-server-protocol/schema/json/v2/TurnModerationMetadataNotification.json new file mode 100644 index 00000000000..273bd410619 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/json/v2/TurnModerationMetadataNotification.json @@ -0,0 +1,19 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "metadata": true, + "threadId": { + "type": "string" + }, + "turnId": { + "type": "string" + } + }, + "required": [ + "metadata", + "threadId", + "turnId" + ], + "title": "TurnModerationMetadataNotification", + "type": "object" +} \ No newline at end of file diff --git a/codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json b/codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json index f997976aca1..070944a28b1 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json +++ b/codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json @@ -154,15 +154,8 @@ "type": "string" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningSummary": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/TurnStartResponse.json b/codex-rs/app-server-protocol/schema/json/v2/TurnStartResponse.json index 5fe97545762..7dbea8af530 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/TurnStartResponse.json +++ b/codex-rs/app-server-protocol/schema/json/v2/TurnStartResponse.json @@ -606,14 +606,15 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, + "type": "string" + }, + "SubAgentActivityKind": { "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" + "started", + "interacted", + "interrupted" ], "type": "string" }, @@ -1140,6 +1141,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { diff --git a/codex-rs/app-server-protocol/schema/json/v2/TurnStartedNotification.json b/codex-rs/app-server-protocol/schema/json/v2/TurnStartedNotification.json index 1db14972182..362e789ea84 100644 --- a/codex-rs/app-server-protocol/schema/json/v2/TurnStartedNotification.json +++ b/codex-rs/app-server-protocol/schema/json/v2/TurnStartedNotification.json @@ -606,14 +606,15 @@ ] }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, + "type": "string" + }, + "SubAgentActivityKind": { "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" + "started", + "interacted", + "interrupted" ], "type": "string" }, @@ -1140,6 +1141,38 @@ "title": "CollabAgentToolCallThreadItem", "type": "object" }, + { + "properties": { + "agentPath": { + "type": "string" + }, + "agentThreadId": { + "type": "string" + }, + "id": { + "type": "string" + }, + "kind": { + "$ref": "#/definitions/SubAgentActivityKind" + }, + "type": { + "enum": [ + "subAgentActivity" + ], + "title": "SubAgentActivityThreadItemType", + "type": "string" + } + }, + "required": [ + "agentPath", + "agentThreadId", + "id", + "kind", + "type" + ], + "title": "SubAgentActivityThreadItem", + "type": "object" + }, { "properties": { "action": { diff --git a/codex-rs/app-server-protocol/schema/typescript/AgentMessageInputContent.ts b/codex-rs/app-server-protocol/schema/typescript/AgentMessageInputContent.ts new file mode 100644 index 00000000000..a3bb645597f --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/AgentMessageInputContent.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type AgentMessageInputContent = { "type": "encrypted_content", encrypted_content: string, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/AuthMode.ts b/codex-rs/app-server-protocol/schema/typescript/AuthMode.ts index 210e54c4a5f..77bc037ebe2 100644 --- a/codex-rs/app-server-protocol/schema/typescript/AuthMode.ts +++ b/codex-rs/app-server-protocol/schema/typescript/AuthMode.ts @@ -5,4 +5,4 @@ /** * Authentication mode for OpenAI-backed providers. */ -export type AuthMode = "apikey" | "chatgpt" | "chatgptAuthTokens" | "agentIdentity"; +export type AuthMode = "apikey" | "chatgpt" | "chatgptAuthTokens" | "agentIdentity" | "personalAccessToken" | "bedrockApiKey"; diff --git a/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts b/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts index e19ac2dfde3..b6a13fe3072 100644 --- a/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts +++ b/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts @@ -62,6 +62,7 @@ import type { SkillsListParams } from "./v2/SkillsListParams"; import type { ThreadApproveGuardianDeniedActionParams } from "./v2/ThreadApproveGuardianDeniedActionParams"; import type { ThreadArchiveParams } from "./v2/ThreadArchiveParams"; import type { ThreadCompactStartParams } from "./v2/ThreadCompactStartParams"; +import type { ThreadDeleteParams } from "./v2/ThreadDeleteParams"; import type { ThreadForkParams } from "./v2/ThreadForkParams"; import type { ThreadGoalClearParams } from "./v2/ThreadGoalClearParams"; import type { ThreadGoalGetParams } from "./v2/ThreadGoalGetParams"; @@ -86,4 +87,4 @@ import type { WindowsSandboxSetupStartParams } from "./v2/WindowsSandboxSetupSta /** * Request from the client to the server. */ -export type ClientRequest ={ "method": "initialize", id: RequestId, params: InitializeParams, } | { "method": "thread/start", id: RequestId, params: ThreadStartParams, } | { "method": "thread/resume", id: RequestId, params: ThreadResumeParams, } | { "method": "thread/fork", id: RequestId, params: ThreadForkParams, } | { "method": "thread/archive", id: RequestId, params: ThreadArchiveParams, } | { "method": "thread/unsubscribe", id: RequestId, params: ThreadUnsubscribeParams, } | { "method": "thread/name/set", id: RequestId, params: ThreadSetNameParams, } | { "method": "thread/goal/set", id: RequestId, params: ThreadGoalSetParams, } | { "method": "thread/goal/get", id: RequestId, params: ThreadGoalGetParams, } | { "method": "thread/goal/clear", id: RequestId, params: ThreadGoalClearParams, } | { "method": "thread/metadata/update", id: RequestId, params: ThreadMetadataUpdateParams, } | { "method": "thread/unarchive", id: RequestId, params: ThreadUnarchiveParams, } | { "method": "thread/compact/start", id: RequestId, params: ThreadCompactStartParams, } | { "method": "thread/shellCommand", id: RequestId, params: ThreadShellCommandParams, } | { "method": "thread/approveGuardianDeniedAction", id: RequestId, params: ThreadApproveGuardianDeniedActionParams, } | { "method": "thread/rollback", id: RequestId, params: ThreadRollbackParams, } | { "method": "thread/list", id: RequestId, params: ThreadListParams, } | { "method": "thread/loaded/list", id: RequestId, params: ThreadLoadedListParams, } | { "method": "thread/read", id: RequestId, params: ThreadReadParams, } | { "method": "thread/inject_items", id: RequestId, params: ThreadInjectItemsParams, } | { "method": "skills/list", id: RequestId, params: SkillsListParams, } | { "method": "skills/extraRoots/set", id: RequestId, params: SkillsExtraRootsSetParams, } | { "method": "hooks/list", id: RequestId, params: HooksListParams, } | { "method": "marketplace/add", id: RequestId, params: MarketplaceAddParams, } | { "method": "marketplace/remove", id: RequestId, params: MarketplaceRemoveParams, } | { "method": "marketplace/upgrade", id: RequestId, params: MarketplaceUpgradeParams, } | { "method": "plugin/list", id: RequestId, params: PluginListParams, } | { "method": "plugin/installed", id: RequestId, params: PluginInstalledParams, } | { "method": "plugin/read", id: RequestId, params: PluginReadParams, } | { "method": "plugin/skill/read", id: RequestId, params: PluginSkillReadParams, } | { "method": "plugin/share/save", id: RequestId, params: PluginShareSaveParams, } | { "method": "plugin/share/updateTargets", id: RequestId, params: PluginShareUpdateTargetsParams, } | { "method": "plugin/share/list", id: RequestId, params: PluginShareListParams, } | { "method": "plugin/share/checkout", id: RequestId, params: PluginShareCheckoutParams, } | { "method": "plugin/share/delete", id: RequestId, params: PluginShareDeleteParams, } | { "method": "app/list", id: RequestId, params: AppsListParams, } | { "method": "fs/readFile", id: RequestId, params: FsReadFileParams, } | { "method": "fs/writeFile", id: RequestId, params: FsWriteFileParams, } | { "method": "fs/createDirectory", id: RequestId, params: FsCreateDirectoryParams, } | { "method": "fs/getMetadata", id: RequestId, params: FsGetMetadataParams, } | { "method": "fs/readDirectory", id: RequestId, params: FsReadDirectoryParams, } | { "method": "fs/remove", id: RequestId, params: FsRemoveParams, } | { "method": "fs/copy", id: RequestId, params: FsCopyParams, } | { "method": "fs/watch", id: RequestId, params: FsWatchParams, } | { "method": "fs/unwatch", id: RequestId, params: FsUnwatchParams, } | { "method": "skills/config/write", id: RequestId, params: SkillsConfigWriteParams, } | { "method": "plugin/install", id: RequestId, params: PluginInstallParams, } | { "method": "plugin/uninstall", id: RequestId, params: PluginUninstallParams, } | { "method": "turn/start", id: RequestId, params: TurnStartParams, } | { "method": "turn/steer", id: RequestId, params: TurnSteerParams, } | { "method": "turn/interrupt", id: RequestId, params: TurnInterruptParams, } | { "method": "review/start", id: RequestId, params: ReviewStartParams, } | { "method": "model/list", id: RequestId, params: ModelListParams, } | { "method": "modelProvider/capabilities/read", id: RequestId, params: ModelProviderCapabilitiesReadParams, } | { "method": "experimentalFeature/list", id: RequestId, params: ExperimentalFeatureListParams, } | { "method": "permissionProfile/list", id: RequestId, params: PermissionProfileListParams, } | { "method": "experimentalFeature/enablement/set", id: RequestId, params: ExperimentalFeatureEnablementSetParams, } | { "method": "mcpServer/oauth/login", id: RequestId, params: McpServerOauthLoginParams, } | { "method": "config/mcpServer/reload", id: RequestId, params: undefined, } | { "method": "mcpServerStatus/list", id: RequestId, params: ListMcpServerStatusParams, } | { "method": "mcpServer/resource/read", id: RequestId, params: McpResourceReadParams, } | { "method": "mcpServer/tool/call", id: RequestId, params: McpServerToolCallParams, } | { "method": "windowsSandbox/setupStart", id: RequestId, params: WindowsSandboxSetupStartParams, } | { "method": "windowsSandbox/readiness", id: RequestId, params: undefined, } | { "method": "account/login/start", id: RequestId, params: LoginAccountParams, } | { "method": "account/login/cancel", id: RequestId, params: CancelLoginAccountParams, } | { "method": "account/logout", id: RequestId, params: undefined, } | { "method": "account/rateLimits/read", id: RequestId, params: undefined, } | { "method": "account/sendAddCreditsNudgeEmail", id: RequestId, params: SendAddCreditsNudgeEmailParams, } | { "method": "feedback/upload", id: RequestId, params: FeedbackUploadParams, } | { "method": "command/exec", id: RequestId, params: CommandExecParams, } | { "method": "command/exec/write", id: RequestId, params: CommandExecWriteParams, } | { "method": "command/exec/terminate", id: RequestId, params: CommandExecTerminateParams, } | { "method": "command/exec/resize", id: RequestId, params: CommandExecResizeParams, } | { "method": "config/read", id: RequestId, params: ConfigReadParams, } | { "method": "externalAgentConfig/detect", id: RequestId, params: ExternalAgentConfigDetectParams, } | { "method": "externalAgentConfig/import", id: RequestId, params: ExternalAgentConfigImportParams, } | { "method": "config/value/write", id: RequestId, params: ConfigValueWriteParams, } | { "method": "config/batchWrite", id: RequestId, params: ConfigBatchWriteParams, } | { "method": "configRequirements/read", id: RequestId, params: undefined, } | { "method": "account/read", id: RequestId, params: GetAccountParams, } | { "method": "getConversationSummary", id: RequestId, params: GetConversationSummaryParams, } | { "method": "gitDiffToRemote", id: RequestId, params: GitDiffToRemoteParams, } | { "method": "getAuthStatus", id: RequestId, params: GetAuthStatusParams, } | { "method": "fuzzyFileSearch", id: RequestId, params: FuzzyFileSearchParams, }; +export type ClientRequest ={ "method": "initialize", id: RequestId, params: InitializeParams, } | { "method": "thread/start", id: RequestId, params: ThreadStartParams, } | { "method": "thread/resume", id: RequestId, params: ThreadResumeParams, } | { "method": "thread/fork", id: RequestId, params: ThreadForkParams, } | { "method": "thread/archive", id: RequestId, params: ThreadArchiveParams, } | { "method": "thread/delete", id: RequestId, params: ThreadDeleteParams, } | { "method": "thread/unsubscribe", id: RequestId, params: ThreadUnsubscribeParams, } | { "method": "thread/name/set", id: RequestId, params: ThreadSetNameParams, } | { "method": "thread/goal/set", id: RequestId, params: ThreadGoalSetParams, } | { "method": "thread/goal/get", id: RequestId, params: ThreadGoalGetParams, } | { "method": "thread/goal/clear", id: RequestId, params: ThreadGoalClearParams, } | { "method": "thread/metadata/update", id: RequestId, params: ThreadMetadataUpdateParams, } | { "method": "thread/unarchive", id: RequestId, params: ThreadUnarchiveParams, } | { "method": "thread/compact/start", id: RequestId, params: ThreadCompactStartParams, } | { "method": "thread/shellCommand", id: RequestId, params: ThreadShellCommandParams, } | { "method": "thread/approveGuardianDeniedAction", id: RequestId, params: ThreadApproveGuardianDeniedActionParams, } | { "method": "thread/rollback", id: RequestId, params: ThreadRollbackParams, } | { "method": "thread/list", id: RequestId, params: ThreadListParams, } | { "method": "thread/loaded/list", id: RequestId, params: ThreadLoadedListParams, } | { "method": "thread/read", id: RequestId, params: ThreadReadParams, } | { "method": "thread/inject_items", id: RequestId, params: ThreadInjectItemsParams, } | { "method": "skills/list", id: RequestId, params: SkillsListParams, } | { "method": "skills/extraRoots/set", id: RequestId, params: SkillsExtraRootsSetParams, } | { "method": "hooks/list", id: RequestId, params: HooksListParams, } | { "method": "marketplace/add", id: RequestId, params: MarketplaceAddParams, } | { "method": "marketplace/remove", id: RequestId, params: MarketplaceRemoveParams, } | { "method": "marketplace/upgrade", id: RequestId, params: MarketplaceUpgradeParams, } | { "method": "plugin/list", id: RequestId, params: PluginListParams, } | { "method": "plugin/installed", id: RequestId, params: PluginInstalledParams, } | { "method": "plugin/read", id: RequestId, params: PluginReadParams, } | { "method": "plugin/skill/read", id: RequestId, params: PluginSkillReadParams, } | { "method": "plugin/share/save", id: RequestId, params: PluginShareSaveParams, } | { "method": "plugin/share/updateTargets", id: RequestId, params: PluginShareUpdateTargetsParams, } | { "method": "plugin/share/list", id: RequestId, params: PluginShareListParams, } | { "method": "plugin/share/checkout", id: RequestId, params: PluginShareCheckoutParams, } | { "method": "plugin/share/delete", id: RequestId, params: PluginShareDeleteParams, } | { "method": "app/list", id: RequestId, params: AppsListParams, } | { "method": "fs/readFile", id: RequestId, params: FsReadFileParams, } | { "method": "fs/writeFile", id: RequestId, params: FsWriteFileParams, } | { "method": "fs/createDirectory", id: RequestId, params: FsCreateDirectoryParams, } | { "method": "fs/getMetadata", id: RequestId, params: FsGetMetadataParams, } | { "method": "fs/readDirectory", id: RequestId, params: FsReadDirectoryParams, } | { "method": "fs/remove", id: RequestId, params: FsRemoveParams, } | { "method": "fs/copy", id: RequestId, params: FsCopyParams, } | { "method": "fs/watch", id: RequestId, params: FsWatchParams, } | { "method": "fs/unwatch", id: RequestId, params: FsUnwatchParams, } | { "method": "skills/config/write", id: RequestId, params: SkillsConfigWriteParams, } | { "method": "plugin/install", id: RequestId, params: PluginInstallParams, } | { "method": "plugin/uninstall", id: RequestId, params: PluginUninstallParams, } | { "method": "turn/start", id: RequestId, params: TurnStartParams, } | { "method": "turn/steer", id: RequestId, params: TurnSteerParams, } | { "method": "turn/interrupt", id: RequestId, params: TurnInterruptParams, } | { "method": "review/start", id: RequestId, params: ReviewStartParams, } | { "method": "model/list", id: RequestId, params: ModelListParams, } | { "method": "modelProvider/capabilities/read", id: RequestId, params: ModelProviderCapabilitiesReadParams, } | { "method": "experimentalFeature/list", id: RequestId, params: ExperimentalFeatureListParams, } | { "method": "permissionProfile/list", id: RequestId, params: PermissionProfileListParams, } | { "method": "experimentalFeature/enablement/set", id: RequestId, params: ExperimentalFeatureEnablementSetParams, } | { "method": "mcpServer/oauth/login", id: RequestId, params: McpServerOauthLoginParams, } | { "method": "config/mcpServer/reload", id: RequestId, params: undefined, } | { "method": "mcpServerStatus/list", id: RequestId, params: ListMcpServerStatusParams, } | { "method": "mcpServer/resource/read", id: RequestId, params: McpResourceReadParams, } | { "method": "mcpServer/tool/call", id: RequestId, params: McpServerToolCallParams, } | { "method": "windowsSandbox/setupStart", id: RequestId, params: WindowsSandboxSetupStartParams, } | { "method": "windowsSandbox/readiness", id: RequestId, params: undefined, } | { "method": "account/login/start", id: RequestId, params: LoginAccountParams, } | { "method": "account/login/cancel", id: RequestId, params: CancelLoginAccountParams, } | { "method": "account/logout", id: RequestId, params: undefined, } | { "method": "account/rateLimits/read", id: RequestId, params: undefined, } | { "method": "account/usage/read", id: RequestId, params: undefined, } | { "method": "account/sendAddCreditsNudgeEmail", id: RequestId, params: SendAddCreditsNudgeEmailParams, } | { "method": "feedback/upload", id: RequestId, params: FeedbackUploadParams, } | { "method": "command/exec", id: RequestId, params: CommandExecParams, } | { "method": "command/exec/write", id: RequestId, params: CommandExecWriteParams, } | { "method": "command/exec/terminate", id: RequestId, params: CommandExecTerminateParams, } | { "method": "command/exec/resize", id: RequestId, params: CommandExecResizeParams, } | { "method": "config/read", id: RequestId, params: ConfigReadParams, } | { "method": "externalAgentConfig/detect", id: RequestId, params: ExternalAgentConfigDetectParams, } | { "method": "externalAgentConfig/import", id: RequestId, params: ExternalAgentConfigImportParams, } | { "method": "config/value/write", id: RequestId, params: ConfigValueWriteParams, } | { "method": "config/batchWrite", id: RequestId, params: ConfigBatchWriteParams, } | { "method": "configRequirements/read", id: RequestId, params: undefined, } | { "method": "account/read", id: RequestId, params: GetAccountParams, } | { "method": "getConversationSummary", id: RequestId, params: GetConversationSummaryParams, } | { "method": "gitDiffToRemote", id: RequestId, params: GitDiffToRemoteParams, } | { "method": "getAuthStatus", id: RequestId, params: GetAuthStatusParams, } | { "method": "fuzzyFileSearch", id: RequestId, params: FuzzyFileSearchParams, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/ReasoningEffort.ts b/codex-rs/app-server-protocol/schema/typescript/ReasoningEffort.ts index c0798f43a32..d40f5bd6578 100644 --- a/codex-rs/app-server-protocol/schema/typescript/ReasoningEffort.ts +++ b/codex-rs/app-server-protocol/schema/typescript/ReasoningEffort.ts @@ -5,4 +5,4 @@ /** * See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning */ -export type ReasoningEffort = "none" | "minimal" | "low" | "medium" | "high" | "xhigh"; +export type ReasoningEffort = string; diff --git a/codex-rs/app-server-protocol/schema/typescript/ResponseItem.ts b/codex-rs/app-server-protocol/schema/typescript/ResponseItem.ts index e5e960ff81a..b90963db802 100644 --- a/codex-rs/app-server-protocol/schema/typescript/ResponseItem.ts +++ b/codex-rs/app-server-protocol/schema/typescript/ResponseItem.ts @@ -1,6 +1,7 @@ // GENERATED CODE! DO NOT MODIFY BY HAND! // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. +import type { AgentMessageInputContent } from "./AgentMessageInputContent"; import type { ContentItem } from "./ContentItem"; import type { FunctionCallOutputBody } from "./FunctionCallOutputBody"; import type { LocalShellAction } from "./LocalShellAction"; @@ -10,7 +11,7 @@ import type { ReasoningItemContent } from "./ReasoningItemContent"; import type { ReasoningItemReasoningSummary } from "./ReasoningItemReasoningSummary"; import type { WebSearchAction } from "./WebSearchAction"; -export type ResponseItem = { "type": "message", role: string, content: Array, phase?: MessagePhase, } | { "type": "reasoning", summary: Array, content?: Array, encrypted_content: string | null, } | { "type": "local_shell_call", +export type ResponseItem = { "type": "message", role: string, content: Array, phase?: MessagePhase, } | { "type": "agent_message", author: string, recipient: string, content: Array, } | { "type": "reasoning", summary: Array, content?: Array, encrypted_content: string | null, } | { "type": "local_shell_call", /** * Set when using the Responses API. */ diff --git a/codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts b/codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts index 3ed710efc0a..7cae63a5533 100644 --- a/codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts +++ b/codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts @@ -43,6 +43,7 @@ import type { SkillsChangedNotification } from "./v2/SkillsChangedNotification"; import type { TerminalInteractionNotification } from "./v2/TerminalInteractionNotification"; import type { ThreadArchivedNotification } from "./v2/ThreadArchivedNotification"; import type { ThreadClosedNotification } from "./v2/ThreadClosedNotification"; +import type { ThreadDeletedNotification } from "./v2/ThreadDeletedNotification"; import type { ThreadGoalClearedNotification } from "./v2/ThreadGoalClearedNotification"; import type { ThreadGoalUpdatedNotification } from "./v2/ThreadGoalUpdatedNotification"; import type { ThreadNameUpdatedNotification } from "./v2/ThreadNameUpdatedNotification"; @@ -61,6 +62,7 @@ import type { ThreadTokenUsageUpdatedNotification } from "./v2/ThreadTokenUsageU import type { ThreadUnarchivedNotification } from "./v2/ThreadUnarchivedNotification"; import type { TurnCompletedNotification } from "./v2/TurnCompletedNotification"; import type { TurnDiffUpdatedNotification } from "./v2/TurnDiffUpdatedNotification"; +import type { TurnModerationMetadataNotification } from "./v2/TurnModerationMetadataNotification"; import type { TurnPlanUpdatedNotification } from "./v2/TurnPlanUpdatedNotification"; import type { TurnStartedNotification } from "./v2/TurnStartedNotification"; import type { WarningNotification } from "./v2/WarningNotification"; @@ -70,4 +72,4 @@ import type { WindowsWorldWritableWarningNotification } from "./v2/WindowsWorldW /** * Notification sent from the server to the client. */ -export type ServerNotification = { "method": "error", "params": ErrorNotification } | { "method": "thread/started", "params": ThreadStartedNotification } | { "method": "thread/status/changed", "params": ThreadStatusChangedNotification } | { "method": "thread/archived", "params": ThreadArchivedNotification } | { "method": "thread/unarchived", "params": ThreadUnarchivedNotification } | { "method": "thread/closed", "params": ThreadClosedNotification } | { "method": "skills/changed", "params": SkillsChangedNotification } | { "method": "thread/name/updated", "params": ThreadNameUpdatedNotification } | { "method": "thread/goal/updated", "params": ThreadGoalUpdatedNotification } | { "method": "thread/goal/cleared", "params": ThreadGoalClearedNotification } | { "method": "thread/settings/updated", "params": ThreadSettingsUpdatedNotification } | { "method": "thread/tokenUsage/updated", "params": ThreadTokenUsageUpdatedNotification } | { "method": "turn/started", "params": TurnStartedNotification } | { "method": "hook/started", "params": HookStartedNotification } | { "method": "turn/completed", "params": TurnCompletedNotification } | { "method": "hook/completed", "params": HookCompletedNotification } | { "method": "turn/diff/updated", "params": TurnDiffUpdatedNotification } | { "method": "turn/plan/updated", "params": TurnPlanUpdatedNotification } | { "method": "item/started", "params": ItemStartedNotification } | { "method": "item/autoApprovalReview/started", "params": ItemGuardianApprovalReviewStartedNotification } | { "method": "item/autoApprovalReview/completed", "params": ItemGuardianApprovalReviewCompletedNotification } | { "method": "item/completed", "params": ItemCompletedNotification } | { "method": "rawResponseItem/completed", "params": RawResponseItemCompletedNotification } | { "method": "item/agentMessage/delta", "params": AgentMessageDeltaNotification } | { "method": "item/plan/delta", "params": PlanDeltaNotification } | { "method": "command/exec/outputDelta", "params": CommandExecOutputDeltaNotification } | { "method": "process/outputDelta", "params": ProcessOutputDeltaNotification } | { "method": "process/exited", "params": ProcessExitedNotification } | { "method": "item/commandExecution/outputDelta", "params": CommandExecutionOutputDeltaNotification } | { "method": "item/commandExecution/terminalInteraction", "params": TerminalInteractionNotification } | { "method": "item/fileChange/outputDelta", "params": FileChangeOutputDeltaNotification } | { "method": "item/fileChange/patchUpdated", "params": FileChangePatchUpdatedNotification } | { "method": "serverRequest/resolved", "params": ServerRequestResolvedNotification } | { "method": "item/mcpToolCall/progress", "params": McpToolCallProgressNotification } | { "method": "mcpServer/oauthLogin/completed", "params": McpServerOauthLoginCompletedNotification } | { "method": "mcpServer/startupStatus/updated", "params": McpServerStatusUpdatedNotification } | { "method": "account/updated", "params": AccountUpdatedNotification } | { "method": "account/rateLimits/updated", "params": AccountRateLimitsUpdatedNotification } | { "method": "app/list/updated", "params": AppListUpdatedNotification } | { "method": "remoteControl/status/changed", "params": RemoteControlStatusChangedNotification } | { "method": "externalAgentConfig/import/completed", "params": ExternalAgentConfigImportCompletedNotification } | { "method": "fs/changed", "params": FsChangedNotification } | { "method": "item/reasoning/summaryTextDelta", "params": ReasoningSummaryTextDeltaNotification } | { "method": "item/reasoning/summaryPartAdded", "params": ReasoningSummaryPartAddedNotification } | { "method": "item/reasoning/textDelta", "params": ReasoningTextDeltaNotification } | { "method": "thread/compacted", "params": ContextCompactedNotification } | { "method": "model/rerouted", "params": ModelReroutedNotification } | { "method": "model/verification", "params": ModelVerificationNotification } | { "method": "warning", "params": WarningNotification } | { "method": "guardianWarning", "params": GuardianWarningNotification } | { "method": "deprecationNotice", "params": DeprecationNoticeNotification } | { "method": "configWarning", "params": ConfigWarningNotification } | { "method": "fuzzyFileSearch/sessionUpdated", "params": FuzzyFileSearchSessionUpdatedNotification } | { "method": "fuzzyFileSearch/sessionCompleted", "params": FuzzyFileSearchSessionCompletedNotification } | { "method": "thread/realtime/started", "params": ThreadRealtimeStartedNotification } | { "method": "thread/realtime/itemAdded", "params": ThreadRealtimeItemAddedNotification } | { "method": "thread/realtime/transcript/delta", "params": ThreadRealtimeTranscriptDeltaNotification } | { "method": "thread/realtime/transcript/done", "params": ThreadRealtimeTranscriptDoneNotification } | { "method": "thread/realtime/outputAudio/delta", "params": ThreadRealtimeOutputAudioDeltaNotification } | { "method": "thread/realtime/sdp", "params": ThreadRealtimeSdpNotification } | { "method": "thread/realtime/error", "params": ThreadRealtimeErrorNotification } | { "method": "thread/realtime/closed", "params": ThreadRealtimeClosedNotification } | { "method": "windows/worldWritableWarning", "params": WindowsWorldWritableWarningNotification } | { "method": "windowsSandbox/setupCompleted", "params": WindowsSandboxSetupCompletedNotification } | { "method": "account/login/completed", "params": AccountLoginCompletedNotification }; +export type ServerNotification = { "method": "error", "params": ErrorNotification } | { "method": "thread/started", "params": ThreadStartedNotification } | { "method": "thread/status/changed", "params": ThreadStatusChangedNotification } | { "method": "thread/archived", "params": ThreadArchivedNotification } | { "method": "thread/deleted", "params": ThreadDeletedNotification } | { "method": "thread/unarchived", "params": ThreadUnarchivedNotification } | { "method": "thread/closed", "params": ThreadClosedNotification } | { "method": "skills/changed", "params": SkillsChangedNotification } | { "method": "thread/name/updated", "params": ThreadNameUpdatedNotification } | { "method": "thread/goal/updated", "params": ThreadGoalUpdatedNotification } | { "method": "thread/goal/cleared", "params": ThreadGoalClearedNotification } | { "method": "thread/settings/updated", "params": ThreadSettingsUpdatedNotification } | { "method": "thread/tokenUsage/updated", "params": ThreadTokenUsageUpdatedNotification } | { "method": "turn/started", "params": TurnStartedNotification } | { "method": "hook/started", "params": HookStartedNotification } | { "method": "turn/completed", "params": TurnCompletedNotification } | { "method": "hook/completed", "params": HookCompletedNotification } | { "method": "turn/diff/updated", "params": TurnDiffUpdatedNotification } | { "method": "turn/plan/updated", "params": TurnPlanUpdatedNotification } | { "method": "item/started", "params": ItemStartedNotification } | { "method": "item/autoApprovalReview/started", "params": ItemGuardianApprovalReviewStartedNotification } | { "method": "item/autoApprovalReview/completed", "params": ItemGuardianApprovalReviewCompletedNotification } | { "method": "item/completed", "params": ItemCompletedNotification } | { "method": "rawResponseItem/completed", "params": RawResponseItemCompletedNotification } | { "method": "item/agentMessage/delta", "params": AgentMessageDeltaNotification } | { "method": "item/plan/delta", "params": PlanDeltaNotification } | { "method": "command/exec/outputDelta", "params": CommandExecOutputDeltaNotification } | { "method": "process/outputDelta", "params": ProcessOutputDeltaNotification } | { "method": "process/exited", "params": ProcessExitedNotification } | { "method": "item/commandExecution/outputDelta", "params": CommandExecutionOutputDeltaNotification } | { "method": "item/commandExecution/terminalInteraction", "params": TerminalInteractionNotification } | { "method": "item/fileChange/outputDelta", "params": FileChangeOutputDeltaNotification } | { "method": "item/fileChange/patchUpdated", "params": FileChangePatchUpdatedNotification } | { "method": "serverRequest/resolved", "params": ServerRequestResolvedNotification } | { "method": "item/mcpToolCall/progress", "params": McpToolCallProgressNotification } | { "method": "mcpServer/oauthLogin/completed", "params": McpServerOauthLoginCompletedNotification } | { "method": "mcpServer/startupStatus/updated", "params": McpServerStatusUpdatedNotification } | { "method": "account/updated", "params": AccountUpdatedNotification } | { "method": "account/rateLimits/updated", "params": AccountRateLimitsUpdatedNotification } | { "method": "app/list/updated", "params": AppListUpdatedNotification } | { "method": "remoteControl/status/changed", "params": RemoteControlStatusChangedNotification } | { "method": "externalAgentConfig/import/completed", "params": ExternalAgentConfigImportCompletedNotification } | { "method": "fs/changed", "params": FsChangedNotification } | { "method": "item/reasoning/summaryTextDelta", "params": ReasoningSummaryTextDeltaNotification } | { "method": "item/reasoning/summaryPartAdded", "params": ReasoningSummaryPartAddedNotification } | { "method": "item/reasoning/textDelta", "params": ReasoningTextDeltaNotification } | { "method": "thread/compacted", "params": ContextCompactedNotification } | { "method": "model/rerouted", "params": ModelReroutedNotification } | { "method": "model/verification", "params": ModelVerificationNotification } | { "method": "turn/moderationMetadata", "params": TurnModerationMetadataNotification } | { "method": "warning", "params": WarningNotification } | { "method": "guardianWarning", "params": GuardianWarningNotification } | { "method": "deprecationNotice", "params": DeprecationNoticeNotification } | { "method": "configWarning", "params": ConfigWarningNotification } | { "method": "fuzzyFileSearch/sessionUpdated", "params": FuzzyFileSearchSessionUpdatedNotification } | { "method": "fuzzyFileSearch/sessionCompleted", "params": FuzzyFileSearchSessionCompletedNotification } | { "method": "thread/realtime/started", "params": ThreadRealtimeStartedNotification } | { "method": "thread/realtime/itemAdded", "params": ThreadRealtimeItemAddedNotification } | { "method": "thread/realtime/transcript/delta", "params": ThreadRealtimeTranscriptDeltaNotification } | { "method": "thread/realtime/transcript/done", "params": ThreadRealtimeTranscriptDoneNotification } | { "method": "thread/realtime/outputAudio/delta", "params": ThreadRealtimeOutputAudioDeltaNotification } | { "method": "thread/realtime/sdp", "params": ThreadRealtimeSdpNotification } | { "method": "thread/realtime/error", "params": ThreadRealtimeErrorNotification } | { "method": "thread/realtime/closed", "params": ThreadRealtimeClosedNotification } | { "method": "windows/worldWritableWarning", "params": WindowsWorldWritableWarningNotification } | { "method": "windowsSandbox/setupCompleted", "params": WindowsSandboxSetupCompletedNotification } | { "method": "account/login/completed", "params": AccountLoginCompletedNotification }; diff --git a/codex-rs/app-server-protocol/schema/typescript/index.ts b/codex-rs/app-server-protocol/schema/typescript/index.ts index 458d2e43b9a..149b3aec0d6 100644 --- a/codex-rs/app-server-protocol/schema/typescript/index.ts +++ b/codex-rs/app-server-protocol/schema/typescript/index.ts @@ -1,6 +1,7 @@ // GENERATED CODE! DO NOT MODIFY BY HAND! export type { AbsolutePathBuf } from "./AbsolutePathBuf"; +export type { AgentMessageInputContent } from "./AgentMessageInputContent"; export type { AgentPath } from "./AgentPath"; export type { ApplyPatchApprovalParams } from "./ApplyPatchApprovalParams"; export type { ApplyPatchApprovalResponse } from "./ApplyPatchApprovalResponse"; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/AccountTokenUsageDailyBucket.ts b/codex-rs/app-server-protocol/schema/typescript/v2/AccountTokenUsageDailyBucket.ts new file mode 100644 index 00000000000..a92c6c00c47 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/AccountTokenUsageDailyBucket.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type AccountTokenUsageDailyBucket = { startDate: string, tokens: bigint, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/AccountTokenUsageSummary.ts b/codex-rs/app-server-protocol/schema/typescript/v2/AccountTokenUsageSummary.ts new file mode 100644 index 00000000000..6f87acdaffa --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/AccountTokenUsageSummary.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type AccountTokenUsageSummary = { lifetimeTokens: bigint | null, peakDailyTokens: bigint | null, longestRunningTurnSec: bigint | null, currentStreakDays: bigint | null, longestStreakDays: bigint | null, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/AppSummary.ts b/codex-rs/app-server-protocol/schema/typescript/v2/AppSummary.ts index 586c76f8f78..f295009a0d3 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/AppSummary.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/AppSummary.ts @@ -5,4 +5,4 @@ /** * EXPERIMENTAL - app metadata summary for plugin responses. */ -export type AppSummary = { id: string, name: string, description: string | null, installUrl: string | null, needsAuth: boolean, }; +export type AppSummary = { id: string, name: string, description: string | null, installUrl: string | null, category: string | null, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/AppTemplateSummary.ts b/codex-rs/app-server-protocol/schema/typescript/v2/AppTemplateSummary.ts new file mode 100644 index 00000000000..65d22beb7e7 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/AppTemplateSummary.ts @@ -0,0 +1,6 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. +import type { AppTemplateUnavailableReason } from "./AppTemplateUnavailableReason"; + +export type AppTemplateSummary = { templateId: string, name: string, description: string | null, category: string | null, canonicalConnectorId: string | null, logoUrl: string | null, logoUrlDark: string | null, materializedAppIds: Array, reason: AppTemplateUnavailableReason | null, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/AppTemplateUnavailableReason.ts b/codex-rs/app-server-protocol/schema/typescript/v2/AppTemplateUnavailableReason.ts new file mode 100644 index 00000000000..563056798ec --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/AppTemplateUnavailableReason.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type AppTemplateUnavailableReason = "NOT_CONFIGURED_FOR_WORKSPACE" | "NO_ACTIVE_WORKSPACE"; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/CapabilityRootLocation.ts b/codex-rs/app-server-protocol/schema/typescript/v2/CapabilityRootLocation.ts new file mode 100644 index 00000000000..6266101eb84 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/CapabilityRootLocation.ts @@ -0,0 +1,8 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +/** + * Location used to resolve a selected capability root. + */ +export type CapabilityRootLocation = { "type": "environment", environmentId: string, path: string, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/ConfigRequirements.ts b/codex-rs/app-server-protocol/schema/typescript/v2/ConfigRequirements.ts index 3e60e78da53..29704982ff5 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/ConfigRequirements.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/ConfigRequirements.ts @@ -8,4 +8,4 @@ import type { ResidencyRequirement } from "./ResidencyRequirement"; import type { SandboxMode } from "./SandboxMode"; import type { WindowsSandboxSetupMode } from "./WindowsSandboxSetupMode"; -export type ConfigRequirements = {allowedApprovalPolicies: Array | null, allowedSandboxModes: Array | null, allowedWindowsSandboxImplementations: Array | null, allowedPermissions: Array | null, allowedWebSearchModes: Array | null, allowManagedHooksOnly: boolean | null, allowAppshots: boolean | null, computerUse: ComputerUseRequirements | null, featureRequirements: { [key in string]?: boolean } | null, enforceResidency: ResidencyRequirement | null}; +export type ConfigRequirements = {allowedApprovalPolicies: Array | null, allowedSandboxModes: Array | null, allowedWindowsSandboxImplementations: Array | null, allowedPermissionProfiles: { [key in string]?: boolean } | null, defaultPermissions: string | null, allowedWebSearchModes: Array | null, allowManagedHooksOnly: boolean | null, allowAppshots: boolean | null, computerUse: ComputerUseRequirements | null, featureRequirements: { [key in string]?: boolean } | null, enforceResidency: ResidencyRequirement | null}; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/GetAccountTokenUsageResponse.ts b/codex-rs/app-server-protocol/schema/typescript/v2/GetAccountTokenUsageResponse.ts new file mode 100644 index 00000000000..175c9152722 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/GetAccountTokenUsageResponse.ts @@ -0,0 +1,7 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. +import type { AccountTokenUsageDailyBucket } from "./AccountTokenUsageDailyBucket"; +import type { AccountTokenUsageSummary } from "./AccountTokenUsageSummary"; + +export type GetAccountTokenUsageResponse = { summary: AccountTokenUsageSummary, dailyUsageBuckets: Array | null, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/McpServerStatusUpdatedNotification.ts b/codex-rs/app-server-protocol/schema/typescript/v2/McpServerStatusUpdatedNotification.ts index 42f5881c5dc..b5c0a9058c7 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/McpServerStatusUpdatedNotification.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/McpServerStatusUpdatedNotification.ts @@ -3,4 +3,4 @@ // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. import type { McpServerStartupState } from "./McpServerStartupState"; -export type McpServerStatusUpdatedNotification = { name: string, status: McpServerStartupState, error: string | null, }; +export type McpServerStatusUpdatedNotification = { threadId: string | null, name: string, status: McpServerStartupState, error: string | null, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts b/codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts index 64836c87f7c..cc2042dd5dd 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts @@ -3,8 +3,9 @@ // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. import type { AbsolutePathBuf } from "../AbsolutePathBuf"; import type { AppSummary } from "./AppSummary"; +import type { AppTemplateSummary } from "./AppTemplateSummary"; import type { PluginHookSummary } from "./PluginHookSummary"; import type { PluginSummary } from "./PluginSummary"; import type { SkillSummary } from "./SkillSummary"; -export type PluginDetail = { marketplaceName: string, marketplacePath: AbsolutePathBuf | null, summary: PluginSummary, description: string | null, skills: Array, hooks: Array, apps: Array, mcpServers: Array, }; +export type PluginDetail = { marketplaceName: string, marketplacePath: AbsolutePathBuf | null, summary: PluginSummary, description: string | null, skills: Array, hooks: Array, apps: Array, appTemplates: Array, mcpServers: Array, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/SelectedCapabilityRoot.ts b/codex-rs/app-server-protocol/schema/typescript/v2/SelectedCapabilityRoot.ts new file mode 100644 index 00000000000..849d5c7aae6 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/SelectedCapabilityRoot.ts @@ -0,0 +1,17 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. +import type { CapabilityRootLocation } from "./CapabilityRootLocation"; + +/** + * A user-selected root that can expose one or more runtime capabilities. + */ +export type SelectedCapabilityRoot = { +/** + * Stable identifier supplied by the capability selection platform. + */ +id: string, +/** + * Where the selected root can be resolved. + */ +location: CapabilityRootLocation, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/SubAgentActivityKind.ts b/codex-rs/app-server-protocol/schema/typescript/v2/SubAgentActivityKind.ts new file mode 100644 index 00000000000..5e3ce81e01e --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/SubAgentActivityKind.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type SubAgentActivityKind = "started" | "interacted" | "interrupted"; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeleteParams.ts b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeleteParams.ts new file mode 100644 index 00000000000..909ccda7152 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeleteParams.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type ThreadDeleteParams = { threadId: string, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeleteResponse.ts b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeleteResponse.ts new file mode 100644 index 00000000000..1af1c3077f4 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeleteResponse.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type ThreadDeleteResponse = Record; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeletedNotification.ts b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeletedNotification.ts new file mode 100644 index 00000000000..5122a2229c7 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadDeletedNotification.ts @@ -0,0 +1,5 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. + +export type ThreadDeletedNotification = { threadId: string, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadItem.ts b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadItem.ts index 78dff0d7657..8d74ae8de20 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadItem.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadItem.ts @@ -20,6 +20,7 @@ import type { McpToolCallResult } from "./McpToolCallResult"; import type { McpToolCallStatus } from "./McpToolCallStatus"; import type { MemoryCitation } from "./MemoryCitation"; import type { PatchApplyStatus } from "./PatchApplyStatus"; +import type { SubAgentActivityKind } from "./SubAgentActivityKind"; import type { UserInput } from "./UserInput"; import type { WebSearchAction } from "./WebSearchAction"; @@ -98,4 +99,4 @@ reasoningEffort: ReasoningEffort | null, /** * Last known status of the target agents, when available. */ -agentsStates: { [key in string]?: CollabAgentState }, } | { "type": "webSearch", id: string, query: string, action: WebSearchAction | null, } | { "type": "imageView", id: string, path: AbsolutePathBuf, } | { "type": "imageGeneration", id: string, status: string, revisedPrompt: string | null, result: string, savedPath?: AbsolutePathBuf, } | { "type": "enteredReviewMode", id: string, review: string, } | { "type": "exitedReviewMode", id: string, review: string, } | { "type": "contextCompaction", id: string, }; +agentsStates: { [key in string]?: CollabAgentState }, } | { "type": "subAgentActivity", id: string, kind: SubAgentActivityKind, agentThreadId: string, agentPath: string, } | { "type": "webSearch", id: string, query: string, action: WebSearchAction | null, } | { "type": "imageView", id: string, path: AbsolutePathBuf, } | { "type": "imageGeneration", id: string, status: string, revisedPrompt: string | null, result: string, savedPath?: AbsolutePathBuf, } | { "type": "enteredReviewMode", id: string, review: string, } | { "type": "exitedReviewMode", id: string, review: string, } | { "type": "contextCompaction", id: string, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadSource.ts b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadSource.ts index 8f555248011..f27154ab6e8 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadSource.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadSource.ts @@ -2,4 +2,4 @@ // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. -export type ThreadSource = "user" | "subagent" | "memory_consolidation"; +export type ThreadSource = string; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/TurnModerationMetadataNotification.ts b/codex-rs/app-server-protocol/schema/typescript/v2/TurnModerationMetadataNotification.ts new file mode 100644 index 00000000000..1d46d1b4b83 --- /dev/null +++ b/codex-rs/app-server-protocol/schema/typescript/v2/TurnModerationMetadataNotification.ts @@ -0,0 +1,6 @@ +// GENERATED CODE! DO NOT MODIFY BY HAND! + +// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually. +import type { JsonValue } from "../serde_json/JsonValue"; + +export type TurnModerationMetadataNotification = { threadId: string, turnId: string, metadata: JsonValue, }; diff --git a/codex-rs/app-server-protocol/schema/typescript/v2/index.ts b/codex-rs/app-server-protocol/schema/typescript/v2/index.ts index 48e1f9580b7..b4cd88aadf0 100644 --- a/codex-rs/app-server-protocol/schema/typescript/v2/index.ts +++ b/codex-rs/app-server-protocol/schema/typescript/v2/index.ts @@ -3,6 +3,8 @@ export type { Account } from "./Account"; export type { AccountLoginCompletedNotification } from "./AccountLoginCompletedNotification"; export type { AccountRateLimitsUpdatedNotification } from "./AccountRateLimitsUpdatedNotification"; +export type { AccountTokenUsageDailyBucket } from "./AccountTokenUsageDailyBucket"; +export type { AccountTokenUsageSummary } from "./AccountTokenUsageSummary"; export type { AccountUpdatedNotification } from "./AccountUpdatedNotification"; export type { ActivePermissionProfile } from "./ActivePermissionProfile"; export type { AddCreditsNudgeCreditType } from "./AddCreditsNudgeCreditType"; @@ -21,6 +23,8 @@ export type { AppMetadata } from "./AppMetadata"; export type { AppReview } from "./AppReview"; export type { AppScreenshot } from "./AppScreenshot"; export type { AppSummary } from "./AppSummary"; +export type { AppTemplateSummary } from "./AppTemplateSummary"; +export type { AppTemplateUnavailableReason } from "./AppTemplateUnavailableReason"; export type { AppToolApproval } from "./AppToolApproval"; export type { AppToolsConfig } from "./AppToolsConfig"; export type { ApprovalsReviewer } from "./ApprovalsReviewer"; @@ -36,6 +40,7 @@ export type { ByteRange } from "./ByteRange"; export type { CancelLoginAccountParams } from "./CancelLoginAccountParams"; export type { CancelLoginAccountResponse } from "./CancelLoginAccountResponse"; export type { CancelLoginAccountStatus } from "./CancelLoginAccountStatus"; +export type { CapabilityRootLocation } from "./CapabilityRootLocation"; export type { ChatgptAuthTokensRefreshParams } from "./ChatgptAuthTokensRefreshParams"; export type { ChatgptAuthTokensRefreshReason } from "./ChatgptAuthTokensRefreshReason"; export type { ChatgptAuthTokensRefreshResponse } from "./ChatgptAuthTokensRefreshResponse"; @@ -139,6 +144,7 @@ export type { FsWriteFileResponse } from "./FsWriteFileResponse"; export type { GetAccountParams } from "./GetAccountParams"; export type { GetAccountRateLimitsResponse } from "./GetAccountRateLimitsResponse"; export type { GetAccountResponse } from "./GetAccountResponse"; +export type { GetAccountTokenUsageResponse } from "./GetAccountTokenUsageResponse"; export type { GitInfo } from "./GitInfo"; export type { GrantedPermissionProfile } from "./GrantedPermissionProfile"; export type { GuardianApprovalReview } from "./GuardianApprovalReview"; @@ -329,6 +335,7 @@ export type { ReviewTarget } from "./ReviewTarget"; export type { SandboxMode } from "./SandboxMode"; export type { SandboxPolicy } from "./SandboxPolicy"; export type { SandboxWorkspaceWrite } from "./SandboxWorkspaceWrite"; +export type { SelectedCapabilityRoot } from "./SelectedCapabilityRoot"; export type { SendAddCreditsNudgeEmailParams } from "./SendAddCreditsNudgeEmailParams"; export type { SendAddCreditsNudgeEmailResponse } from "./SendAddCreditsNudgeEmailResponse"; export type { ServerRequestResolvedNotification } from "./ServerRequestResolvedNotification"; @@ -351,6 +358,7 @@ export type { SkillsListParams } from "./SkillsListParams"; export type { SkillsListResponse } from "./SkillsListResponse"; export type { SortDirection } from "./SortDirection"; export type { SpendControlLimitSnapshot } from "./SpendControlLimitSnapshot"; +export type { SubAgentActivityKind } from "./SubAgentActivityKind"; export type { SubagentMigration } from "./SubagentMigration"; export type { TerminalInteractionNotification } from "./TerminalInteractionNotification"; export type { TextElement } from "./TextElement"; @@ -366,6 +374,9 @@ export type { ThreadArchivedNotification } from "./ThreadArchivedNotification"; export type { ThreadClosedNotification } from "./ThreadClosedNotification"; export type { ThreadCompactStartParams } from "./ThreadCompactStartParams"; export type { ThreadCompactStartResponse } from "./ThreadCompactStartResponse"; +export type { ThreadDeleteParams } from "./ThreadDeleteParams"; +export type { ThreadDeleteResponse } from "./ThreadDeleteResponse"; +export type { ThreadDeletedNotification } from "./ThreadDeletedNotification"; export type { ThreadForkParams } from "./ThreadForkParams"; export type { ThreadForkResponse } from "./ThreadForkResponse"; export type { ThreadGoal } from "./ThreadGoal"; @@ -445,6 +456,7 @@ export type { TurnError } from "./TurnError"; export type { TurnInterruptParams } from "./TurnInterruptParams"; export type { TurnInterruptResponse } from "./TurnInterruptResponse"; export type { TurnItemsView } from "./TurnItemsView"; +export type { TurnModerationMetadataNotification } from "./TurnModerationMetadataNotification"; export type { TurnPlanStep } from "./TurnPlanStep"; export type { TurnPlanStepStatus } from "./TurnPlanStepStatus"; export type { TurnPlanUpdatedNotification } from "./TurnPlanUpdatedNotification"; diff --git a/codex-rs/app-server-protocol/src/export.rs b/codex-rs/app-server-protocol/src/export.rs index 20f923f327c..5e6c2ad015a 100644 --- a/codex-rs/app-server-protocol/src/export.rs +++ b/codex-rs/app-server-protocol/src/export.rs @@ -39,8 +39,11 @@ use ts_rs::TS; pub(crate) const GENERATED_TS_HEADER: &str = "// GENERATED CODE! DO NOT MODIFY BY HAND!\n\n"; const IGNORED_DEFINITIONS: &[&str] = &["Option<()>"]; const JSON_V1_ALLOWLIST: &[&str] = &["InitializeParams", "InitializeResponse"]; -const EXPERIMENTAL_CLIENT_METHOD_DEPENDENCY_TYPES: &[&str] = - &["RemoteControlClient", "RemoteControlClientsListOrder"]; +const EXPERIMENTAL_CLIENT_METHOD_DEPENDENCY_TYPES: &[&str] = &[ + "RemoteControlClient", + "RemoteControlClientsListOrder", + "ThreadBackgroundTerminal", +]; const SPECIAL_DEFINITIONS: &[&str] = &[ "ClientNotification", "ClientRequest", @@ -2963,11 +2966,14 @@ permissionProfile?: string | null}; let client_request_json = fs::read_to_string(output_dir.join("ClientRequest.json"))?; assert!(client_request_json.contains("remoteControl/pairing/start")); + assert!(client_request_json.contains("remoteControl/pairing/status")); assert!(client_request_json.contains("remoteControl/client/list")); assert!(client_request_json.contains("remoteControl/client/revoke")); for schema in [ "RemoteControlPairingStartParams.json", "RemoteControlPairingStartResponse.json", + "RemoteControlPairingStatusParams.json", + "RemoteControlPairingStatusResponse.json", "RemoteControlClientsListParams.json", "RemoteControlClientsListResponse.json", "RemoteControlClientsRevokeParams.json", diff --git a/codex-rs/app-server-protocol/src/protocol/common.rs b/codex-rs/app-server-protocol/src/protocol/common.rs index 5a60d8d002f..9311fe90587 100644 --- a/codex-rs/app-server-protocol/src/protocol/common.rs +++ b/codex-rs/app-server-protocol/src/protocol/common.rs @@ -36,6 +36,26 @@ pub enum AuthMode { #[ts(rename = "agentIdentity")] #[strum(serialize = "agentIdentity")] AgentIdentity, + /// Programmatic Codex auth backed by a personal access token. + #[serde(rename = "personalAccessToken")] + #[ts(rename = "personalAccessToken")] + #[strum(serialize = "personalAccessToken")] + PersonalAccessToken, + /// Amazon Bedrock bearer token managed by Codex. + #[serde(rename = "bedrockApiKey")] + #[ts(rename = "bedrockApiKey")] + #[strum(serialize = "bedrockApiKey")] + BedrockApiKey, +} + +impl AuthMode { + /// Returns whether this mode represents an authenticated human ChatGPT account. + pub fn has_chatgpt_account(self) -> bool { + match self { + Self::Chatgpt | Self::ChatgptAuthTokens | Self::PersonalAccessToken => true, + Self::ApiKey | Self::AgentIdentity | Self::BedrockApiKey => false, + } + } } macro_rules! experimental_reason_expr { @@ -465,6 +485,11 @@ client_request_definitions! { serialization: thread_id(params.thread_id), response: v2::ThreadArchiveResponse, }, + ThreadDelete => "thread/delete" { + params: v2::ThreadDeleteParams, + serialization: thread_id(params.thread_id), + response: v2::ThreadDeleteResponse, + }, ThreadUnsubscribe => "thread/unsubscribe" { params: v2::ThreadUnsubscribeParams, serialization: thread_id(params.thread_id), @@ -559,6 +584,18 @@ client_request_definitions! { serialization: thread_id(params.thread_id), response: v2::ThreadBackgroundTerminalsCleanResponse, }, + #[experimental("thread/backgroundTerminals/list")] + ThreadBackgroundTerminalsList => "thread/backgroundTerminals/list" { + params: v2::ThreadBackgroundTerminalsListParams, + serialization: thread_id(params.thread_id), + response: v2::ThreadBackgroundTerminalsListResponse, + }, + #[experimental("thread/backgroundTerminals/terminate")] + ThreadBackgroundTerminalsTerminate => "thread/backgroundTerminals/terminate" { + params: v2::ThreadBackgroundTerminalsTerminateParams, + serialization: thread_id(params.thread_id), + response: v2::ThreadBackgroundTerminalsTerminateResponse, + }, ThreadRollback => "thread/rollback" { params: v2::ThreadRollbackParams, serialization: thread_id(params.thread_id), @@ -849,6 +886,12 @@ client_request_definitions! { serialization: global("remote-control-pairing"), response: v2::RemoteControlPairingStartResponse, }, + #[experimental("remoteControl/pairing/status")] + RemoteControlPairingStatus => "remoteControl/pairing/status" { + params: v2::RemoteControlPairingStatusParams, + serialization: global_shared_read("remote-control-pairing"), + response: v2::RemoteControlPairingStatusResponse, + }, #[experimental("remoteControl/client/list")] RemoteControlClientsList => "remoteControl/client/list" { params: v2::RemoteControlClientsListParams, @@ -949,6 +992,12 @@ client_request_definitions! { response: v2::GetAccountRateLimitsResponse, }, + GetAccountTokenUsage => "account/usage/read" { + params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>, + serialization: None, + response: v2::GetAccountTokenUsageResponse, + }, + SendAddCreditsNudgeEmail => "account/sendAddCreditsNudgeEmail" { params: v2::SendAddCreditsNudgeEmailParams, serialization: global("account-auth"), @@ -1495,6 +1544,7 @@ server_notification_definitions! { ThreadStarted => "thread/started" (v2::ThreadStartedNotification), ThreadStatusChanged => "thread/status/changed" (v2::ThreadStatusChangedNotification), ThreadArchived => "thread/archived" (v2::ThreadArchivedNotification), + ThreadDeleted => "thread/deleted" (v2::ThreadDeletedNotification), ThreadUnarchived => "thread/unarchived" (v2::ThreadUnarchivedNotification), ThreadClosed => "thread/closed" (v2::ThreadClosedNotification), SkillsChanged => "skills/changed" (v2::SkillsChangedNotification), @@ -1549,6 +1599,8 @@ server_notification_definitions! { ContextCompacted => "thread/compacted" (v2::ContextCompactedNotification), ModelRerouted => "model/rerouted" (v2::ModelReroutedNotification), ModelVerification => "model/verification" (v2::ModelVerificationNotification), + #[experimental("turn/moderationMetadata")] + TurnModerationMetadata => "turn/moderationMetadata" (v2::TurnModerationMetadataNotification), Warning => "warning" (v2::WarningNotification), GuardianWarning => "guardianWarning" (v2::GuardianWarningNotification), DeprecationNotice => "deprecationNotice" (v2::DeprecationNoticeNotification), @@ -2006,6 +2058,19 @@ mod tests { "remote-control-pairing" )) ); + let remote_control_pairing_status = ClientRequest::RemoteControlPairingStatus { + request_id: request_id(), + params: v2::RemoteControlPairingStatusParams { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }, + }; + assert_eq!( + remote_control_pairing_status.serialization_scope(), + Some(ClientRequestSerializationScope::GlobalSharedRead( + "remote-control-pairing" + )) + ); let remote_control_clients_list = ClientRequest::RemoteControlClientsList { request_id: request_id(), params: v2::RemoteControlClientsListParams::default(), @@ -2370,6 +2435,24 @@ mod tests { Ok(()) } + #[test] + fn serialize_get_account_token_usage() -> Result<()> { + let request = ClientRequest::GetAccountTokenUsage { + request_id: RequestId::Integer(1), + params: None, + }; + assert_eq!(request.id(), &RequestId::Integer(1)); + assert_eq!(request.method(), "account/usage/read"); + assert_eq!( + json!({ + "method": "account/usage/read", + "id": 1, + }), + serde_json::to_value(&request)?, + ); + Ok(()) + } + #[test] fn serialize_client_response() -> Result<()> { let cwd = absolute_path("/tmp"); @@ -2876,16 +2959,66 @@ mod tests { Ok(()) } + #[test] + fn serialize_thread_background_terminals_list() -> Result<()> { + let request = ClientRequest::ThreadBackgroundTerminalsList { + request_id: RequestId::Integer(8), + params: v2::ThreadBackgroundTerminalsListParams { + thread_id: "thr_123".to_string(), + cursor: None, + limit: None, + }, + }; + assert_eq!( + json!({ + "method": "thread/backgroundTerminals/list", + "id": 8, + "params": { + "threadId": "thr_123", + "cursor": null, + "limit": null + } + }), + serde_json::to_value(&request)?, + ); + Ok(()) + } + + #[test] + fn serialize_thread_background_terminals_terminate() -> Result<()> { + let request = ClientRequest::ThreadBackgroundTerminalsTerminate { + request_id: RequestId::Integer(8), + params: v2::ThreadBackgroundTerminalsTerminateParams { + thread_id: "thr_123".to_string(), + process_id: "42".to_string(), + }, + }; + assert_eq!( + json!({ + "method": "thread/backgroundTerminals/terminate", + "id": 8, + "params": { + "threadId": "thr_123", + "processId": "42" + } + }), + serde_json::to_value(&request)?, + ); + Ok(()) + } + #[test] fn serialize_thread_realtime_start() -> Result<()> { let request = ClientRequest::ThreadRealtimeStart { request_id: RequestId::Integer(9), params: v2::ThreadRealtimeStartParams { thread_id: "thr_123".to_string(), + model: Some("realtime-treatment-model".to_string()), output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("You are on a call".to_string())), realtime_session_id: Some("sess_456".to_string()), transport: None, + version: Some(RealtimeConversationVersion::V1), voice: Some(RealtimeVoice::Marin), }, }; @@ -2895,10 +3028,12 @@ mod tests { "id": 9, "params": { "threadId": "thr_123", + "model": "realtime-treatment-model", "outputModality": "audio", "prompt": "You are on a call", "realtimeSessionId": "sess_456", "transport": null, + "version": "v1", "voice": "marin" } }), @@ -2913,10 +3048,12 @@ mod tests { request_id: RequestId::Integer(9), params: v2::ThreadRealtimeStartParams { thread_id: "thr_123".to_string(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: None, realtime_session_id: None, transport: None, + version: None, voice: None, }, }; @@ -2926,9 +3063,11 @@ mod tests { "id": 9, "params": { "threadId": "thr_123", + "model": null, "outputModality": "audio", "realtimeSessionId": null, "transport": null, + "version": null, "voice": null } }), @@ -2939,10 +3078,12 @@ mod tests { request_id: RequestId::Integer(9), params: v2::ThreadRealtimeStartParams { thread_id: "thr_123".to_string(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(None), realtime_session_id: None, transport: None, + version: None, voice: None, }, }; @@ -2952,10 +3093,12 @@ mod tests { "id": 9, "params": { "threadId": "thr_123", + "model": null, "outputModality": "audio", "prompt": null, "realtimeSessionId": null, "transport": null, + "version": null, "voice": null } }), @@ -3108,10 +3251,12 @@ mod tests { request_id: RequestId::Integer(1), params: v2::ThreadRealtimeStartParams { thread_id: "thr_123".to_string(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("You are on a call".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, }, }; @@ -3222,6 +3367,21 @@ mod tests { ); } + #[test] + fn turn_moderation_metadata_notification_is_marked_experimental() { + let notification = + ServerNotification::TurnModerationMetadata(v2::TurnModerationMetadataNotification { + thread_id: "thr_123".to_string(), + turn_id: "turn_123".to_string(), + metadata: json!({"presentation": "inline"}), + }); + + assert_eq!( + crate::experimental_api::ExperimentalApi::experimental_reason(¬ification), + Some("turn/moderationMetadata") + ); + } + #[test] fn thread_realtime_started_notification_is_marked_experimental() { let notification = diff --git a/codex-rs/app-server-protocol/src/protocol/event_mapping.rs b/codex-rs/app-server-protocol/src/protocol/event_mapping.rs index 609ca83a5dd..6d6012e19b2 100644 --- a/codex-rs/app-server-protocol/src/protocol/event_mapping.rs +++ b/codex-rs/app-server-protocol/src/protocol/event_mapping.rs @@ -178,6 +178,20 @@ pub fn item_event_to_server_notification( completed_at_ms: end_event.completed_at_ms, }) } + EventMsg::SubAgentActivity(activity) => { + let item = ThreadItem::SubAgentActivity { + id: activity.event_id, + kind: activity.kind.into(), + agent_thread_id: activity.agent_thread_id.to_string(), + agent_path: String::from(activity.agent_path), + }; + ServerNotification::ItemCompleted(ItemCompletedNotification { + thread_id, + turn_id, + item, + completed_at_ms: activity.occurred_at_ms, + }) + } EventMsg::CollabWaitingBegin(begin_event) => { let receiver_thread_ids = begin_event .receiver_thread_ids diff --git a/codex-rs/app-server-protocol/src/protocol/thread_history.rs b/codex-rs/app-server-protocol/src/protocol/thread_history.rs index aa65f9ab9d8..f0b900f08f1 100644 --- a/codex-rs/app-server-protocol/src/protocol/thread_history.rs +++ b/codex-rs/app-server-protocol/src/protocol/thread_history.rs @@ -124,6 +124,14 @@ impl ThreadHistoryBuilder { .or_else(|| self.turns.last().cloned()) } + pub fn turn_snapshot(&self, turn_id: &str) -> Option { + self.current_turn + .as_ref() + .filter(|turn| turn.id == turn_id) + .map(Turn::from) + .or_else(|| self.turns.iter().find(|turn| turn.id == turn_id).cloned()) + } + /// Returns the index of the active turn snapshot within the finished turn list. /// /// When a turn is still open, this is the index it will occupy after @@ -203,6 +211,7 @@ impl ThreadHistoryBuilder { EventMsg::CollabAgentInteractionEnd(payload) => { self.handle_collab_agent_interaction_end(payload) } + EventMsg::SubAgentActivity(payload) => self.handle_sub_agent_activity(payload), EventMsg::CollabWaitingBegin(payload) => self.handle_collab_waiting_begin(payload), EventMsg::CollabWaitingEnd(payload) => self.handle_collab_waiting_end(payload), EventMsg::CollabCloseBegin(payload) => self.handle_collab_close_begin(payload), @@ -621,7 +630,7 @@ impl ThreadHistoryBuilder { receiver_thread_ids: Vec::new(), prompt: Some(payload.prompt.clone()), model: Some(payload.model.clone()), - reasoning_effort: Some(payload.reasoning_effort), + reasoning_effort: Some(payload.reasoning_effort.clone()), agents_states: HashMap::new(), }; self.upsert_item_in_current_turn(item); @@ -656,7 +665,7 @@ impl ThreadHistoryBuilder { receiver_thread_ids, prompt: Some(payload.prompt.clone()), model: Some(payload.model.clone()), - reasoning_effort: Some(payload.reasoning_effort), + reasoning_effort: Some(payload.reasoning_effort.clone()), agents_states, }); } @@ -702,6 +711,18 @@ impl ThreadHistoryBuilder { }); } + fn handle_sub_agent_activity( + &mut self, + payload: &codex_protocol::protocol::SubAgentActivityEvent, + ) { + self.upsert_item_in_current_turn(ThreadItem::SubAgentActivity { + id: payload.event_id.clone(), + kind: payload.kind.into(), + agent_thread_id: payload.agent_thread_id.to_string(), + agent_path: String::from(payload.agent_path.clone()), + }); + } + fn handle_collab_waiting_begin( &mut self, payload: &codex_protocol::protocol::CollabWaitingBeginEvent, @@ -2926,6 +2947,7 @@ mod tests { RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: None, + window_id: None, }), RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent { turn_id: "turn-compact".into(), diff --git a/codex-rs/app-server-protocol/src/protocol/v2/account.rs b/codex-rs/app-server-protocol/src/protocol/v2/account.rs index 83f1bc02b87..58fc93cc76d 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/account.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/account.rs @@ -258,6 +258,33 @@ pub struct GetAccountRateLimitsResponse { pub rate_limits_by_limit_id: Option>, } +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct GetAccountTokenUsageResponse { + pub summary: AccountTokenUsageSummary, + pub daily_usage_buckets: Option>, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct AccountTokenUsageSummary { + pub lifetime_tokens: Option, + pub peak_daily_tokens: Option, + pub longest_running_turn_sec: Option, + pub current_streak_days: Option, + pub longest_streak_days: Option, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct AccountTokenUsageDailyBucket { + pub start_date: String, + pub tokens: i64, +} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] diff --git a/codex-rs/app-server-protocol/src/protocol/v2/apps.rs b/codex-rs/app-server-protocol/src/protocol/v2/apps.rs index 9f46525e6c1..94545eb7886 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/apps.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/apps.rs @@ -102,6 +102,33 @@ pub struct AppInfo { pub plugin_display_names: Vec, } +impl AppInfo { + pub fn category(&self) -> Option { + self.branding + .as_ref() + .and_then(|branding| non_empty_category(branding.category.as_deref())) + .or_else(|| { + self.app_metadata + .as_ref() + .and_then(|metadata| metadata.categories.as_ref()) + .and_then(|categories| { + categories + .iter() + .find_map(|category| non_empty_category(Some(category.as_str()))) + }) + }) + } +} + +fn non_empty_category(category: Option<&str>) -> Option { + let category = category?.trim(); + if category.is_empty() { + None + } else { + Some(category.to_string()) + } +} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] @@ -111,17 +138,18 @@ pub struct AppSummary { pub name: String, pub description: Option, pub install_url: Option, - pub needs_auth: bool, + pub category: Option, } impl From for AppSummary { fn from(value: AppInfo) -> Self { + let category = value.category(); Self { id: value.id, name: value.name, description: value.description, install_url: value.install_url, - needs_auth: false, + category, } } } diff --git a/codex-rs/app-server-protocol/src/protocol/v2/config.rs b/codex-rs/app-server-protocol/src/protocol/v2/config.rs index f40192ddc66..227adffc30b 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/config.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/config.rs @@ -375,7 +375,8 @@ pub struct ConfigRequirements { pub allowed_approvals_reviewers: Option>, pub allowed_sandbox_modes: Option>, pub allowed_windows_sandbox_implementations: Option>, - pub allowed_permissions: Option>, + pub allowed_permission_profiles: Option>, + pub default_permissions: Option, pub allowed_web_search_modes: Option>, pub allow_managed_hooks_only: Option, pub allow_appshots: Option, diff --git a/codex-rs/app-server-protocol/src/protocol/v2/item.rs b/codex-rs/app-server-protocol/src/protocol/v2/item.rs index d68485565ee..29d212ab15f 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/item.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/item.rs @@ -29,6 +29,7 @@ use codex_protocol::protocol::GuardianRiskLevel as CoreGuardianRiskLevel; use codex_protocol::protocol::GuardianUserAuthorization as CoreGuardianUserAuthorization; use codex_protocol::protocol::PatchApplyStatus as CorePatchApplyStatus; use codex_protocol::protocol::ReviewDecision as CoreReviewDecision; +use codex_protocol::protocol::SubAgentActivityKind as CoreSubAgentActivityKind; use codex_utils_absolute_path::AbsolutePathBuf; use schemars::JsonSchema; use serde::Deserialize; @@ -336,6 +337,14 @@ pub enum ThreadItem { }, #[serde(rename_all = "camelCase")] #[ts(rename_all = "camelCase")] + SubAgentActivity { + id: String, + kind: SubAgentActivityKind, + agent_thread_id: String, + agent_path: String, + }, + #[serde(rename_all = "camelCase")] + #[ts(rename_all = "camelCase")] WebSearch { id: String, query: String, @@ -387,6 +396,7 @@ impl ThreadItem { | ThreadItem::McpToolCall { id, .. } | ThreadItem::DynamicToolCall { id, .. } | ThreadItem::CollabAgentToolCall { id, .. } + | ThreadItem::SubAgentActivity { id, .. } | ThreadItem::WebSearch { id, .. } | ThreadItem::ImageView { id, .. } | ThreadItem::ImageGeneration { id, .. } @@ -1004,6 +1014,25 @@ pub enum CollabAgentToolCallStatus { Failed, } +#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub enum SubAgentActivityKind { + Started, + Interacted, + Interrupted, +} + +impl From for SubAgentActivityKind { + fn from(value: CoreSubAgentActivityKind) -> Self { + match value { + CoreSubAgentActivityKind::Started => SubAgentActivityKind::Started, + CoreSubAgentActivityKind::Interacted => SubAgentActivityKind::Interacted, + CoreSubAgentActivityKind::Interrupted => SubAgentActivityKind::Interrupted, + } + } +} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] diff --git a/codex-rs/app-server-protocol/src/protocol/v2/mcp.rs b/codex-rs/app-server-protocol/src/protocol/v2/mcp.rs index ae61f12b2d0..37197a22376 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/mcp.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/mcp.rs @@ -235,6 +235,7 @@ pub enum McpServerStartupState { #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] pub struct McpServerStatusUpdatedNotification { + pub thread_id: Option, pub name: String, pub status: McpServerStartupState, pub error: Option, diff --git a/codex-rs/app-server-protocol/src/protocol/v2/model.rs b/codex-rs/app-server-protocol/src/protocol/v2/model.rs index 7f97d791a60..d8fa2495825 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/model.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/model.rs @@ -8,6 +8,7 @@ use codex_protocol::protocol::ModelVerification as CoreModelVerification; use schemars::JsonSchema; use serde::Deserialize; use serde::Serialize; +use serde_json::Value as JsonValue; use ts_rs::TS; v2_enum_from_core!( @@ -152,3 +153,12 @@ pub struct ModelVerificationNotification { pub turn_id: String, pub verifications: Vec, } + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct TurnModerationMetadataNotification { + pub thread_id: String, + pub turn_id: String, + pub metadata: JsonValue, +} diff --git a/codex-rs/app-server-protocol/src/protocol/v2/plugin.rs b/codex-rs/app-server-protocol/src/protocol/v2/plugin.rs index 1b7e8ba8ffb..c196fba9172 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/plugin.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/plugin.rs @@ -642,9 +642,33 @@ pub struct PluginDetail { pub skills: Vec, pub hooks: Vec, pub apps: Vec, + pub app_templates: Vec, pub mcp_servers: Vec, } +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "SCREAMING_SNAKE_CASE")] +#[ts(export_to = "v2/")] +pub enum AppTemplateUnavailableReason { + NotConfiguredForWorkspace, + NoActiveWorkspace, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct AppTemplateSummary { + pub template_id: String, + pub name: String, + pub description: Option, + pub category: Option, + pub canonical_connector_id: Option, + pub logo_url: Option, + pub logo_url_dark: Option, + pub materialized_app_ids: Vec, + pub reason: Option, +} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] diff --git a/codex-rs/app-server-protocol/src/protocol/v2/realtime.rs b/codex-rs/app-server-protocol/src/protocol/v2/realtime.rs index c6ea0744de2..a86cd8067dc 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/realtime.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/realtime.rs @@ -65,6 +65,9 @@ impl From for CoreRealtimeAudioFrame { #[ts(export_to = "v2/")] pub struct ThreadRealtimeStartParams { pub thread_id: String, + /// Overrides the configured realtime model for this session only. + #[ts(optional = nullable)] + pub model: Option, /// Selects text or audio output for the realtime session. Transport and voice stay /// independent so clients can choose how they connect separately from what the model emits. pub output_modality: RealtimeOutputModality, @@ -80,6 +83,9 @@ pub struct ThreadRealtimeStartParams { pub realtime_session_id: Option, #[ts(optional = nullable)] pub transport: Option, + /// Overrides the configured realtime protocol version for this session only. + #[ts(optional = nullable)] + pub version: Option, #[ts(optional = nullable)] pub voice: Option, } diff --git a/codex-rs/app-server-protocol/src/protocol/v2/remote_control.rs b/codex-rs/app-server-protocol/src/protocol/v2/remote_control.rs index f5f004f7842..0e1809805dc 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/remote_control.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/remote_control.rs @@ -62,6 +62,23 @@ pub struct RemoteControlPairingStartResponse { pub expires_at: i64, } +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct RemoteControlPairingStatusParams { + #[ts(optional = nullable)] + pub pairing_code: Option, + #[ts(optional = nullable)] + pub manual_pairing_code: Option, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct RemoteControlPairingStatusResponse { + pub claimed: bool, +} + #[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, Eq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] diff --git a/codex-rs/app-server-protocol/src/protocol/v2/shared.rs b/codex-rs/app-server-protocol/src/protocol/v2/shared.rs index 9ec1fb80cb3..cb881d62672 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/shared.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/shared.rs @@ -233,7 +233,7 @@ impl From for AskForApproval { pub enum ApprovalsReviewer { #[serde(rename = "user")] User, - #[serde(rename = "guardian_subagent", alias = "auto_review")] + #[serde(rename = "auto_review", alias = "guardian_subagent")] AutoReview, } diff --git a/codex-rs/app-server-protocol/src/protocol/v2/tests.rs b/codex-rs/app-server-protocol/src/protocol/v2/tests.rs index 1c1e92b36f3..c570b87ce4a 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/tests.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/tests.rs @@ -57,6 +57,30 @@ fn test_absolute_path() -> AbsolutePathBuf { absolute_path("readable") } +#[test] +fn thread_sources_round_trip_as_scalar_labels() { + for (source, label) in [ + (ThreadSource::User, "user"), + (ThreadSource::Subagent, "subagent"), + ( + ThreadSource::Feature("automation".to_string()), + "automation", + ), + (ThreadSource::MemoryConsolidation, "memory_consolidation"), + ] { + let value = serde_json::to_value(&source).expect("serialize thread source"); + + assert_eq!(value, json!(label)); + assert_eq!( + serde_json::from_value::(value).expect("deserialize thread source"), + source + ); + + let core_source: codex_protocol::protocol::ThreadSource = source.clone().into(); + assert_eq!(ThreadSource::from(core_source), source); + } +} + #[test] fn approvals_reviewer_serializes_auto_review_and_accepts_legacy_guardian_subagent() { assert_eq!( @@ -65,7 +89,7 @@ fn approvals_reviewer_serializes_auto_review_and_accepts_legacy_guardian_subagen ); assert_eq!( serde_json::to_string(&ApprovalsReviewer::AutoReview).expect("serialize reviewer"), - "\"guardian_subagent\"" + "\"auto_review\"" ); for value in ["user", "auto_review", "guardian_subagent"] { @@ -1674,7 +1698,8 @@ fn config_requirements_granular_allowed_approval_policy_is_marked_experimental() allowed_approvals_reviewers: None, allowed_sandbox_modes: None, allowed_windows_sandbox_implementations: None, - allowed_permissions: None, + allowed_permission_profiles: None, + default_permissions: None, allowed_web_search_modes: None, allow_managed_hooks_only: None, allow_appshots: None, @@ -2039,6 +2064,33 @@ fn mcp_server_status_serializes_absent_server_info_as_null() { ); } +#[test] +fn mcp_server_status_updated_accepts_missing_thread_id() { + let notification: McpServerStatusUpdatedNotification = serde_json::from_value(json!({ + "name": "optional_broken", + "status": "failed", + "error": "handshake failed", + })) + .expect("notification without threadId should deserialize"); + + let expected = McpServerStatusUpdatedNotification { + thread_id: None, + name: "optional_broken".to_string(), + status: McpServerStartupState::Failed, + error: Some("handshake failed".to_string()), + }; + assert_eq!(notification, expected); + assert_eq!( + serde_json::to_value(notification).expect("notification should serialize"), + json!({ + "threadId": null, + "name": "optional_broken", + "status": "failed", + "error": "handshake failed", + }) + ); +} + #[test] fn mcp_server_status_serializes_absent_server_info_metadata_as_null() { let response = ListMcpServerStatusResponse { diff --git a/codex-rs/app-server-protocol/src/protocol/v2/thread.rs b/codex-rs/app-server-protocol/src/protocol/v2/thread.rs index 9dab60a0467..5b412c2edd7 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/thread.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/thread.rs @@ -11,6 +11,8 @@ use super::TurnEnvironmentParams; use super::TurnItemsView; use super::shared::v2_enum_from_core; use codex_experimental_api_macros::ExperimentalApi; +pub use codex_protocol::capabilities::CapabilityRootLocation; +pub use codex_protocol::capabilities::SelectedCapabilityRoot; use codex_protocol::config_types::CollaborationMode; use codex_protocol::config_types::Personality; use codex_protocol::config_types::ReasoningSummary; @@ -107,11 +109,10 @@ pub struct ThreadStartParams { pub service_tier: Option>, #[ts(optional = nullable)] pub cwd: Option, - /// Replace the thread's runtime workspace roots. Relative paths are - /// resolved against the effective cwd for the thread. + /// Replace the thread's runtime workspace roots. Paths must be absolute. #[experimental("thread/start.runtimeWorkspaceRoots")] #[ts(optional = nullable)] - pub runtime_workspace_roots: Option>, + pub runtime_workspace_roots: Option>, #[experimental(nested)] #[ts(optional = nullable)] pub approval_policy: Option, @@ -154,6 +155,10 @@ pub struct ThreadStartParams { #[experimental("thread/start.dynamicTools")] #[ts(optional = nullable)] pub dynamic_tools: Option>, + /// Capability roots selected for this thread by the hosting platform. + #[experimental("thread/start.selectedCapabilityRoots")] + #[ts(optional = nullable)] + pub selected_capability_roots: Option>, /// Test-only experimental field used to validate experimental gating and /// schema filtering behavior in a stable way. #[experimental("thread/start.mockExperimentalField")] @@ -358,11 +363,10 @@ pub struct ThreadResumeParams { pub service_tier: Option>, #[ts(optional = nullable)] pub cwd: Option, - /// Replace the thread's runtime workspace roots. Relative paths are - /// resolved against the effective cwd for the thread. + /// Replace the thread's runtime workspace roots. Paths must be absolute. #[experimental("thread/resume.runtimeWorkspaceRoots")] #[ts(optional = nullable)] - pub runtime_workspace_roots: Option>, + pub runtime_workspace_roots: Option>, #[experimental(nested)] #[ts(optional = nullable)] pub approval_policy: Option, @@ -509,11 +513,10 @@ pub struct ThreadForkParams { pub service_tier: Option>, #[ts(optional = nullable)] pub cwd: Option, - /// Replace the thread's runtime workspace roots. Relative paths are - /// resolved against the effective cwd for the thread. + /// Replace the thread's runtime workspace roots. Paths must be absolute. #[experimental("thread/fork.runtimeWorkspaceRoots")] #[ts(optional = nullable)] - pub runtime_workspace_roots: Option>, + pub runtime_workspace_roots: Option>, #[experimental(nested)] #[ts(optional = nullable)] pub approval_policy: Option, @@ -591,6 +594,18 @@ pub struct ThreadArchiveParams { #[ts(export_to = "v2/")] pub struct ThreadArchiveResponse {} +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadDeleteParams { + pub thread_id: String, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadDeleteResponse {} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] @@ -932,6 +947,57 @@ pub struct ThreadBackgroundTerminalsCleanParams { #[ts(export_to = "v2/")] pub struct ThreadBackgroundTerminalsCleanResponse {} +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadBackgroundTerminalsListParams { + pub thread_id: String, + /// Opaque pagination cursor returned by a previous call. + #[ts(optional = nullable)] + pub cursor: Option, + /// Optional page size. + #[ts(optional = nullable)] + pub limit: Option, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadBackgroundTerminal { + pub item_id: String, + pub process_id: String, + pub command: String, + pub cwd: AbsolutePathBuf, + pub os_pid: Option, + pub cpu_percent: Option, + pub rss_kb: Option, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadBackgroundTerminalsListResponse { + pub data: Vec, + /// Opaque cursor to pass to the next call to continue after the last item. + /// If None, there are no more items to return. + pub next_cursor: Option, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadBackgroundTerminalsTerminateParams { + pub thread_id: String, + pub process_id: String, +} + +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadBackgroundTerminalsTerminateResponse { + pub terminated: bool, +} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] @@ -1327,6 +1393,13 @@ pub struct ThreadArchivedNotification { pub thread_id: String, } +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct ThreadDeletedNotification { + pub thread_id: String, +} + #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)] #[serde(rename_all = "camelCase")] #[ts(export_to = "v2/")] diff --git a/codex-rs/app-server-protocol/src/protocol/v2/thread_data.rs b/codex-rs/app-server-protocol/src/protocol/v2/thread_data.rs index 35b61838719..fc0762361ff 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/thread_data.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/thread_data.rs @@ -7,6 +7,8 @@ use codex_protocol::protocol::SubAgentSource as CoreSubAgentSource; use codex_protocol::protocol::ThreadSource as CoreThreadSource; use codex_utils_absolute_path::AbsolutePathBuf; use schemars::JsonSchema; +use schemars::r#gen::SchemaGenerator; +use schemars::schema::Schema; use serde::Deserialize; use serde::Serialize; use std::path::PathBuf; @@ -61,20 +63,47 @@ impl From for CoreSessionSource { } } -#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)] -#[serde(rename_all = "snake_case")] -#[ts(rename_all = "snake_case", export_to = "v2/")] +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, TS)] +#[serde(try_from = "String", into = "String")] +#[ts(type = "string")] +#[ts(export_to = "v2/")] pub enum ThreadSource { User, Subagent, + Feature(String), MemoryConsolidation, } +impl JsonSchema for ThreadSource { + fn schema_name() -> String { + "ThreadSource".to_string() + } + + fn json_schema(generator: &mut SchemaGenerator) -> Schema { + String::json_schema(generator) + } +} + +impl TryFrom for ThreadSource { + type Error = String; + + fn try_from(value: String) -> Result { + value.parse::().map(Into::into) + } +} + +impl From for String { + fn from(value: ThreadSource) -> Self { + CoreThreadSource::from(value).into() + } +} + impl From for ThreadSource { fn from(value: CoreThreadSource) -> Self { match value { CoreThreadSource::User => ThreadSource::User, CoreThreadSource::Subagent => ThreadSource::Subagent, + CoreThreadSource::Feature(feature) => ThreadSource::Feature(feature), CoreThreadSource::MemoryConsolidation => ThreadSource::MemoryConsolidation, } } @@ -85,6 +114,7 @@ impl From for CoreThreadSource { match value { ThreadSource::User => CoreThreadSource::User, ThreadSource::Subagent => CoreThreadSource::Subagent, + ThreadSource::Feature(feature) => CoreThreadSource::Feature(feature), ThreadSource::MemoryConsolidation => CoreThreadSource::MemoryConsolidation, } } diff --git a/codex-rs/app-server-protocol/src/protocol/v2/turn.rs b/codex-rs/app-server-protocol/src/protocol/v2/turn.rs index f9bfe21479d..836c6d4e969 100644 --- a/codex-rs/app-server-protocol/src/protocol/v2/turn.rs +++ b/codex-rs/app-server-protocol/src/protocol/v2/turn.rs @@ -68,7 +68,13 @@ pub struct TurnStartParams { #[ts(optional = nullable)] pub client_user_message_id: Option, pub input: Vec, - /// Optional turn-scoped Responses API client metadata. + /// Optional metadata to enrich Codex's ResponsesAPI turn metadata. + /// + /// Entries are flattened into the JSON string sent as + /// `client_metadata["x-codex-turn-metadata"]` on ResponsesAPI HTTP and websocket requests. + /// + /// They are not sent as top-level ResponsesAPI `client_metadata` keys, and reserved keys + /// such as `session_id`, `thread_id`, `turn_id`, and `window_id` cannot be overridden. #[experimental("turn/start.responsesapiClientMetadata")] #[ts(optional = nullable)] pub responsesapi_client_metadata: Option>, @@ -76,7 +82,7 @@ pub struct TurnStartParams { #[experimental("turn/start.additionalContext")] #[ts(optional = nullable)] pub additional_context: Option>, - /// Optional turn-scoped environments. + /// Optional environments for this turn and subsequent turns. /// /// Omitted uses the thread sticky environments. Empty disables /// environment access for this turn. Non-empty selects the first @@ -88,11 +94,10 @@ pub struct TurnStartParams { #[ts(optional = nullable)] pub cwd: Option, /// Replace the thread's runtime workspace roots for this turn and - /// subsequent turns. Relative paths are resolved against the effective - /// cwd for the turn. + /// subsequent turns. Paths must be absolute. #[experimental("turn/start.runtimeWorkspaceRoots")] #[ts(optional = nullable)] - pub runtime_workspace_roots: Option>, + pub runtime_workspace_roots: Option>, /// Override the approval policy for this turn and subsequent turns. #[experimental(nested)] #[ts(optional = nullable)] @@ -162,7 +167,13 @@ pub struct TurnSteerParams { #[ts(optional = nullable)] pub client_user_message_id: Option, pub input: Vec, - /// Optional turn-scoped Responses API client metadata. + /// Optional metadata to enrich Codex's ResponsesAPI turn metadata. + /// + /// Entries are flattened into the JSON string sent as + /// `client_metadata["x-codex-turn-metadata"]` on ResponsesAPI HTTP and websocket requests. + /// + /// They are not sent as top-level ResponsesAPI `client_metadata` keys, and reserved keys + /// such as `session_id`, `thread_id`, `turn_id`, and `window_id` cannot be overridden. #[experimental("turn/steer.responsesapiClientMetadata")] #[ts(optional = nullable)] pub responsesapi_client_metadata: Option>, diff --git a/codex-rs/app-server-transport/src/transport/remote_control/enroll.rs b/codex-rs/app-server-transport/src/transport/remote_control/enroll.rs index c491596e659..b4506a3d4c5 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/enroll.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/enroll.rs @@ -3,11 +3,14 @@ use super::pairing_unavailable_error; use super::protocol::EnrollRemoteServerRequest; use super::protocol::EnrollRemoteServerResponse; use super::protocol::RefreshRemoteServerRequest; +use super::protocol::RemoteControlPairingStatusRequest; +use super::protocol::RemoteControlPairingStatusResponse as BackendRemoteControlPairingStatusResponse; use super::protocol::RemoteControlTarget; use super::protocol::StartRemoteControlPairingRequest; use super::protocol::StartRemoteControlPairingResponse; use axum::http::HeaderMap; use codex_app_server_protocol::RemoteControlPairingStartResponse; +use codex_app_server_protocol::RemoteControlPairingStatusResponse; use codex_login::default_client::build_reqwest_client; use codex_state::RemoteControlEnrollmentRecord; use codex_state::StateRuntime; @@ -136,6 +139,69 @@ impl RemoteControlEnrollment { }) } + pub(super) async fn pairing_status( + &self, + request: RemoteControlPairingStatusRequest, + ) -> io::Result { + if self.should_refresh_server_token() { + return Err(pairing_unavailable_error()); + } + let remote_control_token = self + .remote_control_token + .as_deref() + .ok_or_else(pairing_unavailable_error)?; + + let response = build_reqwest_client() + .post(&self.remote_control_target.pair_status_url) + .timeout(REMOTE_CONTROL_PAIRING_TIMEOUT) + .bearer_auth(remote_control_token) + .json(&request) + .send() + .await + .map_err(|err| { + io::Error::other(format!( + "failed to check remote control pairing status at `{}`: {err}", + self.remote_control_target.pair_status_url + )) + })?; + let headers = response.headers().clone(); + let status = response.status(); + let body = response.bytes().await.map_err(|err| { + io::Error::other(format!( + "failed to read remote control pairing status response from `{}`: {err}", + self.remote_control_target.pair_status_url + )) + })?; + let body_preview = preview_remote_control_response_body(&body); + if !status.is_success() { + let error_kind = match status.as_u16() { + 401 | 403 => ErrorKind::PermissionDenied, + 404 | 410 => ErrorKind::InvalidInput, + _ => ErrorKind::Other, + }; + return Err(io::Error::new( + error_kind, + format!( + "remote control pairing status failed at `{}`: HTTP {status}, {}, body: {body_preview}", + self.remote_control_target.pair_status_url, + format_headers(&headers) + ), + )); + } + + let response = serde_json::from_slice::(&body) + .map_err(|err| { + io::Error::other(format!( + "failed to parse remote control pairing status response from `{}`: HTTP {status}, {}, body: {body_preview}, decode error: {err}", + self.remote_control_target.pair_status_url, + format_headers(&headers) + )) + })?; + Ok(RemoteControlPairingStatusResponse { + claimed: response.claimed, + }) + } + pub(super) fn should_refresh_server_token(&self) -> bool { self.remote_control_token.is_none() || self.expires_at.is_none_or(|expires_at| { diff --git a/codex-rs/app-server-transport/src/transport/remote_control/mod.rs b/codex-rs/app-server-transport/src/transport/remote_control/mod.rs index 38e34e6d435..6e8f31d45d3 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/mod.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/mod.rs @@ -9,12 +9,16 @@ mod websocket; use self::auth::load_remote_control_auth; use self::auth::recover_remote_control_auth; use self::enroll::RemoteControlEnrollment; +use self::enroll::enroll_remote_control_server; +use self::enroll::load_persisted_remote_control_enrollment; use self::enroll::refresh_remote_control_server; +use self::enroll::update_persisted_remote_control_enrollment; use crate::transport::remote_control::websocket::RemoteControlChannels; use crate::transport::remote_control::websocket::RemoteControlStatusPublisher; use crate::transport::remote_control::websocket::RemoteControlWebsocket; pub use self::protocol::ClientId; +use self::protocol::RemoteControlPairingStatusCode; use self::protocol::ServerEvent; use self::protocol::StreamId; use self::protocol::normalize_remote_control_url; @@ -28,6 +32,8 @@ use codex_app_server_protocol::RemoteControlClientsRevokeResponse; use codex_app_server_protocol::RemoteControlConnectionStatus; use codex_app_server_protocol::RemoteControlPairingStartParams; use codex_app_server_protocol::RemoteControlPairingStartResponse; +use codex_app_server_protocol::RemoteControlPairingStatusParams; +use codex_app_server_protocol::RemoteControlPairingStatusResponse; use codex_app_server_protocol::RemoteControlStatusChangedNotification; use codex_login::AuthManager; use codex_state::StateRuntime; @@ -36,9 +42,13 @@ use gethostname::gethostname; use std::error::Error; use std::fmt; use std::io; +use std::ops::Deref; +use std::ops::DerefMut; use std::panic::AssertUnwindSafe; use std::sync::Arc; use std::sync::Mutex as StdMutex; +use tokio::sync::Semaphore; +use tokio::sync::SemaphorePermit; use tokio::sync::mpsc; use tokio::sync::oneshot; use tokio::sync::watch; @@ -65,12 +75,81 @@ pub struct RemoteControlHandle { enabled_tx: Arc>, status_tx: Arc>, state_db_available: bool, + state_db: Option>, remote_control_url: String, current_enrollment: CurrentRemoteControlEnrollment, + pairing_persistence_key: RemoteControlPairingPersistenceKey, + pairing_persistence_key_required: bool, auth_manager: Arc, } -type CurrentRemoteControlEnrollment = Arc>>; +// Pairing and websocket connect share one selected server so they cannot enroll or clear +// different persisted rows while either path is awaiting backend I/O. +type CurrentRemoteControlEnrollment = Arc; +type RemoteControlPairingPersistenceKey = watch::Sender>; + +struct RemoteControlEnrollmentState { + enrollment: StdMutex>, + lock: Semaphore, +} + +impl RemoteControlEnrollmentState { + fn new(enrollment: Option) -> Self { + Self { + enrollment: StdMutex::new(enrollment), + lock: Semaphore::new(1), + } + } + + async fn lock(&self) -> RemoteControlEnrollmentLease<'_> { + let permit = match self.lock.acquire().await { + Ok(permit) => permit, + Err(_) => unreachable!("remote control enrollment lock should stay open"), + }; + RemoteControlEnrollmentLease { + state: self, + enrollment: self.snapshot(), + _permit: permit, + } + } + + fn snapshot(&self) -> Option { + self.enrollment + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .clone() + } +} + +struct RemoteControlEnrollmentLease<'a> { + state: &'a RemoteControlEnrollmentState, + enrollment: Option, + _permit: SemaphorePermit<'a>, +} + +impl Deref for RemoteControlEnrollmentLease<'_> { + type Target = Option; + + fn deref(&self) -> &Self::Target { + &self.enrollment + } +} + +impl DerefMut for RemoteControlEnrollmentLease<'_> { + fn deref_mut(&mut self) -> &mut Self::Target { + &mut self.enrollment + } +} + +impl Drop for RemoteControlEnrollmentLease<'_> { + fn drop(&mut self) { + *self + .state + .enrollment + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) = self.enrollment.take(); + } +} #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub struct RemoteControlUnavailable; @@ -126,8 +205,6 @@ impl RemoteControlHandle { *state = false; changed }); - clear_current_enrollment(&self.current_enrollment); - let status = self.status(); info!( enabled_changed, @@ -151,28 +228,30 @@ impl RemoteControlHandle { pub async fn start_pairing( &self, params: RemoteControlPairingStartParams, + app_server_client_name: Option<&str>, ) -> io::Result { - if !*self.enabled_tx.borrow() { - return Err(Self::pairing_disabled_error()); - } let mut auth = load_remote_control_auth(&self.auth_manager) .await .map_err(|_| pairing_unavailable_error())?; - let mut enrollment = { - let current_enrollment = self - .current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner); - current_enrollment - .as_ref() - .filter(|enrollment| enrollment.account_id == auth.account_id) - .cloned() - } - .ok_or_else(pairing_unavailable_error)?; - let installation_id = self.status().installation_id; + let status = self.status(); + let installation_id = status.installation_id; + let app_server_client_name = self.pairing_persistence_key(app_server_client_name)?; + let app_server_client_name = app_server_client_name.as_deref(); + let mut current_enrollment = self.current_enrollment.lock().await; + let mut enrollment = self + .load_or_enroll_pairing_server( + &mut current_enrollment, + &mut auth, + &installation_id, + &status.server_name, + app_server_client_name, + ) + .await?; if enrollment.should_refresh_server_token() { refresh_pairing_enrollment( - &self.current_enrollment, + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, &self.auth_manager, &mut auth, &installation_id, @@ -185,9 +264,11 @@ impl RemoteControlHandle { }; let pairing_response = match enrollment.start_pairing(pairing_request()).await { Err(err) if err.kind() == io::ErrorKind::PermissionDenied => { - clear_pairing_server_token(&self.current_enrollment, &mut enrollment)?; + clear_pairing_server_token(&mut current_enrollment, &mut enrollment)?; refresh_pairing_enrollment( - &self.current_enrollment, + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, &self.auth_manager, &mut auth, &installation_id, @@ -196,16 +277,189 @@ impl RemoteControlHandle { .await?; enrollment.start_pairing(pairing_request()).await } + Err(err) if err.kind() == io::ErrorKind::NotFound => { + clear_pairing_enrollment( + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, + &enrollment, + ) + .await; + enrollment = self + .load_or_enroll_pairing_server( + &mut current_enrollment, + &mut auth, + &installation_id, + &status.server_name, + app_server_client_name, + ) + .await?; + enrollment.start_pairing(pairing_request()).await + } pairing_response => pairing_response, }; if let Err(err) = &pairing_response { match err.kind() { io::ErrorKind::NotFound => { - clear_current_enrollment_if_matches(&self.current_enrollment, &enrollment); + clear_pairing_enrollment( + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, + &enrollment, + ) + .await; return Err(pairing_unavailable_error()); } io::ErrorKind::PermissionDenied => { - clear_pairing_server_token(&self.current_enrollment, &mut enrollment)?; + clear_pairing_server_token(&mut current_enrollment, &mut enrollment)?; + return Err(pairing_unavailable_error()); + } + _ => {} + } + } + let current_auth = load_remote_control_auth(&self.auth_manager) + .await + .map_err(|_| pairing_unavailable_error())?; + if current_auth.account_id != auth.account_id { + return Err(pairing_unavailable_error()); + } + pairing_response + } + + async fn load_or_enroll_pairing_server( + &self, + current_enrollment: &mut Option, + auth: &mut auth::RemoteControlConnectionAuth, + installation_id: &str, + server_name: &str, + app_server_client_name: Option<&str>, + ) -> io::Result { + if let Some(enrollment) = current_enrollment + .as_ref() + .filter(|enrollment| enrollment.account_id == auth.account_id) + .cloned() + { + return Ok(enrollment); + } + + let remote_control_target = normalize_remote_control_url(&self.remote_control_url)?; + let state_db = self + .state_db + .as_deref() + .ok_or_else(pairing_unavailable_error)?; + if let Some(mut enrollment) = load_persisted_remote_control_enrollment( + Some(state_db), + &remote_control_target, + &auth.account_id, + app_server_client_name, + ) + .await? + { + enrollment.server_name = server_name.to_string(); + publish_current_enrollment(current_enrollment, &enrollment); + return Ok(enrollment); + } + + let enrollment = enroll_pairing_server( + &self.auth_manager, + auth, + &remote_control_target, + installation_id, + server_name, + ) + .await?; + update_persisted_remote_control_enrollment( + Some(state_db), + &remote_control_target, + &auth.account_id, + app_server_client_name, + Some(&enrollment), + ) + .await?; + publish_current_enrollment(current_enrollment, &enrollment); + Ok(enrollment) + } + + fn pairing_persistence_key( + &self, + app_server_client_name: Option<&str>, + ) -> io::Result> { + if self.pairing_persistence_key_required && self.pairing_persistence_key.borrow().is_none() + { + let app_server_client_name = + app_server_client_name.ok_or_else(pairing_unavailable_error)?; + self.pairing_persistence_key + .send_replace(Some(app_server_client_name.to_string())); + } + Ok(self.pairing_persistence_key.borrow().clone()) + } + + pub async fn pairing_status( + &self, + params: RemoteControlPairingStatusParams, + ) -> io::Result { + if !*self.enabled_tx.borrow() { + return Err(Self::pairing_disabled_error()); + } + let mut auth = load_remote_control_auth(&self.auth_manager) + .await + .map_err(|_| pairing_unavailable_error())?; + let app_server_client_name = self.pairing_persistence_key.borrow().clone(); + let app_server_client_name = app_server_client_name.as_deref(); + let mut current_enrollment = self.current_enrollment.lock().await; + let mut enrollment = current_enrollment + .as_ref() + .filter(|enrollment| enrollment.account_id == auth.account_id) + .cloned() + .ok_or_else(pairing_unavailable_error)?; + let installation_id = self.status().installation_id; + if enrollment.should_refresh_server_token() { + refresh_pairing_enrollment( + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, + &self.auth_manager, + &mut auth, + &installation_id, + &mut enrollment, + ) + .await?; + } + let status_code = remote_control_pairing_status_code(¶ms)?; + let pairing_status_request = + || protocol::RemoteControlPairingStatusRequest::from(status_code.clone()); + let pairing_status_response = + match enrollment.pairing_status(pairing_status_request()).await { + Err(err) if err.kind() == io::ErrorKind::PermissionDenied => { + clear_pairing_server_token(&mut current_enrollment, &mut enrollment)?; + refresh_pairing_enrollment( + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, + &self.auth_manager, + &mut auth, + &installation_id, + &mut enrollment, + ) + .await?; + enrollment.pairing_status(pairing_status_request()).await + } + pairing_status_response => pairing_status_response, + }; + if let Err(err) = &pairing_status_response { + match err.kind() { + io::ErrorKind::NotFound => { + clear_pairing_enrollment( + &mut current_enrollment, + self.state_db.as_deref(), + app_server_client_name, + &enrollment, + ) + .await; + return Err(pairing_unavailable_error()); + } + io::ErrorKind::PermissionDenied => { + clear_pairing_server_token(&mut current_enrollment, &mut enrollment)?; return Err(pairing_unavailable_error()); } _ => {} @@ -220,7 +474,7 @@ impl RemoteControlHandle { if current_auth.account_id != auth.account_id { return Err(pairing_unavailable_error()); } - pairing_response + pairing_status_response } pub async fn list_clients( @@ -277,8 +531,57 @@ impl RemoteControlHandle { } } +async fn enroll_pairing_server( + auth_manager: &Arc, + auth: &mut auth::RemoteControlConnectionAuth, + remote_control_target: &protocol::RemoteControlTarget, + installation_id: &str, + server_name: &str, +) -> io::Result { + match enroll_remote_control_server(remote_control_target, auth, installation_id, server_name) + .await + { + Ok(enrollment) => return Ok(enrollment), + Err(err) if err.kind() == io::ErrorKind::PermissionDenied => { + let mut auth_recovery = auth_manager.unauthorized_recovery(); + let mut auth_change_rx = auth_manager.auth_change_receiver(); + if !recover_remote_control_auth(&mut auth_recovery, &mut auth_change_rx).await { + return Err(err); + } + *auth = load_remote_control_auth(auth_manager) + .await + .map_err(|_| pairing_unavailable_error())?; + } + Err(err) => return Err(err), + } + enroll_remote_control_server(remote_control_target, auth, installation_id, server_name).await +} + +fn remote_control_pairing_status_code( + params: &RemoteControlPairingStatusParams, +) -> io::Result { + match (¶ms.pairing_code, ¶ms.manual_pairing_code) { + (Some(pairing_code), None) => Ok(RemoteControlPairingStatusCode::PairingCode( + pairing_code.clone(), + )), + (None, Some(manual_pairing_code)) => Ok(RemoteControlPairingStatusCode::ManualPairingCode( + manual_pairing_code.clone(), + )), + (Some(_), Some(_)) => Err(io::Error::new( + io::ErrorKind::InvalidInput, + "remote control pairing status accepts either pairingCode or manualPairingCode, not both", + )), + (None, None) => Err(io::Error::new( + io::ErrorKind::InvalidInput, + "remote control pairing status requires pairingCode or manualPairingCode", + )), + } +} + async fn refresh_pairing_enrollment( - current_enrollment: &CurrentRemoteControlEnrollment, + current_enrollment: &mut Option, + state_db: Option<&StateRuntime>, + app_server_client_name: Option<&str>, auth_manager: &Arc, auth: &mut auth::RemoteControlConnectionAuth, installation_id: &str, @@ -286,7 +589,14 @@ async fn refresh_pairing_enrollment( ) -> io::Result<()> { if let Err(err) = refresh_remote_control_server(auth, installation_id, enrollment).await { if err.kind() != io::ErrorKind::PermissionDenied { - return handle_pairing_refresh_error(current_enrollment, enrollment, err); + return handle_pairing_refresh_error( + current_enrollment, + state_db, + app_server_client_name, + enrollment, + err, + ) + .await; } let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); @@ -300,7 +610,14 @@ async fn refresh_pairing_enrollment( return Err(pairing_unavailable_error()); } if let Err(err) = refresh_remote_control_server(auth, installation_id, enrollment).await { - return handle_pairing_refresh_error(current_enrollment, enrollment, err); + return handle_pairing_refresh_error( + current_enrollment, + state_db, + app_server_client_name, + enrollment, + err, + ) + .await; } } if replace_current_enrollment(current_enrollment, enrollment) { @@ -310,21 +627,54 @@ async fn refresh_pairing_enrollment( } } -fn handle_pairing_refresh_error( - current_enrollment: &CurrentRemoteControlEnrollment, +async fn handle_pairing_refresh_error( + current_enrollment: &mut Option, + state_db: Option<&StateRuntime>, + app_server_client_name: Option<&str>, enrollment: &RemoteControlEnrollment, err: io::Error, ) -> io::Result<()> { if err.kind() == io::ErrorKind::NotFound { - clear_current_enrollment_if_matches(current_enrollment, enrollment); + clear_pairing_enrollment( + current_enrollment, + state_db, + app_server_client_name, + enrollment, + ) + .await; Err(pairing_unavailable_error()) } else { Err(err) } } +async fn clear_pairing_enrollment( + current_enrollment: &mut Option, + state_db: Option<&StateRuntime>, + app_server_client_name: Option<&str>, + enrollment: &RemoteControlEnrollment, +) { + if !clear_current_enrollment_if_matches(current_enrollment, enrollment) { + return; + } + let Some(state_db) = state_db else { + return; + }; + if let Err(err) = update_persisted_remote_control_enrollment( + Some(state_db), + &enrollment.remote_control_target, + &enrollment.account_id, + app_server_client_name, + /*enrollment*/ None, + ) + .await + { + warn!("failed to clear stale pairing enrollment: {err}"); + } +} + fn clear_pairing_server_token( - current_enrollment: &CurrentRemoteControlEnrollment, + current_enrollment: &mut Option, enrollment: &mut RemoteControlEnrollment, ) -> io::Result<()> { enrollment.clear_server_token(); @@ -359,27 +709,16 @@ fn remote_control_status_with_connection_status( } fn publish_current_enrollment( - current_enrollment: &CurrentRemoteControlEnrollment, + current_enrollment: &mut Option, enrollment: &RemoteControlEnrollment, ) { - *current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) = Some(enrollment.clone()); -} - -fn clear_current_enrollment(current_enrollment: &CurrentRemoteControlEnrollment) { - *current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) = None; + *current_enrollment = Some(enrollment.clone()); } fn replace_current_enrollment( - current_enrollment: &CurrentRemoteControlEnrollment, + current_enrollment: &mut Option, enrollment: &RemoteControlEnrollment, ) -> bool { - let mut current_enrollment = current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner); if !current_enrollment .as_ref() .is_some_and(|current| same_remote_control_enrollment(current, enrollment)) @@ -391,17 +730,17 @@ fn replace_current_enrollment( } fn clear_current_enrollment_if_matches( - current_enrollment: &CurrentRemoteControlEnrollment, + current_enrollment: &mut Option, enrollment: &RemoteControlEnrollment, -) { - let mut current_enrollment = current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner); +) -> bool { if current_enrollment .as_ref() .is_some_and(|current| same_remote_control_enrollment(current, enrollment)) { *current_enrollment = None; + true + } else { + false } } @@ -438,9 +777,13 @@ pub async fn start_remote_control( }; let (enabled_tx, enabled_rx) = watch::channel(initial_enabled); - let current_enrollment = Arc::new(StdMutex::new(None)); + let current_enrollment = Arc::new(RemoteControlEnrollmentState::new(/*enrollment*/ None)); let websocket_current_enrollment = current_enrollment.clone(); + let pairing_persistence_key_required = app_server_client_name_rx.is_some(); + let (pairing_persistence_key, _pairing_persistence_key_rx) = watch::channel(None); + let websocket_pairing_persistence_key = pairing_persistence_key.clone(); let handle_auth_manager = auth_manager.clone(); + let handle_state_db = state_db.clone(); let server_name = gethostname().to_string_lossy().trim().to_string(); let remote_control_url = config.remote_control_url; let installation_id = config.installation_id; @@ -490,6 +833,7 @@ pub async fn start_remote_control( transport_event_tx, status_publisher, current_enrollment: websocket_current_enrollment, + pairing_persistence_key: websocket_pairing_persistence_key, }, shutdown_token, enabled_rx, @@ -534,8 +878,11 @@ pub async fn start_remote_control( enabled_tx: Arc::new(enabled_tx), status_tx: Arc::new(status_tx), state_db_available, + state_db: handle_state_db, remote_control_url: handle_remote_control_url, current_enrollment, + pairing_persistence_key, + pairing_persistence_key_required, auth_manager: handle_auth_manager, }, )) diff --git a/codex-rs/app-server-transport/src/transport/remote_control/protocol.rs b/codex-rs/app-server-transport/src/transport/remote_control/protocol.rs index 630fd862c8b..e3c122c1f7c 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/protocol.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/protocol.rs @@ -13,6 +13,7 @@ pub(super) struct RemoteControlTarget { pub(super) enroll_url: String, pub(super) refresh_url: String, pub(super) pair_url: String, + pub(super) pair_status_url: String, } #[derive(Debug, Serialize)] @@ -52,6 +53,40 @@ pub(super) struct StartRemoteControlPairingResponse { pub(super) expires_at: String, } +#[derive(Debug, Serialize)] +pub(super) struct RemoteControlPairingStatusRequest { + #[serde(skip_serializing_if = "Option::is_none")] + pub(super) pairing_code: Option, + #[serde(skip_serializing_if = "Option::is_none")] + pub(super) manual_pairing_code: Option, +} + +#[derive(Clone)] +pub(super) enum RemoteControlPairingStatusCode { + PairingCode(String), + ManualPairingCode(String), +} + +impl From for RemoteControlPairingStatusRequest { + fn from(code: RemoteControlPairingStatusCode) -> Self { + match code { + RemoteControlPairingStatusCode::PairingCode(pairing_code) => Self { + pairing_code: Some(pairing_code), + manual_pairing_code: None, + }, + RemoteControlPairingStatusCode::ManualPairingCode(manual_pairing_code) => Self { + pairing_code: None, + manual_pairing_code: Some(manual_pairing_code), + }, + } + } +} + +#[derive(Debug, Deserialize)] +pub(super) struct RemoteControlPairingStatusResponse { + pub(super) claimed: bool, +} + #[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)] #[serde(transparent)] pub struct ClientId(pub String); @@ -194,6 +229,9 @@ pub(super) fn normalize_remote_control_url( let pair_url = remote_control_url .join("wham/remote/control/server/pair") .map_err(map_url_parse_error)?; + let pair_status_url = remote_control_url + .join("wham/remote/control/server/pair/status") + .map_err(map_url_parse_error)?; let mut websocket_url = remote_control_url .join("wham/remote/control/server") .map_err(map_url_parse_error)?; @@ -215,6 +253,7 @@ pub(super) fn normalize_remote_control_url( enroll_url: enroll_url.to_string(), refresh_url: refresh_url.to_string(), pair_url: pair_url.to_string(), + pair_status_url: pair_status_url.to_string(), }) } @@ -269,6 +308,9 @@ mod tests { .to_string(), pair_url: "https://chatgpt.com/backend-api/wham/remote/control/server/pair" .to_string(), + pair_status_url: + "https://chatgpt.com/backend-api/wham/remote/control/server/pair/status" + .to_string(), } ); assert_eq!( @@ -287,6 +329,9 @@ mod tests { pair_url: "https://api.chatgpt-staging.com/backend-api/wham/remote/control/server/pair" .to_string(), + pair_status_url: + "https://api.chatgpt-staging.com/backend-api/wham/remote/control/server/pair/status" + .to_string(), } ); } @@ -305,6 +350,9 @@ mod tests { .to_string(), pair_url: "http://localhost:8080/backend-api/wham/remote/control/server/pair" .to_string(), + pair_status_url: + "http://localhost:8080/backend-api/wham/remote/control/server/pair/status" + .to_string(), } ); assert_eq!( @@ -320,6 +368,9 @@ mod tests { .to_string(), pair_url: "https://localhost:8443/backend-api/wham/remote/control/server/pair" .to_string(), + pair_status_url: + "https://localhost:8443/backend-api/wham/remote/control/server/pair/status" + .to_string(), } ); } diff --git a/codex-rs/app-server-transport/src/transport/remote_control/tests.rs b/codex-rs/app-server-transport/src/transport/remote_control/tests.rs index a1a284da9b7..1d464048553 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/tests.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/tests.rs @@ -21,6 +21,7 @@ use codex_app_server_protocol::ConfigWarningNotification; use codex_app_server_protocol::JSONRPCMessage; use codex_app_server_protocol::RemoteControlConnectionStatus; use codex_app_server_protocol::RemoteControlPairingStartParams; +use codex_app_server_protocol::RemoteControlPairingStatusParams; use codex_app_server_protocol::RemoteControlStatusChangedNotification; use codex_app_server_protocol::ServerNotification; use codex_config::types::AuthCredentialsStoreMode; @@ -40,7 +41,6 @@ use pretty_assertions::assert_eq; use serde_json::json; use std::collections::BTreeMap; use std::sync::Arc; -use std::sync::Mutex as StdMutex; use tempfile::TempDir; use time::OffsetDateTime; use tokio::io::AsyncBufReadExt; @@ -115,6 +115,8 @@ fn remote_control_auth_dot_json(account_id: Option<&str>) -> AuthDotJson { }), last_refresh: Some(chrono::Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, } } @@ -148,24 +150,29 @@ fn remote_control_handle_with_current_enrollment( }); let remote_control_target = normalize_remote_control_url(remote_control_url) .expect("remote control target should normalize"); - let current_enrollment = Arc::new(StdMutex::new(Some(RemoteControlEnrollment { - remote_control_target, - account_id: "account_id".to_string(), - environment_id: "env_test".to_string(), - server_id: "srv_e_test".to_string(), - server_name: test_server_name(), - remote_control_token: Some(TEST_REMOTE_CONTROL_SERVER_TOKEN.to_string()), - expires_at: Some( - OffsetDateTime::from_unix_timestamp(33_336_362_096) - .expect("future timestamp should parse"), - ), - }))); + let current_enrollment = Arc::new(RemoteControlEnrollmentState::new(Some( + RemoteControlEnrollment { + remote_control_target, + account_id: "account_id".to_string(), + environment_id: "env_test".to_string(), + server_id: "srv_e_test".to_string(), + server_name: test_server_name(), + remote_control_token: Some(TEST_REMOTE_CONTROL_SERVER_TOKEN.to_string()), + expires_at: Some( + OffsetDateTime::from_unix_timestamp(33_336_362_096) + .expect("future timestamp should parse"), + ), + }, + ))); RemoteControlHandle { enabled_tx: Arc::new(enabled_tx), status_tx: Arc::new(status_tx), state_db_available: true, + state_db: None, remote_control_url: remote_control_url.to_string(), current_enrollment, + pairing_persistence_key: watch::channel(None).0, + pairing_persistence_key_required: false, auth_manager, } } @@ -1738,7 +1745,7 @@ async fn remote_control_http_mode_reenrolls_when_refresh_reports_stale_enrollmen } #[tokio::test] -async fn remote_control_http_mode_clears_stale_persisted_enrollment_after_404() { +async fn remote_control_http_mode_reenrolls_after_explicit_missing_server_404() { let listener = TcpListener::bind("127.0.0.1:0") .await .expect("listener should bind"); @@ -1825,7 +1832,12 @@ async fn remote_control_http_mode_clears_stale_persisted_enrollment_after_404() Some("env_stale"), ) .await; - respond_with_status(websocket_request.stream, "404 Not Found", "").await; + respond_with_status( + websocket_request.stream, + "404 Not Found", + &json!({"detail": "Remote app server not found"}).to_string(), + ) + .await; expect_remote_control_status( &mut status_rx, /*expected_status*/ None, @@ -1875,6 +1887,136 @@ async fn remote_control_http_mode_clears_stale_persisted_enrollment_after_404() let _ = remote_task.await; } +#[tokio::test] +async fn remote_control_http_mode_preserves_enrollment_after_generic_websocket_404() { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let codex_home = TempDir::new().expect("temp dir should create"); + let state_db = remote_control_state_runtime(&codex_home).await; + let remote_control_target = + normalize_remote_control_url(&remote_control_url).expect("target should parse"); + let stale_enrollment = RemoteControlEnrollment { + remote_control_target: remote_control_target.clone(), + account_id: "account_id".to_string(), + environment_id: "env_stale".to_string(), + server_id: "srv_e_stale".to_string(), + server_name: "stale-server".to_string(), + remote_control_token: None, + expires_at: None, + }; + update_persisted_remote_control_enrollment( + Some(state_db.as_ref()), + &remote_control_target, + "account_id", + /*app_server_client_name*/ None, + Some(&stale_enrollment), + ) + .await + .expect("stale enrollment should save"); + + let (transport_event_tx, _transport_event_rx) = + mpsc::channel::(CHANNEL_CAPACITY); + let shutdown_token = CancellationToken::new(); + let (remote_task, remote_handle) = start_remote_control( + RemoteControlStartConfig { + remote_control_url, + installation_id: TEST_INSTALLATION_ID.to_string(), + }, + Some(state_db.clone()), + remote_control_auth_manager_with_home(&codex_home), + transport_event_tx, + shutdown_token.clone(), + /*app_server_client_name_rx*/ None, + /*initial_enabled*/ true, + ) + .await + .expect("remote control should start"); + let mut status_rx = remote_handle.status_receiver(); + + let refresh_request = accept_http_request(&listener).await; + assert_eq!( + refresh_request.request_line, + "POST /backend-api/wham/remote/control/server/refresh HTTP/1.1" + ); + respond_with_json( + refresh_request.stream, + remote_control_server_token_response( + &stale_enrollment.server_id, + &stale_enrollment.environment_id, + TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN, + ), + ) + .await; + + let websocket_request = accept_http_request(&listener).await; + assert_eq!( + websocket_request.request_line, + "GET /backend-api/wham/remote/control/server HTTP/1.1" + ); + assert_eq!( + websocket_request.headers.get("x-codex-server-id"), + Some(&stale_enrollment.server_id) + ); + assert_eq!( + websocket_request.headers.get("authorization"), + Some(&format!( + "Bearer {TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN}" + )) + ); + expect_remote_control_status( + &mut status_rx, + /*expected_status*/ None, + Some("env_stale"), + ) + .await; + respond_with_status_and_headers( + websocket_request.stream, + "404 Not Found", + &[("x-request-id", "request-404"), ("cf-ray", "ray-404")], + "Not Found", + ) + .await; + + assert_eq!( + load_persisted_remote_control_enrollment( + Some(state_db.as_ref()), + &remote_control_target, + "account_id", + /*app_server_client_name*/ None, + ) + .await + .expect("stale enrollment should load"), + Some(stale_enrollment.clone()) + ); + + let (handshake_request, _websocket) = accept_remote_control_backend_connection(&listener).await; + assert_eq!( + handshake_request.headers.get("x-codex-server-id"), + Some(&stale_enrollment.server_id) + ); + assert_eq!( + handshake_request.headers.get("authorization"), + Some(&format!( + "Bearer {TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN}" + )) + ); + expect_remote_control_status_snapshot( + &mut status_rx, + RemoteControlStatusChangedNotification { + status: RemoteControlConnectionStatus::Connected, + server_name: test_server_name(), + installation_id: TEST_INSTALLATION_ID.to_string(), + environment_id: Some("env_stale".to_string()), + }, + ) + .await; + + shutdown_token.cancel(); + let _ = remote_task.await; +} + #[derive(Debug)] struct CapturedHttpRequest { stream: TcpStream, diff --git a/codex-rs/app-server-transport/src/transport/remote_control/tests/clients_tests.rs b/codex-rs/app-server-transport/src/transport/remote_control/tests/clients_tests.rs index 22aa290762b..060063909cf 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/tests/clients_tests.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/tests/clients_tests.rs @@ -24,8 +24,11 @@ fn client_management_handle( enabled_tx: Arc::new(enabled_tx), status_tx: Arc::new(status_tx), state_db_available: false, + state_db: None, remote_control_url, - current_enrollment: Arc::new(StdMutex::new(None)), + current_enrollment: Arc::new(RemoteControlEnrollmentState::new(/*enrollment*/ None)), + pairing_persistence_key: watch::channel(None).0, + pairing_persistence_key_required: false, auth_manager, } } diff --git a/codex-rs/app-server-transport/src/transport/remote_control/tests/pairing_tests.rs b/codex-rs/app-server-transport/src/transport/remote_control/tests/pairing_tests.rs index 176aeb4ed5c..fcdd5e30f2b 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/tests/pairing_tests.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/tests/pairing_tests.rs @@ -1,6 +1,8 @@ +use super::super::protocol::RemoteControlPairingStatusRequest; use super::super::protocol::StartRemoteControlPairingRequest; use super::*; use pretty_assertions::assert_eq; +use std::io; fn remote_control_enrollment( remote_control_url: &str, @@ -66,6 +68,36 @@ async fn pairing_response_error(body: serde_json::Value) -> String { err.to_string() } +async fn pairing_status_error(status: &'static str, body: &'static str) -> (io::Error, String) { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let expected_status_url = normalize_remote_control_url(&remote_control_url) + .expect("target should normalize") + .pair_status_url; + let server_task = tokio::spawn(async move { + let status_request = accept_http_request(&listener).await; + respond_with_status_and_headers( + status_request.stream, + status, + &[("x-request-id", "request-123"), ("cf-ray", "ray-123")], + body, + ) + .await; + }); + + let err = remote_control_enrollment(&remote_control_url, "remote-control-token") + .pairing_status(RemoteControlPairingStatusRequest { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }) + .await + .expect_err("pairing status should fail"); + server_task.await.expect("server task should finish"); + (err, expected_status_url) +} + #[tokio::test] async fn remote_control_handle_starts_pairing_before_websocket_connects() { let listener = TcpListener::bind("127.0.0.1:0") @@ -131,13 +163,16 @@ async fn remote_control_handle_starts_pairing_before_websocket_connects() { remote_handle .current_enrollment .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) + .await .as_mut() .expect("current enrollment should exist") .expires_at = Some(OffsetDateTime::now_utc() + time::Duration::seconds(29)); let response = remote_handle - .start_pairing(RemoteControlPairingStartParams { manual_code: true }) + .start_pairing( + RemoteControlPairingStartParams { manual_code: true }, + /*app_server_client_name*/ None, + ) .await .expect("pairing should use the current server before websocket connect"); server_task.await.expect("server task should finish"); @@ -153,6 +188,190 @@ async fn remote_control_handle_starts_pairing_before_websocket_connects() { ); } +#[tokio::test] +async fn remote_control_pairing_status_returns_pending() { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let server_task = tokio::spawn(async move { + let status_request = accept_http_request(&listener).await; + assert_eq!( + status_request.request_line, + "POST /backend-api/wham/remote/control/server/pair/status HTTP/1.1" + ); + assert_eq!( + status_request.headers.get("authorization"), + Some(&"Bearer remote-control-token".to_string()) + ); + assert_eq!( + serde_json::from_str::(&status_request.body) + .expect("status request body should deserialize"), + json!({ "pairing_code": "pairing-code" }) + ); + respond_with_json(status_request.stream, json!({ "claimed": false })).await; + }); + + let response = remote_control_enrollment(&remote_control_url, "remote-control-token") + .pairing_status(RemoteControlPairingStatusRequest { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }) + .await + .expect("pairing status should succeed"); + server_task.await.expect("server task should finish"); + + assert!(!response.claimed); +} + +#[tokio::test] +async fn remote_control_pairing_status_accepts_manual_pairing_code() { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let server_task = tokio::spawn(async move { + let status_request = accept_http_request(&listener).await; + assert_eq!( + status_request.request_line, + "POST /backend-api/wham/remote/control/server/pair/status HTTP/1.1" + ); + assert_eq!( + serde_json::from_str::(&status_request.body) + .expect("status request body should deserialize"), + json!({ "manual_pairing_code": "ABCD-EFGH" }) + ); + respond_with_json(status_request.stream, json!({ "claimed": false })).await; + }); + + let response = remote_control_enrollment(&remote_control_url, "remote-control-token") + .pairing_status(RemoteControlPairingStatusRequest { + pairing_code: None, + manual_pairing_code: Some("ABCD-EFGH".to_string()), + }) + .await + .expect("pairing status should succeed"); + server_task.await.expect("server task should finish"); + + assert!(!response.claimed); +} + +#[tokio::test] +async fn remote_control_pairing_status_returns_claimed() { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let server_task = tokio::spawn(async move { + let status_request = accept_http_request(&listener).await; + assert_eq!( + status_request.request_line, + "POST /backend-api/wham/remote/control/server/pair/status HTTP/1.1" + ); + respond_with_json(status_request.stream, json!({ "claimed": true })).await; + }); + + let response = remote_control_enrollment(&remote_control_url, "remote-control-token") + .pairing_status(RemoteControlPairingStatusRequest { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }) + .await + .expect("pairing status should succeed"); + server_task.await.expect("server task should finish"); + + assert!(response.claimed); +} + +#[tokio::test] +async fn remote_control_handle_refreshes_after_pairing_status_auth_failure() { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let server_task = tokio::spawn(async move { + let stale_status_request = accept_http_request(&listener).await; + assert_eq!( + stale_status_request.request_line, + "POST /backend-api/wham/remote/control/server/pair/status HTTP/1.1" + ); + assert_eq!( + stale_status_request.headers.get("authorization"), + Some(&format!("Bearer {TEST_REMOTE_CONTROL_SERVER_TOKEN}")) + ); + respond_with_status(stale_status_request.stream, "401 Unauthorized", "").await; + + let refresh_request = accept_http_request(&listener).await; + assert_eq!( + refresh_request.request_line, + "POST /backend-api/wham/remote/control/server/refresh HTTP/1.1" + ); + respond_with_json( + refresh_request.stream, + remote_control_server_token_response( + "srv_e_test", + "env_test", + TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN, + ), + ) + .await; + + let refreshed_status_request = accept_http_request(&listener).await; + assert_eq!( + refreshed_status_request.request_line, + "POST /backend-api/wham/remote/control/server/pair/status HTTP/1.1" + ); + assert_eq!( + refreshed_status_request.headers.get("authorization"), + Some(&format!( + "Bearer {TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN}" + )) + ); + respond_with_json(refreshed_status_request.stream, json!({ "claimed": true })).await; + }); + let remote_handle = remote_control_handle_with_current_enrollment( + &remote_control_url, + remote_control_auth_manager(), + ); + + let response = remote_handle + .pairing_status(RemoteControlPairingStatusParams { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }) + .await + .expect("pairing status should refresh after server token auth failure"); + server_task.await.expect("server task should finish"); + + assert!(response.claimed); +} + +#[tokio::test] +async fn remote_control_pairing_status_maps_user_actionable_backend_errors() { + for (status, expected_kind) in [ + ("403 Forbidden", io::ErrorKind::PermissionDenied), + ("404 Not Found", io::ErrorKind::InvalidInput), + ("410 Gone", io::ErrorKind::InvalidInput), + ] { + let (err, _expected_status_url) = pairing_status_error(status, "not available").await; + assert_eq!(err.kind(), expected_kind); + } +} + +#[tokio::test] +async fn remote_control_pairing_status_preserves_decode_error_context() { + let (err, expected_status_url) = pairing_status_error("200 OK", "{").await; + let err = err.to_string(); + + assert!(err.contains(&format!( + "failed to parse remote control pairing status response from `{expected_status_url}`: HTTP 200 OK" + ))); + assert!(err.contains("request-id: request-123")); + assert!(err.contains("cf-ray: ray-123")); + assert!(err.contains("body: {")); + assert!(err.contains("decode error:")); +} + #[tokio::test] async fn remote_control_handle_refreshes_after_pairing_auth_failure() { let listener = TcpListener::bind("127.0.0.1:0") @@ -219,7 +438,10 @@ async fn remote_control_handle_refreshes_after_pairing_auth_failure() { ); let response = remote_handle - .start_pairing(RemoteControlPairingStartParams::default()) + .start_pairing( + RemoteControlPairingStartParams::default(), + /*app_server_client_name*/ None, + ) .await .expect("pairing should refresh after server token auth failure"); server_task.await.expect("server task should finish"); @@ -332,13 +554,16 @@ async fn remote_control_handle_recovers_auth_before_refreshing_pairing() { remote_handle .current_enrollment .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) + .await .as_mut() .expect("current enrollment should exist") .expires_at = Some(OffsetDateTime::now_utc() + time::Duration::seconds(29)); let response = remote_handle - .start_pairing(RemoteControlPairingStartParams::default()) + .start_pairing( + RemoteControlPairingStartParams::default(), + /*app_server_client_name*/ None, + ) .await .expect("pairing should refresh after auth recovery"); server_task.await.expect("server task should finish"); @@ -414,21 +639,137 @@ async fn start_remote_control_pairing_preserves_expiry_parse_error_context() { } #[tokio::test] -async fn remote_control_handle_disable_clears_current_enrollment() { +async fn remote_control_handle_disable_keeps_current_enrollment() { let remote_handle = remote_control_handle_with_current_enrollment( TEST_REMOTE_CONTROL_URL, remote_control_auth_manager(), ); remote_handle.disable(); - remote_handle.enable().expect("enable should succeed"); + assert!( + remote_handle.current_enrollment.lock().await.is_some(), + "disabled remote control should keep the selected pairing server" + ); +} + +#[tokio::test] +async fn remote_control_handle_reenrolls_after_stale_pairing_enrollment() { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let remote_control_url = remote_control_url_for_listener(&listener); + let codex_home = TempDir::new().expect("temp dir should create"); + let state_db = remote_control_state_runtime(&codex_home).await; + let mut remote_handle = remote_control_handle_with_current_enrollment( + &remote_control_url, + remote_control_auth_manager_with_home(&codex_home), + ); + remote_handle.state_db = Some(state_db.clone()); + remote_handle.disable(); + let stale_enrollment = remote_handle + .current_enrollment + .lock() + .await + .clone() + .expect("current enrollment should exist"); + let remote_control_target = stale_enrollment.remote_control_target.clone(); + let refreshed_enrollment = RemoteControlEnrollment { + remote_control_target: remote_control_target.clone(), + account_id: "account_id".to_string(), + environment_id: "env_refreshed".to_string(), + server_id: "srv_e_refreshed".to_string(), + server_name: test_server_name(), + remote_control_token: None, + expires_at: None, + }; + update_persisted_remote_control_enrollment( + Some(state_db.as_ref()), + &remote_control_target, + "account_id", + /*app_server_client_name*/ None, + Some(&stale_enrollment), + ) + .await + .expect("stale enrollment should save"); + let server_refreshed_enrollment = refreshed_enrollment.clone(); + let server_task = tokio::spawn(async move { + let stale_pairing_request = accept_http_request(&listener).await; + assert_eq!( + stale_pairing_request.request_line, + "POST /backend-api/wham/remote/control/server/pair HTTP/1.1" + ); + assert_eq!( + stale_pairing_request.headers.get("authorization"), + Some(&format!("Bearer {TEST_REMOTE_CONTROL_SERVER_TOKEN}")) + ); + respond_with_status(stale_pairing_request.stream, "404 Not Found", "").await; + + let enroll_request = accept_http_request(&listener).await; + assert_eq!( + enroll_request.request_line, + "POST /backend-api/wham/remote/control/server/enroll HTTP/1.1" + ); + respond_with_json( + enroll_request.stream, + remote_control_server_token_response( + &server_refreshed_enrollment.server_id, + &server_refreshed_enrollment.environment_id, + TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN, + ), + ) + .await; + + let refreshed_pairing_request = accept_http_request(&listener).await; + assert_eq!( + refreshed_pairing_request.request_line, + "POST /backend-api/wham/remote/control/server/pair HTTP/1.1" + ); + assert_eq!( + refreshed_pairing_request.headers.get("authorization"), + Some(&format!( + "Bearer {TEST_REFRESHED_REMOTE_CONTROL_SERVER_TOKEN}" + )) + ); + respond_with_json( + refreshed_pairing_request.stream, + json!({ + "pairing_code": "pairing-code", + "manual_pairing_code": "ABCD-EFGH", + "server_id": server_refreshed_enrollment.server_id, + "environment_id": server_refreshed_enrollment.environment_id, + "expires_at": "3026-05-22T12:34:56Z", + }), + ) + .await; + }); + let response = remote_handle + .start_pairing( + RemoteControlPairingStartParams::default(), + /*app_server_client_name*/ None, + ) + .await + .expect("pairing should re-enroll after stale enrollment"); + server_task.await.expect("server task should finish"); + assert_eq!( - remote_handle - .start_pairing(RemoteControlPairingStartParams::default()) - .await - .expect_err("re-enabled remote control should wait for a current server") - .to_string(), - "remote control pairing is unavailable until enrollment completes" + response, + RemoteControlPairingStartResponse { + pairing_code: "pairing-code".to_string(), + manual_pairing_code: Some("ABCD-EFGH".to_string()), + environment_id: "env_refreshed".to_string(), + expires_at: 33_336_362_096, + } + ); + assert_eq!( + load_persisted_remote_control_enrollment( + Some(state_db.as_ref()), + &remote_control_target, + "account_id", + /*app_server_client_name*/ None, + ) + .await + .expect("refreshed enrollment should load"), + Some(refreshed_enrollment) ); } @@ -458,7 +799,10 @@ async fn remote_control_handle_discards_pairing_response_after_auth_change() { let remote_handle = remote_handle.clone(); async move { remote_handle - .start_pairing(RemoteControlPairingStartParams::default()) + .start_pairing( + RemoteControlPairingStartParams::default(), + /*app_server_client_name*/ None, + ) .await } }); diff --git a/codex-rs/app-server-transport/src/transport/remote_control/websocket.rs b/codex-rs/app-server-transport/src/transport/remote_control/websocket.rs index 60792df54c1..ef74527e068 100644 --- a/codex-rs/app-server-transport/src/transport/remote_control/websocket.rs +++ b/codex-rs/app-server-transport/src/transport/remote_control/websocket.rs @@ -1,13 +1,13 @@ use super::CurrentRemoteControlEnrollment; -use super::clear_current_enrollment; +use super::RemoteControlPairingPersistenceKey; use super::protocol::ClientEnvelope; use super::protocol::ClientEvent; use super::protocol::ClientId; use super::protocol::RemoteControlTarget; use super::protocol::ServerEnvelope; use super::protocol::StreamId; -use super::publish_current_enrollment; use super::remote_control_status_with_connection_status; +use super::same_remote_control_enrollment; use super::segment::ClientSegmentObservation; use super::segment::ClientSegmentReassembler; use super::segment::REMOTE_CONTROL_SEGMENT_MAX_BYTES; @@ -55,6 +55,9 @@ use tokio_tungstenite::connect_async; use tokio_tungstenite::tungstenite; use tokio_tungstenite::tungstenite::client::IntoClientRequest; use tokio_util::sync::CancellationToken; + +#[cfg(test)] +use super::RemoteControlEnrollmentState; use tracing::error; use tracing::info; use tracing::warn; @@ -74,6 +77,7 @@ const REMOTE_CONTROL_WEBSOCKET_CONNECT_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(30); const REMOTE_CONTROL_CONNECTION_SHUTDOWN_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(5); +const REMOTE_APP_SERVER_NOT_FOUND_DETAIL: &str = "Remote app server not found"; struct BoundedOutboundBuffer { buffer_by_stream: HashMap<(ClientId, StreamId), VecDeque>, @@ -252,10 +256,10 @@ pub(crate) struct RemoteControlWebsocket { status_publisher: RemoteControlStatusPublisher, shutdown_token: CancellationToken, reconnect_attempt: u64, - enrollment: Option, auth_recovery: UnauthorizedRecovery, auth_change_rx: watch::Receiver, current_enrollment: CurrentRemoteControlEnrollment, + pairing_persistence_key: RemoteControlPairingPersistenceKey, client_tracker: Arc>, state: Arc>, server_event_rx: Arc>>, @@ -294,6 +298,7 @@ pub(super) struct RemoteControlChannels { pub(super) transport_event_tx: mpsc::Sender, pub(super) status_publisher: RemoteControlStatusPublisher, pub(super) current_enrollment: CurrentRemoteControlEnrollment, + pub(super) pairing_persistence_key: RemoteControlPairingPersistenceKey, } #[derive(Clone)] @@ -407,10 +412,10 @@ impl RemoteControlWebsocket { status_publisher: channels.status_publisher, shutdown_token, reconnect_attempt: 0, - enrollment: None, auth_recovery, auth_change_rx, current_enrollment: channels.current_enrollment, + pairing_persistence_key: channels.pairing_persistence_key, client_tracker: Arc::new(Mutex::new(client_tracker)), state: Arc::new(Mutex::new(WebsocketState { outbound_buffer, @@ -457,6 +462,8 @@ impl RemoteControlWebsocket { return; } }; + self.pairing_persistence_key + .send_replace(app_server_client_name.clone()); loop { if !self.wait_until_enabled().await { @@ -579,15 +586,15 @@ impl RemoteControlWebsocket { loop { let subscribe_cursor = self.state.lock().await.subscribe_cursor.clone(); - let enrollment = self.enrollment.as_ref(); + let enrollment = self.current_enrollment.snapshot(); info!( websocket_url = %remote_control_target.websocket_url, installation_id = %self.installation_id, server_name = %self.server_name, reconnect_attempt = self.reconnect_attempt.saturating_add(1), has_enrollment = enrollment.is_some(), - server_id = ?enrollment.map(|enrollment| enrollment.server_id.as_str()), - environment_id = ?enrollment.map(|enrollment| enrollment.environment_id.as_str()), + server_id = ?enrollment.as_ref().map(|enrollment| enrollment.server_id.as_str()), + environment_id = ?enrollment.as_ref().map(|enrollment| enrollment.environment_id.as_str()), subscribe_cursor_present = subscribe_cursor.is_some(), app_server_client_name = ?app_server_client_name, "connecting to app-server remote control websocket" @@ -611,15 +618,17 @@ impl RemoteControlWebsocket { } return ConnectOutcome::Disabled; } - connect_result = connect_remote_control_websocket( - &remote_control_target, - self.state_db.as_deref(), - auth_context, - &mut self.enrollment, - connect_options, - &self.status_publisher, - &self.current_enrollment, - ) => connect_result, + connect_result = async { + connect_remote_control_websocket( + &remote_control_target, + self.state_db.as_deref(), + auth_context, + &self.current_enrollment, + connect_options, + &self.status_publisher, + ) + .await + } => connect_result, }; match connect_result { @@ -631,13 +640,13 @@ impl RemoteControlWebsocket { self.auth_recovery = self.auth_manager.unauthorized_recovery(); self.status_publisher .publish_status(RemoteControlConnectionStatus::Connected); - let enrollment = self.enrollment.as_ref(); + let enrollment = self.current_enrollment.snapshot(); info!( websocket_url = %remote_control_target.websocket_url, installation_id = %self.installation_id, server_name = %self.server_name, - server_id = ?enrollment.map(|enrollment| enrollment.server_id.as_str()), - environment_id = ?enrollment.map(|enrollment| enrollment.environment_id.as_str()), + server_id = ?enrollment.as_ref().map(|enrollment| enrollment.server_id.as_str()), + environment_id = ?enrollment.as_ref().map(|enrollment| enrollment.environment_id.as_str()), subscribe_cursor_present = subscribe_cursor.is_some(), response_headers = %format_headers(response.headers()), "connected to app-server remote control websocket" @@ -656,7 +665,7 @@ impl RemoteControlWebsocket { let reconnect_attempt = self.reconnect_attempt.saturating_add(1); let (reconnect_delay, reconnect_backoff_reset) = next_reconnect_delay(&mut self.reconnect_attempt); - let enrollment = self.enrollment.as_ref(); + let enrollment = self.current_enrollment.snapshot(); warn!( websocket_url = %remote_control_target.websocket_url, installation_id = %self.installation_id, @@ -667,8 +676,8 @@ impl RemoteControlWebsocket { reconnect_delay = ?reconnect_delay, reconnect_backoff_reset, has_enrollment = enrollment.is_some(), - server_id = ?enrollment.map(|enrollment| enrollment.server_id.as_str()), - environment_id = ?enrollment.map(|enrollment| enrollment.environment_id.as_str()), + server_id = ?enrollment.as_ref().map(|enrollment| enrollment.server_id.as_str()), + environment_id = ?enrollment.as_ref().map(|enrollment| enrollment.environment_id.as_str()), subscribe_cursor_present = subscribe_cursor.is_some(), "failed to connect to app-server remote control websocket" ); @@ -1189,19 +1198,127 @@ pub(super) async fn connect_remote_control_websocket( remote_control_target: &RemoteControlTarget, state_db: Option<&StateRuntime>, mut auth_context: RemoteControlAuthContext<'_>, - enrollment: &mut Option, + current_enrollment: &CurrentRemoteControlEnrollment, connect_options: RemoteControlConnectOptions<'_>, status_publisher: &RemoteControlStatusPublisher, - current_enrollment: &CurrentRemoteControlEnrollment, ) -> io::Result<( WebSocketStream>, tungstenite::http::Response<()>, )> { ensure_rustls_crypto_provider(); + let (auth, enrollment) = { + let mut current_enrollment = current_enrollment.lock().await; + let auth = prepare_remote_control_enrollment( + remote_control_target, + state_db, + &mut auth_context, + &mut current_enrollment, + connect_options, + status_publisher, + ) + .await?; + let enrollment = current_enrollment.as_ref().cloned().ok_or_else(|| { + io::Error::other("missing remote control enrollment after enrollment step") + })?; + (auth, enrollment) + }; + let request = build_remote_control_websocket_request( + &remote_control_target.websocket_url, + &enrollment, + connect_options.installation_id, + connect_options.subscribe_cursor, + )?; + + let websocket_connect_result = tokio::time::timeout( + REMOTE_CONTROL_WEBSOCKET_CONNECT_TIMEOUT, + connect_async(request), + ) + .await + .map_err(|_| { + io::Error::new( + ErrorKind::TimedOut, + format!( + "timed out connecting to remote control websocket at `{}` after {:?}", + remote_control_target.websocket_url, REMOTE_CONTROL_WEBSOCKET_CONNECT_TIMEOUT + ), + ) + })?; + + match websocket_connect_result { + Ok((websocket_stream, response)) => Ok((websocket_stream, response.map(|_| ()))), + Err(err) => { + match &err { + tungstenite::Error::Http(response) + if websocket_response_reports_missing_remote_app_server(response) => + { + info!( + "remote control websocket returned HTTP 404; clearing stale enrollment before re-enrolling: websocket_url={}, account_id={}, server_id={}, environment_id={}", + remote_control_target.websocket_url, + auth.account_id, + enrollment.server_id, + enrollment.environment_id + ); + clear_remote_control_enrollment_if_matches( + state_db, + remote_control_target, + &auth.account_id, + connect_options.app_server_client_name, + current_enrollment, + &enrollment, + status_publisher, + ) + .await; + } + tungstenite::Error::Http(response) if response.status().as_u16() == 404 => { + let response_body = response + .body() + .as_deref() + .map(preview_remote_control_response_body) + .unwrap_or_else(|| "".to_string()); + warn!( + websocket_url = %remote_control_target.websocket_url, + account_id = %auth.account_id, + server_id = %enrollment.server_id, + environment_id = %enrollment.environment_id, + response_status = %response.status(), + response_headers = %format_headers(response.headers()), + response_body = %response_body, + "remote control websocket returned unrecognized HTTP 404; preserving enrollment before retry" + ); + } + tungstenite::Error::Http(response) + if matches!(response.status().as_u16(), 401 | 403) => + { + clear_remote_control_server_token_if_matches(current_enrollment, &enrollment) + .await?; + return Err(io::Error::other(format!( + "remote control websocket auth failed with HTTP {}; refreshing server token before reconnect", + response.status() + ))); + } + _ => {} + } + Err(io::Error::other( + format_remote_control_websocket_connect_error( + &remote_control_target.websocket_url, + &err, + ), + )) + } + } +} + +async fn prepare_remote_control_enrollment( + remote_control_target: &RemoteControlTarget, + state_db: Option<&StateRuntime>, + auth_context: &mut RemoteControlAuthContext<'_>, + enrollment: &mut Option, + connect_options: RemoteControlConnectOptions<'_>, + status_publisher: &RemoteControlStatusPublisher, +) -> io::Result { let Some(state_db) = state_db else { *enrollment = None; - clear_current_enrollment(current_enrollment); return Err(io::Error::new( ErrorKind::NotFound, "remote control requires sqlite state db", @@ -1214,7 +1331,6 @@ pub(super) async fn connect_remote_control_websocket( if err.kind() == ErrorKind::PermissionDenied { *enrollment = None; status_publisher.publish_environment_id(/*environment_id*/ None); - clear_current_enrollment(current_enrollment); } return Err(err); } @@ -1231,7 +1347,6 @@ pub(super) async fn connect_remote_control_websocket( ); *enrollment = None; status_publisher.publish_environment_id(/*environment_id*/ None); - clear_current_enrollment(current_enrollment); } if let Some(enrollment) = enrollment.as_mut() { enrollment.remote_control_target = remote_control_target.clone(); @@ -1262,7 +1377,7 @@ pub(super) async fn connect_remote_control_websocket( remote_control_target, state_db, &auth, - &mut auth_context, + auth_context, enrollment, connect_options, status_publisher, @@ -1307,14 +1422,13 @@ pub(super) async fn connect_remote_control_websocket( connect_options.app_server_client_name, enrollment, status_publisher, - current_enrollment, ) .await; enroll_remote_control_server_if_missing( remote_control_target, state_db, &auth, - &mut auth_context, + auth_context, enrollment, connect_options, status_publisher, @@ -1337,82 +1451,19 @@ pub(super) async fn connect_remote_control_websocket( } } - let enrollment_ref = enrollment.as_ref().ok_or_else(|| { - io::Error::other("missing remote control enrollment after enrollment step") - })?; - publish_current_enrollment(current_enrollment, enrollment_ref); - let request = build_remote_control_websocket_request( - &remote_control_target.websocket_url, - enrollment_ref, - connect_options.installation_id, - connect_options.subscribe_cursor, - )?; - - let websocket_connect_result = tokio::time::timeout( - REMOTE_CONTROL_WEBSOCKET_CONNECT_TIMEOUT, - connect_async(request), - ) - .await - .map_err(|_| { - io::Error::new( - ErrorKind::TimedOut, - format!( - "timed out connecting to remote control websocket at `{}` after {:?}", - remote_control_target.websocket_url, REMOTE_CONTROL_WEBSOCKET_CONNECT_TIMEOUT - ), - ) - })?; + Ok(auth) +} - match websocket_connect_result { - Ok((websocket_stream, response)) => Ok((websocket_stream, response.map(|_| ()))), - Err(err) => { - match &err { - tungstenite::Error::Http(response) if response.status().as_u16() == 404 => { - info!( - "remote control websocket returned HTTP 404; clearing stale enrollment before re-enrolling: websocket_url={}, account_id={}, server_id={}, environment_id={}", - remote_control_target.websocket_url, - auth.account_id, - enrollment_ref.server_id, - enrollment_ref.environment_id - ); - clear_remote_control_enrollment( - state_db, - remote_control_target, - &auth.account_id, - connect_options.app_server_client_name, - enrollment, - status_publisher, - current_enrollment, - ) - .await; - } - tungstenite::Error::Http(response) - if matches!(response.status().as_u16(), 401 | 403) => - { - enrollment - .as_mut() - .ok_or_else(|| { - io::Error::other( - "missing remote control enrollment after websocket auth failure", - ) - })? - .clear_server_token(); - clear_current_enrollment(current_enrollment); - return Err(io::Error::other(format!( - "remote control websocket auth failed with HTTP {}; refreshing server token before reconnect", - response.status() - ))); - } - _ => {} - } - Err(io::Error::other( - format_remote_control_websocket_connect_error( - &remote_control_target.websocket_url, - &err, - ), - )) - } - } +fn websocket_response_reports_missing_remote_app_server( + response: &tungstenite::http::Response>>, +) -> bool { + response.status().as_u16() == 404 + && response.body().as_deref().is_some_and(|body| { + serde_json::from_slice::(body).is_ok_and(|body| { + body.get("detail").and_then(serde_json::Value::as_str) + == Some(REMOTE_APP_SERVER_NOT_FOUND_DETAIL) + }) + }) } async fn clear_remote_control_enrollment( @@ -1422,7 +1473,6 @@ async fn clear_remote_control_enrollment( app_server_client_name: Option<&str>, enrollment: &mut Option, status_publisher: &RemoteControlStatusPublisher, - current_enrollment: &CurrentRemoteControlEnrollment, ) { if let Err(clear_err) = update_persisted_remote_control_enrollment( Some(state_db), @@ -1437,7 +1487,51 @@ async fn clear_remote_control_enrollment( } *enrollment = None; status_publisher.publish_environment_id(/*environment_id*/ None); - clear_current_enrollment(current_enrollment); +} + +async fn clear_remote_control_enrollment_if_matches( + state_db: Option<&StateRuntime>, + remote_control_target: &RemoteControlTarget, + account_id: &str, + app_server_client_name: Option<&str>, + current_enrollment: &CurrentRemoteControlEnrollment, + enrollment: &RemoteControlEnrollment, + status_publisher: &RemoteControlStatusPublisher, +) { + let Some(state_db) = state_db else { + return; + }; + let mut current_enrollment = current_enrollment.lock().await; + if !current_enrollment + .as_ref() + .is_some_and(|current| same_remote_control_enrollment(current, enrollment)) + { + return; + } + clear_remote_control_enrollment( + state_db, + remote_control_target, + account_id, + app_server_client_name, + &mut current_enrollment, + status_publisher, + ) + .await; +} + +async fn clear_remote_control_server_token_if_matches( + current_enrollment: &CurrentRemoteControlEnrollment, + enrollment: &RemoteControlEnrollment, +) -> io::Result<()> { + let mut current_enrollment = current_enrollment.lock().await; + current_enrollment + .as_mut() + .filter(|current| same_remote_control_enrollment(current, enrollment)) + .ok_or_else(|| { + io::Error::other("missing remote control enrollment after websocket auth failure") + })? + .clear_server_token(); + Ok(()) } async fn enroll_remote_control_server_if_missing( @@ -1585,8 +1679,10 @@ mod tests { } } - fn test_current_enrollment() -> CurrentRemoteControlEnrollment { - Arc::new(std::sync::Mutex::new(None)) + fn test_current_enrollment( + enrollment: Option, + ) -> CurrentRemoteControlEnrollment { + Arc::new(RemoteControlEnrollmentState::new(enrollment)) } #[test] @@ -1609,6 +1705,46 @@ mod tests { assert_eq!(reconnect_attempt, 1); } + #[test] + fn websocket_404_only_reports_explicit_missing_remote_app_server() { + let cases = [ + ( + Some(br#"{"detail":"Remote app server not found"}"#.to_vec()), + true, + ), + ( + Some(br#" { "detail": "Remote app server not found", "extra": true } "#.to_vec()), + true, + ), + (Some(br#"{"detail":"Not Found"}"#.to_vec()), false), + (Some(b"Not Found".to_vec()), false), + (Some(b"{".to_vec()), false), + (Some(Vec::new()), false), + (None, false), + ]; + + for (body, expected) in cases { + let response = tungstenite::http::Response::builder() + .status(/*status*/ 404) + .body(body) + .expect("response should build"); + assert_eq!( + websocket_response_reports_missing_remote_app_server(&response), + expected + ); + } + + let response = tungstenite::http::Response::builder() + .status(/*status*/ 503) + .body(Some( + br#"{"detail":"Remote app server not found"}"#.to_vec(), + )) + .expect("response should build"); + assert!(!websocket_response_reports_missing_remote_app_server( + &response + )); + } + fn remote_control_status_channel() -> ( RemoteControlStatusPublisher, watch::Receiver, @@ -1705,6 +1841,8 @@ mod tests { }), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, } } @@ -1739,10 +1877,9 @@ mod tests { let auth_manager = remote_control_auth_manager(); let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); - let mut enrollment = Some(remote_control_enrollment(Some( + let current_enrollment = test_current_enrollment(Some(remote_control_enrollment(Some( TEST_REMOTE_CONTROL_SERVER_TOKEN, - ))); - let current_enrollment = test_current_enrollment(); + )))); let (status_publisher, status_rx) = remote_control_status_channel(); let err = match connect_remote_control_websocket( @@ -1753,7 +1890,7 @@ mod tests { auth_recovery: &mut auth_recovery, auth_change_rx: &mut auth_change_rx, }, - &mut enrollment, + ¤t_enrollment, RemoteControlConnectOptions { installation_id: TEST_INSTALLATION_ID, server_name: "test-server", @@ -1761,7 +1898,6 @@ mod tests { app_server_client_name: None, }, &status_publisher, - ¤t_enrollment, ) .await { @@ -1771,12 +1907,7 @@ mod tests { server_task.await.expect("server task should succeed"); assert_eq!(err.to_string(), expected_error); - assert!( - current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .is_some() - ); + assert!(current_enrollment.lock().await.is_some()); assert_eq!( status_rx.borrow().clone(), RemoteControlStatusChangedNotification { @@ -1801,10 +1932,9 @@ mod tests { let auth_manager = remote_control_auth_manager(); let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); - let mut enrollment = Some(remote_control_enrollment(Some( + let current_enrollment = test_current_enrollment(Some(remote_control_enrollment(Some( TEST_REMOTE_CONTROL_SERVER_TOKEN, - ))); - let current_enrollment = test_current_enrollment(); + )))); let (status_publisher, status_rx) = remote_control_status_channel(); let server_task = tokio::spawn(async move { @@ -1824,7 +1954,7 @@ mod tests { auth_recovery: &mut auth_recovery, auth_change_rx: &mut auth_change_rx, }, - &mut enrollment, + ¤t_enrollment, RemoteControlConnectOptions { installation_id: TEST_INSTALLATION_ID, server_name: "test-server", @@ -1832,7 +1962,6 @@ mod tests { app_server_client_name: None, }, &status_publisher, - ¤t_enrollment, ) .await .expect_err("unauthorized response should fail the websocket connect"); @@ -1853,13 +1982,7 @@ mod tests { ); let mut expected_enrollment = remote_control_enrollment(/*remote_control_token*/ None); expected_enrollment.remote_control_target = remote_control_target; - assert_eq!(enrollment, Some(expected_enrollment)); - assert!( - current_enrollment - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .is_none() - ); + assert_eq!(*current_enrollment.lock().await, Some(expected_enrollment)); } #[tokio::test] @@ -1896,7 +2019,7 @@ mod tests { .await; let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); - let mut enrollment = None; + let current_enrollment = test_current_enrollment(/*enrollment*/ None); let (status_publisher, status_rx) = remote_control_status_channel(); save_auth( codex_home.path(), @@ -1913,7 +2036,7 @@ mod tests { auth_recovery: &mut auth_recovery, auth_change_rx: &mut auth_change_rx, }, - &mut enrollment, + ¤t_enrollment, RemoteControlConnectOptions { installation_id: TEST_INSTALLATION_ID, server_name: "test-server", @@ -1921,7 +2044,6 @@ mod tests { app_server_client_name: None, }, &status_publisher, - &test_current_enrollment(), ) .await .expect_err("unauthorized enrollment should fail the websocket connect"); @@ -1989,9 +2111,9 @@ mod tests { .await; let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); - let mut enrollment = Some(remote_control_enrollment( + let current_enrollment = test_current_enrollment(Some(remote_control_enrollment( /*remote_control_token*/ None, - )); + ))); let (status_publisher, status_rx) = remote_control_status_channel(); save_auth( codex_home.path(), @@ -2008,7 +2130,7 @@ mod tests { auth_recovery: &mut auth_recovery, auth_change_rx: &mut auth_change_rx, }, - &mut enrollment, + ¤t_enrollment, RemoteControlConnectOptions { installation_id: TEST_INSTALLATION_ID, server_name: "test-server", @@ -2016,7 +2138,6 @@ mod tests { app_server_client_name: None, }, &status_publisher, - &test_current_enrollment(), ) .await .expect_err("unauthorized refresh should fail the websocket connect"); @@ -2061,9 +2182,9 @@ mod tests { let auth_manager = remote_control_auth_manager(); let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); - let mut enrollment = Some(remote_control_enrollment(Some( + let current_enrollment = test_current_enrollment(Some(remote_control_enrollment(Some( TEST_REMOTE_CONTROL_SERVER_TOKEN, - ))); + )))); let (status_publisher, _status_rx) = remote_control_status_channel(); let err = connect_remote_control_websocket( @@ -2074,7 +2195,7 @@ mod tests { auth_recovery: &mut auth_recovery, auth_change_rx: &mut auth_change_rx, }, - &mut enrollment, + ¤t_enrollment, RemoteControlConnectOptions { installation_id: TEST_INSTALLATION_ID, server_name: "test-server", @@ -2082,14 +2203,13 @@ mod tests { app_server_client_name: None, }, &status_publisher, - &test_current_enrollment(), ) .await .expect_err("missing sqlite state db should fail remote control"); assert_eq!(err.kind(), ErrorKind::NotFound); assert_eq!(err.to_string(), "remote control requires sqlite state db"); - assert_eq!(enrollment, None); + assert_eq!(*current_enrollment.lock().await, None); } #[tokio::test] @@ -2107,9 +2227,9 @@ mod tests { .await; let mut auth_recovery = auth_manager.unauthorized_recovery(); let mut auth_change_rx = auth_manager.auth_change_receiver(); - let mut enrollment = Some(remote_control_enrollment(Some( + let current_enrollment = test_current_enrollment(Some(remote_control_enrollment(Some( TEST_REMOTE_CONTROL_SERVER_TOKEN, - ))); + )))); let (status_publisher, mut status_rx) = remote_control_status_channel(); status_publisher.publish_environment_id(Some("env_test".to_string())); status_rx @@ -2125,7 +2245,7 @@ mod tests { auth_recovery: &mut auth_recovery, auth_change_rx: &mut auth_change_rx, }, - &mut enrollment, + ¤t_enrollment, RemoteControlConnectOptions { installation_id: TEST_INSTALLATION_ID, server_name: "test-server", @@ -2133,7 +2253,6 @@ mod tests { app_server_client_name: None, }, &status_publisher, - &test_current_enrollment(), ) .await .expect_err("missing auth should fail remote control"); @@ -2143,7 +2262,7 @@ mod tests { err.to_string(), "remote control requires ChatGPT authentication" ); - assert_eq!(enrollment, None); + assert_eq!(*current_enrollment.lock().await, None); assert_eq!( status_rx.borrow().clone(), RemoteControlStatusChangedNotification { @@ -2185,7 +2304,8 @@ mod tests { RemoteControlChannels { transport_event_tx, status_publisher, - current_enrollment: test_current_enrollment(), + current_enrollment: test_current_enrollment(/*enrollment*/ None), + pairing_persistence_key: watch::channel(None).0, }, shutdown_token, enabled_rx, diff --git a/codex-rs/app-server/Cargo.toml b/codex-rs/app-server/Cargo.toml index 37cdf219bfb..3d08059a63c 100644 --- a/codex-rs/app-server/Cargo.toml +++ b/codex-rs/app-server/Cargo.toml @@ -22,7 +22,6 @@ workspace = true [dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } base64 = { workspace = true } axum = { workspace = true, default-features = false, features = [ "http1", @@ -36,11 +35,13 @@ codex-cloud-config = { workspace = true } codex-config = { workspace = true } codex-core = { workspace = true } codex-core-plugins = { workspace = true } +codex-home = { workspace = true } codex-exec-server = { workspace = true } codex-extension-api = { workspace = true } codex-external-agent-migration = { workspace = true } codex-external-agent-sessions = { workspace = true } codex-features = { workspace = true } +codex-goal-extension = { workspace = true } codex-guardian = { workspace = true } codex-git-utils = { workspace = true } codex-file-watcher = { workspace = true } @@ -48,6 +49,7 @@ codex-hooks = { workspace = true } codex-otel = { workspace = true } codex-plugin = { workspace = true } codex-shell-command = { workspace = true } +codex-skills-extension = { workspace = true } codex-utils-cli = { workspace = true } codex-utils-pty = { workspace = true } codex-backend-client = { workspace = true } @@ -59,6 +61,7 @@ codex-memories-extension = { workspace = true } codex-web-search-extension = { workspace = true } codex-memories-write = { workspace = true } codex-mcp = { workspace = true } +codex-mcp-extension = { workspace = true } codex-model-provider = { workspace = true } codex-models-manager = { workspace = true } codex-protocol = { workspace = true } @@ -73,6 +76,7 @@ codex-thread-store = { workspace = true } codex-tools = { workspace = true } codex-utils-absolute-path = { workspace = true } codex-utils-json-to-toml = { workspace = true } +codex-utils-path-uri = { workspace = true } chrono = { workspace = true } clap = { workspace = true, features = ["derive"] } futures = { workspace = true } diff --git a/codex-rs/app-server/README.md b/codex-rs/app-server/README.md index dc02ff8c049..42ac510a8a1 100644 --- a/codex-rs/app-server/README.md +++ b/codex-rs/app-server/README.md @@ -130,7 +130,7 @@ Example with notification opt-out: ## API Overview -- `thread/start` — create a new thread; emits `thread/started` (including the current `thread.status`) and auto-subscribes you to turn/item events for that thread. When the request includes a `cwd` and the resolved sandbox is `workspace-write` or full access, app-server also marks that project as trusted in the user `config.toml`. Pass `sessionStartSource: "clear"` when starting a replacement thread after clearing the current session so `SessionStart` hooks receive `source: "clear"` instead of the default `"startup"`. Experimental `runtimeWorkspaceRoots` replaces the thread-scoped runtime workspace roots used to materialize `:workspace_roots`; relative paths resolve against the effective thread cwd. For permissions, prefer experimental `permissions` profile selection by id; the legacy `sandbox` shorthand is still accepted but cannot be combined with `permissions`. Experimental `environments` selects the sticky execution environments for turns on the thread; omit it to use the server default, pass `[]` to disable environments, or pass explicit environment ids with per-environment `cwd`. +- `thread/start` — create a new thread; emits `thread/started` (including the current `thread.status`) and auto-subscribes you to turn/item events for that thread. When the request includes a `cwd` and the resolved sandbox is `workspace-write` or full access, app-server also marks that project as trusted in the user `config.toml`. Pass `sessionStartSource: "clear"` when starting a replacement thread after clearing the current session so `SessionStart` hooks receive `source: "clear"` instead of the default `"startup"`. Experimental `runtimeWorkspaceRoots` replaces the thread-scoped runtime workspace roots used to materialize `:workspace_roots`; paths must be absolute. For permissions, prefer experimental `permissions` profile selection by id; the legacy `sandbox` shorthand is still accepted but cannot be combined with `permissions`. Experimental `environments` selects the sticky execution environments for turns on the thread; omit it to use the server default, pass `[]` to disable environments, or pass explicit environment ids with per-environment `cwd`. Experimental `selectedCapabilityRoots` selects environment-owned plugin or standalone-skill roots. Skills found below those roots are listed and read through the owning environment; other plugin capabilities are not activated yet. - `thread/resume` — reopen an existing thread by id so subsequent `turn/start` calls append to it. Accepts the same permission override rules as `thread/start`. - `thread/fork` — fork an existing thread into a new thread id by copying the stored history; if the source thread is currently mid-turn, the fork records the same interruption marker as `turn/interrupt` instead of inheriting an unmarked partial turn suffix. The returned `thread.forkedFromId` points at the source thread when known. Accepts `ephemeral: true` for an in-memory temporary fork, emits `thread/started` (including the current `thread.status`), and auto-subscribes you to turn/item events for the new thread. Experimental clients can pass `excludeTurns: true` when they plan to page fork history via `thread/turns/list` instead of receiving the full turn array immediately. Accepts the same permission override rules as `thread/start`. - `thread/start`, `thread/resume`, and `thread/fork` responses include the legacy `sandbox` compatibility projection. Experimental clients can read `runtimeWorkspaceRoots` for the thread-scoped runtime roots and `activePermissionProfile` for the named or implicit built-in profile identity/provenance when known. @@ -151,18 +151,21 @@ Example with notification opt-out: - `thread/settings/updated` — experimental notification emitted to subscribed clients when a loaded thread’s effective next-turn settings change; includes `threadId` and the full `threadSettings`. - `thread/status/changed` — notification emitted when a loaded thread’s status changes (`threadId` + new `status`). - `thread/archive` — move a thread’s rollout file into the archived directory and attempt to move any spawned descendant thread rollout files; returns `{}` on success and emits `thread/archived` for each archived thread. +- `thread/delete` — hard-delete an active or archived thread and any spawned descendant threads; returns `{}` on success and emits `thread/deleted` for each deleted thread. - `thread/unsubscribe` — unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server keeps the thread loaded and unloads it only after it has had no subscribers and no thread activity for 30 minutes, then emits `thread/closed`. - `thread/name/set` — set or update a thread’s user-facing name for either a loaded thread or a persisted rollout; returns `{}` on success and emits `thread/name/updated` to initialized, opted-in clients. Thread names are not required to be unique; name lookups resolve to the most recently updated thread. - `thread/unarchive` — move an archived rollout file back into the sessions directory; returns the restored `thread` on success and emits `thread/unarchived`. - `thread/compact/start` — trigger conversation history compaction for a thread; returns `{}` immediately while progress streams through standard turn/item notifications. - `thread/shellCommand` — run a user-initiated `!` shell command against a thread; this runs unsandboxed with full access rather than inheriting the thread sandbox policy. Returns `{}` immediately while progress streams through standard turn/item notifications and any active turn receives the formatted output in its message stream. - `thread/backgroundTerminals/clean` — terminate all running background terminals for a thread (experimental; requires `capabilities.experimentalApi`); returns `{}` when the cleanup request is accepted. +- `thread/backgroundTerminals/list` — list running background terminals for a loaded thread (experimental; requires `capabilities.experimentalApi`); returns `data` with the running terminal ids. +- `thread/backgroundTerminals/terminate` — terminate one running background terminal by app-server `processId` (experimental; requires `capabilities.experimentalApi`); returns whether a process was terminated. - `thread/rollback` — drop the last N turns from the agent’s in-memory context and persist a rollback marker in the rollout so future resumes see the pruned history; returns the updated `thread` (with `turns` populated) on success. -- `turn/start` — add user input to a thread and begin Codex generation; responds with the initial `turn` object and streams `turn/started`, `item/*`, and `turn/completed` notifications. `clientUserMessageId` is optional; when supplied, the corresponding `userMessage` item echoes it as `clientId`. Experimental `runtimeWorkspaceRoots` replaces the thread-scoped runtime workspace roots used to materialize `:workspace_roots`; relative paths resolve against the effective turn cwd. Prefer experimental `permissions` profile selection by id for permission overrides; the legacy `sandboxPolicy` field is still accepted but cannot be combined with `permissions`. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode". +- `turn/start` — add user input to a thread and begin Codex generation; responds with the initial `turn` object and streams `turn/started`, `item/*`, and `turn/completed` notifications. `clientUserMessageId` is optional; when supplied, the corresponding `userMessage` item echoes it as `clientId`. Experimental `runtimeWorkspaceRoots` replaces the thread-scoped runtime workspace roots used to materialize `:workspace_roots`; paths must be absolute. Prefer experimental `permissions` profile selection by id for permission overrides; the legacy `sandboxPolicy` field is still accepted but cannot be combined with `permissions`. For `collaborationMode`, `settings.developer_instructions: null` means "use built-in instructions for the selected mode". - `thread/inject_items` — append raw Responses API items to a loaded thread’s model-visible history without starting a user turn; returns `{}` on success. - `turn/steer` — add user input to an already in-flight regular turn without starting a new turn; returns the active `turnId` that accepted the input. `clientUserMessageId` is optional; when supplied, the corresponding `userMessage` item echoes it as `clientId`. Review and manual compaction turns reject `turn/steer`. - `turn/interrupt` — request cancellation of an in-flight turn by `(thread_id, turn_id)`; success is an empty `{}` response and the turn finishes with `status: "interrupted"`. -- `thread/realtime/start` — start a thread-scoped realtime session (experimental); pass `outputModality: "text"` or `outputModality: "audio"` to choose model output, returns `{}` and streams `thread/realtime/*` notifications. Omit `transport` for the websocket transport, or pass `{ "type": "webrtc", "sdp": "..." }` to create a WebRTC session from a browser-generated SDP offer; the remote answer SDP is emitted as `thread/realtime/sdp`. +- `thread/realtime/start` — start a thread-scoped realtime session (experimental); pass `outputModality: "text"` or `outputModality: "audio"` to choose model output, and optionally pass `model` and `version` to override configured realtime selection for this session only. Returns `{}` and streams `thread/realtime/*` notifications. Omit `transport` for the websocket transport, or pass `{ "type": "webrtc", "sdp": "..." }` to create a WebRTC session from a browser-generated SDP offer; the remote answer SDP is emitted as `thread/realtime/sdp`. - `thread/realtime/appendAudio` — append an input audio chunk to the active realtime session (experimental); returns `{}`. - `thread/realtime/appendText` — append text input to the active realtime session (experimental); returns `{}`. - `thread/realtime/stop` — stop the active realtime session for the thread (experimental); returns `{}`. @@ -188,11 +191,11 @@ Example with notification opt-out: - `fs/watch` — subscribe this connection to filesystem change notifications for an absolute file or directory path and caller-provided `watchId`; returns the canonicalized `path`. - `fs/unwatch` — stop sending notifications for a prior `fs/watch`; returns `{}`. - `fs/changed` — notification emitted when watched paths change, including the `watchId` and `changedPaths`. -- `model/list` — list available models (set `includeHidden: true` to include entries with `hidden: true`), with reasoning effort options, `additionalSpeedTiers`, `serviceTiers`, optional `defaultServiceTier`, optional legacy `upgrade` model ids, optional `upgradeInfo` metadata (`model`, `upgradeCopy`, `modelLink`, `migrationMarkdown`), and optional `availabilityNux` metadata. +- `model/list` — list available models (set `includeHidden: true` to include entries with `hidden: true`), with model-advertised string reasoning effort options in the catalog's intended progression order, `additionalSpeedTiers`, `serviceTiers`, optional `defaultServiceTier`, optional legacy `upgrade` model ids, optional `upgradeInfo` metadata (`model`, `upgradeCopy`, `modelLink`, `migrationMarkdown`), and optional `availabilityNux` metadata. Clients should preserve the `supportedReasoningEfforts` array order rather than deriving order from the effort names. - `modelProvider/capabilities/read` — read provider-level capabilities for the currently configured model provider. - `experimentalFeature/list` — list feature flags with stage metadata (`beta`, `underDevelopment`, `stable`, etc.), enabled/default-enabled state, and cursor pagination. Pass `threadId` when showing feature state for an existing loaded thread so `enabled` is computed from that thread's refreshed config, including project-local config for the thread's cwd; if omitted, the server uses its default config resolution context. For non-beta flags, `displayName`/`description`/`announcement` are `null`. - `permissionProfile/list` — beta; list available permission profile ids with optional display `description` text, using cursor pagination. Pass `cwd` when the caller needs project-local `[permissions.]` entries to be included in the current catalog view. -- `experimentalFeature/enablement/set` — patch the in-memory process-wide runtime feature enablement for currently supported feature keys. For each feature, precedence is: cloud requirements > --enable > config.toml > experimentalFeature/enablement/set (new) > code default. +- `experimentalFeature/enablement/set` — patch the in-memory process-wide runtime feature enablement for currently supported feature keys. For each feature, precedence is: cloud requirements > --enable > config.toml > experimentalFeature/enablement/set (new) > code default. Invalid keys will be ignored. - `environment/add` — experimental; add or replace a named remote environment by `environmentId` and `execServerUrl` for later selection by `thread/start` or `turn/start`; returns `{}` and does not change the default environment. - `collaborationMode/list` — list available collaboration mode presets (experimental, no pagination). Built-in presets do not select a model; the Plan preset selects medium reasoning effort. This response omits built-in developer instructions; clients should either pass `settings.developer_instructions: null` when setting a mode to use Codex's built-in instructions, or provide their own instructions explicitly. - `skills/list` — list skills for one or more `cwd` values (optional `forceReload`). @@ -203,7 +206,7 @@ Example with notification opt-out: - `marketplace/upgrade` — upgrade all configured Git plugin marketplaces, or one named marketplace when `marketplaceName` is provided. Returns selected marketplace names, upgraded roots, and per-marketplace errors. - `plugin/list` — list discovered plugin marketplaces and plugin state, including effective marketplace install/auth policy metadata, plugin `availability` (`AVAILABLE` by default or `DISABLED_BY_ADMIN` for remote plugins blocked upstream), fail-open `marketplaceLoadErrors` entries for marketplace files that could not be parsed or loaded, and best-effort `featuredPluginIds` for the official curated marketplace. `interface.category` uses the marketplace category when present; otherwise it falls back to the plugin manifest category (**under development; do not call from production clients yet**). - `plugin/installed` — list installed plugin rows plus any explicitly requested local install-suggestion plugin names, without fetching the broader remote catalog. Mention surfaces can use this narrower view when they need plugin mention payloads rather than plugin-page discovery data (**under development; do not call from production clients yet**). -- `plugin/read` — read one plugin by `marketplacePath` plus `pluginName`, returning marketplace info, a list-style `summary`, manifest descriptions/interface metadata, and bundled skills/hooks/apps/MCP server names. Returned plugin skills include their current `enabled` state after local config filtering; bundled hooks are returned as lightweight declaration summaries keyed for correlation with `hooks/list`. Plugin app summaries also include `needsAuth` when the server can determine connector accessibility (**under development; do not call from production clients yet**). +- `plugin/read` — read one plugin by `marketplacePath` plus `pluginName`, returning marketplace info, a list-style `summary`, manifest descriptions/interface metadata, and bundled skills/hooks/apps/MCP server names. Returned plugin skills include their current `enabled` state after local config filtering; bundled hooks are returned as lightweight declaration summaries keyed for correlation with `hooks/list`. Use `plugin/install`'s `appsNeedingAuth` to drive post-install authentication and `app/list`'s `isAccessible` to determine current connector accessibility (**under development; do not call from production clients yet**). - `plugin/skill/read` — read remote plugin skill markdown on demand by `remoteMarketplaceName`, `remotePluginId`, and `skillName`. This lets clients preview uninstalled remote plugin skills without downloading the plugin bundle. - `skills/changed` — notification emitted when watched local skill files change. - `app/list` — list available apps. @@ -211,6 +214,7 @@ Example with notification opt-out: - `remoteControl/disable` — experimental; disable remote control for the current app-server process and return the current remote-control status snapshot. This does not revoke already enrolled controller devices. - `remoteControl/status/read` — experimental; read the current remote-control status snapshot. `status` is one of `disabled`, `connecting`, `connected`, or `errored`; `serverName` is the local machine name used by this app-server process; `environmentId` is a string when the app-server has a current enrollment and `null` when that enrollment is cleared, invalidated, or remote control is disabled. - `remoteControl/pairing/start` — experimental; start a short-lived remote-control pairing artifact for the current app-server process. Pass `manualCode: true` to also request a manual pairing code. Returns `pairingCode`, `manualPairingCode`, `environmentId`, and Unix-seconds `expiresAt`; app-server intentionally does not expose the backend `serverId`. +- `remoteControl/pairing/status` — experimental; poll whether a remote-control `pairingCode` or `manualPairingCode` has been claimed. Pass exactly one of the two fields. Returns `claimed`. - `remoteControl/client/list` — experimental; list controller devices granted access to an environment. Pass `environmentId` and optional `cursor`, `limit`, and `order`; returns picker-oriented client metadata plus `nextCursor`. This signed-in account-management operation works while the local relay is disabled or unenrolled. - `remoteControl/client/revoke` — experimental; revoke one controller device's grant for an environment. Pass `environmentId` and `clientId`; returns an empty object. This signed-in account-management operation works while the local relay is disabled or unenrolled. - `remoteControl/status/changed` — notification emitted when the remote-control status or client-visible environment id changes. `status` is one of `disabled`, `connecting`, `connected`, or `errored`; `serverName` is the local machine name used by this app-server process; `environmentId` is a string when the app-server has a current enrollment and `null` when that enrollment is cleared, invalidated, or remote control is disabled. Newly initialized app-server clients always receive the current status snapshot. @@ -230,7 +234,7 @@ Example with notification opt-out: - `externalAgentConfig/import` — apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home) and any plugin/session `details` returned by detect. When a request includes migration items, the server emits `externalAgentConfig/import/completed` once after the full import finishes (immediately after the response when everything completed synchronously, or after background imports finish). - `config/value/write` — write a single config key/value to the user's config.toml on disk; dotted paths such as `desktop.someKey` use the same generic write surface. - `config/batchWrite` — apply multiple config edits atomically to the user's config.toml on disk, with optional `reloadUserConfig: true` to hot-reload loaded threads, including multiple `desktop.*` edits. -- `configRequirements/read` — fetch loaded requirements constraints from `requirements.toml` and/or MDM (or `null` if none are configured), including allow-lists (`allowedApprovalPolicies`, `allowedSandboxModes`, `allowedWebSearchModes`, `allowedPermissions`), lifecycle hook lockdown (`allowManagedHooksOnly`), computer use policy (`computerUse`), pinned feature values (`featureRequirements`), managed lifecycle hooks (`hooks`), `enforceResidency`, and `network` constraints such as canonical domain/socket permissions plus `managedAllowedDomainsOnly` and `dangerFullAccessDenylistOnly`. +- `configRequirements/read` — fetch loaded requirements constraints from `requirements.toml` and/or MDM (or `null` if none are configured), including allow-lists (`allowedApprovalPolicies`, `allowedSandboxModes`, `allowedWebSearchModes`), the layered permission-profile allow map (`allowedPermissionProfiles`), the managed permission-profile default (`defaultPermissions`), lifecycle hook lockdown (`allowManagedHooksOnly`), computer use policy (`computerUse`), pinned feature values (`featureRequirements`), managed lifecycle hooks (`hooks`), `enforceResidency`, and `network` constraints such as canonical domain/socket permissions plus `managedAllowedDomainsOnly` and `dangerFullAccessDenylistOnly`. ### Example: Start or resume a thread @@ -248,6 +252,18 @@ Start a fresh thread when you need a new Codex conversation. // "permissions": ":workspace" // Experimental runtime roots for :workspace_roots materialization: // "runtimeWorkspaceRoots": ["/Users/me/project", "/Users/me/openai"], + // Experimental capability roots selected by the hosting platform: + "selectedCapabilityRoots": [ + { + "id": "github@openai", + "location": { + "type": "environment", + "environmentId": "workspace", + // Opaque to app-server; interpreted in the selected environment. + "path": "/opt/cca/plugins/github" + } + } + ], // Do not send both "sandbox" and "permissions". "personality": "friendly", "serviceName": "my_app_server_client", // optional metrics tag (`service_name`) @@ -597,6 +613,16 @@ Use `thread/archive` to move the persisted rollout (stored as a JSONL file on di An archived thread will not appear in `thread/list` unless `archived` is set to `true`. +### Example: Delete a thread + +Use `thread/delete` to hard-delete a thread and its spawned descendant threads. Existing rollout files and associated metadata must be removed before the request succeeds; missing rollout files are treated as already deleted. + +```json +{ "method": "thread/delete", "id": 23, "params": { "threadId": "thr_b" } } +{ "id": 23, "result": {} } +{ "method": "thread/deleted", "params": { "threadId": "thr_b" } } +``` + ### Example: Unarchive a thread Use `thread/unarchive` to move an archived rollout back into the sessions directory. @@ -824,6 +850,8 @@ Then send `offer.sdp` to app-server. Core uses `experimental_realtime_ws_backend Omit `prompt` to use Codex's default realtime backend prompt. Send `prompt: null` or `prompt: ""` when the session should start without that default backend prompt. +Clients may also pass `model` and `version` on `thread/realtime/start` to select a +different realtime session configuration without changing thread or user config. ```javascript await pc.setRemoteDescription({ @@ -857,6 +885,32 @@ Use `thread/backgroundTerminals/clean` to terminate all running background termi { "id": 35, "result": {} } ``` +### Example: List and terminate background terminals + +Use `thread/backgroundTerminals/list` to inspect running background terminals associated with a loaded thread. The `backgroundTerminals` segment intentionally follows the existing `thread/backgroundTerminals/clean` method. The returned `processId` is the app-server process id; host OS metadata is nullable. The request accepts the standard `cursor` and `limit` pagination fields. When `nextCursor` is non-null, pass it as `cursor` to fetch the next page. + +```json +{ "method": "thread/backgroundTerminals/list", "id": 36, "params": { "threadId": "thr_123" } } +{ "id": 36, "result": { "data": [ + { + "itemId": "item_456", + "processId": "42", + "command": "python3 -m http.server", + "cwd": "/workspace", + "osPid": null, + "cpuPercent": null, + "rssKb": null + } +], "nextCursor": null } } +``` + +Use `thread/backgroundTerminals/terminate` to terminate one running background terminal by that `processId`. + +```json +{ "method": "thread/backgroundTerminals/terminate", "id": 37, "params": { "threadId": "thr_123", "processId": "42" } } +{ "id": 37, "result": { "terminated": true } } +``` + ### Example: Steer an active turn Use `turn/steer` to append additional user input to the currently active regular turn. This does @@ -1232,7 +1286,7 @@ Because audio is intentionally separate from `ThreadItem`, clients can opt out o ### MCP server startup events -- `mcpServer/startupStatus/updated` — `{ name, status, error }` when app-server observes an MCP server startup transition. `status` is one of `starting`, `ready`, `failed`, or `cancelled`. `error` is `null` except for `failed`. +- `mcpServer/startupStatus/updated` — `{ threadId, name, status, error }` when app-server observes an MCP server startup transition. `threadId` identifies the owning thread when startup is thread-scoped and is `null` when startup is app-scoped. `status` is one of `starting`, `ready`, `failed`, or `cancelled`. `error` is `null` except for `failed`. ### Turn events @@ -1244,6 +1298,7 @@ The app-server streams JSON-RPC notifications while a turn is running. Each turn - `turn/plan/updated` — `{ turnId, explanation?, plan }` whenever the agent shares or changes its plan; each `plan` entry is `{ step, status }` with `status` in `pending`, `inProgress`, or `completed`. - `model/rerouted` — `{ threadId, turnId, fromModel, toModel, reason }` when the backend reroutes a request to a different model (for example, due to high-risk cyber safety checks). - `model/verification` — `{ threadId, turnId, verifications }` when the backend flags additional account verification, such as `trustedAccessForCyber`. +- `turn/moderationMetadata` — experimental; `{ threadId, turnId, metadata }` when a first-party backend supplies turn-scoped moderation metadata for client-side presentation. Today both notifications carry an empty `items` array even when item events were streamed; rely on `item/*` notifications for the canonical item list until this is fixed. @@ -1768,6 +1823,7 @@ Codex supports these authentication modes. The current mode is surfaced in `acco - **API key (`apiKey`)**: Caller supplies an OpenAI API key via `account/login/start` with `type: "apiKey"`. The API key is saved and used for API requests. - **ChatGPT managed (`chatgpt`)** (recommended): Codex owns the ChatGPT OAuth flow and refresh tokens. Start via `account/login/start` with `type: "chatgpt"` for the browser flow or `type: "chatgptDeviceCode"` for device code; Codex persists tokens to disk and refreshes them automatically. +- **Personal access token (`personalAccessToken`)**: Codex uses a ChatGPT-backed personal access token loaded outside the app-server login RPCs, such as with `codex login --with-access-token` or `CODEX_ACCESS_TOKEN`. ### API Overview @@ -1776,12 +1832,13 @@ Codex supports these authentication modes. The current mode is surfaced in `acco - `account/login/completed` (notify) — emitted when a login attempt finishes (success or error). - `account/login/cancel` — cancel a pending managed ChatGPT login by `loginId`. - `account/logout` — sign out; triggers `account/updated`. -- `account/updated` (notify) — emitted whenever auth mode changes (`authMode`: `apikey`, `chatgpt`, or `null`) and includes the current ChatGPT `planType` when available. +- `account/updated` (notify) — emitted whenever auth mode changes (`authMode`: `apikey`, `chatgpt`, `personalAccessToken`, or `null`) and includes the current ChatGPT `planType` when available. - `account/rateLimits/read` — fetch ChatGPT rate limits and an optional effective monthly credit limit; updates arrive via `account/rateLimits/updated` (notify). +- `account/usage/read` — fetch ChatGPT account token-activity summary and daily buckets. - `account/rateLimits/updated` (notify) — emitted whenever a user's ChatGPT rate limits change. This is a sparse rolling update; merge available values into the most recent `account/rateLimits/read` response or refetch that snapshot. - `account/sendAddCreditsNudgeEmail` — ask ChatGPT to email the workspace owner about depleted credits or a reached usage limit. - `mcpServer/oauthLogin/completed` (notify) — emitted after a `mcpServer/oauth/login` flow finishes for a server; payload includes `{ name, success, error? }`. -- `mcpServer/startupStatus/updated` (notify) — emitted when a configured MCP server's startup status changes for a loaded thread; payload includes `{ name, status, error }` where `status` is `starting`, `ready`, `failed`, or `cancelled`. +- `mcpServer/startupStatus/updated` (notify) — emitted when a configured MCP server's startup status changes; payload includes `{ threadId, name, status, error }`, where `threadId` is the owning thread when startup is thread-scoped and `null` when it is app-scoped, and `status` is `starting`, `ready`, `failed`, or `cancelled`. ### 1) Check auth state diff --git a/codex-rs/app-server/src/bespoke_event_handling.rs b/codex-rs/app-server/src/bespoke_event_handling.rs index f4a5f3b45f0..1f47bc4dd8d 100644 --- a/codex-rs/app-server/src/bespoke_event_handling.rs +++ b/codex-rs/app-server/src/bespoke_event_handling.rs @@ -75,6 +75,7 @@ use codex_app_server_protocol::TurnDiffUpdatedNotification; use codex_app_server_protocol::TurnError; use codex_app_server_protocol::TurnInterruptResponse; use codex_app_server_protocol::TurnItemsView; +use codex_app_server_protocol::TurnModerationMetadataNotification; use codex_app_server_protocol::TurnPlanStep; use codex_app_server_protocol::TurnPlanUpdatedNotification; use codex_app_server_protocol::TurnStartedNotification; @@ -99,6 +100,7 @@ use codex_protocol::protocol::Op; use codex_protocol::protocol::RealtimeEvent; use codex_protocol::protocol::ReviewDecision; use codex_protocol::protocol::ReviewOutputEvent; +use codex_protocol::protocol::SubAgentActivityKind; use codex_protocol::protocol::TokenCountEvent; use codex_protocol::protocol::TurnAbortedEvent; use codex_protocol::protocol::TurnCompleteEvent; @@ -211,6 +213,7 @@ pub(crate) async fn apply_bespoke_event_handling( } }; let notification = McpServerStatusUpdatedNotification { + thread_id: Some(conversation_id.to_string()), name: update.server, status, error, @@ -337,6 +340,16 @@ pub(crate) async fn apply_bespoke_event_handling( .send_server_notification(ServerNotification::ModelVerification(notification)) .await; } + EventMsg::TurnModerationMetadata(event) => { + let notification = TurnModerationMetadataNotification { + thread_id: conversation_id.to_string(), + turn_id: event_turn_id.clone(), + metadata: event.metadata, + }; + outgoing + .send_server_notification(ServerNotification::TurnModerationMetadata(notification)) + .await; + } EventMsg::RealtimeConversationStarted(event) => { let notification = ThreadRealtimeStartedNotification { thread_id: conversation_id.to_string(), @@ -755,7 +768,7 @@ pub(crate) async fn apply_bespoke_event_handling( let requested_permissions = request.permissions.clone(); let request_cwd = match request.cwd.clone() { Some(cwd) => cwd, - None => conversation.config_snapshot().await.cwd, + None => conversation.config_snapshot().await.cwd().clone(), }; let params = PermissionsRequestApprovalParams { thread_id: conversation_id.to_string(), @@ -849,6 +862,24 @@ pub(crate) async fn apply_bespoke_event_handling( ); outgoing.send_server_notification(notification).await; } + EventMsg::SubAgentActivity(activity) => { + if activity.kind == SubAgentActivityKind::Interrupted + && thread_manager + .get_thread(activity.agent_thread_id) + .await + .is_err() + { + thread_watch_manager + .remove_thread(&activity.agent_thread_id.to_string()) + .await; + } + let notification = item_event_to_server_notification( + EventMsg::SubAgentActivity(activity), + &conversation_id.to_string(), + &event_turn_id, + ); + outgoing.send_server_notification(notification).await; + } EventMsg::CollabCloseEnd(end_event) => { if thread_manager .get_thread(end_event.receiver_thread_id) @@ -1149,7 +1180,7 @@ pub(crate) async fn apply_bespoke_event_handling( return; } }; - let fallback_cwd = conversation.config_snapshot().await.cwd; + let fallback_cwd = conversation.config_snapshot().await.cwd().clone(); let stored_thread = match conversation .read_thread( /*include_archived*/ true, /*include_history*/ true, @@ -2092,6 +2123,7 @@ mod tests { use codex_app_server_protocol::JSONRPCErrorError; use codex_app_server_protocol::TurnPlanStepStatus; use codex_login::CodexAuth; + use codex_protocol::AgentPath; use codex_protocol::items::HookPromptFragment; use codex_protocol::items::build_hook_prompt_message; use codex_protocol::models::FileSystemPermissions as CoreFileSystemPermissions; @@ -2113,6 +2145,7 @@ mod tests { use codex_protocol::protocol::RateLimitWindow; use codex_protocol::protocol::RolloutItem; use codex_protocol::protocol::SessionSource; + use codex_protocol::protocol::SubAgentActivityEvent; use codex_protocol::protocol::TokenUsage; use codex_protocol::protocol::TokenUsageInfo; use codex_protocol::protocol::UserMessageEvent; @@ -2169,6 +2202,7 @@ mod tests { ]; let stored_thread = StoredThread { thread_id, + extra_config: None, rollout_path: None, forked_from_id: None, parent_thread_id: None, @@ -3286,6 +3320,94 @@ mod tests { Ok(()) } + #[tokio::test] + async fn interrupted_subagent_activity_removes_missing_thread_watch() -> Result<()> { + let codex_home = TempDir::new()?; + let config = load_default_config_for_test(&codex_home).await; + let thread_manager = Arc::new( + codex_core::test_support::thread_manager_with_models_provider_and_home( + CodexAuth::create_dummy_chatgpt_auth_for_testing(), + config.model_provider.clone(), + config.codex_home.to_path_buf(), + Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), + ), + ); + let codex_core::NewThread { + thread_id: conversation_id, + thread: conversation, + .. + } = thread_manager.start_thread(config).await?; + let child_thread_id = ThreadId::new(); + let child_thread_id_string = child_thread_id.to_string(); + let thread_watch_manager = ThreadWatchManager::new(); + thread_watch_manager + .note_turn_started(&child_thread_id_string) + .await; + assert_eq!(thread_watch_manager.running_turn_count().await, 1); + let (tx, mut rx) = mpsc::channel(CHANNEL_CAPACITY); + let outgoing = Arc::new(OutgoingMessageSender::new( + tx, + codex_analytics::AnalyticsEventsClient::disabled(), + )); + let outgoing = ThreadScopedOutgoingMessageSender::new( + outgoing, + vec![ConnectionId(1)], + conversation_id, + ); + + apply_bespoke_event_handling( + Event { + id: "turn-1".to_string(), + msg: EventMsg::SubAgentActivity(SubAgentActivityEvent { + event_id: "activity-1".to_string(), + occurred_at_ms: 42, + agent_thread_id: child_thread_id, + agent_path: AgentPath::try_from("/root/worker") + .expect("agent path should parse"), + kind: SubAgentActivityKind::Interrupted, + }), + }, + conversation_id, + conversation, + thread_manager, + outgoing, + new_thread_state(), + thread_watch_manager.clone(), + Arc::new(tokio::sync::Semaphore::new(/*permits*/ 1)), + "test-provider".to_string(), + ) + .await; + + assert_eq!( + thread_watch_manager + .loaded_status_for_thread(&child_thread_id_string) + .await, + ThreadStatus::NotLoaded + ); + assert_eq!(thread_watch_manager.running_turn_count().await, 0); + let message = recv_broadcast_message(&mut rx).await?; + let OutgoingMessage::AppServerNotification(ServerNotification::ItemCompleted(payload)) = + message + else { + bail!("unexpected message: {message:?}"); + }; + assert_eq!( + payload, + ItemCompletedNotification { + item: ThreadItem::SubAgentActivity { + id: "activity-1".to_string(), + kind: codex_app_server_protocol::SubAgentActivityKind::Interrupted, + agent_thread_id: child_thread_id_string, + agent_path: "/root/worker".to_string(), + }, + thread_id: conversation_id.to_string(), + turn_id: "turn-1".to_string(), + completed_at_ms: 42, + } + ); + Ok(()) + } + #[tokio::test] async fn test_handle_turn_complete_emits_completed_without_error() -> Result<()> { let conversation_id = ThreadId::new(); diff --git a/codex-rs/app-server/src/config/external_agent_config.rs b/codex-rs/app-server/src/config/external_agent_config.rs index 18c276f07d7..665588213fd 100644 --- a/codex-rs/app-server/src/config/external_agent_config.rs +++ b/codex-rs/app-server/src/config/external_agent_config.rs @@ -316,9 +316,8 @@ impl ExternalAgentConfigService { Some(self.external_agent_home.as_path()), mcp_settings.as_ref(), )?; - let mcp_server_names = migrated_mcp_server_names(&migrated_mcp); + let mut mcp_server_names = migrated_mcp_server_names(&migrated_mcp); if !is_empty_toml_table(&migrated_mcp) { - let mut should_include = true; if target_config.exists() { let existing_raw = fs::read_to_string(&target_config)?; let mut existing = if existing_raw.trim().is_empty() { @@ -328,10 +327,10 @@ impl ExternalAgentConfigService { invalid_data_error(format!("invalid existing config.toml: {err}")) })? }; - should_include = merge_missing_toml_values(&mut existing, &migrated_mcp)?; + mcp_server_names = merge_missing_mcp_servers(&mut existing, &migrated_mcp)?; } - if should_include { + if !mcp_server_names.is_empty() { items.push(ExternalAgentConfigMigrationItem { item_type: ExternalAgentConfigMigrationItemType::McpServerConfig, description: format!( @@ -341,7 +340,7 @@ impl ExternalAgentConfigService { ), cwd: cwd.clone(), details: Some(MigrationDetails { - mcp_servers: named_migrations(mcp_server_names.clone()), + mcp_servers: named_migrations(mcp_server_names), ..Default::default() }), }); @@ -863,7 +862,7 @@ impl ExternalAgentConfigService { toml::from_str::(&existing_raw) .map_err(|err| invalid_data_error(format!("invalid existing config.toml: {err}")))? }; - if merge_missing_toml_values(&mut existing, &migrated)? { + if !merge_missing_mcp_servers(&mut existing, &migrated)?.is_empty() { write_toml_file(&target_config, &existing)?; } Ok(()) @@ -1148,7 +1147,7 @@ fn configured_marketplace_plugins( ) -> io::Result>> { let plugins_input = config.plugins_config_input(); let marketplaces = plugins_manager - .list_marketplaces_for_config(&plugins_input, &[]) + .list_marketplaces_for_config(&plugins_input, &[], /*include_openai_curated*/ true) .map_err(|err| { invalid_data_error(format!("failed to list configured marketplaces: {err}")) })?; @@ -1538,6 +1537,43 @@ fn merge_missing_toml_values(existing: &mut TomlValue, incoming: &TomlValue) -> } } +fn merge_missing_mcp_servers( + existing: &mut TomlValue, + incoming: &TomlValue, +) -> io::Result> { + let existing_root = existing + .as_table_mut() + .ok_or_else(|| invalid_data_error("expected existing config to be a TOML table"))?; + let incoming_root = incoming + .as_table() + .ok_or_else(|| invalid_data_error("expected migrated MCP config to be a TOML table"))?; + let Some(incoming_servers) = incoming_root.get("mcp_servers") else { + return Ok(Vec::new()); + }; + let incoming_servers = incoming_servers + .as_table() + .ok_or_else(|| invalid_data_error("expected migrated MCP servers to be a TOML table"))?; + let Some(existing_servers) = existing_root.get_mut("mcp_servers") else { + existing_root.insert( + "mcp_servers".to_string(), + TomlValue::Table(incoming_servers.clone()), + ); + return Ok(incoming_servers.keys().cloned().collect()); + }; + let Some(existing_servers) = existing_servers.as_table_mut() else { + return Ok(Vec::new()); + }; + + let mut merged_server_names = Vec::new(); + for (server_name, incoming_server) in incoming_servers { + if !existing_servers.contains_key(server_name) { + existing_servers.insert(server_name.clone(), incoming_server.clone()); + merged_server_names.push(server_name.clone()); + } + } + Ok(merged_server_names) +} + fn write_toml_file(path: &Path, value: &TomlValue) -> io::Result<()> { let serialized = toml::to_string_pretty(value) .map_err(|err| invalid_data_error(format!("failed to serialize config.toml: {err}")))?; diff --git a/codex-rs/app-server/src/config/external_agent_config_tests.rs b/codex-rs/app-server/src/config/external_agent_config_tests.rs index 47f93a5f8be..8c120fb51ba 100644 --- a/codex-rs/app-server/src/config/external_agent_config_tests.rs +++ b/codex-rs/app-server/src/config/external_agent_config_tests.rs @@ -638,6 +638,124 @@ Research with Codex carefully.""" assert_eq!(agent, expected_agent); } +#[tokio::test] +async fn import_repo_mcp_preserves_existing_same_named_server() { + let root = TempDir::new().expect("create tempdir"); + let repo_root = root.path().join("repo"); + fs::create_dir_all(repo_root.join(".git")).expect("create git dir"); + fs::write( + repo_root.join(".mcp.json"), + r#"{ + "mcpServers": { + "mixedTransport": { + "command": "mcp-remote-proxy", + "args": [ + "https://example.com/mixed-transport", + "--transport", + "http" + ], + "url": "https://example.com/mixed-transport" + } + } + }"#, + ) + .expect("write mcp"); + fs::create_dir_all(repo_root.join(".codex")).expect("create codex dir"); + let existing_config = r#"[mcp_servers.mixedTransport] +url = "https://example.com/mixed-transport" +"#; + fs::write( + repo_root.join(".codex").join("config.toml"), + existing_config, + ) + .expect("write config"); + + let service = service_for_paths( + root.path().join(EXTERNAL_AGENT_DIR), + root.path().join(".codex"), + ); + assert_eq!( + service + .detect(ExternalAgentConfigDetectOptions { + include_home: false, + cwds: Some(vec![repo_root.clone()]), + }) + .await + .expect("detect"), + Vec::::new() + ); + + service + .import(vec![ExternalAgentConfigMigrationItem { + item_type: ExternalAgentConfigMigrationItemType::McpServerConfig, + description: String::new(), + cwd: Some(repo_root.clone()), + details: None, + }]) + .await + .expect("import"); + + assert_eq!( + fs::read_to_string(repo_root.join(".codex").join("config.toml")).expect("read config"), + existing_config + ); +} + +#[tokio::test] +async fn detect_repo_mcp_lists_only_missing_servers() { + let root = TempDir::new().expect("create tempdir"); + let repo_root = root.path().join("repo"); + fs::create_dir_all(repo_root.join(".git")).expect("create git dir"); + fs::write( + repo_root.join(".mcp.json"), + r#"{ + "mcpServers": { + "docs": {"command": "docs-server"}, + "mixedTransport": {"command": "mcp-remote-proxy"} + } + }"#, + ) + .expect("write mcp"); + fs::create_dir_all(repo_root.join(".codex")).expect("create codex dir"); + fs::write( + repo_root.join(".codex").join("config.toml"), + r#"[mcp_servers.mixedTransport] +url = "https://example.com/mixed-transport" +"#, + ) + .expect("write config"); + + let items = service_for_paths( + root.path().join(EXTERNAL_AGENT_DIR), + root.path().join(".codex"), + ) + .detect(ExternalAgentConfigDetectOptions { + include_home: false, + cwds: Some(vec![repo_root.clone()]), + }) + .await + .expect("detect"); + + assert_eq!( + items, + vec![ExternalAgentConfigMigrationItem { + item_type: ExternalAgentConfigMigrationItemType::McpServerConfig, + description: format!( + "Migrate MCP servers from {} into {}", + repo_root.display(), + repo_root.join(".codex").join("config.toml").display() + ), + cwd: Some(repo_root), + details: Some(MigrationDetails { + mcp_servers: vec![NamedMigration { + name: "docs".to_string(), + }], + ..Default::default() + }), + }] + ); +} + #[tokio::test] async fn import_home_migrates_supported_config_fields_skills_and_agents_md() { let (_root, external_agent_home, codex_home) = fixture_paths(); diff --git a/codex-rs/app-server/src/connection_cleanup.rs b/codex-rs/app-server/src/connection_cleanup.rs new file mode 100644 index 00000000000..529020fe3ff --- /dev/null +++ b/codex-rs/app-server/src/connection_cleanup.rs @@ -0,0 +1,49 @@ +use std::future::Future; +use std::future::pending; + +use tokio::task::JoinError; +use tokio::task::JoinSet; +use tracing::warn; + +pub(crate) struct ConnectionCleanupTasks { + tasks: JoinSet<()>, +} + +impl ConnectionCleanupTasks { + pub(crate) fn new() -> Self { + Self { + tasks: JoinSet::new(), + } + } + + pub(crate) fn spawn(&mut self, future: impl Future + Send + 'static) { + self.tasks.spawn(future); + } + + pub(crate) async fn reap_next(&mut self) { + if self.tasks.is_empty() { + pending::<()>().await; + } + if let Some(result) = self.tasks.join_next().await { + log_cleanup_result(result); + } + } + + pub(crate) async fn drain(&mut self) { + while let Some(result) = self.tasks.join_next().await { + log_cleanup_result(result); + } + } + + pub(crate) fn abort(&mut self) { + self.tasks.abort_all(); + } +} + +fn log_cleanup_result(result: Result<(), JoinError>) { + if let Err(err) = result + && !err.is_cancelled() + { + warn!("connection cleanup task failed: {err}"); + } +} diff --git a/codex-rs/app-server/src/connection_rpc_gate.rs b/codex-rs/app-server/src/connection_rpc_gate.rs index 12fed79b363..fb2aedd352b 100644 --- a/codex-rs/app-server/src/connection_rpc_gate.rs +++ b/codex-rs/app-server/src/connection_rpc_gate.rs @@ -38,12 +38,14 @@ impl ConnectionRpcGate { drop(token); } + pub(crate) async fn close(&self) { + let mut accepting = self.accepting.lock().await; + *accepting = false; + self.tasks.close(); + } + pub(crate) async fn shutdown(&self) { - { - let mut accepting = self.accepting.lock().await; - *accepting = false; - self.tasks.close(); - } + self.close().await; self.tasks.wait().await; } @@ -90,9 +92,9 @@ mod tests { } #[tokio::test] - async fn run_drops_future_without_polling_after_shutdown() { + async fn run_drops_future_without_polling_after_close() { let gate = ConnectionRpcGate::new(); - gate.shutdown().await; + gate.close().await; let polled = Arc::new(AtomicBool::new(/*v*/ false)); let polled_clone = Arc::clone(&polled); @@ -105,6 +107,33 @@ mod tests { assert!(!gate.is_accepting().await); } + #[tokio::test] + async fn close_returns_while_started_run_remains_active() { + let gate = Arc::new(ConnectionRpcGate::new()); + let (started_tx, started_rx) = oneshot::channel(); + let (finish_tx, finish_rx) = oneshot::channel(); + let gate_for_run = Arc::clone(&gate); + let run_task = tokio::spawn(async move { + gate_for_run + .run(async move { + started_tx.send(()).expect("receiver should be open"); + let _ = finish_rx.await; + }) + .await; + }); + + started_rx.await.expect("run should start"); + gate.close().await; + assert!(!gate.is_accepting().await); + assert_eq!(gate.inflight_count(), 1); + + finish_tx + .send(()) + .expect("running future should be waiting"); + run_task.await.expect("run task should complete"); + gate.shutdown().await; + } + #[tokio::test] async fn shutdown_waits_for_started_run_to_finish() { let gate = Arc::new(ConnectionRpcGate::new()); diff --git a/codex-rs/app-server/src/extensions.rs b/codex-rs/app-server/src/extensions.rs index 7b2673ca068..c979baacfa3 100644 --- a/codex-rs/app-server/src/extensions.rs +++ b/codex-rs/app-server/src/extensions.rs @@ -1,7 +1,9 @@ use std::sync::Arc; use std::sync::Weak; +use codex_analytics::AnalyticsEventsClient; use codex_app_server_protocol::ServerNotification; +use codex_app_server_protocol::ThreadGoal; use codex_app_server_protocol::ThreadGoalUpdatedNotification; use codex_core::NewThread; use codex_core::StartThreadOptions; @@ -12,52 +14,135 @@ use codex_extension_api::AgentSpawner; use codex_extension_api::ExtensionEventSink; use codex_extension_api::ExtensionRegistry; use codex_extension_api::ExtensionRegistryBuilder; +use codex_goal_extension::GoalService; use codex_login::AuthManager; use codex_protocol::ThreadId; use codex_protocol::error::CodexErr; use codex_protocol::protocol::Event; use codex_protocol::protocol::EventMsg; +use codex_rollout::state_db::StateDbHandle; +use codex_thread_store::ThreadStore; use crate::outgoing_message::OutgoingMessageSender; +use crate::thread_state::ThreadListenerCommand; +use crate::thread_state::ThreadStateManager; + +// TODO(jif): Enable once /ps/mcp serves complete hosted skill packages. +const ORCHESTRATOR_SKILLS_ENABLED: bool = false; + +pub(crate) struct ThreadExtensionDependencies { + pub(crate) event_sink: Arc, + pub(crate) auth_manager: Arc, + pub(crate) state_db: Option, + pub(crate) analytics_events_client: AnalyticsEventsClient, + pub(crate) thread_manager: Weak, + pub(crate) goal_service: Arc, + pub(crate) executor_skill_provider: Arc, + /// Process-scoped persistence backend for extensions that need stored thread history. + pub(crate) thread_store: Arc, +} pub(crate) fn thread_extensions( guardian_agent_spawner: S, - event_sink: Arc, - auth_manager: Arc, + dependencies: ThreadExtensionDependencies, ) -> Arc> where S: AgentSpawner + 'static, { + let ThreadExtensionDependencies { + event_sink, + auth_manager, + state_db, + analytics_events_client, + thread_manager, + goal_service, + executor_skill_provider, + thread_store: _thread_store, + } = dependencies; let mut builder = ExtensionRegistryBuilder::::with_event_sink(event_sink); + if let Some(state_db) = state_db { + codex_goal_extension::install_with_backend( + &mut builder, + state_db, + analytics_events_client, + codex_otel::global(), + thread_manager, + goal_service, + |config: &Config| config.features.enabled(codex_features::Feature::Goals), + ); + } codex_guardian::install(&mut builder, guardian_agent_spawner); codex_memories_extension::install(&mut builder, codex_otel::global()); + codex_mcp_extension::install(&mut builder); codex_web_search_extension::install(&mut builder, auth_manager.clone()); codex_image_generation_extension::install(&mut builder, auth_manager); + let mut skill_providers = codex_skills_extension::SkillProviders::new() + .with_executor_provider(executor_skill_provider); + if ORCHESTRATOR_SKILLS_ENABLED { + skill_providers = skill_providers.with_orchestrator_provider(Arc::new( + codex_skills_extension::OrchestratorSkillProvider::new(), + )); + } + codex_skills_extension::install_with_providers( + &mut builder, + skill_providers, + |config: &Config| codex_skills_extension::SkillsExtensionConfig { + include_instructions: config.include_skill_instructions, + bundled_skills_enabled: config.bundled_skills_enabled(), + }, + ); Arc::new(builder.build()) } pub(crate) fn app_server_extension_event_sink( outgoing: Arc, + thread_state_manager: ThreadStateManager, ) -> Arc { - Arc::new(AppServerExtensionEventSink { outgoing }) + Arc::new(AppServerExtensionEventSink { + outgoing, + thread_state_manager, + }) } struct AppServerExtensionEventSink { outgoing: Arc, + thread_state_manager: ThreadStateManager, } impl ExtensionEventSink for AppServerExtensionEventSink { fn emit(&self, event: Event) { match event.msg { EventMsg::ThreadGoalUpdated(thread_goal_event) => { - self.outgoing - .try_send_server_notification(ServerNotification::ThreadGoalUpdated( - ThreadGoalUpdatedNotification { - thread_id: thread_goal_event.thread_id.to_string(), - turn_id: thread_goal_event.turn_id, - goal: thread_goal_event.goal.into(), - }, - )); + let thread_id = thread_goal_event.thread_id; + let turn_id = thread_goal_event.turn_id; + let goal: ThreadGoal = thread_goal_event.goal.into(); + if let Some(listener_command_tx) = self + .thread_state_manager + .current_listener_command_tx(thread_id) + { + let command = ThreadListenerCommand::EmitThreadGoalUpdated { + turn_id: turn_id.clone(), + goal: goal.clone(), + }; + if listener_command_tx.send(command).is_ok() { + return; + } + tracing::warn!( + "failed to enqueue extension goal update for {thread_id}: listener command channel is closed" + ); + } + let outgoing = Arc::clone(&self.outgoing); + tokio::spawn(async move { + outgoing + .send_server_notification(ServerNotification::ThreadGoalUpdated( + ThreadGoalUpdatedNotification { + thread_id: thread_id.to_string(), + turn_id, + goal, + }, + )) + .await; + }); } msg => { tracing::debug!(event_id = %event.id, ?msg, "dropping unsupported extension event"); @@ -88,11 +173,7 @@ pub(crate) fn guardian_agent_spawner( mod tests { use std::time::Duration; - use codex_analytics::AnalyticsEventsClient; - use codex_app_server_protocol::ServerNotification; - use codex_app_server_protocol::ThreadGoal as AppServerThreadGoal; - use codex_app_server_protocol::ThreadGoalStatus as AppServerThreadGoalStatus; - use codex_protocol::protocol::ThreadGoal; + use codex_protocol::protocol::ThreadGoal as CoreThreadGoal; use codex_protocol::protocol::ThreadGoalStatus; use codex_protocol::protocol::ThreadGoalUpdatedEvent; use pretty_assertions::assert_eq; @@ -100,25 +181,61 @@ mod tests { use tokio::time::timeout; use super::*; - use crate::outgoing_message::OutgoingEnvelope; - use crate::outgoing_message::OutgoingMessage; #[tokio::test] - async fn app_server_event_sink_forwards_thread_goal_updates() { - let (outgoing_tx, mut outgoing_rx) = mpsc::channel(4); + async fn app_server_event_sink_uses_listener_fifo_for_goal_updates_and_clears() { + let (outgoing_tx, _outgoing_rx) = mpsc::channel(4); let outgoing = Arc::new(OutgoingMessageSender::new( outgoing_tx, AnalyticsEventsClient::disabled(), )); - let sink = app_server_extension_event_sink(outgoing); + let thread_state_manager = ThreadStateManager::new(); let thread_id = ThreadId::default(); + let (listener_command_tx, mut listener_command_rx) = mpsc::unbounded_channel(); + thread_state_manager.register_listener_command_tx(thread_id, listener_command_tx.clone()); + let sink = app_server_extension_event_sink(outgoing, thread_state_manager); + + for turn_id in ["turn-1", "turn-2"] { + sink.emit(thread_goal_updated_event(thread_id, turn_id)); + } + listener_command_tx + .send(ThreadListenerCommand::EmitThreadGoalCleared) + .expect("listener command channel should be open"); + + let mut observed = Vec::new(); + for _ in 0..3 { + let command = timeout(Duration::from_secs(1), listener_command_rx.recv()) + .await + .expect("timed out waiting for listener command") + .expect("listener command channel closed unexpectedly"); + match command { + ThreadListenerCommand::EmitThreadGoalUpdated { turn_id, .. } => { + observed.push(turn_id.expect("extension goal updates should include turn ids")); + } + ThreadListenerCommand::EmitThreadGoalCleared => { + observed.push("cleared".to_string()) + } + _ => panic!("unexpected listener command"), + } + } + + assert_eq!( + vec![ + "turn-1".to_string(), + "turn-2".to_string(), + "cleared".to_string() + ], + observed + ); + } - sink.emit(Event { - id: "call-1".to_string(), + fn thread_goal_updated_event(thread_id: ThreadId, turn_id: &str) -> Event { + Event { + id: turn_id.to_string(), msg: EventMsg::ThreadGoalUpdated(ThreadGoalUpdatedEvent { thread_id, - turn_id: Some("turn-1".to_string()), - goal: ThreadGoal { + turn_id: Some(turn_id.to_string()), + goal: CoreThreadGoal { thread_id, objective: "wire extension events".to_string(), status: ThreadGoalStatus::Active, @@ -129,38 +246,6 @@ mod tests { updated_at: 8, }, }), - }); - - let envelope = timeout(Duration::from_secs(1), outgoing_rx.recv()) - .await - .expect("timed out waiting for forwarded extension event") - .expect("outgoing channel closed unexpectedly"); - let OutgoingEnvelope::Broadcast { message } = envelope else { - panic!("expected broadcast notification"); - }; - let OutgoingMessage::AppServerNotification(ServerNotification::ThreadGoalUpdated( - notification, - )) = message - else { - panic!("expected thread goal updated notification"); - }; - - assert_eq!( - ThreadGoalUpdatedNotification { - thread_id: thread_id.to_string(), - turn_id: Some("turn-1".to_string()), - goal: AppServerThreadGoal { - thread_id: thread_id.to_string(), - objective: "wire extension events".to_string(), - status: AppServerThreadGoalStatus::Active, - token_budget: Some(123), - tokens_used: 45, - time_used_seconds: 6, - created_at: 7, - updated_at: 8, - }, - }, - notification - ); + } } } diff --git a/codex-rs/app-server/src/in_process.rs b/codex-rs/app-server/src/in_process.rs index 448a3898511..27191e72153 100644 --- a/codex-rs/app-server/src/in_process.rs +++ b/codex-rs/app-server/src/in_process.rs @@ -104,7 +104,9 @@ type PendingClientRequestResponse = std::result::Result bool { matches!( notification, - ServerNotification::TurnCompleted(_) | ServerNotification::ThreadSettingsUpdated(_) + ServerNotification::TurnCompleted(_) + | ServerNotification::ThreadSettingsUpdated(_) + | ServerNotification::ExternalAgentConfigImportCompleted(_) ) } @@ -729,6 +731,7 @@ mod tests { use super::*; use codex_app_server_protocol::ClientInfo; use codex_app_server_protocol::ConfigRequirementsReadResponse; + use codex_app_server_protocol::ExternalAgentConfigImportCompletedNotification; use codex_app_server_protocol::SessionSource as ApiSessionSource; use codex_app_server_protocol::ThreadStartParams; use codex_app_server_protocol::ThreadStartResponse; @@ -893,5 +896,10 @@ mod tests { }, }) )); + assert!(server_notification_requires_delivery( + &ServerNotification::ExternalAgentConfigImportCompleted( + ExternalAgentConfigImportCompletedNotification {}, + ) + )); } } diff --git a/codex-rs/app-server/src/lib.rs b/codex-rs/app-server/src/lib.rs index 0689a79f006..e2d02cde409 100644 --- a/codex-rs/app-server/src/lib.rs +++ b/codex-rs/app-server/src/lib.rs @@ -1,3 +1,4 @@ +#![recursion_limit = "256"] #![deny(clippy::print_stdout, clippy::print_stderr)] use codex_arg0::Arg0DispatchPaths; @@ -14,12 +15,14 @@ use std::collections::HashMap; use std::collections::HashSet; use std::io::ErrorKind; use std::io::Result as IoResult; +use std::path::Path; use std::sync::Arc; use std::sync::RwLock; use std::sync::atomic::AtomicBool; use crate::analytics_utils::analytics_events_client_from_config; use crate::config_manager::ConfigManager; +use crate::connection_cleanup::ConnectionCleanupTasks; use crate::message_processor::MessageProcessor; use crate::message_processor::MessageProcessorArgs; use crate::outgoing_message::ConnectionId; @@ -73,6 +76,8 @@ use tracing_subscriber::layer::SubscriberExt; use tracing_subscriber::registry::Registry; use tracing_subscriber::util::SubscriberInitExt; +const SQLITE_RECOVERY_CONFIG_WARNING_SUMMARY: &str = "Codex rebuilt its local database."; + mod analytics_utils; mod app_server_tracing; mod attestation; @@ -81,6 +86,7 @@ mod command_exec; mod config; mod config_manager; mod config_manager_service; +mod connection_cleanup; mod connection_rpc_gate; mod dynamic_tools; mod error_code; @@ -531,8 +537,8 @@ pub async fn run_main_with_transport_options( } _ => None, }; - let state_db = match rollout_state_db::try_init(&config).await { - Ok(state_db) => Some(state_db), + let state_db_init = match init_sqlite_state_db_with_fresh_start_on_corruption(&config).await { + Ok(state_db_init) => state_db_init, Err(err) => { return Err(std::io::Error::other(format!( "failed to initialize sqlite state runtime under {}: {err}", @@ -540,6 +546,15 @@ pub async fn run_main_with_transport_options( ))); } }; + let state_db = state_db_init.state_db; + if let Some(recovery_notice) = state_db_init.recovery_notice { + config_warnings.push(ConfigWarningNotification { + summary: SQLITE_RECOVERY_CONFIG_WARNING_SUMMARY.to_string(), + details: Some(recovery_notice.details), + path: None, + range: None, + }); + } if should_run_personality_migration { let effective_toml = config.config_layer_stack.effective_config(); @@ -819,6 +834,7 @@ pub async fn run_main_with_transport_options( let mut thread_created_rx = processor.thread_created_receiver(); let mut running_turn_count_rx = processor.subscribe_running_assistant_turn_count(); let mut connections = HashMap::::new(); + let mut connection_cleanup_tasks = ConnectionCleanupTasks::new(); let mut remote_control_status_rx = remote_control_handle.status_receiver(); let mut remote_control_status = remote_control_status_rx.borrow().clone(); let transport_shutdown_token = transport_shutdown_token.clone(); @@ -906,14 +922,20 @@ pub async fn run_main_with_transport_options( let Some(connection_state) = connections.remove(&connection_id) else { continue; }; - if outbound_control_tx + connection_state.session.rpc_gate.close().await; + let outbound_closed = outbound_control_tx .send(OutboundControlEvent::Closed { connection_id }) .await - .is_err() - { + .is_ok(); + let processor = Arc::clone(&processor); + connection_cleanup_tasks.spawn(async move { + processor + .connection_closed(connection_id, &connection_state.session) + .await; + }); + if !outbound_closed { break; } - processor.connection_closed(connection_id, &connection_state.session).await; if shutdown_when_no_connections && connections.is_empty() { break; } @@ -1010,6 +1032,7 @@ pub async fn run_main_with_transport_options( } } } + _ = connection_cleanup_tasks.reap_next() => {} changed = remote_control_status_rx.changed() => { if changed.is_err() { continue; @@ -1062,8 +1085,11 @@ pub async fn run_main_with_transport_options( .map(|connection_state| connection_state.session.rpc_gate.shutdown()), ) .await; + connection_cleanup_tasks.drain().await; processor.drain_background_tasks().await; processor.shutdown_threads().await; + } else { + connection_cleanup_tasks.abort(); } info!("processor task exited (channel closed)"); } @@ -1086,6 +1112,130 @@ pub async fn run_main_with_transport_options( Ok(()) } +struct SqliteRecoveryNotice { + details: String, +} + +struct RecoveredSqliteDatabase { + database_path: String, + backup_folder: String, +} + +struct StateDbInitResult { + state_db: Option, + recovery_notice: Option, +} + +async fn init_sqlite_state_db_with_fresh_start_on_corruption( + config: &Config, +) -> anyhow::Result { + let mut attempted_backups = HashSet::new(); + let mut recovered_databases = Vec::new(); + loop { + let err = match rollout_state_db::try_init(config).await { + Ok(state_db) => { + let recovery_notice = sqlite_recovery_notice(&recovered_databases); + if recovery_notice.is_some() { + emit_state_db_backup_warning(SQLITE_RECOVERY_CONFIG_WARNING_SUMMARY); + for recovered_database in &recovered_databases { + emit_state_db_backup_warning(&format!( + "Database path: {}", + recovered_database.database_path + )); + emit_state_db_backup_warning(&format!( + "Backup folder: {}", + recovered_database.backup_folder + )); + } + } + return Ok(StateDbInitResult { + state_db: Some(state_db), + recovery_notice, + }); + } + Err(err) => err, + }; + let database_path = codex_state::runtime_db_path_for_corruption_error(&err) + .unwrap_or_else(|| codex_state::state_db_path(config.sqlite_home.as_path())); + if !codex_state::is_sqlite_corruption_error(&err) + && !sqlite_home_is_blocking_file(database_path.as_path()) + { + return Err(err); + } + + if !attempted_backups.insert(database_path.clone()) { + return Err(anyhow::anyhow!( + "failed to initialize sqlite state runtime after moving damaged database file into a backup folder: {err}" + )); + } + + let original_error = err.to_string(); + emit_state_db_backup_warning(&format!( + "Codex local database at {} appears damaged. Moving it into a backup folder so the app server can rebuild it from saved data.", + database_path.display() + )); + let backups = codex_state::backup_runtime_db_for_fresh_start(database_path.as_path()) + .await + .map_err(|backup_err| { + anyhow::anyhow!( + "failed to move damaged sqlite state database files into a backup folder: {backup_err}; original error: {original_error}" + ) + })?; + for backup in &backups { + emit_state_db_backup_warning(&format!( + "Moved damaged Codex local database file {} to {}", + backup.original_path.display(), + backup.backup_path.display() + )); + } + if let Some(first_backup) = backups.first() + && let Some(backup_folder) = first_backup.backup_path.parent() + { + recovered_databases.push(RecoveredSqliteDatabase { + database_path: first_backup.original_path.display().to_string(), + backup_folder: backup_folder.display().to_string(), + }); + } + } +} + +fn sqlite_home_is_blocking_file(database_path: &Path) -> bool { + database_path + .parent() + .and_then(|path| std::fs::metadata(path).ok()) + .is_some_and(|metadata| metadata.is_file()) +} + +fn sqlite_recovery_notice( + recovered_databases: &[RecoveredSqliteDatabase], +) -> Option { + if recovered_databases.is_empty() { + return None; + } + + let details = recovered_databases + .iter() + .map(|recovered_database| { + format!( + "Database path: {}\nBackup folder: {}", + recovered_database.database_path, recovered_database.backup_folder + ) + }) + .collect::>() + .join("\n\n"); + Some(SqliteRecoveryNotice { details }) +} + +fn emit_state_db_backup_warning(message: &str) { + warn!("{message}"); + if !tracing::dispatcher::has_been_set() { + #[allow(clippy::print_stderr)] + { + eprintln!("{message}"); + } + } +} + fn analytics_rpc_transport(transport: &AppServerTransport) -> AppServerRpcTransport { match transport { AppServerTransport::Stdio => AppServerRpcTransport::Stdio, diff --git a/codex-rs/app-server/src/main.rs b/codex-rs/app-server/src/main.rs index 2435c532e81..2412f8c3cf8 100644 --- a/codex-rs/app-server/src/main.rs +++ b/codex-rs/app-server/src/main.rs @@ -19,6 +19,9 @@ const DISABLE_MANAGED_CONFIG_ENV_VAR: &str = "CODEX_APP_SERVER_DISABLE_MANAGED_C #[derive(Debug, Parser)] #[command(version)] struct AppServerArgs { + #[command(flatten)] + config_overrides: CliConfigOverrides, + /// Transport endpoint URL. Supported values: `stdio://` (default), /// `unix://`, `unix://PATH`, `ws://IP:PORT`, `off`. #[arg( @@ -58,6 +61,7 @@ struct AppServerArgs { fn main() -> anyhow::Result<()> { arg0_dispatch_or_else(|arg0_paths: Arg0DispatchPaths| async move { let AppServerArgs { + config_overrides, listen, session_source, auth, @@ -84,7 +88,7 @@ fn main() -> anyhow::Result<()> { run_main_with_transport_options( arg0_paths, - CliConfigOverrides::default(), + config_overrides, loader_overrides, strict_config, /*default_analytics_enabled*/ false, @@ -123,3 +127,7 @@ fn managed_config_path_from_debug_env() -> Option { None } + +#[cfg(test)] +#[path = "main_tests.rs"] +mod tests; diff --git a/codex-rs/app-server/src/main_tests.rs b/codex-rs/app-server/src/main_tests.rs new file mode 100644 index 00000000000..57d0e5217cc --- /dev/null +++ b/codex-rs/app-server/src/main_tests.rs @@ -0,0 +1,37 @@ +use super::AppServerArgs; +use clap::Parser; +use pretty_assertions::assert_eq; +use toml::Value as TomlValue; + +#[test] +fn app_server_accepts_cli_config_overrides() { + let args = AppServerArgs::try_parse_from([ + "codex-app-server", + "-c", + "model=\"gpt-5-codex\"", + "--config", + "sandbox_mode=\"read-only\"", + "--listen", + "off", + ]) + .expect("parse app-server args"); + + let parsed_overrides = args + .config_overrides + .parse_overrides() + .expect("parse config overrides"); + + assert_eq!( + parsed_overrides, + vec![ + ( + "model".to_string(), + TomlValue::String("gpt-5-codex".to_string()), + ), + ( + "sandbox_mode".to_string(), + TomlValue::String("read-only".to_string()), + ), + ] + ); +} diff --git a/codex-rs/app-server/src/mcp_refresh.rs b/codex-rs/app-server/src/mcp_refresh.rs index 0996c409bc2..51cb6dded09 100644 --- a/codex-rs/app-server/src/mcp_refresh.rs +++ b/codex-rs/app-server/src/mcp_refresh.rs @@ -67,10 +67,7 @@ async fn build_refresh_config( let config = config_manager .load_latest_config_for_thread(thread_config.as_ref()) .await?; - let mcp_servers = thread_manager - .mcp_manager() - .configured_servers(&config) - .await; + let mcp_servers = thread_manager.mcp_manager().runtime_servers(&config).await; Ok(McpServerRefreshConfig { mcp_servers: serde_json::to_value(mcp_servers).map_err(io::Error::other)?, mcp_oauth_credentials_store_mode: serde_json::to_value( @@ -99,9 +96,9 @@ async fn queue_refresh( #[cfg(test)] mod tests { use super::*; + use crate::extensions::ThreadExtensionDependencies; use crate::extensions::guardian_agent_spawner; use crate::extensions::thread_extensions; - use async_trait::async_trait; use codex_arg0::Arg0DispatchPaths; use codex_config::CloudConfigBundleLoader; use codex_config::LoaderOverrides; @@ -115,6 +112,7 @@ mod tests { use codex_core::thread_store_from_config; use codex_exec_server::EnvironmentManager; use codex_extension_api::NoopExtensionEventSink; + use codex_home::CodexHomeUserInstructionsProvider; use codex_login::AuthManager; use codex_login::CodexAuth; use codex_protocol::protocol::SessionSource; @@ -181,17 +179,35 @@ mod tests { .await .expect("refresh tests require state db"); let thread_store = thread_store_from_config(&good_config, Some(state_db.clone())); + let environment_manager = Arc::new(EnvironmentManager::default_for_tests()); + let executor_skill_provider: Arc = Arc::new( + codex_skills_extension::ExecutorSkillProvider::new_with_restriction_product( + Arc::clone(&environment_manager), + SessionSource::Exec.restriction_product(), + ), + ); let thread_manager = Arc::new_cyclic(|thread_manager| { ThreadManager::new( &good_config, auth_manager.clone(), SessionSource::Exec, - Arc::new(EnvironmentManager::default_for_tests()), + Arc::clone(&environment_manager), thread_extensions( guardian_agent_spawner(thread_manager.clone()), - Arc::new(NoopExtensionEventSink), - auth_manager.clone(), + ThreadExtensionDependencies { + event_sink: Arc::new(NoopExtensionEventSink), + auth_manager: auth_manager.clone(), + state_db: Some(state_db.clone()), + analytics_events_client: codex_analytics::AnalyticsEventsClient::disabled(), + thread_manager: thread_manager.clone(), + goal_service: Arc::new(codex_goal_extension::GoalService::new()), + executor_skill_provider: Arc::clone(&executor_skill_provider), + thread_store: Arc::clone(&thread_store), + }, ), + Arc::new(CodexHomeUserInstructionsProvider::new( + good_config.codex_home.clone(), + )), /*analytics_events_client*/ None, Arc::clone(&thread_store), Some(state_db.clone()), @@ -228,8 +244,7 @@ mod tests { bad_loads: AtomicUsize, } - #[async_trait] - impl ThreadConfigLoader for CountingThreadConfigLoader { + impl CountingThreadConfigLoader { async fn load( &self, context: ThreadConfigContext, @@ -248,4 +263,13 @@ mod tests { Ok(Vec::new()) } } + + impl ThreadConfigLoader for CountingThreadConfigLoader { + fn load( + &self, + context: ThreadConfigContext, + ) -> codex_config::ThreadConfigLoaderFuture<'_, Vec> { + Box::pin(CountingThreadConfigLoader::load(self, context)) + } + } } diff --git a/codex-rs/app-server/src/message_processor.rs b/codex-rs/app-server/src/message_processor.rs index 84f22809eeb..d55b266dcdf 100644 --- a/codex-rs/app-server/src/message_processor.rs +++ b/codex-rs/app-server/src/message_processor.rs @@ -8,6 +8,7 @@ use crate::attestation::app_server_attestation_provider; use crate::config_manager::ConfigManager; use crate::connection_rpc_gate::ConnectionRpcGate; use crate::error_code::invalid_request; +use crate::extensions::ThreadExtensionDependencies; use crate::extensions::app_server_extension_event_sink; use crate::extensions::guardian_agent_spawner; use crate::extensions::thread_extensions; @@ -45,7 +46,6 @@ use crate::thread_state::ConnectionCapabilities; use crate::thread_state::ThreadStateManager; use crate::transport::AppServerTransport; use crate::transport::RemoteControlHandle; -use async_trait::async_trait; use codex_analytics::AnalyticsEventsClient; use codex_analytics::AppServerRpcTransport; use codex_app_server_protocol::AuthMode as LoginAuthMode; @@ -70,6 +70,8 @@ use codex_core::ThreadManager; use codex_core::config::Config; use codex_exec_server::EnvironmentManager; use codex_feedback::CodexFeedback; +use codex_goal_extension::GoalService; +use codex_home::CodexHomeUserInstructionsProvider; use codex_login::AuthManager; use codex_login::auth::ExternalAuth; use codex_login::auth::ExternalAuthRefreshContext; @@ -90,6 +92,7 @@ use tokio_util::sync::CancellationToken; use tracing::Instrument; const EXTERNAL_AUTH_REFRESH_TIMEOUT: Duration = Duration::from_secs(10); +const CONNECTION_RPC_DRAIN_TIMEOUT: Duration = Duration::from_secs(/*secs*/ 30); #[derive(Clone)] struct ExternalAuthRefreshBridge { @@ -102,13 +105,6 @@ impl ExternalAuthRefreshBridge { ExternalAuthRefreshReason::Unauthorized => ChatgptAuthTokensRefreshReason::Unauthorized, } } -} - -#[async_trait] -impl ExternalAuth for ExternalAuthRefreshBridge { - fn auth_mode(&self) -> LoginAuthMode { - LoginAuthMode::Chatgpt - } async fn refresh( &self, @@ -159,6 +155,19 @@ impl ExternalAuth for ExternalAuthRefreshBridge { } } +impl ExternalAuth for ExternalAuthRefreshBridge { + fn auth_mode(&self) -> LoginAuthMode { + LoginAuthMode::Chatgpt + } + + fn refresh( + &self, + context: ExternalAuthRefreshContext, + ) -> codex_login::ExternalAuthFuture<'_, ExternalAuthTokens> { + Box::pin(ExternalAuthRefreshBridge::refresh(self, context)) + } +} + pub(crate) struct MessageProcessor { outgoing: Arc, skills_watcher: Arc, @@ -305,6 +314,15 @@ impl MessageProcessor { // resumed, or forked threads to a different persistence backend/root. let thread_store = codex_core::thread_store_from_config(config.as_ref(), state_db.clone()); let environment_manager_for_requests = Arc::clone(&environment_manager); + let environment_manager_for_extensions = Arc::clone(&environment_manager); + let restriction_product = session_source.restriction_product(); + let executor_skill_provider: Arc = Arc::new( + codex_skills_extension::ExecutorSkillProvider::new_with_restriction_product( + environment_manager_for_extensions, + restriction_product, + ), + ); + let goal_service = Arc::new(GoalService::new()); let thread_manager = Arc::new_cyclic(|thread_manager| { ThreadManager::new( config.as_ref(), @@ -313,9 +331,23 @@ impl MessageProcessor { environment_manager, thread_extensions( guardian_agent_spawner(thread_manager.clone()), - app_server_extension_event_sink(outgoing.clone()), - auth_manager.clone(), + ThreadExtensionDependencies { + event_sink: app_server_extension_event_sink( + outgoing.clone(), + thread_state_manager.clone(), + ), + auth_manager: auth_manager.clone(), + state_db: state_db.clone(), + analytics_events_client: analytics_events_client.clone(), + thread_manager: thread_manager.clone(), + goal_service: Arc::clone(&goal_service), + executor_skill_provider: Arc::clone(&executor_skill_provider), + thread_store: Arc::clone(&thread_store), + }, ), + Arc::new(CodexHomeUserInstructionsProvider::new( + config.codex_home.clone(), + )), Some(analytics_events_client.clone()), Arc::clone(&thread_store), state_db.clone(), @@ -378,7 +410,7 @@ impl MessageProcessor { Arc::clone(&thread_manager), Arc::clone(&config), feedback, - log_db, + log_db.clone(), state_db.clone(), ); let git_processor = GitRequestProcessor::new(); @@ -416,6 +448,7 @@ impl MessageProcessor { Arc::clone(&config), thread_state_manager.clone(), state_db.clone(), + Arc::clone(&goal_service), ); let thread_processor = ThreadRequestProcessor::new( auth_manager.clone(), @@ -431,6 +464,7 @@ impl MessageProcessor { Arc::clone(&thread_list_state_permit), thread_goal_processor.clone(), state_db, + log_db, Arc::clone(&skills_watcher), ); let turn_processor = TurnRequestProcessor::new( @@ -455,20 +489,20 @@ impl MessageProcessor { .plugins_manager() .maybe_start_plugin_startup_tasks_for_config( &config.plugins_config_input(), - auth_manager.clone(), + auth_manager, Some(on_effective_plugins_changed), ); } let config_processor = ConfigRequestProcessor::new( outgoing.clone(), config_manager.clone(), - auth_manager, thread_manager.clone(), analytics_events_client, ); let external_agent_config_processor = ExternalAgentConfigRequestProcessor::new( outgoing.clone(), Arc::clone(&thread_manager), + Arc::clone(&thread_store), config_manager.clone(), config_processor.clone(), arg0_paths, @@ -718,7 +752,19 @@ impl MessageProcessor { connection_id: ConnectionId, session_state: &ConnectionSessionState, ) { - session_state.rpc_gate.shutdown().await; + if timeout( + CONNECTION_RPC_DRAIN_TIMEOUT, + session_state.rpc_gate.shutdown(), + ) + .await + .is_err() + { + tracing::warn!( + ?connection_id, + timeout_seconds = CONNECTION_RPC_DRAIN_TIMEOUT.as_secs(), + "timed out waiting for connection RPCs to drain" + ); + } self.outgoing.connection_closed(connection_id).await; self.fs_processor.connection_closed(connection_id).await; self.command_exec_processor @@ -919,7 +965,12 @@ impl MessageProcessor { .map(|response| Some(response.into())), ClientRequest::RemoteControlPairingStart { params, .. } => self .remote_control_processor - .pairing_start(params) + .pairing_start(params, app_server_client_name.as_deref()) + .await + .map(|response| Some(response.into())), + ClientRequest::RemoteControlPairingStatus { params, .. } => self + .remote_control_processor + .pairing_status(params) .await .map(|response| Some(response.into())), ClientRequest::RemoteControlClientsList { params, .. } => self @@ -1031,6 +1082,11 @@ impl MessageProcessor { .thread_archive(request_id.clone(), params) .await } + ClientRequest::ThreadDelete { params, .. } => { + self.thread_processor + .thread_delete(request_id.clone(), params) + .await + } ClientRequest::ThreadIncrementElicitation { params, .. } => { self.thread_processor .thread_increment_elicitation(params) @@ -1086,6 +1142,16 @@ impl MessageProcessor { .thread_background_terminals_clean(&request_id, params) .await } + ClientRequest::ThreadBackgroundTerminalsList { params, .. } => { + self.thread_processor + .thread_background_terminals_list(params) + .await + } + ClientRequest::ThreadBackgroundTerminalsTerminate { params, .. } => { + self.thread_processor + .thread_background_terminals_terminate(params) + .await + } ClientRequest::ThreadRollback { params, .. } => { self.thread_processor .thread_rollback(&request_id, params) @@ -1295,6 +1361,9 @@ impl MessageProcessor { ClientRequest::GetAccountRateLimits { .. } => { self.account_processor.get_account_rate_limits().await } + ClientRequest::GetAccountTokenUsage { .. } => { + self.account_processor.get_account_token_usage().await + } ClientRequest::SendAddCreditsNudgeEmail { params, .. } => { self.account_processor .send_add_credits_nudge_email(params) diff --git a/codex-rs/app-server/src/models.rs b/codex-rs/app-server/src/models.rs index e53f13df84e..7d460d5a97b 100644 --- a/codex-rs/app-server/src/models.rs +++ b/codex-rs/app-server/src/models.rs @@ -62,10 +62,10 @@ fn reasoning_efforts_from_preset( efforts: Vec, ) -> Vec { efforts - .iter() + .into_iter() .map(|preset| ReasoningEffortOption { reasoning_effort: preset.effort, - description: preset.description.to_string(), + description: preset.description, }) .collect() } diff --git a/codex-rs/app-server/src/outgoing_message.rs b/codex-rs/app-server/src/outgoing_message.rs index ac7e87741a5..ba75d0afd38 100644 --- a/codex-rs/app-server/src/outgoing_message.rs +++ b/codex-rs/app-server/src/outgoing_message.rs @@ -555,16 +555,6 @@ impl OutgoingMessageSender { .await; } - pub(crate) fn try_send_server_notification(&self, notification: ServerNotification) { - tracing::trace!("app-server event: {notification}"); - let outgoing_message = OutgoingMessage::AppServerNotification(notification); - if let Err(err) = self.sender.try_send(OutgoingEnvelope::Broadcast { - message: outgoing_message, - }) { - warn!("failed to send server notification to client without waiting: {err:?}"); - } - } - pub(crate) async fn send_server_notification_to_connections( &self, connection_ids: &[ConnectionId], @@ -725,6 +715,7 @@ mod tests { use codex_app_server_protocol::RateLimitWindow; use codex_app_server_protocol::ServerResponse; use codex_app_server_protocol::ToolRequestUserInputParams; + use codex_app_server_protocol::TurnModerationMetadataNotification; use codex_protocol::ThreadId; use pretty_assertions::assert_eq; use serde_json::json; @@ -951,6 +942,31 @@ mod tests { ); } + #[test] + fn verify_turn_moderation_metadata_notification_serialization() { + let notification = + ServerNotification::TurnModerationMetadata(TurnModerationMetadataNotification { + thread_id: "thread-1".to_string(), + turn_id: "turn-1".to_string(), + metadata: json!({"presentation": "inline"}), + }); + + let jsonrpc_notification = OutgoingMessage::AppServerNotification(notification); + assert_eq!( + json!({ + "method": "turn/moderationMetadata", + "params": { + "threadId": "thread-1", + "turnId": "turn-1", + "metadata": {"presentation": "inline"}, + }, + }), + serde_json::to_value(jsonrpc_notification) + .expect("ensure the notification serializes correctly"), + "ensure the notification serializes correctly" + ); + } + #[test] fn server_request_response_from_result_decodes_typed_response() { let request = ServerRequest::CommandExecutionRequestApproval { diff --git a/codex-rs/app-server/src/request_processors.rs b/codex-rs/app-server/src/request_processors.rs index 2f3c87d8687..83e704cdfdc 100644 --- a/codex-rs/app-server/src/request_processors.rs +++ b/codex-rs/app-server/src/request_processors.rs @@ -22,6 +22,8 @@ use codex_analytics::InputError; use codex_analytics::TurnSteerRequestError; use codex_app_server_protocol::Account; use codex_app_server_protocol::AccountLoginCompletedNotification; +use codex_app_server_protocol::AccountTokenUsageDailyBucket; +use codex_app_server_protocol::AccountTokenUsageSummary; use codex_app_server_protocol::AccountUpdatedNotification; use codex_app_server_protocol::AddCreditsNudgeCreditType; use codex_app_server_protocol::AddCreditsNudgeEmailStatus; @@ -30,6 +32,8 @@ use codex_app_server_protocol::AdditionalContextKind; use codex_app_server_protocol::AppInfo; use codex_app_server_protocol::AppListUpdatedNotification; use codex_app_server_protocol::AppSummary; +use codex_app_server_protocol::AppTemplateSummary; +use codex_app_server_protocol::AppTemplateUnavailableReason; use codex_app_server_protocol::AppsListParams; use codex_app_server_protocol::AppsListResponse; use codex_app_server_protocol::AskForApproval; @@ -62,6 +66,7 @@ use codex_app_server_protocol::FeedbackUploadResponse; use codex_app_server_protocol::GetAccountParams; use codex_app_server_protocol::GetAccountRateLimitsResponse; use codex_app_server_protocol::GetAccountResponse; +use codex_app_server_protocol::GetAccountTokenUsageResponse; use codex_app_server_protocol::GetAuthStatusParams; use codex_app_server_protocol::GetAuthStatusResponse; use codex_app_server_protocol::GetConversationSummaryParams; @@ -166,13 +171,21 @@ use codex_app_server_protocol::ThreadApproveGuardianDeniedActionResponse; use codex_app_server_protocol::ThreadArchiveParams; use codex_app_server_protocol::ThreadArchiveResponse; use codex_app_server_protocol::ThreadArchivedNotification; +use codex_app_server_protocol::ThreadBackgroundTerminal; use codex_app_server_protocol::ThreadBackgroundTerminalsCleanParams; use codex_app_server_protocol::ThreadBackgroundTerminalsCleanResponse; +use codex_app_server_protocol::ThreadBackgroundTerminalsListParams; +use codex_app_server_protocol::ThreadBackgroundTerminalsListResponse; +use codex_app_server_protocol::ThreadBackgroundTerminalsTerminateParams; +use codex_app_server_protocol::ThreadBackgroundTerminalsTerminateResponse; use codex_app_server_protocol::ThreadClosedNotification; use codex_app_server_protocol::ThreadCompactStartParams; use codex_app_server_protocol::ThreadCompactStartResponse; use codex_app_server_protocol::ThreadDecrementElicitationParams; use codex_app_server_protocol::ThreadDecrementElicitationResponse; +use codex_app_server_protocol::ThreadDeleteParams; +use codex_app_server_protocol::ThreadDeleteResponse; +use codex_app_server_protocol::ThreadDeletedNotification; use codex_app_server_protocol::ThreadForkParams; use codex_app_server_protocol::ThreadForkResponse; use codex_app_server_protocol::ThreadGoal; @@ -264,6 +277,7 @@ use codex_app_server_protocol::WindowsSandboxSetupStartResponse; use codex_arg0::Arg0DispatchPaths; use codex_backend_client::AddCreditsNudgeCreditType as BackendAddCreditsNudgeCreditType; use codex_backend_client::Client as BackendClient; +use codex_backend_client::TokenUsageProfile; use codex_chatgpt::connectors; use codex_chatgpt::workspace_settings; use codex_config::CloudConfigBundleLoadError; @@ -273,9 +287,8 @@ use codex_config::loader::project_trust_key; use codex_config::types::McpServerTransportConfig; use codex_core::CodexThread; use codex_core::CodexThreadSettingsOverrides; -use codex_core::ExternalGoalPreviousStatus; -use codex_core::ExternalGoalSet; use codex_core::ForkSnapshot; +use codex_core::McpManager; use codex_core::NewThread; #[cfg(test)] use codex_core::SessionMeta; @@ -326,6 +339,7 @@ use codex_core_plugins::remote::RemotePluginShareContext as RemoteCatalogPluginS use codex_core_plugins::remote::RemotePluginShareSummary as RemoteCatalogPluginShareSummary; use codex_core_plugins::remote::RemotePluginSummary as RemoteCatalogPluginSummary; use codex_exec_server::EnvironmentManager; +use codex_exec_server::LOCAL_ENVIRONMENT_ID; use codex_exec_server::LOCAL_FS; use codex_features::FEATURES; use codex_features::Feature; @@ -353,7 +367,6 @@ use codex_mcp::discover_supported_scopes; use codex_mcp::read_mcp_resource as read_mcp_resource_without_thread; use codex_mcp::resolve_oauth_scopes; use codex_memories_write::clear_memory_roots_contents; -use codex_model_provider::ProviderAccountError; use codex_model_provider::create_model_provider; use codex_models_manager::collaboration_mode_presets::builtin_collaboration_mode_presets; use codex_protocol::ThreadId; @@ -397,6 +410,7 @@ use codex_protocol::protocol::SessionConfiguredEvent; #[cfg(test)] use codex_protocol::protocol::SessionMetaLine; use codex_protocol::protocol::TurnEnvironmentSelection; +use codex_protocol::protocol::TurnEnvironmentSelections; use codex_protocol::protocol::USER_MESSAGE_BEGIN; use codex_protocol::protocol::W3cTraceContext; use codex_protocol::user_input::MAX_USER_INPUT_TEXT_CHARS; @@ -408,6 +422,7 @@ use codex_rollout::state_db::reconcile_rollout; use codex_state::ThreadMetadata; use codex_state::log_db::LogDbLayer; use codex_thread_store::ArchiveThreadParams as StoreArchiveThreadParams; +use codex_thread_store::DeleteThreadParams as StoreDeleteThreadParams; use codex_thread_store::GitInfoPatch as StoreGitInfoPatch; use codex_thread_store::ListThreadsParams as StoreListThreadsParams; use codex_thread_store::LocalThreadStore; @@ -458,6 +473,7 @@ mod command_exec_processor; mod config_processor; mod environment_processor; mod external_agent_config_processor; +mod external_agent_session_import; mod feedback_doctor_report; mod feedback_processor; mod fs_processor; @@ -507,8 +523,27 @@ use crate::thread_state::ThreadStateManager; use token_usage_replay::latest_token_usage_turn_id_from_rollout_items; use token_usage_replay::send_thread_token_usage_update_to_connection; +fn resolve_request_cwd(cwd: Option) -> Result, JSONRPCErrorError> { + cwd.map(|cwd| { + AbsolutePathBuf::relative_to_current_dir(path_utils::normalize_for_native_workdir(cwd)) + .map_err(|err| invalid_request(format!("invalid cwd: {err}"))) + }) + .transpose() +} + +fn resolve_runtime_workspace_roots(workspace_roots: Vec) -> Vec { + let mut resolved_roots = Vec::new(); + for root in workspace_roots { + if !resolved_roots.iter().any(|existing| existing == &root) { + resolved_roots.push(root); + } + } + resolved_roots +} + mod config_errors; mod request_errors; +mod thread_delete; mod thread_goal_processor; mod thread_lifecycle; mod thread_resume_redaction; diff --git a/codex-rs/app-server/src/request_processors/account_processor.rs b/codex-rs/app-server/src/request_processors/account_processor.rs index 8ebfc037e1a..019533484c2 100644 --- a/codex-rs/app-server/src/request_processors/account_processor.rs +++ b/codex-rs/app-server/src/request_processors/account_processor.rs @@ -2,6 +2,7 @@ use super::*; // Duration before a browser ChatGPT login attempt is abandoned. const LOGIN_CHATGPT_TIMEOUT: Duration = Duration::from_secs(10 * 60); +const ACCOUNT_TOKEN_USAGE_FETCH_TIMEOUT: Duration = Duration::from_secs(/*secs*/ 10); // The override is intentionally available only in debug builds, matching the login path below. #[cfg(debug_assertions)] const LOGIN_ISSUER_OVERRIDE_ENV_VAR: &str = "CODEX_APP_SERVER_LOGIN_ISSUER"; @@ -131,6 +132,14 @@ impl AccountRequestProcessor { .map(|response| Some(response.into())) } + pub(crate) async fn get_account_token_usage( + &self, + ) -> Result, JSONRPCErrorError> { + self.get_account_token_usage_response() + .await + .map(|response| Some(response.into())) + } + pub(crate) async fn send_add_credits_nudge_email( &self, params: SendAddCreditsNudgeEmailParams, @@ -149,6 +158,9 @@ impl AccountRequestProcessor { pub(crate) fn clear_external_auth(&self) { self.auth_manager.clear_external_auth(); + self.thread_manager + .plugins_manager() + .set_auth_mode(self.auth_manager.get_api_auth_mode()); } fn current_account_updated_notification(&self) -> AccountUpdatedNotification { @@ -164,6 +176,10 @@ impl AccountRequestProcessor { thread_manager: &Arc, auth: Option, ) { + thread_manager + .plugins_manager() + .set_auth_mode(auth.as_ref().map(CodexAuth::api_auth_mode)); + match config_manager .load_latest_config(/*fallback_cwd*/ None) .await @@ -767,24 +783,28 @@ impl AccountRequestProcessor { let permanent_refresh_failure = self.auth_manager.refresh_failure_for_auth(&auth).is_some(); let auth_mode = auth.api_auth_mode(); - let (reported_auth_method, token_opt) = - if matches!(auth, CodexAuth::AgentIdentity(_)) - || include_token && permanent_refresh_failure - { - (Some(auth_mode), None) - } else { - match auth.get_token() { - Ok(token) if !token.is_empty() => { - let tok = if include_token { Some(token) } else { None }; - (Some(auth_mode), tok) - } - Ok(_) => (None, None), - Err(err) => { - tracing::warn!("failed to get token for auth status: {err}"); - (None, None) - } + let (reported_auth_method, token_opt) = if matches!( + auth, + CodexAuth::AgentIdentity(_) | CodexAuth::PersonalAccessToken(_) + ) || include_token + && permanent_refresh_failure + { + // This response cannot represent the metadata needed to reuse these + // credentials. + (Some(auth_mode), None) + } else { + match auth.get_token() { + Ok(token) if !token.is_empty() => { + let tok = if include_token { Some(token) } else { None }; + (Some(auth_mode), tok) } - }; + Ok(_) => (None, None), + Err(err) => { + tracing::warn!("failed to get token for auth status: {err}"); + (None, None) + } + } + }; GetAuthStatusResponse { auth_method: reported_auth_method, auth_token: token_opt, @@ -816,11 +836,7 @@ impl AccountRequestProcessor { ); let account_state = match provider.account_state() { Ok(account_state) => account_state, - Err(ProviderAccountError::MissingChatgptAccountDetails) => { - return Err(invalid_request( - "email and plan type are required for chatgpt authentication", - )); - } + Err(err) => return Err(invalid_request(err.to_string())), }; let account = account_state.account.map(Account::from); @@ -848,6 +864,55 @@ impl AccountRequestProcessor { ) } + async fn get_account_token_usage_response( + &self, + ) -> Result { + let Some(auth) = self.auth_manager.auth().await else { + return Err(invalid_request( + "codex account authentication required to read token usage", + )); + }; + + if !auth.uses_codex_backend() { + return Err(invalid_request( + "chatgpt authentication required to read token usage", + )); + } + + let client = BackendClient::from_auth(self.config.chatgpt_base_url.clone(), &auth) + .map_err(|err| internal_error(format!("failed to construct backend client: {err}")))?; + let profile = tokio::time::timeout( + ACCOUNT_TOKEN_USAGE_FETCH_TIMEOUT, + client.get_token_usage_profile(), + ) + .await + .map_err(|_| internal_error("token usage profile fetch timed out"))? + .map_err(|err| internal_error(format!("failed to fetch token usage profile: {err}")))?; + Ok(Self::account_token_usage_response(profile)) + } + + fn account_token_usage_response(profile: TokenUsageProfile) -> GetAccountTokenUsageResponse { + let stats = profile.stats; + GetAccountTokenUsageResponse { + summary: AccountTokenUsageSummary { + lifetime_tokens: stats.lifetime_tokens, + peak_daily_tokens: stats.peak_daily_tokens, + longest_running_turn_sec: stats.longest_running_turn_sec, + current_streak_days: stats.current_streak_days, + longest_streak_days: stats.longest_streak_days, + }, + daily_usage_buckets: stats.daily_usage_buckets.map(|buckets| { + buckets + .into_iter() + .map(|bucket| AccountTokenUsageDailyBucket { + start_date: bucket.start_date, + tokens: bucket.tokens, + }) + .collect() + }), + } + } + async fn send_add_credits_nudge_email_response( &self, params: SendAddCreditsNudgeEmailParams, @@ -952,3 +1017,45 @@ impl AccountRequestProcessor { Ok((primary, rate_limits_by_limit_id)) } } + +#[cfg(test)] +mod tests { + use super::*; + use codex_backend_client::TokenUsageProfileDailyBucket; + use codex_backend_client::TokenUsageProfileStats; + use pretty_assertions::assert_eq; + + #[test] + fn account_token_usage_response_maps_profile_stats_and_daily_buckets() { + let response = AccountRequestProcessor::account_token_usage_response(TokenUsageProfile { + stats: TokenUsageProfileStats { + lifetime_tokens: Some(123), + peak_daily_tokens: Some(45), + longest_running_turn_sec: Some(67), + current_streak_days: Some(8), + longest_streak_days: Some(9), + daily_usage_buckets: Some(vec![TokenUsageProfileDailyBucket { + start_date: "2026-05-29".to_string(), + tokens: 10, + }]), + }, + }); + + assert_eq!( + response, + GetAccountTokenUsageResponse { + summary: AccountTokenUsageSummary { + lifetime_tokens: Some(123), + peak_daily_tokens: Some(45), + longest_running_turn_sec: Some(67), + current_streak_days: Some(8), + longest_streak_days: Some(9), + }, + daily_usage_buckets: Some(vec![AccountTokenUsageDailyBucket { + start_date: "2026-05-29".to_string(), + tokens: 10, + }]), + } + ); + } +} diff --git a/codex-rs/app-server/src/request_processors/apps_processor.rs b/codex-rs/app-server/src/request_processors/apps_processor.rs index 49a6615f1c5..95cf3f452a3 100644 --- a/codex-rs/app-server/src/request_processors/apps_processor.rs +++ b/codex-rs/app-server/src/request_processors/apps_processor.rs @@ -53,7 +53,7 @@ impl AppsRequestProcessor { None }; let fallback_cwd = match thread.as_ref() { - Some(thread) => Some(thread.config_snapshot().await.cwd.to_path_buf()), + Some(thread) => Some(thread.config_snapshot().await.cwd().to_path_buf()), None => None, }; let mut config = self.load_latest_config(fallback_cwd).await?; @@ -88,11 +88,19 @@ impl AppsRequestProcessor { let request = request_id.clone(); let outgoing = Arc::clone(&self.outgoing); let environment_manager = self.thread_manager.environment_manager(); + let mcp_manager = self.thread_manager.mcp_manager(); let shutdown_token = self.shutdown_token.child_token(); tokio::spawn(async move { tokio::select! { _ = shutdown_token.cancelled() => {} - _ = Self::apps_list_task(outgoing, request, params, config, environment_manager) => {} + _ = Self::apps_list_task( + outgoing, + request, + params, + config, + environment_manager, + mcp_manager, + ) => {} } }); Ok(None) @@ -108,11 +116,15 @@ impl AppsRequestProcessor { params: AppsListParams, config: Config, environment_manager: Arc, + mcp_manager: Arc, ) { let retry_params = params.clone(); let retry_config = config.clone(); let retry_environment_manager = Arc::clone(&environment_manager); - let result = Self::apps_list_response(&outgoing, params, config, environment_manager).await; + let retry_mcp_manager = Arc::clone(&mcp_manager); + let result = + Self::apps_list_response(&outgoing, params, config, environment_manager, mcp_manager) + .await; let should_retry = result .as_ref() .is_ok_and(|(_, codex_apps_ready)| !codex_apps_ready); @@ -128,6 +140,7 @@ impl AppsRequestProcessor { retry_params, retry_config, retry_environment_manager, + retry_mcp_manager, ) .await { @@ -141,6 +154,7 @@ impl AppsRequestProcessor { params: AppsListParams, config: Config, environment_manager: Arc, + mcp_manager: Arc, ) -> Result<(AppsListResponse, bool), JSONRPCErrorError> { let AppsListParams { cursor, @@ -167,14 +181,14 @@ impl AppsRequestProcessor { let accessible_config = config.clone(); let accessible_tx = tx.clone(); tokio::spawn(async move { - let result = - connectors::list_accessible_connectors_from_mcp_tools_with_environment_manager( - &accessible_config, - force_refetch, - Arc::clone(&environment_manager), - ) - .await - .map_err(|err| format!("failed to load accessible apps: {err}")); + let result = connectors::list_accessible_connectors_from_mcp_tools_with_mcp_manager( + &accessible_config, + force_refetch, + Arc::clone(&environment_manager), + mcp_manager, + ) + .await + .map_err(|err| format!("failed to load accessible apps: {err}")); let _ = accessible_tx.send(AppListLoadResult::Accessible(result)); }); diff --git a/codex-rs/app-server/src/request_processors/catalog_processor.rs b/codex-rs/app-server/src/request_processors/catalog_processor.rs index bbba0bae621..9c0cc1c8b51 100644 --- a/codex-rs/app-server/src/request_processors/catalog_processor.rs +++ b/codex-rs/app-server/src/request_processors/catalog_processor.rs @@ -647,9 +647,11 @@ impl CatalogRequestProcessor { config.features.enabled(Feature::Plugins) && workspace_codex_plugins_enabled; let plugin_hooks = if plugins_enabled { let plugins_input = config.plugins_config_input(); - plugins_manager - .plugin_hooks_for_layer_stack(&config.config_layer_stack, &plugins_input) - .await + let plugin_outcome = plugins_manager.plugins_for_config(&plugins_input).await; + codex_core_plugins::PluginHookLoadOutcome { + hook_sources: plugin_outcome.effective_plugin_hook_sources(), + hook_load_warnings: plugin_outcome.effective_plugin_hook_warnings(), + } } else { codex_core_plugins::PluginHookLoadOutcome::default() }; diff --git a/codex-rs/app-server/src/request_processors/config_processor.rs b/codex-rs/app-server/src/request_processors/config_processor.rs index 35710261933..bdc80139509 100644 --- a/codex-rs/app-server/src/request_processors/config_processor.rs +++ b/codex-rs/app-server/src/request_processors/config_processor.rs @@ -7,7 +7,6 @@ use crate::error_code::invalid_request; use crate::outgoing_message::ConnectionRequestId; use crate::outgoing_message::OutgoingMessageSender; use codex_analytics::AnalyticsEventsClient; -use codex_app_server_protocol::AppListUpdatedNotification; use codex_app_server_protocol::ClientResponsePayload; use codex_app_server_protocol::ComputerUseRequirements; use codex_app_server_protocol::ConfigBatchWriteParams; @@ -29,9 +28,7 @@ use codex_app_server_protocol::NetworkDomainPermission; use codex_app_server_protocol::NetworkRequirements; use codex_app_server_protocol::NetworkUnixSocketPermission; use codex_app_server_protocol::SandboxMode; -use codex_app_server_protocol::ServerNotification; use codex_app_server_protocol::WindowsSandboxSetupMode; -use codex_chatgpt::connectors; use codex_config::ConfigRequirementsToml; use codex_config::HookEventsToml; use codex_config::HookHandlerConfig as CoreHookHandlerConfig; @@ -42,7 +39,6 @@ use codex_config::SandboxModeRequirement as CoreSandboxModeRequirement; use codex_core::ThreadManager; use codex_features::canonical_feature_for_key; use codex_features::feature_for_key; -use codex_login::AuthManager; use codex_model_provider::create_model_provider; use codex_plugin::PluginId; use codex_protocol::config_types::WebSearchMode; @@ -50,21 +46,18 @@ use serde_json::json; use std::path::PathBuf; const SUPPORTED_EXPERIMENTAL_FEATURE_ENABLEMENT: &[&str] = &[ - "apps", + "auth_elicitation", "memories", "mentions_v2", - "plugins", "remote_control", "remote_plugin", "tool_suggest", - "tool_call_mcp_elicitation", ]; #[derive(Clone)] pub(crate) struct ConfigRequestProcessor { outgoing: Arc, config_manager: ConfigManager, - auth_manager: Arc, thread_manager: Arc, analytics_events_client: AnalyticsEventsClient, } @@ -73,14 +66,12 @@ impl ConfigRequestProcessor { pub(crate) fn new( outgoing: Arc, config_manager: ConfigManager, - auth_manager: Arc, thread_manager: Arc, analytics_events_client: AnalyticsEventsClient, ) -> Self { Self { outgoing, config_manager, - auth_manager, thread_manager, analytics_events_client, } @@ -151,7 +142,6 @@ impl ConfigRequestProcessor { request_id: ConnectionRequestId, params: ExperimentalFeatureEnablementSetParams, ) -> Result, JSONRPCErrorError> { - let should_refresh_apps_list = params.enablement.get("apps").copied() == Some(true); let response = self .handle_config_mutation_result(self.set_experimental_feature_enablement(params).await) .await?; @@ -161,10 +151,6 @@ impl ConfigRequestProcessor { ClientResponsePayload::ExperimentalFeatureEnablementSet(response), ) .await; - if should_refresh_apps_list { - self.refresh_apps_list_after_experimental_feature_enablement_set() - .await; - } Ok(None) } @@ -195,71 +181,6 @@ impl ConfigRequestProcessor { Ok(response) } - async fn refresh_apps_list_after_experimental_feature_enablement_set(&self) { - let config = match self.load_latest_config(/*fallback_cwd*/ None).await { - Ok(config) => config, - Err(error) => { - tracing::warn!( - "failed to load config for apps list refresh after experimental feature enablement: {}", - error.message - ); - return; - } - }; - let auth = self.auth_manager.auth().await; - if !config.features.apps_enabled_for_auth( - auth.as_ref() - .is_some_and(codex_login::CodexAuth::uses_codex_backend), - ) { - return; - } - - let outgoing = Arc::clone(&self.outgoing); - let environment_manager = self.thread_manager.environment_manager(); - tokio::spawn(async move { - let (all_connectors_result, accessible_connectors_result) = tokio::join!( - connectors::list_all_connectors_with_options(&config, /*force_refetch*/ true), - connectors::list_accessible_connectors_from_mcp_tools_with_environment_manager( - &config, - /*force_refetch*/ true, - Arc::clone(&environment_manager), - ), - ); - let all_connectors = match all_connectors_result { - Ok(connectors) => connectors, - Err(err) => { - tracing::warn!( - "failed to force-refresh directory apps after experimental feature enablement: {err:#}" - ); - return; - } - }; - let accessible_connectors = match accessible_connectors_result { - Ok(status) => status.connectors, - Err(err) => { - tracing::warn!( - "failed to force-refresh accessible apps after experimental feature enablement: {err:#}" - ); - return; - } - }; - - let data = connectors::with_app_enabled_state( - connectors::merge_connectors_with_accessible( - all_connectors, - accessible_connectors, - /*all_connectors_loaded*/ true, - ), - &config, - ); - outgoing - .send_server_notification(ServerNotification::AppListUpdated( - AppListUpdatedNotification { data }, - )) - .await; - }); - } - async fn load_latest_config( &self, fallback_cwd: Option, @@ -317,28 +238,19 @@ impl ConfigRequestProcessor { &self, params: ExperimentalFeatureEnablementSetParams, ) -> Result { - let ExperimentalFeatureEnablementSetParams { enablement } = params; - for key in enablement.keys() { - if canonical_feature_for_key(key).is_some() { - if SUPPORTED_EXPERIMENTAL_FEATURE_ENABLEMENT.contains(&key.as_str()) { - continue; - } - - return Err(invalid_request(format!( - "unsupported feature enablement `{key}`: currently supported features are {}", - SUPPORTED_EXPERIMENTAL_FEATURE_ENABLEMENT.join(", ") - ))); + let ExperimentalFeatureEnablementSetParams { mut enablement } = params; + let mut invalid_keys = Vec::new(); + enablement.retain(|key, _| { + let valid = canonical_feature_for_key(key).is_some() + && SUPPORTED_EXPERIMENTAL_FEATURE_ENABLEMENT.contains(&key.as_str()); + if !valid { + invalid_keys.push(key.clone()); } - - let message = if let Some(feature) = feature_for_key(key) { - format!( - "invalid feature enablement `{key}`: use canonical feature key `{}`", - feature.key() - ) - } else { - format!("invalid feature enablement `{key}`") - }; - return Err(invalid_request(message)); + valid + }); + if !invalid_keys.is_empty() { + let invalid_keys = invalid_keys.join(", "); + tracing::warn!("ignoring invalid experimental feature enablement keys: {invalid_keys}"); } if enablement.is_empty() { @@ -438,7 +350,8 @@ fn map_requirements_toml_to_api(requirements: ConfigRequirementsToml) -> ConfigR .collect() }) }), - allowed_permissions: requirements.allowed_permissions, + allowed_permission_profiles: requirements.allowed_permission_profiles, + default_permissions: requirements.default_permissions, allowed_web_search_modes: requirements.allowed_web_search_modes.map(|modes| { let mut normalized = modes .into_iter() @@ -657,29 +570,43 @@ mod tests { use codex_config::ConfigRequirementsToml; use codex_config::WindowsRequirementsToml; use pretty_assertions::assert_eq; + use std::collections::BTreeMap; #[test] fn requirements_api_includes_allow_managed_hooks_only() { let mapped = map_requirements_toml_to_api(ConfigRequirementsToml { - allowed_permissions: Some(vec![ - "managed-standard".to_string(), - "managed-build".to_string(), - ]), allow_managed_hooks_only: Some(true), ..ConfigRequirementsToml::default() }); - assert_eq!( - mapped.allowed_permissions, - Some(vec![ - "managed-standard".to_string(), - "managed-build".to_string(), - ]) - ); assert_eq!(mapped.allow_managed_hooks_only, Some(true)); assert_eq!(mapped.hooks, None); } + #[test] + fn requirements_api_includes_permission_default_and_allowlist() { + let mapped = map_requirements_toml_to_api(ConfigRequirementsToml { + allowed_permission_profiles: Some(BTreeMap::from([ + ("managed-build".to_string(), false), + ("managed-standard".to_string(), true), + ])), + default_permissions: Some("managed-standard".to_string()), + ..ConfigRequirementsToml::default() + }); + + assert_eq!( + mapped.allowed_permission_profiles, + Some(BTreeMap::from([ + ("managed-build".to_string(), false), + ("managed-standard".to_string(), true), + ])) + ); + assert_eq!( + mapped.default_permissions, + Some("managed-standard".to_string()) + ); + } + #[test] fn requirements_api_includes_allow_appshots() { let mapped = map_requirements_toml_to_api(ConfigRequirementsToml { diff --git a/codex-rs/app-server/src/request_processors/external_agent_config_processor.rs b/codex-rs/app-server/src/request_processors/external_agent_config_processor.rs index 87956182d0b..5d4c0594ebe 100644 --- a/codex-rs/app-server/src/request_processors/external_agent_config_processor.rs +++ b/codex-rs/app-server/src/request_processors/external_agent_config_processor.rs @@ -26,53 +26,47 @@ use codex_app_server_protocol::MigrationDetails; use codex_app_server_protocol::PluginsMigration; use codex_app_server_protocol::ServerNotification; use codex_arg0::Arg0DispatchPaths; -use codex_core::StartThreadOptions; use codex_core::ThreadManager; -use codex_core::config::ConfigOverrides; use codex_external_agent_sessions::ExternalAgentSessionMigration as CoreSessionMigration; -use codex_external_agent_sessions::ImportedExternalAgentSession; -use codex_external_agent_sessions::PendingSessionImport; -use codex_external_agent_sessions::prepare_validated_session_imports; -use codex_external_agent_sessions::record_imported_session; -use codex_protocol::ThreadId; -use codex_protocol::protocol::InitialHistory; -use codex_thread_store::ThreadMetadataPatch; +use codex_thread_store::ThreadStore; use std::collections::HashSet; use std::path::PathBuf; -use tokio::sync::Semaphore; use super::ConfigRequestProcessor; +use super::external_agent_session_import::ExternalAgentSessionImporter; #[derive(Clone)] pub(crate) struct ExternalAgentConfigRequestProcessor { outgoing: Arc, - codex_home: PathBuf, migration_service: ExternalAgentConfigService, - session_import_permits: Arc, + session_importer: ExternalAgentSessionImporter, thread_manager: Arc, - config_manager: ConfigManager, config_processor: ConfigRequestProcessor, - arg0_paths: Arg0DispatchPaths, } impl ExternalAgentConfigRequestProcessor { pub(crate) fn new( outgoing: Arc, thread_manager: Arc, + thread_store: Arc, config_manager: ConfigManager, config_processor: ConfigRequestProcessor, arg0_paths: Arg0DispatchPaths, codex_home: PathBuf, ) -> Self { + let session_importer = ExternalAgentSessionImporter::new( + codex_home.clone(), + Arc::clone(&thread_manager), + thread_store, + config_manager, + arg0_paths, + ); Self { outgoing, - migration_service: ExternalAgentConfigService::new(codex_home.clone()), - codex_home, - session_import_permits: Arc::new(Semaphore::new(1)), + migration_service: ExternalAgentConfigService::new(codex_home), + session_importer, thread_manager, - config_manager, config_processor, - arg0_paths, } } @@ -207,42 +201,12 @@ impl ExternalAgentConfigRequestProcessor { return Ok(()); } - let session_import_permits = Arc::clone(&self.session_import_permits); - let session_processor = self.clone(); + let session_importer = self.session_importer.clone(); let plugin_processor = self.clone(); let outgoing = Arc::clone(&self.outgoing); let thread_manager = Arc::clone(&self.thread_manager); tokio::spawn(async move { - let session_imports = async move { - if !pending_session_imports.is_empty() { - let Ok(_session_import_permit) = session_import_permits.acquire_owned().await - else { - return; - }; - let pending_session_imports = session_processor - .prepare_validated_session_imports(pending_session_imports); - for pending_session_import in pending_session_imports { - match session_processor - .import_external_agent_session(pending_session_import.session) - .await - { - Ok(imported_thread_id) => { - session_processor.record_imported_session( - &pending_session_import.source_path, - imported_thread_id, - ); - } - Err(error) => { - tracing::warn!( - error = %error.message, - path = %pending_session_import.source_path.display(), - "external agent session import failed" - ); - } - } - } - } - }; + let session_imports = session_importer.import_sessions(pending_session_imports); let plugin_imports = async move { for pending_plugin_import in pending_plugin_imports { match plugin_processor @@ -274,65 +238,6 @@ impl ExternalAgentConfigRequestProcessor { Ok(()) } - async fn import_external_agent_session( - &self, - session: ImportedExternalAgentSession, - ) -> Result { - let ImportedExternalAgentSession { - cwd, - title, - rollout_items, - } = session; - let config = self - .config_manager - .load_with_overrides( - /*request_overrides*/ None, - ConfigOverrides { - cwd: Some(PathBuf::from(cwd.to_string_lossy().into_owned())), - codex_linux_sandbox_exe: self.arg0_paths.codex_linux_sandbox_exe.clone(), - main_execve_wrapper_exe: self.arg0_paths.main_execve_wrapper_exe.clone(), - ..Default::default() - }, - ) - .await - .map_err(|err| { - internal_error(format!("failed to load imported session config: {err}")) - })?; - let environments = self - .thread_manager - .default_environment_selections(&config.cwd); - let imported_thread = self - .thread_manager - .start_thread_with_options(StartThreadOptions { - config, - initial_history: InitialHistory::Forked(rollout_items), - session_source: None, - thread_source: None, - dynamic_tools: Vec::new(), - metrics_service_name: None, - parent_trace: None, - environments, - }) - .await - .map_err(|err| internal_error(format!("failed to import session: {err}")))?; - if let Some(title) = title - && let Some(name) = codex_core::util::normalize_thread_name(&title) - { - imported_thread - .thread - .update_thread_metadata( - ThreadMetadataPatch { - name: Some(Some(name)), - ..Default::default() - }, - /*include_archived*/ false, - ) - .await - .map_err(|err| internal_error(format!("failed to name imported session: {err}")))?; - } - Ok(imported_thread.thread_id) - } - fn validate_pending_session_imports( &self, params: &ExternalAgentConfigImportParams, @@ -371,24 +276,6 @@ impl ExternalAgentConfigRequestProcessor { Ok(selected_sessions) } - fn prepare_validated_session_imports( - &self, - sessions: Vec, - ) -> Vec { - prepare_validated_session_imports(&self.codex_home, sessions) - } - - fn record_imported_session(&self, source_path: &std::path::Path, imported_thread_id: ThreadId) { - if let Err(err) = record_imported_session(&self.codex_home, source_path, imported_thread_id) - { - tracing::warn!( - error = %err, - path = %source_path.display(), - "external agent session import ledger update failed" - ); - } - } - async fn import_external_agent_config( &self, params: ExternalAgentConfigImportParams, diff --git a/codex-rs/app-server/src/request_processors/external_agent_session_import.rs b/codex-rs/app-server/src/request_processors/external_agent_session_import.rs new file mode 100644 index 00000000000..4cec9bca16e --- /dev/null +++ b/codex-rs/app-server/src/request_processors/external_agent_session_import.rs @@ -0,0 +1,261 @@ +use std::path::PathBuf; +use std::sync::Arc; + +use chrono::Utc; +use codex_arg0::Arg0DispatchPaths; +use codex_core::ThreadManager; +use codex_core::config::ConfigOverrides; +use codex_external_agent_sessions::CompletedExternalAgentSessionImport; +use codex_external_agent_sessions::ExternalAgentSessionMigration; +use codex_external_agent_sessions::ImportedExternalAgentSession; +use codex_external_agent_sessions::PendingSessionImport; +use codex_external_agent_sessions::prepare_validated_session_import; +use codex_external_agent_sessions::record_completed_session_imports; +use codex_models_manager::manager::RefreshStrategy; +use codex_protocol::ThreadId; +use codex_protocol::models::BaseInstructions; +use codex_protocol::protocol::MultiAgentVersion; +use codex_protocol::protocol::ThreadMemoryMode; +use codex_rollout::is_persisted_rollout_item; +use codex_thread_store::AppendThreadItemsParams; +use codex_thread_store::CreateThreadParams; +use codex_thread_store::ThreadMetadataPatch; +use codex_thread_store::ThreadPersistenceMetadata; +use codex_thread_store::ThreadStore; +use codex_thread_store::UpdateThreadMetadataParams; +use futures::StreamExt; +use tokio::sync::Semaphore; + +use crate::config_manager::ConfigManager; + +const SESSION_IMPORT_CONCURRENCY: usize = 5; + +#[derive(Clone)] +pub(super) struct ExternalAgentSessionImporter { + codex_home: PathBuf, + permits: Arc, + thread_manager: Arc, + thread_store: Arc, + config_manager: ConfigManager, + arg0_paths: Arg0DispatchPaths, +} + +impl ExternalAgentSessionImporter { + pub(super) fn new( + codex_home: PathBuf, + thread_manager: Arc, + thread_store: Arc, + config_manager: ConfigManager, + arg0_paths: Arg0DispatchPaths, + ) -> Self { + Self { + codex_home, + permits: Arc::new(Semaphore::new(1)), + thread_manager, + thread_store, + config_manager, + arg0_paths, + } + } + + pub(super) async fn import_sessions(&self, sessions: Vec) { + if sessions.is_empty() { + return; + } + let Ok(_permit) = self.permits.acquire().await else { + return; + }; + let import_results = futures::stream::iter(sessions) + .map(|session| { + let importer = self.clone(); + async move { importer.import_requested_session(session).await } + }) + .buffer_unordered(SESSION_IMPORT_CONCURRENCY); + futures::pin_mut!(import_results); + + let mut completed_imports = Vec::new(); + while let Some(result) = import_results.next().await { + match result { + Ok(Some(completed_import)) => completed_imports.push(completed_import), + Ok(None) => {} + Err(failure) => { + tracing::warn!( + error = %failure.message, + path = %failure.source_path.display(), + "external agent session import failed" + ); + } + } + } + if let Err(err) = record_completed_session_imports(&self.codex_home, completed_imports) { + tracing::warn!( + error = %err, + "external agent session import ledger update failed" + ); + } + } + + async fn import_requested_session( + &self, + session: ExternalAgentSessionMigration, + ) -> Result, SessionImportFailure> { + let source_path = session.path.clone(); + let Some(pending_import) = + self.prepare_session_import(session) + .await + .map_err(|message| SessionImportFailure { + source_path: source_path.clone(), + message, + })? + else { + return Ok(None); + }; + let imported_thread_id = + self.persist_session(pending_import.session) + .await + .map_err(|message| SessionImportFailure { + source_path: pending_import.source_path.clone(), + message, + })?; + Ok(Some(CompletedExternalAgentSessionImport { + source_path: pending_import.source_path, + source_content_sha256: pending_import.source_content_sha256, + imported_thread_id, + })) + } + + async fn prepare_session_import( + &self, + session: ExternalAgentSessionMigration, + ) -> Result, String> { + let codex_home = self.codex_home.clone(); + tokio::task::spawn_blocking(move || prepare_validated_session_import(&codex_home, session)) + .await + .map_err(|err| format!("external agent session preparation task failed: {err}"))? + .map_err(|err| format!("failed to prepare external agent session: {err}")) + } + + async fn persist_session( + &self, + session: ImportedExternalAgentSession, + ) -> Result { + let ImportedExternalAgentSession { + cwd, + title, + first_user_message, + mut rollout_items, + } = session; + let config = self + .config_manager + .load_with_overrides( + /*request_overrides*/ None, + ConfigOverrides { + cwd: Some(cwd), + codex_linux_sandbox_exe: self.arg0_paths.codex_linux_sandbox_exe.clone(), + main_execve_wrapper_exe: self.arg0_paths.main_execve_wrapper_exe.clone(), + ..Default::default() + }, + ) + .await + .map_err(|err| format!("failed to load imported session config: {err}"))?; + let models_manager = self.thread_manager.get_models_manager(); + let model = models_manager + .get_default_model(&config.model, RefreshStrategy::Offline) + .await; + let model_info = models_manager + .get_model_info(model.as_str(), &config.to_models_manager_config()) + .await; + let thread_id = ThreadId::new(); + let source = self.thread_manager.session_source(); + let cwd = config.cwd.to_path_buf(); + let model_provider = config.model_provider_id.clone(); + let memory_mode = if config.memories.generate_memories { + ThreadMemoryMode::Enabled + } else { + ThreadMemoryMode::Disabled + }; + let now = Utc::now(); + let create_params = CreateThreadParams { + thread_id, + extra_config: None, + forked_from_id: None, + parent_thread_id: None, + source: source.clone(), + thread_source: None, + base_instructions: BaseInstructions { + text: config + .base_instructions + .clone() + .unwrap_or_else(|| model_info.get_model_instructions(config.personality)), + }, + dynamic_tools: Vec::new(), + multi_agent_version: Some(MultiAgentVersion::V1), + metadata: ThreadPersistenceMetadata { + cwd: Some(cwd.clone()), + model_provider: model_provider.clone(), + memory_mode, + }, + }; + rollout_items.retain(is_persisted_rollout_item); + let title = title + .as_deref() + .and_then(codex_core::util::normalize_thread_name); + let metadata = ThreadMetadataPatch { + title, + preview: first_user_message.clone(), + model_provider: Some(model_provider), + created_at: Some(now), + updated_at: Some(now), + source: Some(source.clone()), + thread_source: Some(None), + agent_nickname: Some(source.get_nickname()), + agent_role: Some(source.get_agent_role()), + agent_path: Some(source.get_agent_path().map(Into::into)), + cwd: Some(cwd), + cli_version: Some(env!("CARGO_PKG_VERSION").to_string()), + first_user_message, + memory_mode: Some(memory_mode), + ..Default::default() + }; + + self.thread_store + .create_thread(create_params) + .await + .map_err(|err| format!("failed to import session: {err}"))?; + if !rollout_items.is_empty() + && let Err(err) = self + .thread_store + .append_items(AppendThreadItemsParams { + thread_id, + items: rollout_items, + }) + .await + { + let _ = self.thread_store.discard_thread(thread_id).await; + return Err(format!("failed to import session: {err}")); + } + + self.thread_store + .update_thread_metadata(UpdateThreadMetadataParams { + thread_id, + patch: metadata, + include_archived: false, + }) + .await + .map_err(|err| format!("failed to update imported session: {err}"))?; + self.thread_store + .persist_thread(thread_id) + .await + .map_err(|err| format!("failed to persist imported session: {err}"))?; + self.thread_store + .shutdown_thread(thread_id) + .await + .map_err(|err| format!("failed to shutdown imported session: {err}"))?; + Ok(thread_id) + } +} + +struct SessionImportFailure { + source_path: PathBuf, + message: String, +} diff --git a/codex-rs/app-server/src/request_processors/fs_processor.rs b/codex-rs/app-server/src/request_processors/fs_processor.rs index 99a8620b4f2..c0d93bb158d 100644 --- a/codex-rs/app-server/src/request_processors/fs_processor.rs +++ b/codex-rs/app-server/src/request_processors/fs_processor.rs @@ -29,6 +29,7 @@ use codex_exec_server::CreateDirectoryOptions; use codex_exec_server::EnvironmentManager; use codex_exec_server::ExecutorFileSystem; use codex_exec_server::RemoveOptions; +use codex_utils_path_uri::PathUri; use std::io; use std::sync::Arc; @@ -64,9 +65,10 @@ impl FsRequestProcessor { &self, params: FsReadFileParams, ) -> Result { + let path = PathUri::from_abs_path(¶ms.path).map_err(map_fs_error)?; let bytes = self .file_system()? - .read_file(¶ms.path, /*sandbox*/ None) + .read_file(&path, /*sandbox*/ None) .await .map_err(map_fs_error)?; Ok(FsReadFileResponse { @@ -83,8 +85,9 @@ impl FsRequestProcessor { "fs/writeFile requires valid base64 dataBase64: {err}" )) })?; + let path = PathUri::from_abs_path(¶ms.path).map_err(map_fs_error)?; self.file_system()? - .write_file(¶ms.path, bytes, /*sandbox*/ None) + .write_file(&path, bytes, /*sandbox*/ None) .await .map_err(map_fs_error)?; Ok(FsWriteFileResponse {}) @@ -94,9 +97,10 @@ impl FsRequestProcessor { &self, params: FsCreateDirectoryParams, ) -> Result { + let path = PathUri::from_abs_path(¶ms.path).map_err(map_fs_error)?; self.file_system()? .create_directory( - ¶ms.path, + &path, CreateDirectoryOptions { recursive: params.recursive.unwrap_or(true), }, @@ -111,9 +115,10 @@ impl FsRequestProcessor { &self, params: FsGetMetadataParams, ) -> Result { + let path = PathUri::from_abs_path(¶ms.path).map_err(map_fs_error)?; let metadata = self .file_system()? - .get_metadata(¶ms.path, /*sandbox*/ None) + .get_metadata(&path, /*sandbox*/ None) .await .map_err(map_fs_error)?; Ok(FsGetMetadataResponse { @@ -129,9 +134,10 @@ impl FsRequestProcessor { &self, params: FsReadDirectoryParams, ) -> Result { + let path = PathUri::from_abs_path(¶ms.path).map_err(map_fs_error)?; let entries = self .file_system()? - .read_directory(¶ms.path, /*sandbox*/ None) + .read_directory(&path, /*sandbox*/ None) .await .map_err(map_fs_error)?; Ok(FsReadDirectoryResponse { @@ -150,9 +156,10 @@ impl FsRequestProcessor { &self, params: FsRemoveParams, ) -> Result { + let path = PathUri::from_abs_path(¶ms.path).map_err(map_fs_error)?; self.file_system()? .remove( - ¶ms.path, + &path, RemoveOptions { recursive: params.recursive.unwrap_or(true), force: params.force.unwrap_or(true), @@ -168,10 +175,13 @@ impl FsRequestProcessor { &self, params: FsCopyParams, ) -> Result { + let source_path = PathUri::from_abs_path(¶ms.source_path).map_err(map_fs_error)?; + let destination_path = + PathUri::from_abs_path(¶ms.destination_path).map_err(map_fs_error)?; self.file_system()? .copy( - ¶ms.source_path, - ¶ms.destination_path, + &source_path, + &destination_path, CopyOptions { recursive: params.recursive, }, diff --git a/codex-rs/app-server/src/request_processors/mcp_processor.rs b/codex-rs/app-server/src/request_processors/mcp_processor.rs index ae62e2e7855..facd4facc63 100644 --- a/codex-rs/app-server/src/request_processors/mcp_processor.rs +++ b/codex-rs/app-server/src/request_processors/mcp_processor.rs @@ -120,12 +120,16 @@ impl McpRequestProcessor { timeout_secs, } = params; - let configured_servers = self + let auth = self.auth_manager.auth().await; + let effective_servers = self .thread_manager .mcp_manager() - .configured_servers(&config) + .effective_servers(&config, auth.as_ref()) .await; - let Some(server) = configured_servers.get(&name) else { + let Some(server) = effective_servers + .get(&name) + .and_then(codex_mcp::EffectiveMcpServer::configured_config) + else { return Err(invalid_request(format!( "No MCP server named '{name}' found." ))); @@ -210,8 +214,10 @@ impl McpRequestProcessor { } None => self.load_latest_config(/*fallback_cwd*/ None).await?, }; - let mcp_config = config - .to_mcp_config(self.thread_manager.plugins_manager().as_ref()) + let mcp_config = self + .thread_manager + .mcp_manager() + .runtime_config(&config) .await; let auth = self.auth_manager.auth().await; let environment_manager = self.thread_manager.environment_manager(); @@ -361,8 +367,10 @@ impl McpRequestProcessor { } let config = self.load_latest_config(/*fallback_cwd*/ None).await?; - let mcp_config = config - .to_mcp_config(self.thread_manager.plugins_manager().as_ref()) + let mcp_config = self + .thread_manager + .mcp_manager() + .runtime_config(&config) .await; let auth = self.auth_manager.auth().await; let environment_manager = self.thread_manager.environment_manager(); diff --git a/codex-rs/app-server/src/request_processors/plugins.rs b/codex-rs/app-server/src/request_processors/plugins.rs index 23356948567..e4971b36fa2 100644 --- a/codex-rs/app-server/src/request_processors/plugins.rs +++ b/codex-rs/app-server/src/request_processors/plugins.rs @@ -7,8 +7,13 @@ use codex_app_server_protocol::PluginSharePrincipalRole; use codex_app_server_protocol::PluginShareTargetRole; use codex_config::types::McpServerConfig; use codex_core_plugins::OPENAI_CURATED_MARKETPLACE_NAME; +use codex_core_plugins::PluginListBackgroundTaskOptions; use codex_core_plugins::remote::REMOTE_GLOBAL_MARKETPLACE_NAME; -use codex_core_plugins::remote::RemotePluginScope; +use codex_core_plugins::remote::REMOTE_WORKSPACE_MARKETPLACE_NAME; +use codex_core_plugins::remote::REMOTE_WORKSPACE_SHARED_WITH_ME_MARKETPLACE_NAME; +use codex_core_plugins::remote::REMOTE_WORKSPACE_SHARED_WITH_ME_PRIVATE_MARKETPLACE_NAME; +use codex_core_plugins::remote::REMOTE_WORKSPACE_SHARED_WITH_ME_UNLISTED_MARKETPLACE_NAME; +use codex_core_plugins::remote::RemoteAppTemplateUnavailableReason; use codex_core_plugins::remote::is_valid_remote_plugin_id; use codex_core_plugins::remote::validate_remote_plugin_id; use codex_mcp::McpOAuthLoginSupport; @@ -147,15 +152,18 @@ fn convert_configured_marketplace_plugin_to_plugin_summary( } } -fn remote_installed_plugin_visible_scopes(config: &Config) -> Vec { - let mut scopes = Vec::new(); +fn remote_installed_plugin_visible_marketplaces(config: &Config) -> Vec<&'static str> { + let mut marketplaces = Vec::new(); if config.features.enabled(Feature::RemotePlugin) { - scopes.push(RemotePluginScope::Global); + marketplaces.push(REMOTE_GLOBAL_MARKETPLACE_NAME); } + marketplaces.push(REMOTE_WORKSPACE_MARKETPLACE_NAME); if config.features.enabled(Feature::PluginSharing) { - scopes.push(RemotePluginScope::Workspace); + marketplaces.push(REMOTE_WORKSPACE_SHARED_WITH_ME_MARKETPLACE_NAME); + marketplaces.push(REMOTE_WORKSPACE_SHARED_WITH_ME_PRIVATE_MARKETPLACE_NAME); + marketplaces.push(REMOTE_WORKSPACE_SHARED_WITH_ME_UNLISTED_MARKETPLACE_NAME); } - scopes + marketplaces } fn filter_openai_curated_installed_conflicts( @@ -542,21 +550,31 @@ impl PluginRequestProcessor { return Ok(empty_response()); } let plugins_input = config.plugins_config_input(); - if include_local || marketplace_kinds.contains(&PluginListMarketplaceKind::SharedWithMe) { - plugins_manager.maybe_start_plugin_list_background_tasks_for_config( - &plugins_input, - auth.clone(), - &roots, - Some(self.effective_plugins_changed_callback()), + let include_shared_with_me = + marketplace_kinds.contains(&PluginListMarketplaceKind::SharedWithMe); + let include_global_remote = + !explicit_marketplace_kinds && config.features.enabled(Feature::RemotePlugin); + let remote_plugin_service_config = RemotePluginServiceConfig { + chatgpt_base_url: config.chatgpt_base_url.clone(), + }; + let refresh_global_remote_catalog_cache = include_global_remote + && codex_core_plugins::remote::has_cached_global_remote_plugin_catalog( + config.codex_home.as_path(), + &remote_plugin_service_config, + auth.as_ref(), ); - } let (mut data, marketplace_load_errors) = if include_local { let config_for_marketplace_listing = plugins_input.clone(); let plugins_manager_for_marketplace_listing = plugins_manager.clone(); + let roots_for_marketplace_listing = roots.clone(); let shared_plugin_ids_by_local_path = load_shared_plugin_ids_by_local_path(&config)?; match tokio::task::spawn_blocking(move || { let outcome = plugins_manager_for_marketplace_listing - .list_marketplaces_for_config(&config_for_marketplace_listing, &roots)?; + .list_marketplaces_for_config( + &config_for_marketplace_listing, + &roots_for_marketplace_listing, + /*include_openai_curated*/ true, + )?; Ok::< ( Vec, @@ -616,9 +634,6 @@ impl PluginRequestProcessor { // TODO(remote plugins): Remove this once remote plugins are ready and vertical plugins are // served directly from the normal remote catalog. if include_vertical && !config.features.enabled(Feature::RemotePlugin) { - let remote_plugin_service_config = RemotePluginServiceConfig { - chatgpt_base_url: config.chatgpt_base_url.clone(), - }; match codex_core_plugins::remote::fetch_openai_curated_remote_collection_marketplace( &remote_plugin_service_config, auth.as_ref(), @@ -643,21 +658,16 @@ impl PluginRequestProcessor { } let mut remote_sources = Vec::new(); - if !explicit_marketplace_kinds && config.features.enabled(Feature::RemotePlugin) { + if include_global_remote { remote_sources.push(RemoteMarketplaceSource::Global); } if marketplace_kinds.contains(&PluginListMarketplaceKind::WorkspaceDirectory) { remote_sources.push(RemoteMarketplaceSource::WorkspaceDirectory); } - if marketplace_kinds.contains(&PluginListMarketplaceKind::SharedWithMe) - && config.features.enabled(Feature::PluginSharing) - { + if include_shared_with_me && config.features.enabled(Feature::PluginSharing) { remote_sources.push(RemoteMarketplaceSource::SharedWithMe); } if !remote_sources.is_empty() { - let remote_plugin_service_config = RemotePluginServiceConfig { - chatgpt_base_url: config.chatgpt_base_url.clone(), - }; match codex_core_plugins::remote::fetch_remote_marketplaces( &remote_plugin_service_config, auth.as_ref(), @@ -701,6 +711,17 @@ impl PluginRequestProcessor { } } } + if include_local || include_shared_with_me || include_global_remote { + plugins_manager.maybe_start_plugin_list_background_tasks_for_config( + &plugins_input, + auth.clone(), + &roots, + PluginListBackgroundTaskOptions { + refresh_global_remote_catalog_cache, + }, + Some(self.effective_plugins_changed_callback()), + ); + } let featured_plugin_ids = if data .iter() @@ -762,8 +783,8 @@ impl PluginRequestProcessor { } let plugins_input = config.plugins_config_input(); - let remote_installed_plugin_visible_scopes = - remote_installed_plugin_visible_scopes(&config); + let remote_installed_plugin_visible_marketplaces = + remote_installed_plugin_visible_marketplaces(&config); plugins_manager.maybe_start_remote_installed_plugin_bundle_sync( &plugins_input, auth.clone(), @@ -784,7 +805,7 @@ impl PluginRequestProcessor { self.load_remote_installed_plugins( plugins_manager, &plugins_input, - &remote_installed_plugin_visible_scopes, + &remote_installed_plugin_visible_marketplaces, auth.as_ref(), ) .await, @@ -817,8 +838,11 @@ impl PluginRequestProcessor { let config_for_marketplace_listing = plugins_input.clone(); let shared_plugin_ids_by_local_path = load_shared_plugin_ids_by_local_path(config)?; match tokio::task::spawn_blocking(move || { - let outcome = plugins_manager - .list_marketplaces_for_config(&config_for_marketplace_listing, &roots)?; + let outcome = plugins_manager.list_marketplaces_for_config( + &config_for_marketplace_listing, + &roots, + /*include_openai_curated*/ true, + )?; Ok::< ( Vec, @@ -884,11 +908,11 @@ impl PluginRequestProcessor { &self, plugins_manager: Arc, plugins_input: &codex_core_plugins::PluginsConfigInput, - visible_scopes: &[RemotePluginScope], + visible_marketplaces: &[&str], auth: Option<&CodexAuth>, ) -> Vec { - let remote_marketplaces = if let Some(remote_marketplaces) = - plugins_manager.build_remote_installed_plugin_marketplaces_from_cache(visible_scopes) + let remote_marketplaces = if let Some(remote_marketplaces) = plugins_manager + .build_remote_installed_plugin_marketplaces_from_cache(visible_marketplaces) { Ok(remote_marketplaces) } else { @@ -896,7 +920,7 @@ impl PluginRequestProcessor { .build_and_cache_remote_installed_plugin_marketplaces( plugins_input, auth, - visible_scopes, + visible_marketplaces, Some(self.effective_plugins_changed_callback()), ) .await @@ -1011,11 +1035,10 @@ impl PluginRequestProcessor { } None => None, }; - let environment_manager = self.thread_manager.environment_manager(); let app_summaries = load_plugin_app_summaries( &config, &outcome.plugin.apps, - Arc::clone(&environment_manager), + &outcome.plugin.app_category_by_id, ) .await; let visible_skills = outcome @@ -1062,6 +1085,7 @@ impl PluginRequestProcessor { }) .collect(), apps: app_summaries, + app_templates: Vec::new(), mcp_servers: outcome.plugin.mcp_server_names, } } @@ -1092,13 +1116,13 @@ impl PluginRequestProcessor { .cloned() .map(codex_plugin::AppConnectorId) .collect::>(); - let environment_manager = self.thread_manager.environment_manager(); - let app_summaries = load_plugin_app_summaries( - &config, - &plugin_apps, - Arc::clone(&environment_manager), - ) - .await; + let app_category_by_id = remote_detail + .app_manifest + .as_ref() + .map(plugin_app_category_by_id_from_value) + .unwrap_or_default(); + let app_summaries = + load_plugin_app_summaries(&config, &plugin_apps, &app_category_by_id).await; remote_plugin_detail_to_info(remote_detail, app_summaries) } }; @@ -1504,7 +1528,7 @@ impl PluginRequestProcessor { // Cache first so a backend install cannot succeed when local materialization fails. // If this backend call fails, the cache entry is harmless because remote installed state // is still backend-gated. - codex_core_plugins::remote::install_remote_plugin( + let install_result = codex_core_plugins::remote::install_remote_plugin( &remote_plugin_service_config, auth.as_ref(), &actual_remote_marketplace_name, @@ -1523,7 +1547,7 @@ impl PluginRequestProcessor { let mut plugin_metadata = plugin_telemetry_metadata_from_root(&result.plugin_id, &result.installed_path).await; - plugin_metadata.remote_plugin_id = Some(remote_plugin_id); + plugin_metadata.remote_plugin_id = Some(remote_plugin_id.clone()); self.analytics_events_client .track_plugin_installed(plugin_metadata); @@ -1533,15 +1557,53 @@ impl PluginRequestProcessor { .await; } - let plugin_apps = load_plugin_apps(result.installed_path.as_path()).await; - let apps_needing_auth = self - .plugin_apps_needing_auth_for_install( - &config, - auth.as_ref().is_some_and(CodexAuth::is_chatgpt_auth), - &result.plugin_id.as_key(), - &plugin_apps, - ) - .await; + let is_chatgpt_auth = auth.as_ref().is_some_and(CodexAuth::is_chatgpt_auth); + let apps_needing_auth = + if let Some(app_ids_needing_auth) = install_result.app_ids_needing_auth { + if app_ids_needing_auth.is_empty() + || !config.features.apps_enabled_for_auth(is_chatgpt_auth) + { + Vec::new() + } else { + let plugin_apps = app_ids_needing_auth + .into_iter() + .map(codex_plugin::AppConnectorId) + .collect::>(); + let app_category_by_id = remote_detail + .app_manifest + .as_ref() + .map(plugin_app_category_by_id_from_value) + .unwrap_or_default(); + let all_connectors = connectors::list_cached_all_connectors(&config) + .await + .unwrap_or_default(); + connectors::connectors_for_plugin_apps(all_connectors, &plugin_apps) + .into_iter() + .map(|connector| { + let category = app_category_by_id + .get(&connector.id) + .cloned() + .or_else(|| connector.category()); + AppSummary { + category, + id: connector.id, + name: connector.name, + description: connector.description, + install_url: connector.install_url, + } + }) + .collect() + } + } else { + let plugin_apps = load_plugin_apps(result.installed_path.as_path()).await; + self.plugin_apps_needing_auth_for_install( + &config, + is_chatgpt_auth, + &result.plugin_id.as_key(), + &plugin_apps, + ) + .await + }; Ok(PluginInstallResponse { auth_policy: remote_detail.summary.auth_policy, @@ -1563,10 +1625,11 @@ impl PluginRequestProcessor { let environment_manager = self.thread_manager.environment_manager(); let (all_connectors_result, accessible_connectors_result) = tokio::join!( connectors::list_all_connectors_with_options(config, /*force_refetch*/ false), - connectors::list_accessible_connectors_from_mcp_tools_with_environment_manager( + connectors::list_accessible_connectors_from_mcp_tools_with_mcp_manager( config, /*force_refetch*/ true, - Arc::clone(&environment_manager) + Arc::clone(&environment_manager), + self.thread_manager.mcp_manager(), ), ); @@ -1832,7 +1895,7 @@ impl PluginRequestProcessor { async fn load_plugin_app_summaries( config: &Config, plugin_apps: &[codex_plugin::AppConnectorId], - environment_manager: Arc, + app_category_by_id: &HashMap, ) -> Vec { if plugin_apps.is_empty() { return Vec::new(); @@ -1851,50 +1914,31 @@ async fn load_plugin_app_summaries( let plugin_connectors = connectors::connectors_for_plugin_apps(connectors, plugin_apps); - let accessible_connectors = - match connectors::list_accessible_connectors_from_mcp_tools_with_environment_manager( - config, - /*force_refetch*/ false, - environment_manager, - ) - .await - { - Ok(status) if status.codex_apps_ready => status.connectors, - Ok(_) => { - return plugin_connectors - .into_iter() - .map(AppSummary::from) - .collect(); - } - Err(err) => { - warn!("failed to load app auth state for plugin/read: {err:#}"); - return plugin_connectors - .into_iter() - .map(AppSummary::from) - .collect(); - } - }; - - let accessible_ids = accessible_connectors - .iter() - .map(|connector| connector.id.as_str()) - .collect::>(); - plugin_connectors .into_iter() .map(|connector| { - let needs_auth = !accessible_ids.contains(connector.id.as_str()); + let category = app_category_by_id + .get(&connector.id) + .cloned() + .or_else(|| connector.category()); AppSummary { id: connector.id, name: connector.name, description: connector.description, install_url: connector.install_url, - needs_auth, + category, } }) .collect() } +fn plugin_app_category_by_id_from_value(value: &serde_json::Value) -> HashMap { + codex_core_plugins::loader::plugin_app_metadata_from_value(value) + .into_iter() + .filter_map(|app| app.category.map(|category| (app.id.0, category))) + .collect() +} + fn plugin_apps_needing_auth( all_connectors: &[AppInfo], accessible_connectors: &[AppInfo], @@ -1921,12 +1965,15 @@ fn plugin_apps_needing_auth( && !accessible_ids.contains(connector.id.as_str()) }) .cloned() - .map(|connector| AppSummary { - id: connector.id, - name: connector.name, - description: connector.description, - install_url: connector.install_url, - needs_auth: true, + .map(|connector| { + let category = connector.category(); + AppSummary { + category, + id: connector.id, + name: connector.name, + description: connector.description, + install_url: connector.install_url, + } }) .collect() } @@ -2007,6 +2054,29 @@ fn remote_plugin_detail_to_info( detail: RemoteCatalogPluginDetail, apps: Vec, ) -> PluginDetail { + let app_templates = detail + .app_templates + .into_iter() + .map(|template| AppTemplateSummary { + template_id: template.template_id, + name: template.name, + description: template.description, + category: template.category, + canonical_connector_id: template.canonical_connector_id, + logo_url: template.logo_url, + logo_url_dark: template.logo_url_dark, + materialized_app_ids: template.materialized_app_ids, + reason: template.reason.map(|reason| match reason { + RemoteAppTemplateUnavailableReason::NotConfiguredForWorkspace => { + AppTemplateUnavailableReason::NotConfiguredForWorkspace + } + RemoteAppTemplateUnavailableReason::NoActiveWorkspace => { + AppTemplateUnavailableReason::NoActiveWorkspace + } + }), + }) + .collect(); + PluginDetail { marketplace_name: detail.marketplace_name, marketplace_path: None, @@ -2026,7 +2096,8 @@ fn remote_plugin_detail_to_info( .collect(), hooks: Vec::new(), apps, - mcp_servers: Vec::new(), + app_templates, + mcp_servers: detail.mcp_servers, } } diff --git a/codex-rs/app-server/src/request_processors/remote_control_processor.rs b/codex-rs/app-server/src/request_processors/remote_control_processor.rs index 804339c17a5..31b5fd6b749 100644 --- a/codex-rs/app-server/src/request_processors/remote_control_processor.rs +++ b/codex-rs/app-server/src/request_processors/remote_control_processor.rs @@ -11,6 +11,8 @@ use codex_app_server_protocol::RemoteControlDisableResponse; use codex_app_server_protocol::RemoteControlEnableResponse; use codex_app_server_protocol::RemoteControlPairingStartParams; use codex_app_server_protocol::RemoteControlPairingStartResponse; +use codex_app_server_protocol::RemoteControlPairingStatusParams; +use codex_app_server_protocol::RemoteControlPairingStatusResponse; use codex_app_server_protocol::RemoteControlStatusReadResponse; use std::io; @@ -52,9 +54,21 @@ impl RemoteControlRequestProcessor { pub(crate) async fn pairing_start( &self, params: RemoteControlPairingStartParams, + app_server_client_name: Option<&str>, ) -> Result { self.handle()? - .start_pairing(params) + .start_pairing(params, app_server_client_name) + .await + .map_err(map_pairing_start_error) + } + + pub(crate) async fn pairing_status( + &self, + params: RemoteControlPairingStatusParams, + ) -> Result { + validate_pairing_status_params(¶ms)?; + self.handle()? + .pairing_status(params) .await .map_err(map_pairing_start_error) } @@ -98,6 +112,20 @@ fn map_pairing_start_error(err: io::Error) -> JSONRPCErrorError { } } +fn validate_pairing_status_params( + params: &RemoteControlPairingStatusParams, +) -> Result<(), JSONRPCErrorError> { + match (¶ms.pairing_code, ¶ms.manual_pairing_code) { + (Some(_), None) | (None, Some(_)) => Ok(()), + (Some(_), Some(_)) => Err(invalid_request( + "remoteControl/pairing/status accepts either pairingCode or manualPairingCode, not both", + )), + (None, None) => Err(invalid_request( + "remoteControl/pairing/status requires pairingCode or manualPairingCode", + )), + } +} + fn map_client_management_error(err: io::Error) -> JSONRPCErrorError { match err.kind() { io::ErrorKind::InvalidInput diff --git a/codex-rs/app-server/src/request_processors/remote_control_processor/remote_control_processor_tests.rs b/codex-rs/app-server/src/request_processors/remote_control_processor/remote_control_processor_tests.rs index 4381e48959d..36c60b913e3 100644 --- a/codex-rs/app-server/src/request_processors/remote_control_processor/remote_control_processor_tests.rs +++ b/codex-rs/app-server/src/request_processors/remote_control_processor/remote_control_processor_tests.rs @@ -6,7 +6,10 @@ use pretty_assertions::assert_eq; #[tokio::test] async fn pairing_start_returns_internal_error_when_remote_control_is_unavailable() { let err = RemoteControlRequestProcessor::new(/*remote_control_handle*/ None) - .pairing_start(RemoteControlPairingStartParams::default()) + .pairing_start( + RemoteControlPairingStartParams::default(), + /*app_server_client_name*/ None, + ) .await .expect_err("missing remote control should fail pairing"); @@ -20,6 +23,59 @@ async fn pairing_start_returns_internal_error_when_remote_control_is_unavailable ); } +#[tokio::test] +async fn pairing_status_returns_internal_error_when_remote_control_is_unavailable() { + let err = RemoteControlRequestProcessor::new(/*remote_control_handle*/ None) + .pairing_status(RemoteControlPairingStatusParams { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }) + .await + .expect_err("missing remote control should fail pairing status"); + + assert_eq!( + err, + JSONRPCErrorError { + code: INTERNAL_ERROR_CODE, + data: None, + message: "remote control is unavailable for this app-server".to_string(), + } + ); +} + +#[test] +fn pairing_status_rejects_missing_pairing_codes() { + assert_eq!( + validate_pairing_status_params(&RemoteControlPairingStatusParams { + pairing_code: None, + manual_pairing_code: None, + }), + Err(JSONRPCErrorError { + code: INVALID_REQUEST_ERROR_CODE, + data: None, + message: "remoteControl/pairing/status requires pairingCode or manualPairingCode" + .to_string(), + }) + ); +} + +#[test] +fn pairing_status_rejects_conflicting_pairing_codes() { + assert_eq!( + validate_pairing_status_params(&RemoteControlPairingStatusParams { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: Some("ABCD-EFGH".to_string()), + }), + Err(JSONRPCErrorError { + code: INVALID_REQUEST_ERROR_CODE, + data: None, + message: + "remoteControl/pairing/status accepts either pairingCode or manualPairingCode, not both" + .to_string(), + }) + ); +} + #[test] fn pairing_start_maps_invalid_input_to_invalid_request() { assert_eq!( diff --git a/codex-rs/app-server/src/request_processors/thread_delete.rs b/codex-rs/app-server/src/request_processors/thread_delete.rs new file mode 100644 index 00000000000..fc7e58573c1 --- /dev/null +++ b/codex-rs/app-server/src/request_processors/thread_delete.rs @@ -0,0 +1,188 @@ +//! `thread/delete` request handling. + +use super::thread_processor::core_thread_write_error; +use super::thread_processor::unsupported_thread_store_operation; +use super::*; + +impl ThreadRequestProcessor { + pub(crate) async fn thread_delete( + &self, + request_id: ConnectionRequestId, + params: ThreadDeleteParams, + ) -> Result, JSONRPCErrorError> { + let mut deleted_thread_ids = Vec::new(); + let result = { + let _thread_list_state_permit = self.acquire_thread_list_state_permit().await?; + self.thread_delete_response(params, &mut deleted_thread_ids) + .await + }; + match result { + Ok(response) => { + self.outgoing + .send_response(request_id.clone(), response) + .await; + self.send_thread_deleted_notifications(deleted_thread_ids) + .await; + Ok(None) + } + Err(error) => Err(error), + } + } + + async fn thread_delete_response( + &self, + params: ThreadDeleteParams, + deleted_thread_ids: &mut Vec, + ) -> Result { + let thread_id = ThreadId::from_string(¶ms.thread_id) + .map_err(|err| invalid_request(format!("invalid thread id: {err}")))?; + + let mut thread_ids = self.state_db_spawn_subtree_thread_ids(thread_id).await?; + let mut seen = thread_ids.iter().copied().collect::>(); + + match self + .thread_manager + .list_agent_subtree_thread_ids(thread_id) + .await + { + Ok(live_thread_ids) => { + for live_thread_id in live_thread_ids { + if seen.insert(live_thread_id) { + thread_ids.push(live_thread_id); + } + } + } + Err(err) => return Err(core_thread_write_error("delete thread", err)), + } + + self.validate_root_thread_delete(thread_id, thread_ids.len() > 1) + .await?; + for thread_id_to_delete in thread_ids.iter().copied() { + self.prepare_thread_for_delete(thread_id_to_delete).await; + } + + let mut delete_order: Vec<_> = thread_ids.iter().skip(1).rev().copied().collect(); + delete_order.push(thread_id); + + for thread_id_to_delete in delete_order.iter().copied() { + match self + .thread_store + .delete_thread(StoreDeleteThreadParams { + thread_id: thread_id_to_delete, + }) + .await + { + Ok(()) => {} + Err(ThreadStoreError::ThreadNotFound { .. }) => { + warn!( + "thread {thread_id_to_delete} was already missing while deleting {thread_id}" + ); + } + Err(err) => { + return Err(thread_store_delete_error(err)); + } + } + } + + if let Some(state_db) = self.state_db.as_ref() { + state_db + .delete_threads_strict(thread_ids.as_slice()) + .await + .map_err(|err| { + internal_error(format!( + "failed to delete app-server state for {thread_id}: {err}" + )) + })?; + } + + deleted_thread_ids.extend( + delete_order + .into_iter() + .map(|thread_id| thread_id.to_string()), + ); + Ok(ThreadDeleteResponse {}) + } + + async fn send_thread_deleted_notifications(&self, deleted_thread_ids: Vec) { + for thread_id in deleted_thread_ids { + self.outgoing + .send_server_notification(ServerNotification::ThreadDeleted( + ThreadDeletedNotification { thread_id }, + )) + .await; + } + } + + async fn validate_root_thread_delete( + &self, + thread_id: ThreadId, + has_descendants: bool, + ) -> Result<(), JSONRPCErrorError> { + if let Ok(thread) = self.thread_manager.get_thread(thread_id).await { + if !thread.config_snapshot().await.ephemeral { + return Ok(()); + } + return Err(invalid_request(format!( + "thread is not persisted and cannot be deleted: {thread_id}" + ))); + } + match self + .thread_store + .read_thread(StoreReadThreadParams { + thread_id, + include_archived: true, + include_history: false, + }) + .await + { + Ok(_) => Ok(()), + Err(ThreadStoreError::ThreadNotFound { .. }) => { + if has_descendants { + return Ok(()); + } + let Some(state_db) = self.state_db.as_ref() else { + return Err(thread_store_delete_error( + ThreadStoreError::ThreadNotFound { thread_id }, + )); + }; + if state_db + .get_thread(thread_id) + .await + .map_err(|err| { + internal_error(format!( + "failed to read app-server state for {thread_id}: {err}" + )) + })? + .is_some() + { + Ok(()) + } else { + Err(thread_store_delete_error( + ThreadStoreError::ThreadNotFound { thread_id }, + )) + } + } + Err(err) => Err(thread_store_delete_error(err)), + } + } + + async fn prepare_thread_for_delete(&self, thread_id: ThreadId) { + self.prepare_thread_for_removal(thread_id, "delete").await; + if let Some(log_db) = self.log_db.as_ref() { + log_db.flush().await; + } + } +} + +fn thread_store_delete_error(err: ThreadStoreError) -> JSONRPCErrorError { + match err { + ThreadStoreError::ThreadNotFound { thread_id } => { + invalid_request(format!("thread not found: {thread_id}")) + } + ThreadStoreError::InvalidRequest { message } => invalid_request(message), + ThreadStoreError::Unsupported { operation } => { + unsupported_thread_store_operation(operation) + } + err => internal_error(format!("failed to delete thread: {err}")), + } +} diff --git a/codex-rs/app-server/src/request_processors/thread_goal_processor.rs b/codex-rs/app-server/src/request_processors/thread_goal_processor.rs index c18806ea038..2f40ce6602f 100644 --- a/codex-rs/app-server/src/request_processors/thread_goal_processor.rs +++ b/codex-rs/app-server/src/request_processors/thread_goal_processor.rs @@ -1,5 +1,9 @@ use super::*; -use codex_protocol::protocol::validate_thread_goal_objective; +use codex_goal_extension::GoalObjectiveUpdate; +use codex_goal_extension::GoalService; +use codex_goal_extension::GoalServiceError; +use codex_goal_extension::GoalSetRequest; +use codex_goal_extension::GoalTokenBudgetUpdate; #[derive(Clone)] pub(crate) struct ThreadGoalRequestProcessor { @@ -8,6 +12,7 @@ pub(crate) struct ThreadGoalRequestProcessor { config: Arc, thread_state_manager: ThreadStateManager, state_db: Option, + goal_service: Arc, } impl ThreadGoalRequestProcessor { @@ -17,6 +22,7 @@ impl ThreadGoalRequestProcessor { config: Arc, thread_state_manager: ThreadStateManager, state_db: Option, + goal_service: Arc, ) -> Self { Self { thread_manager, @@ -24,6 +30,7 @@ impl ThreadGoalRequestProcessor { config, thread_state_manager, state_db, + goal_service, } } @@ -66,10 +73,8 @@ impl ThreadGoalRequestProcessor { } self.emit_thread_goal_snapshot(thread_id).await; // App-server owns resume response and snapshot ordering, so wait until - // those are sent before letting core start goal continuation. - if let Err(err) = thread.continue_active_goal_if_idle().await { - tracing::warn!("failed to continue active goal after resume: {err}"); - } + // those are sent before letting extensions react to the idle thread. + thread.emit_thread_idle_lifecycle_if_idle().await; } pub(crate) async fn pending_resume_goal_state( @@ -100,140 +105,36 @@ impl ThreadGoalRequestProcessor { let thread_id = parse_thread_id_for_request(params.thread_id.as_str())?; let state_db = self.state_db_for_materialized_thread(thread_id).await?; - let running_thread = self.thread_manager.get_thread(thread_id).await.ok(); - let rollout_path = match running_thread.as_ref() { - Some(thread) => thread.rollout_path().ok_or_else(|| { - invalid_request(format!( - "ephemeral thread does not support goals: {thread_id}" - )) - })?, - None => codex_rollout::find_thread_path_by_id_str( - &self.config.codex_home, - &thread_id.to_string(), - self.state_db.as_deref(), - ) - .await - .map_err(|err| { - internal_error(format!("failed to locate thread id {thread_id}: {err}")) - })? - .ok_or_else(|| invalid_request(format!("thread not found: {thread_id}")))?, - }; - reconcile_rollout( - Some(&state_db), - rollout_path.as_path(), - self.config.model_provider_id.as_str(), - /*builder*/ None, - &[], - /*archived_only*/ None, - /*new_thread_memory_mode*/ None, - ) - .await; + self.reconcile_thread_goal_rollout(thread_id, &state_db) + .await?; let listener_command_tx = { let thread_state = self.thread_state_manager.thread_state(thread_id).await; let thread_state = thread_state.lock().await; thread_state.listener_command_tx() }; - let status = params.status.map(thread_goal_status_to_state); - let objective = params.objective.as_deref().map(str::trim); - - if let Some(objective) = objective { - validate_thread_goal_objective(objective).map_err(invalid_request)?; - } - if objective.is_some() || params.token_budget.is_some() { - validate_goal_budget(params.token_budget.flatten()).map_err(invalid_request)?; - } - - if let Some(thread) = running_thread.as_ref() { - thread.prepare_external_goal_mutation().await; - } + let status = params.status.map(ThreadGoalStatus::to_core); + let objective = params.objective.as_deref(); - let should_set_thread_preview = objective.is_some(); - let (goal, previous_status) = (if let Some(objective) = objective { - let existing_goal = state_db - .thread_goals() - .get_thread_goal(thread_id) - .await - .map_err(|err| invalid_request(err.to_string()))?; - if let Some(goal) = existing_goal.as_ref() { - let previous_status = ExternalGoalPreviousStatus::from(goal); - state_db - .thread_goals() - .update_thread_goal( - thread_id, - codex_state::GoalUpdate { - objective: Some(objective.to_string()), - status, - token_budget: params.token_budget, - expected_goal_id: Some(goal.goal_id.clone()), - }, - ) - .await - .and_then(|goal| { - goal.ok_or_else(|| { - anyhow::anyhow!( - "cannot update goal for thread {thread_id}: no goal exists" - ) - }) - }) - .map(|goal| (goal, previous_status)) - } else { - let previous_status = ExternalGoalPreviousStatus::NewGoal; - state_db - .thread_goals() - .replace_thread_goal( - thread_id, - objective, - status.unwrap_or(codex_state::ThreadGoalStatus::Active), - params.token_budget.flatten(), - ) - .await - .map(|goal| (goal, previous_status)) - } - } else { - let existing_goal = state_db - .thread_goals() - .get_thread_goal(thread_id) - .await - .map_err(|err| invalid_request(err.to_string()))?; - let Some(existing_goal) = existing_goal else { - return Err(invalid_request(format!( - "cannot update goal for thread {thread_id}: no goal exists" - ))); - }; - let previous_status = ExternalGoalPreviousStatus::from(&existing_goal); - state_db - .thread_goals() - .update_thread_goal( + let outcome = self + .goal_service + .set_thread_goal( + &state_db, + GoalSetRequest { thread_id, - codex_state::GoalUpdate { - objective: None, - status, - token_budget: params.token_budget, - expected_goal_id: None, + objective: objective + .map(GoalObjectiveUpdate::Set) + .unwrap_or(GoalObjectiveUpdate::Keep), + status, + token_budget: match params.token_budget { + Some(token_budget) => GoalTokenBudgetUpdate::Set(token_budget), + None => GoalTokenBudgetUpdate::Keep, }, - ) - .await - .and_then(|goal| { - goal.ok_or_else(|| { - anyhow::anyhow!("cannot update goal for thread {thread_id}: no goal exists") - }) - }) - .map(|goal| (goal, previous_status)) - }) - .map_err(|err| invalid_request(err.to_string()))?; - if should_set_thread_preview - && let Err(err) = state_db - .set_thread_preview_if_empty(thread_id, goal.objective.as_str()) - .await - { - warn!("failed to set empty thread preview from goal objective for {thread_id}: {err}"); - } - let external_goal_set = ExternalGoalSet { - goal: goal.clone(), - previous_status, - }; - let goal = api_thread_goal_from_state(goal); + }, + ) + .await + .map_err(goal_service_error)?; + let goal = ThreadGoal::from(outcome.goal.clone()); self.outgoing .send_response( request_id.clone(), @@ -242,9 +143,7 @@ impl ThreadGoalRequestProcessor { .await; self.emit_thread_goal_updated_ordered(thread_id, goal, listener_command_tx) .await; - if let Some(thread) = running_thread.as_ref() { - thread.apply_external_goal_set(external_goal_set).await; - } + outcome.apply_runtime_effects(&self.goal_service).await; Ok(()) } @@ -258,12 +157,12 @@ impl ThreadGoalRequestProcessor { let thread_id = parse_thread_id_for_request(params.thread_id.as_str())?; let state_db = self.state_db_for_materialized_thread(thread_id).await?; - let goal = state_db - .thread_goals() - .get_thread_goal(thread_id) + let goal = self + .goal_service + .get_thread_goal(&state_db, thread_id) .await - .map_err(|err| internal_error(format!("failed to read thread goal: {err}")))? - .map(api_thread_goal_from_state); + .map_err(goal_service_error)? + .map(ThreadGoal::from); Ok(ThreadGoalGetResponse { goal }) } @@ -278,53 +177,19 @@ impl ThreadGoalRequestProcessor { let thread_id = parse_thread_id_for_request(params.thread_id.as_str())?; let state_db = self.state_db_for_materialized_thread(thread_id).await?; - let running_thread = self.thread_manager.get_thread(thread_id).await.ok(); - let rollout_path = match running_thread.as_ref() { - Some(thread) => thread.rollout_path().ok_or_else(|| { - invalid_request(format!( - "ephemeral thread does not support goals: {thread_id}" - )) - })?, - None => codex_rollout::find_thread_path_by_id_str( - &self.config.codex_home, - &thread_id.to_string(), - self.state_db.as_deref(), - ) - .await - .map_err(|err| { - internal_error(format!("failed to locate thread id {thread_id}: {err}")) - })? - .ok_or_else(|| invalid_request(format!("thread not found: {thread_id}")))?, - }; - reconcile_rollout( - Some(&state_db), - rollout_path.as_path(), - self.config.model_provider_id.as_str(), - /*builder*/ None, - &[], - /*archived_only*/ None, - /*new_thread_memory_mode*/ None, - ) - .await; - - if let Some(thread) = running_thread.as_ref() { - thread.prepare_external_goal_mutation().await; - } + self.reconcile_thread_goal_rollout(thread_id, &state_db) + .await?; let listener_command_tx = { let thread_state = self.thread_state_manager.thread_state(thread_id).await; let thread_state = thread_state.lock().await; thread_state.listener_command_tx() }; - let cleared = state_db - .thread_goals() - .delete_thread_goal(thread_id) + let cleared = self + .goal_service + .clear_thread_goal(&state_db, thread_id) .await - .map_err(|err| internal_error(format!("failed to clear thread goal: {err}")))?; - - if cleared && let Some(thread) = running_thread.as_ref() { - thread.apply_external_goal_clear().await; - } + .map_err(goal_service_error)?; self.outgoing .send_response(request_id, ThreadGoalClearResponse { cleared }) @@ -367,6 +232,42 @@ impl ThreadGoalRequestProcessor { .ok_or_else(|| internal_error("sqlite state db unavailable for thread goals")) } + async fn reconcile_thread_goal_rollout( + &self, + thread_id: ThreadId, + state_db: &StateDbHandle, + ) -> Result<(), JSONRPCErrorError> { + let running_thread = self.thread_manager.get_thread(thread_id).await.ok(); + let rollout_path = match running_thread.as_ref() { + Some(thread) => thread.rollout_path().ok_or_else(|| { + invalid_request(format!( + "ephemeral thread does not support goals: {thread_id}" + )) + })?, + None => codex_rollout::find_thread_path_by_id_str( + &self.config.codex_home, + &thread_id.to_string(), + self.state_db.as_deref(), + ) + .await + .map_err(|err| { + internal_error(format!("failed to locate thread id {thread_id}: {err}")) + })? + .ok_or_else(|| invalid_request(format!("thread not found: {thread_id}")))?, + }; + reconcile_rollout( + Some(state_db), + rollout_path.as_path(), + self.config.model_provider_id.as_str(), + /*builder*/ None, + &[], + /*archived_only*/ None, + /*new_thread_memory_mode*/ None, + ) + .await; + Ok(()) + } + async fn emit_thread_goal_snapshot(&self, thread_id: ThreadId) { let state_db = match self.state_db_for_materialized_thread(thread_id).await { Ok(state_db) => state_db, @@ -405,6 +306,7 @@ impl ThreadGoalRequestProcessor { ) { if let Some(listener_command_tx) = listener_command_tx { let command = crate::thread_state::ThreadListenerCommand::EmitThreadGoalUpdated { + turn_id: None, goal: goal.clone(), }; if listener_command_tx.send(command).is_ok() { @@ -449,27 +351,20 @@ impl ThreadGoalRequestProcessor { } } -fn validate_goal_budget(value: Option) -> Result<(), String> { - if let Some(value) = value - && value <= 0 - { - return Err("goal budgets must be positive when provided".to_string()); - } - Ok(()) -} - -fn thread_goal_status_to_state(status: ThreadGoalStatus) -> codex_state::ThreadGoalStatus { - match status { - ThreadGoalStatus::Active => codex_state::ThreadGoalStatus::Active, - ThreadGoalStatus::Paused => codex_state::ThreadGoalStatus::Paused, - ThreadGoalStatus::Blocked => codex_state::ThreadGoalStatus::Blocked, - ThreadGoalStatus::UsageLimited => codex_state::ThreadGoalStatus::UsageLimited, - ThreadGoalStatus::BudgetLimited => codex_state::ThreadGoalStatus::BudgetLimited, - ThreadGoalStatus::Complete => codex_state::ThreadGoalStatus::Complete, +pub(super) fn api_thread_goal_from_state(goal: codex_state::ThreadGoal) -> ThreadGoal { + ThreadGoal { + thread_id: goal.thread_id.to_string(), + objective: goal.objective, + status: api_thread_goal_status_from_state(goal.status), + token_budget: goal.token_budget, + tokens_used: goal.tokens_used, + time_used_seconds: goal.time_used_seconds, + created_at: goal.created_at.timestamp(), + updated_at: goal.updated_at.timestamp(), } } -fn thread_goal_status_from_state(status: codex_state::ThreadGoalStatus) -> ThreadGoalStatus { +fn api_thread_goal_status_from_state(status: codex_state::ThreadGoalStatus) -> ThreadGoalStatus { match status { codex_state::ThreadGoalStatus::Active => ThreadGoalStatus::Active, codex_state::ThreadGoalStatus::Paused => ThreadGoalStatus::Paused, @@ -480,16 +375,10 @@ fn thread_goal_status_from_state(status: codex_state::ThreadGoalStatus) -> Threa } } -pub(super) fn api_thread_goal_from_state(goal: codex_state::ThreadGoal) -> ThreadGoal { - ThreadGoal { - thread_id: goal.thread_id.to_string(), - objective: goal.objective, - status: thread_goal_status_from_state(goal.status), - token_budget: goal.token_budget, - tokens_used: goal.tokens_used, - time_used_seconds: goal.time_used_seconds, - created_at: goal.created_at.timestamp(), - updated_at: goal.updated_at.timestamp(), +fn goal_service_error(err: GoalServiceError) -> JSONRPCErrorError { + match err { + GoalServiceError::InvalidRequest(message) => invalid_request(message), + GoalServiceError::Internal(message) => internal_error(message), } } diff --git a/codex-rs/app-server/src/request_processors/thread_lifecycle.rs b/codex-rs/app-server/src/request_processors/thread_lifecycle.rs index f72cfb5a626..fd9e93e1894 100644 --- a/codex-rs/app-server/src/request_processors/thread_lifecycle.rs +++ b/codex-rs/app-server/src/request_processors/thread_lifecycle.rs @@ -244,12 +244,22 @@ pub(super) async fn ensure_listener_task_running( if thread_state.listener_matches(&conversation) { return Ok(()); } - thread_state.set_listener( + let (listener_command_rx, listener_generation) = thread_state.set_listener( cancel_tx, &conversation, watch_registration, thread_settings_baseline, - ) + ); + let Some(listener_command_tx) = thread_state.listener_command_tx() else { + tracing::warn!( + "thread listener command sender missing immediately after listener registration" + ); + return Ok(()); + }; + listener_task_context + .thread_state_manager + .register_listener_command_tx(conversation_id, listener_command_tx); + (listener_command_rx, listener_generation) }; let ListenerTaskContext { outgoing, @@ -378,6 +388,7 @@ pub(super) async fn ensure_listener_task_running( let mut thread_state = thread_state.lock().await; if thread_state.listener_generation == listener_generation { + thread_state_manager.unregister_listener_command_tx(conversation_id); thread_state.clear_listener(); } }); @@ -471,12 +482,12 @@ pub(super) async fn handle_thread_listener_command( ) .await; } - ThreadListenerCommand::EmitThreadGoalUpdated { goal } => { + ThreadListenerCommand::EmitThreadGoalUpdated { turn_id, goal } => { outgoing .send_server_notification(ServerNotification::ThreadGoalUpdated( ThreadGoalUpdatedNotification { thread_id: conversation_id.to_string(), - turn_id: None, + turn_id, goal, }, )) @@ -616,12 +627,8 @@ pub(super) async fn handle_pending_thread_resume_request( } } - if pending.emit_thread_goal_update - && let Err(err) = conversation.apply_goal_resume_runtime_effects().await - { - tracing::warn!("failed to apply goal resume runtime effects: {err}"); - } - + let config_snapshot = pending.config_snapshot; + let cwd = config_snapshot.cwd().clone(); let ThreadConfigSnapshot { model, model_provider_id, @@ -630,11 +637,10 @@ pub(super) async fn handle_pending_thread_resume_request( approvals_reviewer, permission_profile, active_permission_profile, - cwd, workspace_roots, reasoning_effort, .. - } = pending.config_snapshot; + } = config_snapshot; let instruction_sources = pending.instruction_sources; let sandbox = thread_response_sandbox_policy(&permission_profile, cwd.as_path()); let active_permission_profile = @@ -691,11 +697,9 @@ pub(super) async fn handle_pending_thread_resume_request( .replay_requests_to_connection_for_thread(connection_id, conversation_id) .await; // App-server owns resume response and snapshot ordering, so wait until - // replay completes before letting core start goal continuation. - if pending.emit_thread_goal_update - && let Err(err) = conversation.continue_active_goal_if_idle().await - { - tracing::warn!("failed to continue active goal after running-thread resume: {err}"); + // replay completes before letting extensions react to the idle thread. + if pending.emit_thread_goal_update { + conversation.emit_thread_idle_lifecycle_if_idle().await; } } diff --git a/codex-rs/app-server/src/request_processors/thread_processor.rs b/codex-rs/app-server/src/request_processors/thread_processor.rs index 265832f9b77..58719d55ba3 100644 --- a/codex-rs/app-server/src/request_processors/thread_processor.rs +++ b/codex-rs/app-server/src/request_processors/thread_processor.rs @@ -1,5 +1,7 @@ use super::*; use crate::error_code::method_not_found; +use codex_app_server_protocol::SelectedCapabilityRoot; +use codex_extension_api::ExtensionDataInit; use codex_protocol::models::BUILT_IN_PERMISSION_PROFILE_DANGER_FULL_ACCESS; use codex_protocol::models::BUILT_IN_PERMISSION_PROFILE_WORKSPACE; @@ -47,26 +49,16 @@ fn collect_resume_override_mismatches( } if let Some(requested_cwd) = request.cwd.as_deref() { let requested_cwd_path = std::path::PathBuf::from(requested_cwd); - if requested_cwd_path != config_snapshot.cwd.as_path() { + if requested_cwd_path != config_snapshot.cwd().as_path() { mismatch_details.push(format!( "cwd requested={} active={}", requested_cwd_path.display(), - config_snapshot.cwd.display() + config_snapshot.cwd().display() )); } } if let Some(requested_runtime_workspace_roots) = request.runtime_workspace_roots.as_ref() { - let base_cwd = request - .cwd - .as_deref() - .map(|cwd| { - AbsolutePathBuf::resolve_path_against_base(cwd, config_snapshot.cwd.as_path()) - }) - .unwrap_or_else(|| config_snapshot.cwd.clone()); - let requested_runtime_workspace_roots = requested_runtime_workspace_roots - .iter() - .map(|path| AbsolutePathBuf::resolve_path_against_base(path, base_cwd.as_path())) - .collect::>(); + let requested_runtime_workspace_roots = requested_runtime_workspace_roots.to_vec(); if requested_runtime_workspace_roots != config_snapshot.workspace_roots { mismatch_details.push(format!( "runtime_workspace_roots requested={requested_runtime_workspace_roots:?} active={:?}", @@ -158,7 +150,7 @@ fn merge_persisted_resume_metadata( typesafe_overrides.model = persisted_metadata.model.clone(); typesafe_overrides.model_provider = Some(persisted_metadata.model_provider.clone()); - if let Some(reasoning_effort) = persisted_metadata.reasoning_effort { + if let Some(reasoning_effort) = persisted_metadata.reasoning_effort.as_ref() { request_overrides.get_or_insert_with(HashMap::new).insert( "model_reasoning_effort".to_string(), serde_json::Value::String(reasoning_effort.to_string()), @@ -333,10 +325,22 @@ pub(crate) struct ThreadRequestProcessor { pub(super) thread_list_state_permit: Arc, pub(super) thread_goal_processor: ThreadGoalRequestProcessor, pub(super) state_db: Option, + pub(super) log_db: Option, pub(super) background_tasks: TaskTracker, pub(super) skills_watcher: Arc, } +/// Outcome of trying to satisfy a resume request from an already loaded thread. +enum RunningThreadResumeResult { + /// The request was delegated to the loaded thread. + Handled, + /// No loaded thread handled the request. + /// + /// The optional stored thread contains the history-bearing probe that cold + /// resume can reuse instead of reading the rollout again. + NotRunning(Option>), +} + impl ThreadRequestProcessor { #[allow(clippy::too_many_arguments)] pub(crate) fn new( @@ -353,6 +357,7 @@ impl ThreadRequestProcessor { thread_list_state_permit: Arc, thread_goal_processor: ThreadGoalRequestProcessor, state_db: Option, + log_db: Option, skills_watcher: Arc, ) -> Self { Self { @@ -369,6 +374,7 @@ impl ThreadRequestProcessor { thread_list_state_permit, thread_goal_processor, state_db, + log_db, background_tasks: TaskTracker::new(), skills_watcher, } @@ -566,6 +572,24 @@ impl ThreadRequestProcessor { .map(|response| Some(response.into())) } + pub(crate) async fn thread_background_terminals_list( + &self, + params: ThreadBackgroundTerminalsListParams, + ) -> Result, JSONRPCErrorError> { + self.thread_background_terminals_list_inner(params) + .await + .map(|response| Some(response.into())) + } + + pub(crate) async fn thread_background_terminals_terminate( + &self, + params: ThreadBackgroundTerminalsTerminateParams, + ) -> Result, JSONRPCErrorError> { + self.thread_background_terminals_terminate_inner(params) + .await + .map(|response| Some(response.into())) + } + pub(crate) async fn thread_rollback( &self, request_id: &ConnectionRequestId, @@ -659,12 +683,6 @@ impl ThreadRequestProcessor { .map(|response| Some(response.into())) } - async fn instruction_sources_from_config(config: &Config) -> Vec { - codex_core::AgentsMdManager::new(config) - .instruction_sources(LOCAL_FS.as_ref()) - .await - } - async fn load_thread( &self, thread_id: &str, @@ -681,7 +699,7 @@ impl ThreadRequestProcessor { Ok((thread_id, thread)) } - async fn acquire_thread_list_state_permit( + pub(super) async fn acquire_thread_list_state_permit( &self, ) -> Result, JSONRPCErrorError> { self.thread_list_state_permit @@ -753,6 +771,10 @@ impl ThreadRequestProcessor { } async fn prepare_thread_for_archive(&self, thread_id: ThreadId) { + self.prepare_thread_for_removal(thread_id, "archive").await; + } + + pub(super) async fn prepare_thread_for_removal(&self, thread_id: ThreadId, operation: &str) { let removed_conversation = self.thread_manager.remove_thread(&thread_id).await; if let Some(conversation) = removed_conversation { info!("thread {thread_id} was active; shutting down"); @@ -760,11 +782,11 @@ impl ThreadRequestProcessor { ThreadShutdownResult::Complete => {} ThreadShutdownResult::SubmitFailed => { error!( - "failed to submit Shutdown to thread {thread_id}; proceeding with archive" + "failed to submit Shutdown to thread {thread_id}; proceeding with {operation}" ); } ThreadShutdownResult::TimedOut => { - warn!("thread {thread_id} shutdown timed out; proceeding with archive"); + warn!("thread {thread_id} shutdown timed out; proceeding with {operation}"); } } } @@ -838,6 +860,7 @@ impl ThreadRequestProcessor { base_instructions, developer_instructions, dynamic_tools, + selected_capability_roots, mock_experimental_field: _mock_experimental_field, experimental_raw_events, personality, @@ -852,6 +875,7 @@ impl ThreadRequestProcessor { )); } let environment_selections = self.parse_environment_selections(environments)?; + let runtime_workspace_roots = runtime_workspace_roots.map(resolve_runtime_workspace_roots); let mut typesafe_overrides = self.build_thread_config_overrides( model, model_provider, @@ -892,6 +916,7 @@ impl ThreadRequestProcessor { config, typesafe_overrides, dynamic_tools, + selected_capability_roots.unwrap_or_default(), session_start_source, thread_source.map(Into::into), environment_selections, @@ -964,6 +989,7 @@ impl ThreadRequestProcessor { config_overrides: Option>, typesafe_overrides: ConfigOverrides, dynamic_tools: Option>, + selected_capability_roots: Vec, session_start_source: Option, thread_source: Option, environments: Option>, @@ -1043,7 +1069,6 @@ impl ThreadRequestProcessor { .map_err(|err| config_load_error(&err))?; } - let instruction_sources = Self::instruction_sources_from_config(&config).await; let environments = environments.unwrap_or_else(|| { listener_task_context .thread_manager @@ -1066,6 +1091,10 @@ impl ThreadRequestProcessor { .collect() }; let core_dynamic_tool_count = core_dynamic_tools.len(); + let mut thread_extension_init = ExtensionDataInit::new(); + if !selected_capability_roots.is_empty() { + thread_extension_init.insert(selected_capability_roots); + } let create_thread_started_at = std::time::Instant::now(); let NewThread { thread_id, @@ -1088,6 +1117,7 @@ impl ThreadRequestProcessor { metrics_service_name: service_name, parent_trace: request_trace, environments, + thread_extension_init, }) .instrument(tracing::info_span!( "app_server.thread_start.create_thread", @@ -1113,6 +1143,7 @@ impl ThreadRequestProcessor { ) .await?; + let instruction_sources = thread.instruction_sources().await; let config_snapshot = thread .config_snapshot() .instrument(tracing::info_span!( @@ -1169,8 +1200,9 @@ impl ThreadRequestProcessor { let sandbox = thread_response_sandbox_policy( &config_snapshot.permission_profile, - config_snapshot.cwd.as_path(), + config_snapshot.cwd().as_path(), ); + let cwd = config_snapshot.cwd().clone(); let active_permission_profile = thread_response_active_permission_profile(config_snapshot.active_permission_profile); @@ -1179,7 +1211,7 @@ impl ThreadRequestProcessor { model: config_snapshot.model, model_provider: config_snapshot.model_provider_id, service_tier: config_snapshot.service_tier, - cwd: config_snapshot.cwd, + cwd, runtime_workspace_roots: config_snapshot.workspace_roots, instruction_sources, approval_policy: config_snapshot.approval_policy.into(), @@ -1221,7 +1253,7 @@ impl ThreadRequestProcessor { model_provider: Option, service_tier: Option>, cwd: Option, - runtime_workspace_roots: Option>, + runtime_workspace_roots: Option>, approval_policy: Option, approvals_reviewer: Option, sandbox: Option, @@ -1287,23 +1319,7 @@ impl ThreadRequestProcessor { let thread_id = ThreadId::from_string(¶ms.thread_id) .map_err(|err| invalid_request(format!("invalid session id: {err}")))?; - let mut thread_ids = vec![thread_id]; - if let Some(state_db_ctx) = self.state_db.as_ref() { - let descendants = state_db_ctx - .list_thread_spawn_descendants(thread_id) - .await - .map_err(|err| { - internal_error(format!( - "failed to list spawned descendants for session {thread_id}: {err}" - )) - })?; - let mut seen = HashSet::from([thread_id]); - for descendant_id in descendants { - if seen.insert(descendant_id) { - thread_ids.push(descendant_id); - } - } - } + let thread_ids = self.state_db_spawn_subtree_thread_ids(thread_id).await?; let mut archive_thread_ids = Vec::new(); match self @@ -1388,6 +1404,31 @@ impl ThreadRequestProcessor { Ok((ThreadArchiveResponse {}, archived_thread_ids)) } + pub(super) async fn state_db_spawn_subtree_thread_ids( + &self, + thread_id: ThreadId, + ) -> Result, JSONRPCErrorError> { + let mut thread_ids = vec![thread_id]; + let Some(state_db_ctx) = self.state_db.as_ref() else { + return Ok(thread_ids); + }; + let mut seen = HashSet::from([thread_id]); + let descendants = state_db_ctx + .list_thread_spawn_descendants(thread_id) + .await + .map_err(|err| { + internal_error(format!( + "failed to list spawned descendants for thread id {thread_id}: {err}" + )) + })?; + for descendant_id in descendants { + if seen.insert(descendant_id) { + thread_ids.push(descendant_id); + } + } + Ok(thread_ids) + } + async fn thread_increment_elicitation_inner( &self, params: ThreadIncrementElicitationParams, @@ -1718,6 +1759,54 @@ impl ThreadRequestProcessor { Ok(ThreadBackgroundTerminalsCleanResponse {}) } + async fn thread_background_terminals_list_inner( + &self, + params: ThreadBackgroundTerminalsListParams, + ) -> Result { + let ThreadBackgroundTerminalsListParams { + thread_id, + cursor, + limit, + } = params; + + let (_, thread) = self.load_thread(&thread_id).await?; + let terminals = thread + .list_background_terminals() + .await + .into_iter() + .map(|terminal| ThreadBackgroundTerminal { + item_id: terminal.item_id, + process_id: terminal.process_id, + command: terminal.command, + cwd: terminal.cwd, + os_pid: None, + cpu_percent: None, + rss_kb: None, + }) + .collect::>(); + + let (data, next_cursor) = paginate_background_terminals(&terminals, cursor, limit)?; + + Ok(ThreadBackgroundTerminalsListResponse { data, next_cursor }) + } + + async fn thread_background_terminals_terminate_inner( + &self, + params: ThreadBackgroundTerminalsTerminateParams, + ) -> Result { + let ThreadBackgroundTerminalsTerminateParams { + thread_id, + process_id, + } = params; + let process_id = process_id.parse::().map_err(|err| { + invalid_request(format!("invalid background terminal process id: {err}")) + })?; + + let (_, thread) = self.load_thread(&thread_id).await?; + let terminated = thread.terminate_background_terminal(process_id).await; + Ok(ThreadBackgroundTerminalsTerminateResponse { terminated }) + } + async fn thread_shell_command_inner( &self, request_id: &ConnectionRequestId, @@ -2433,7 +2522,7 @@ impl ThreadRequestProcessor { return Ok(()); } }; - match self + let stored_thread_from_running_probe = match self .resume_running_thread( &request_id, ¶ms, @@ -2442,13 +2531,13 @@ impl ThreadRequestProcessor { ) .await { - Ok(true) => return Ok(()), - Ok(false) => {} + Ok(RunningThreadResumeResult::Handled) => return Ok(()), + Ok(RunningThreadResumeResult::NotRunning(stored_thread)) => stored_thread, Err(error) => { self.outgoing.send_error(request_id, error).await; return Ok(()); } - } + }; let ThreadResumeParams { thread_id, @@ -2472,15 +2561,20 @@ impl ThreadRequestProcessor { } = params; let include_turns = !exclude_turns; - let (thread_history, resume_source_thread) = match if let Some(history) = history { + let resume_result = if let Some(history) = history { self.resume_thread_from_history(history.as_slice()) .await .map(|thread_history| (thread_history, None)) + } else if let Some(stored_thread) = stored_thread_from_running_probe { + self.stored_thread_to_initial_history(&stored_thread) + .await + .map(|thread_history| (thread_history, Some(*stored_thread))) } else { self.resume_thread_from_rollout(&thread_id, path.as_ref()) .await .map(|(thread_history, stored_thread)| (thread_history, Some(stored_thread))) - } { + }; + let (thread_history, resume_source_thread) = match resume_result { Ok(value) => value, Err(error) => { self.outgoing.send_error(request_id, error).await; @@ -2489,6 +2583,7 @@ impl ThreadRequestProcessor { }; let history_cwd = thread_history.session_cwd(); + let runtime_workspace_roots = runtime_workspace_roots.map(resolve_runtime_workspace_roots); let mut typesafe_overrides = self.build_thread_config_overrides( model, model_provider, @@ -2524,13 +2619,12 @@ impl ThreadRequestProcessor { } }; - let instruction_sources = Self::instruction_sources_from_config(&config).await; let response_history = thread_history.clone(); match self .thread_manager .resume_thread_with_history( - config.clone(), + config, thread_history, self.auth_manager.clone(), self.request_trace_context(&request_id).await, @@ -2553,6 +2647,7 @@ impl ThreadRequestProcessor { self.outgoing.send_error(request_id, err).await; return Ok(()); } + let instruction_sources = codex_thread.instruction_sources().await; let SessionConfiguredEvent { rollout_path, .. } = session_configured; let Some(rollout_path) = rollout_path else { let error = @@ -2615,7 +2710,7 @@ impl ThreadRequestProcessor { let config_snapshot = codex_thread.config_snapshot().await; let sandbox = thread_response_sandbox_policy( &config_snapshot.permission_profile, - config_snapshot.cwd.as_path(), + config_snapshot.cwd().as_path(), ); let active_permission_profile = thread_response_active_permission_profile( config_snapshot.active_permission_profile, @@ -2720,7 +2815,7 @@ impl ThreadRequestProcessor { params: &ThreadResumeParams, app_server_client_name: Option, app_server_client_version: Option, - ) -> Result { + ) -> Result { let running_thread = if params.history.is_some() { if let Ok(existing_thread_id) = ThreadId::from_string(¶ms.thread_id) && self @@ -2756,7 +2851,11 @@ impl ThreadRequestProcessor { let existing_thread_id = source_thread.thread_id; match self.thread_manager.get_thread(existing_thread_id).await { Ok(existing_thread) => Some((existing_thread_id, existing_thread, source_thread)), - Err(_) => None, + Err(_) => { + return Ok(RunningThreadResumeResult::NotRunning(Some(Box::new( + source_thread, + )))); + } } }; @@ -2797,7 +2896,9 @@ impl ThreadRequestProcessor { ThreadShutdownResult::Complete => { self.thread_manager.remove_thread(&existing_thread_id).await; self.finalize_thread_teardown(existing_thread_id).await; - return Ok(false); + // Shutdown can flush newer rollout items, so reload the + // stored thread before starting the replacement session. + return Ok(RunningThreadResumeResult::NotRunning(None)); } ThreadShutdownResult::SubmitFailed => { warn!("failed to submit Shutdown to thread {existing_thread_id}"); @@ -2853,10 +2954,7 @@ impl ThreadRequestProcessor { /*include_turns*/ false, ); thread_summary.session_id = existing_thread.session_configured().session_id.to_string(); - let mut config_for_instruction_sources = self.config.as_ref().clone(); - config_for_instruction_sources.cwd = config_snapshot.cwd.clone(); - let instruction_sources = - Self::instruction_sources_from_config(&config_for_instruction_sources).await; + let instruction_sources = existing_thread.instruction_sources().await; let listener_command_tx = { let thread_state = thread_state.lock().await; @@ -2892,9 +2990,9 @@ impl ThreadRequestProcessor { "failed to enqueue running thread resume for thread {existing_thread_id}: thread listener command channel is closed" ))); } - return Ok(true); + return Ok(RunningThreadResumeResult::Handled); } - Ok(false) + Ok(RunningThreadResumeResult::NotRunning(None)) } async fn resume_thread_from_history( @@ -3210,6 +3308,7 @@ impl ThreadRequestProcessor { } else { Some(cli_overrides) }; + let runtime_workspace_roots = runtime_workspace_roots.map(resolve_runtime_workspace_roots); let mut typesafe_overrides = self.build_thread_config_overrides( model, model_provider, @@ -3233,7 +3332,6 @@ impl ThreadRequestProcessor { .map_err(|err| config_load_error(&err))?; let fallback_model_provider = config.model_provider_id.clone(); - let instruction_sources = Self::instruction_sources_from_config(&config).await; let NewThread { thread_id, @@ -3284,6 +3382,8 @@ impl ThreadRequestProcessor { .map_err(|err| core_thread_write_error("inherit source thread name", err))?; } + let instruction_sources = forked_thread.instruction_sources().await; + // Auto-attach a conversation listener when forking a thread. log_listener_attach_result( self.ensure_conversation_listener( @@ -3350,7 +3450,7 @@ impl ThreadRequestProcessor { let config_snapshot = forked_thread.config_snapshot().await; let sandbox = thread_response_sandbox_policy( &config_snapshot.permission_profile, - config_snapshot.cwd.as_path(), + config_snapshot.cwd().as_path(), ); let active_permission_profile = thread_response_active_permission_profile(config_snapshot.active_permission_profile); @@ -3825,7 +3925,7 @@ fn thread_read_view_error(err: ThreadReadViewError) -> JSONRPCErrorError { } } -fn unsupported_thread_store_operation(operation: &'static str) -> JSONRPCErrorError { +pub(super) fn unsupported_thread_store_operation(operation: &'static str) -> JSONRPCErrorError { method_not_found(format!("{operation} is not supported yet")) } @@ -3946,7 +4046,7 @@ fn conversation_summary_rollout_path_read_error( } } -fn core_thread_write_error(operation: &str, err: CodexErr) -> JSONRPCErrorError { +pub(super) fn core_thread_write_error(operation: &str, err: CodexErr) -> JSONRPCErrorError { match err { CodexErr::ThreadNotFound(thread_id) => { invalid_request(format!("thread not found: {thread_id}")) @@ -4136,7 +4236,7 @@ fn summary_from_thread_metadata(metadata: &ThreadMetadata) -> ConversationSummar metadata.cwd.clone(), metadata.cli_version.clone(), metadata.source.clone(), - metadata.thread_source, + metadata.thread_source.clone(), metadata.agent_nickname.clone(), metadata.agent_role.clone(), metadata.git_sha.clone(), @@ -4220,18 +4320,46 @@ fn build_thread_from_snapshot( updated_at: now, status: ThreadStatus::NotLoaded, path, - cwd: config_snapshot.cwd.clone(), + cwd: config_snapshot.cwd().clone(), cli_version: env!("CARGO_PKG_VERSION").to_string(), agent_nickname: config_snapshot.session_source.get_nickname(), agent_role: config_snapshot.session_source.get_agent_role(), source: config_snapshot.session_source.clone().into(), - thread_source: config_snapshot.thread_source.map(Into::into), + thread_source: config_snapshot.thread_source.clone().map(Into::into), git_info: None, name: None, turns: Vec::new(), } } +fn paginate_background_terminals( + terminals: &[ThreadBackgroundTerminal], + cursor: Option, + limit: Option, +) -> Result<(Vec, Option), JSONRPCErrorError> { + let start = match cursor { + Some(cursor) => { + let cursor = cursor + .parse::() + .map_err(|err| invalid_request(format!("invalid cursor: {err}")))?; + terminals + .iter() + .position(|terminal| { + terminal + .process_id + .parse::() + .is_ok_and(|process_id| process_id > cursor) + }) + .unwrap_or(terminals.len()) + } + None => 0, + }; + let effective_limit = limit.unwrap_or(terminals.len() as u32).max(1) as usize; + let end = start.saturating_add(effective_limit).min(terminals.len()); + let next_cursor = (end < terminals.len()).then(|| terminals[end - 1].process_id.clone()); + Ok((terminals[start..end].to_vec(), next_cursor)) +} + fn build_thread_from_loaded_snapshot( thread_id: ThreadId, config_snapshot: &ThreadConfigSnapshot, diff --git a/codex-rs/app-server/src/request_processors/thread_processor_tests.rs b/codex-rs/app-server/src/request_processors/thread_processor_tests.rs index 6be022aa6fe..7952517c929 100644 --- a/codex-rs/app-server/src/request_processors/thread_processor_tests.rs +++ b/codex-rs/app-server/src/request_processors/thread_processor_tests.rs @@ -36,6 +36,65 @@ mod thread_list_cwd_filter_tests { } } +mod background_terminal_pagination_tests { + use super::super::paginate_background_terminals; + use codex_app_server_protocol::ThreadBackgroundTerminal; + use codex_utils_absolute_path::AbsolutePathBuf; + use pretty_assertions::assert_eq; + + fn terminal(process_id: &str) -> ThreadBackgroundTerminal { + let cwd = if cfg!(windows) { r"C:\tmp" } else { "/tmp" }; + + ThreadBackgroundTerminal { + item_id: format!("item-{process_id}"), + process_id: process_id.to_string(), + command: format!("command-{process_id}"), + cwd: AbsolutePathBuf::from_absolute_path(cwd).expect("absolute cwd"), + os_pid: None, + cpu_percent: None, + rss_kb: None, + } + } + + #[test] + fn paginates_with_process_id_cursor() { + let terminals = vec![ + terminal("1"), + terminal("2"), + terminal("3"), + terminal("4"), + terminal("5"), + ]; + + let (data, next_cursor) = + paginate_background_terminals(&terminals, /*cursor*/ None, Some(2)) + .expect("valid page"); + + assert_eq!(data, vec![terminal("1"), terminal("2")]); + assert_eq!(next_cursor, Some("2".to_string())); + let first_cursor = next_cursor; + + let terminals_without_anchor = vec![terminal("1"), terminal("3"), terminal("4")]; + let (data, next_cursor) = + paginate_background_terminals(&terminals_without_anchor, first_cursor.clone(), Some(2)) + .expect("valid page"); + + assert_eq!(data, vec![terminal("3"), terminal("4")]); + assert_eq!(next_cursor, None); + + let (data, next_cursor) = + paginate_background_terminals(&terminals, first_cursor, Some(2)).expect("valid page"); + + assert_eq!(data, vec![terminal("3"), terminal("4")]); + assert_eq!(next_cursor, Some("4".to_string())); + + assert!( + paginate_background_terminals(&terminals, Some("missing".to_string()), Some(1)) + .is_err() + ); + } +} + mod thread_processor_behavior_tests { async fn forked_from_id_from_rollout(path: &Path) -> Option { codex_core::read_session_meta_line(path) @@ -77,6 +136,7 @@ mod thread_processor_behavior_tests { use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::SubAgentSource; + use codex_protocol::protocol::TurnEnvironmentSelections; use codex_state::ThreadMetadataBuilder; use codex_thread_store::StoredThread; use codex_utils_absolute_path::test_support::PathBufExt; @@ -393,6 +453,7 @@ mod thread_processor_behavior_tests { ThreadId::from_string("00000000-0000-0000-0000-000000000123").expect("valid thread"); let stored_thread = StoredThread { thread_id, + extra_config: None, rollout_path: Some(PathBuf::from("/tmp/thread.jsonl")), forked_from_id: None, parent_thread_id: None, @@ -685,7 +746,7 @@ mod thread_processor_behavior_tests { approvals_reviewer: codex_protocol::config_types::ApprovalsReviewer::User, permission_profile: codex_protocol::models::PermissionProfile::Disabled, active_permission_profile: None, - cwd, + environments: TurnEnvironmentSelections::new(cwd, Vec::new()), workspace_roots: Vec::new(), profile_workspace_roots: Vec::new(), ephemeral: false, @@ -701,6 +762,7 @@ mod thread_processor_behavior_tests { }, }, session_source: SessionSource::Cli, + forked_from_thread_id: None, parent_thread_id: None, thread_source: None, }; diff --git a/codex-rs/app-server/src/request_processors/thread_summary.rs b/codex-rs/app-server/src/request_processors/thread_summary.rs index a57f2fcf794..0fb1320055c 100644 --- a/codex-rs/app-server/src/request_processors/thread_summary.rs +++ b/codex-rs/app-server/src/request_processors/thread_summary.rs @@ -190,12 +190,12 @@ pub(crate) fn thread_settings_from_config_snapshot( config_snapshot: &ThreadConfigSnapshot, ) -> ThreadSettings { ThreadSettings { - cwd: config_snapshot.cwd.clone(), + cwd: config_snapshot.cwd().clone(), approval_policy: config_snapshot.approval_policy.into(), approvals_reviewer: config_snapshot.approvals_reviewer.into(), sandbox_policy: thread_response_sandbox_policy( &config_snapshot.permission_profile, - config_snapshot.cwd.as_path(), + config_snapshot.cwd().as_path(), ), active_permission_profile: thread_response_active_permission_profile( config_snapshot.active_permission_profile.clone(), @@ -203,7 +203,7 @@ pub(crate) fn thread_settings_from_config_snapshot( model: config_snapshot.model.clone(), model_provider: config_snapshot.model_provider_id.clone(), service_tier: config_snapshot.service_tier.clone(), - effort: config_snapshot.reasoning_effort, + effort: config_snapshot.reasoning_effort.clone(), summary: config_snapshot.reasoning_summary, collaboration_mode: config_snapshot.collaboration_mode.clone(), personality: config_snapshot.personality, @@ -213,24 +213,36 @@ pub(crate) fn thread_settings_from_config_snapshot( pub(crate) fn thread_settings_from_core_snapshot( snapshot: codex_protocol::protocol::ThreadSettingsSnapshot, ) -> ThreadSettings { + let codex_protocol::protocol::ThreadSettingsSnapshot { + model, + model_provider_id, + service_tier, + approval_policy, + approvals_reviewer, + permission_profile, + active_permission_profile, + cwd, + reasoning_effort, + reasoning_summary, + personality, + collaboration_mode, + } = snapshot; + let sandbox_policy = thread_response_sandbox_policy(&permission_profile, cwd.as_path()); ThreadSettings { - sandbox_policy: thread_response_sandbox_policy( - &snapshot.permission_profile, - snapshot.cwd.as_path(), - ), - cwd: snapshot.cwd, - approval_policy: snapshot.approval_policy.into(), - approvals_reviewer: snapshot.approvals_reviewer.into(), + sandbox_policy, + cwd, + approval_policy: approval_policy.into(), + approvals_reviewer: approvals_reviewer.into(), active_permission_profile: thread_response_active_permission_profile( - snapshot.active_permission_profile, + active_permission_profile, ), - model: snapshot.model, - model_provider: snapshot.model_provider_id, - service_tier: snapshot.service_tier, - effort: snapshot.reasoning_effort, - summary: snapshot.reasoning_summary, - collaboration_mode: snapshot.collaboration_mode, - personality: snapshot.personality, + model, + model_provider: model_provider_id, + service_tier, + effort: reasoning_effort, + summary: reasoning_summary, + collaboration_mode, + personality, } } diff --git a/codex-rs/app-server/src/request_processors/turn_processor.rs b/codex-rs/app-server/src/request_processors/turn_processor.rs index 25beee3cdb1..b2e6ddc0b91 100644 --- a/codex-rs/app-server/src/request_processors/turn_processor.rs +++ b/codex-rs/app-server/src/request_processors/turn_processor.rs @@ -1,6 +1,12 @@ use super::*; use codex_protocol::protocol::AdditionalContextEntry as CoreAdditionalContextEntry; use codex_protocol::protocol::AdditionalContextKind as CoreAdditionalContextKind; +use codex_protocol::protocol::MultiAgentVersion; +use codex_protocol::protocol::SessionSource; +use codex_protocol::protocol::SubAgentSource; + +const DIRECT_INPUT_TO_MULTI_AGENT_V2_SUBAGENT_ERROR: &str = + "direct app-server input is not allowed for multi-agent v2 sub-agents"; #[derive(Clone)] pub(crate) struct TurnRequestProcessor { @@ -18,20 +24,6 @@ pub(crate) struct TurnRequestProcessor { skills_watcher: Arc, } -fn resolve_runtime_workspace_roots( - workspace_roots: Vec, - base_cwd: &AbsolutePathBuf, -) -> Vec { - let mut resolved_roots = Vec::new(); - for path in workspace_roots { - let root = AbsolutePathBuf::resolve_path_against_base(path, base_cwd.as_path()); - if !resolved_roots.iter().any(|existing| existing == &root) { - resolved_roots.push(root); - } - } - resolved_roots -} - fn map_additional_context( additional_context: Option>, ) -> BTreeMap { @@ -57,8 +49,8 @@ fn map_additional_context( struct ThreadSettingsBuildParams { method: &'static str, - cwd: Option, - runtime_workspace_roots: Option>, + environments: Option, + runtime_workspace_roots: Option>, approval_policy: Option, approvals_reviewer: Option, sandbox_policy: Option, @@ -250,6 +242,26 @@ impl TurnRequestProcessor { Ok((thread_id, thread)) } + + async fn ensure_direct_input_allowed( + &self, + request_id: &ConnectionRequestId, + thread: &CodexThread, + ) -> Result<(), JSONRPCErrorError> { + if thread.multi_agent_version() == Some(MultiAgentVersion::V2) + && matches!( + thread.config_snapshot().await.session_source, + SessionSource::SubAgent(SubAgentSource::ThreadSpawn { .. }) + ) + { + let error = invalid_request(DIRECT_INPUT_TO_MULTI_AGENT_V2_SUBAGENT_ERROR); + self.track_error_response(request_id, &error, /*error_type*/ None); + return Err(error); + } + + Ok(()) + } + fn normalize_collaboration_mode( &self, mut collaboration_mode: CollaborationMode, @@ -384,6 +396,14 @@ impl TurnRequestProcessor { app_server_client_name: Option, app_server_client_version: Option, ) -> Result { + let (thread_id, thread) = + self.load_thread(¶ms.thread_id) + .await + .inspect_err(|error| { + self.track_error_response(&request_id, error, /*error_type*/ None); + })?; + self.ensure_direct_input_allowed(&request_id, thread.as_ref()) + .await?; if let Err(error) = Self::validate_v2_input_limit(¶ms.input) { self.track_error_response( &request_id, @@ -392,12 +412,6 @@ impl TurnRequestProcessor { ); return Err(error); } - let (thread_id, thread) = - self.load_thread(¶ms.thread_id) - .await - .inspect_err(|error| { - self.track_error_response(&request_id, error, /*error_type*/ None); - })?; Self::set_app_server_client_info( thread.as_ref(), app_server_client_name, @@ -419,12 +433,15 @@ impl TurnRequestProcessor { let client_user_message_id = params.client_user_message_id; let additional_context = map_additional_context(params.additional_context); let turn_has_input = !mapped_items.is_empty(); + let cwd = resolve_request_cwd(params.cwd)?; + let environments = + Self::build_environment_override(thread.as_ref(), cwd, environment_selections).await; let thread_settings = self .build_thread_settings_overrides( thread.as_ref(), ThreadSettingsBuildParams { method: "turn/start", - cwd: params.cwd, + environments, runtime_workspace_roots: params.runtime_workspace_roots, approval_policy: params.approval_policy, approvals_reviewer: params.approvals_reviewer, @@ -443,7 +460,6 @@ impl TurnRequestProcessor { // Start the turn by submitting the user input. Return its submission id as turn_id. let turn_op = Op::UserInput { items: mapped_items, - environments: environment_selections, final_output_json_schema: params.output_schema, responsesapi_client_metadata: params.responsesapi_client_metadata, additional_context, @@ -491,6 +507,31 @@ impl TurnRequestProcessor { Ok(TurnStartResponse { turn }) } + async fn build_environment_override( + thread: &CodexThread, + cwd: Option, + environment_selections: Option>, + ) -> Option { + if cwd.is_none() && environment_selections.is_none() { + return None; + } + + let snapshot = thread.config_snapshot().await; + let environment_selections = + environment_selections.unwrap_or_else(|| snapshot.environment_selections().to_vec()); + let legacy_fallback_cwd = cwd.unwrap_or_else(|| { + environment_selections + .iter() + .find(|selection| selection.environment_id == LOCAL_ENVIRONMENT_ID) + .map(|selection| selection.cwd.clone()) + .unwrap_or_else(|| snapshot.cwd().clone()) + }); + Some(TurnEnvironmentSelections::new( + legacy_fallback_cwd, + environment_selections, + )) + } + async fn build_thread_settings_overrides( &self, thread: &CodexThread, @@ -498,7 +539,7 @@ impl TurnRequestProcessor { ) -> Result { let ThreadSettingsBuildParams { method, - cwd, + environments, runtime_workspace_roots, approval_policy, approvals_reviewer, @@ -521,16 +562,17 @@ impl TurnRequestProcessor { let collaboration_mode = collaboration_mode.map(|mode| self.normalize_collaboration_mode(mode)); let runtime_workspace_roots_request = runtime_workspace_roots; + let has_environment_override = environments.is_some(); // `thread/settings/update` only acknowledges that the update was queued. // Clients that send dependent partial updates should wait for // `thread/settings/updated` or combine the fields in one request. - let snapshot = if permissions.is_some() || runtime_workspace_roots_request.is_some() { + let snapshot = if permissions.is_some() { Some(thread.config_snapshot().await) } else { None }; - let has_any_overrides = cwd.is_some() + let has_any_overrides = has_environment_override || runtime_workspace_roots_request.is_some() || approval_policy.is_some() || approvals_reviewer.is_some() @@ -543,22 +585,8 @@ impl TurnRequestProcessor { || collaboration_mode.is_some() || personality.is_some(); - let runtime_workspace_roots = if let Some(workspace_roots) = - runtime_workspace_roots_request.clone() - { - let Some(snapshot) = snapshot.as_ref() else { - return Err(internal_error(format!( - "{method} runtime workspace roots missing thread snapshot" - ))); - }; - let base_cwd = cwd - .as_ref() - .map(|cwd| AbsolutePathBuf::resolve_path_against_base(cwd, snapshot.cwd.as_path())) - .unwrap_or_else(|| snapshot.cwd.clone()); - Some(resolve_runtime_workspace_roots(workspace_roots, &base_cwd)) - } else { - None - }; + let runtime_workspace_roots = + runtime_workspace_roots_request.map(resolve_runtime_workspace_roots); let approval_policy = approval_policy.map(codex_app_server_protocol::AskForApproval::to_core); let approvals_reviewer = @@ -572,16 +600,14 @@ impl TurnRequestProcessor { ))); }; let overrides = ConfigOverrides { - cwd: cwd.clone(), - workspace_roots: Some(runtime_workspace_roots_request.clone().unwrap_or_else( - || { - snapshot - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect() - }, - )), + cwd: environments + .as_ref() + .map(|environments| environments.legacy_fallback_cwd.to_path_buf()), + workspace_roots: Some( + runtime_workspace_roots + .clone() + .unwrap_or_else(|| snapshot.workspace_roots.clone()), + ), default_permissions: Some(permissions), codex_linux_sandbox_exe: self.arg0_paths.codex_linux_sandbox_exe.clone(), main_execve_wrapper_exe: self.arg0_paths.main_execve_wrapper_exe.clone(), @@ -592,7 +618,7 @@ impl TurnRequestProcessor { .load_for_cwd( /*request_overrides*/ None, overrides, - Some(snapshot.cwd.to_path_buf()), + Some(snapshot.cwd().to_path_buf()), ) .await .map_err(|err| config_load_error(&err))?; @@ -619,7 +645,7 @@ impl TurnRequestProcessor { if has_any_overrides { thread .preview_thread_settings_overrides(CodexThreadSettingsOverrides { - cwd: cwd.clone(), + environments: environments.clone(), workspace_roots: runtime_workspace_roots.clone(), approval_policy, approvals_reviewer, @@ -629,7 +655,7 @@ impl TurnRequestProcessor { profile_workspace_roots: profile_workspace_roots.clone(), windows_sandbox_level: None, model: model.clone(), - effort, + effort: effort.clone(), summary, service_tier: service_tier.clone(), collaboration_mode: collaboration_mode.clone(), @@ -642,7 +668,7 @@ impl TurnRequestProcessor { } Ok(codex_protocol::protocol::ThreadSettingsOverrides { - cwd, + environments, workspace_roots: runtime_workspace_roots, profile_workspace_roots, approval_policy, @@ -666,12 +692,19 @@ impl TurnRequestProcessor { params: ThreadSettingsUpdateParams, ) -> Result { let (_, thread) = self.load_thread(¶ms.thread_id).await?; + let cwd = resolve_request_cwd(params.cwd)?; + let environments = Self::build_environment_override( + thread.as_ref(), + cwd, + /*environment_selections*/ None, + ) + .await; let thread_settings = self .build_thread_settings_overrides( thread.as_ref(), ThreadSettingsBuildParams { method: "thread/settings/update", - cwd: params.cwd, + environments, runtime_workspace_roots: None, approval_policy: params.approval_policy, approvals_reviewer: params.approvals_reviewer, @@ -757,6 +790,8 @@ impl TurnRequestProcessor { .inspect_err(|error| { self.track_error_response(request_id, error, /*error_type*/ None); })?; + self.ensure_direct_input_allowed(request_id, thread.as_ref()) + .await?; if params.expected_turn_id.is_empty() { return Err(invalid_request("expectedTurnId must not be empty")); @@ -899,6 +934,7 @@ impl TurnRequestProcessor { request_id, thread.as_ref(), Op::RealtimeConversationStart(ConversationStartParams { + model: params.model, output_modality: params.output_modality, prompt: params.prompt, realtime_session_id: params.realtime_session_id, @@ -910,6 +946,7 @@ impl TurnRequestProcessor { ConversationStartTransport::Webrtc { sdp } } }), + version: params.version, voice: params.voice, }), ) diff --git a/codex-rs/app-server/src/request_serialization.rs b/codex-rs/app-server/src/request_serialization.rs index 0dd167b74dc..77ecfc8f56c 100644 --- a/codex-rs/app-server/src/request_serialization.rs +++ b/codex-rs/app-server/src/request_serialization.rs @@ -311,7 +311,7 @@ mod tests { let key = RequestSerializationQueueKey::Global("test"); let live_gate = gate(); let closed_gate = gate(); - closed_gate.shutdown().await; + closed_gate.close().await; let (tx, mut rx) = mpsc::unbounded_channel(); let (blocked_tx, blocked_rx) = oneshot::channel::<()>(); diff --git a/codex-rs/app-server/src/thread_state.rs b/codex-rs/app-server/src/thread_state.rs index 2d932f03266..6d2b48a4c88 100644 --- a/codex-rs/app-server/src/thread_state.rs +++ b/codex-rs/app-server/src/thread_state.rs @@ -17,6 +17,7 @@ use codex_utils_absolute_path::AbsolutePathBuf; use std::collections::HashMap; use std::collections::HashSet; use std::sync::Arc; +use std::sync::Mutex as StdMutex; use std::sync::Weak; use tokio::sync::Mutex; use tokio::sync::mpsc; @@ -44,8 +45,9 @@ pub(crate) struct PendingThreadResumeRequest { pub(crate) enum ThreadListenerCommand { // SendThreadResumeResponse is used to resume an already running thread by sending the thread's history to the client and atomically subscribing for new updates. SendThreadResumeResponse(Box), - // EmitThreadGoalUpdated is used to order app-server goal updates with running-thread resume responses. + // EmitThreadGoalUpdated is used to order goal updates with running-thread resume responses and goal clears. EmitThreadGoalUpdated { + turn_id: Option, goal: ThreadGoal, }, // EmitThreadGoalCleared is used to order app-server goal clears with running-thread resume responses. @@ -284,6 +286,10 @@ pub(crate) struct ConnectionCapabilities { #[derive(Clone, Default)] pub(crate) struct ThreadStateManager { state: Arc>, + // Extension event sinks are synchronous, so they need an await-free way to + // enqueue work on the active per-thread listener. + listener_commands: + Arc>>>, } impl ThreadStateManager { @@ -337,6 +343,35 @@ impl ThreadStateManager { state.threads.entry(thread_id).or_default().state.clone() } + pub(crate) fn current_listener_command_tx( + &self, + thread_id: ThreadId, + ) -> Option> { + self.listener_commands + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .get(&thread_id) + .cloned() + } + + pub(crate) fn register_listener_command_tx( + &self, + thread_id: ThreadId, + tx: mpsc::UnboundedSender, + ) { + self.listener_commands + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .insert(thread_id, tx); + } + + pub(crate) fn unregister_listener_command_tx(&self, thread_id: ThreadId) { + self.listener_commands + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .remove(&thread_id); + } + pub(crate) async fn remove_thread_state(&self, thread_id: ThreadId) { let thread_state = { let mut state = self.state.lock().await; @@ -350,6 +385,7 @@ impl ThreadStateManager { }); thread_state }; + self.unregister_listener_command_tx(thread_id); if let Some(thread_state) = thread_state { let mut thread_state = thread_state.lock().await; @@ -375,6 +411,7 @@ impl ThreadStateManager { }; for (thread_id, thread_state) in thread_states { + self.unregister_listener_command_tx(thread_id); let mut thread_state = thread_state.lock().await; tracing::debug!( thread_id = %thread_id, diff --git a/codex-rs/app-server/tests/common/auth_fixtures.rs b/codex-rs/app-server/tests/common/auth_fixtures.rs index 86f0fb456dd..18cfd7ed682 100644 --- a/codex-rs/app-server/tests/common/auth_fixtures.rs +++ b/codex-rs/app-server/tests/common/auth_fixtures.rs @@ -164,6 +164,8 @@ pub fn write_chatgpt_auth( tokens: Some(tokens), last_refresh, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth(codex_home, &auth, cli_auth_credentials_store_mode).context("write auth.json") diff --git a/codex-rs/app-server/tests/common/models_cache.rs b/codex-rs/app-server/tests/common/models_cache.rs index 666f6ed7cda..2a0c10a27c4 100644 --- a/codex-rs/app-server/tests/common/models_cache.rs +++ b/codex-rs/app-server/tests/common/models_cache.rs @@ -18,7 +18,7 @@ fn preset_to_info(preset: &ModelPreset, priority: i32) -> ModelInfo { slug: preset.id.clone(), display_name: preset.display_name.clone(), description: Some(preset.description.clone()), - default_reasoning_level: Some(preset.default_reasoning_effort), + default_reasoning_level: Some(preset.default_reasoning_effort.clone()), supported_reasoning_levels: preset.supported_reasoning_efforts.clone(), shell_type: ConfigShellToolType::ShellCommand, visibility: if preset.show_in_picker { @@ -47,11 +47,13 @@ fn preset_to_info(preset: &ModelPreset, priority: i32) -> ModelInfo { context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/app-server/tests/common/test_app_server.rs b/codex-rs/app-server/tests/common/test_app_server.rs index ec4b30d92f9..91c42e2fe43 100644 --- a/codex-rs/app-server/tests/common/test_app_server.rs +++ b/codex-rs/app-server/tests/common/test_app_server.rs @@ -70,6 +70,7 @@ use codex_app_server_protocol::ProcessWriteStdinParams; use codex_app_server_protocol::RemoteControlClientsListParams; use codex_app_server_protocol::RemoteControlClientsRevokeParams; use codex_app_server_protocol::RemoteControlPairingStartParams; +use codex_app_server_protocol::RemoteControlPairingStatusParams; use codex_app_server_protocol::RequestId; use codex_app_server_protocol::ReviewStartParams; use codex_app_server_protocol::SendAddCreditsNudgeEmailParams; @@ -78,6 +79,7 @@ use codex_app_server_protocol::SkillsExtraRootsSetParams; use codex_app_server_protocol::SkillsListParams; use codex_app_server_protocol::ThreadArchiveParams; use codex_app_server_protocol::ThreadCompactStartParams; +use codex_app_server_protocol::ThreadDeleteParams; use codex_app_server_protocol::ThreadForkParams; use codex_app_server_protocol::ThreadInjectItemsParams; use codex_app_server_protocol::ThreadListParams; @@ -455,6 +457,15 @@ impl TestAppServer { self.send_request("thread/archive", params).await } + /// Send a `thread/delete` JSON-RPC request. + pub async fn send_thread_delete_request( + &mut self, + params: ThreadDeleteParams, + ) -> anyhow::Result { + let params = Some(serde_json::to_value(params)?); + self.send_request("thread/delete", params).await + } + /// Send a `thread/name/set` JSON-RPC request. pub async fn send_thread_set_name_request( &mut self, @@ -656,6 +667,16 @@ impl TestAppServer { .await } + /// Send a `remoteControl/pairing/status` JSON-RPC request. + pub async fn send_remote_control_pairing_status_request( + &mut self, + params: RemoteControlPairingStatusParams, + ) -> anyhow::Result { + let params = Some(serde_json::to_value(params)?); + self.send_request("remoteControl/pairing/status", params) + .await + } + /// Send a `remoteControl/client/list` JSON-RPC request. pub async fn send_remote_control_clients_list_request( &mut self, diff --git a/codex-rs/app-server/tests/suite/auth.rs b/codex-rs/app-server/tests/suite/auth.rs index b1ef99cb71f..6e88866c7d4 100644 --- a/codex-rs/app-server/tests/suite/auth.rs +++ b/codex-rs/app-server/tests/suite/auth.rs @@ -21,6 +21,7 @@ use tokio::time::timeout; use wiremock::Mock; use wiremock::MockServer; use wiremock::ResponseTemplate; +use wiremock::matchers::header; use wiremock::matchers::method; use wiremock::matchers::path; @@ -160,6 +161,64 @@ async fn get_auth_status_with_api_key() -> Result<()> { Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn get_auth_status_with_personal_access_token_omits_token() -> Result<()> { + let codex_home = TempDir::new()?; + create_config_toml(codex_home.path())?; + + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .and(header("Authorization", "Bearer at-test-token")) + .respond_with(ResponseTemplate::new(200).set_body_json(serde_json::json!({ + "email": "user@example.com", + "chatgpt_user_id": "user-123", + "chatgpt_account_id": "account-123", + "chatgpt_plan_type": "pro", + "chatgpt_account_is_fedramp": false, + }))) + .expect(1..) + .mount(&server) + .await; + + let authapi_base_url = server.uri(); + let mut mcp = TestAppServer::new_with_env( + codex_home.path(), + &[ + ("OPENAI_API_KEY", None), + ("CODEX_ACCESS_TOKEN", Some("at-test-token")), + ("CODEX_AUTHAPI_BASE_URL", Some(authapi_base_url.as_str())), + ], + ) + .await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_get_auth_status_request(GetAuthStatusParams { + include_token: Some(true), + refresh_token: Some(false), + }) + .await?; + + let resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let status: GetAuthStatusResponse = to_response(resp)?; + assert_eq!( + status, + GetAuthStatusResponse { + auth_method: Some(AuthMode::PersonalAccessToken), + auth_token: None, + requires_openai_auth: Some(true), + } + ); + + server.verify().await; + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn get_auth_status_with_api_key_when_auth_not_required() -> Result<()> { let codex_home = TempDir::new()?; diff --git a/codex-rs/app-server/tests/suite/conversation_summary.rs b/codex-rs/app-server/tests/suite/conversation_summary.rs index 05e3ad1c77c..6ad9f1c633a 100644 --- a/codex-rs/app-server/tests/suite/conversation_summary.rs +++ b/codex-rs/app-server/tests/suite/conversation_summary.rs @@ -122,6 +122,7 @@ async fn get_conversation_summary_by_thread_id_reads_pathless_store_thread() -> store .create_thread(CreateThreadParams { thread_id, + extra_config: None, forked_from_id: None, parent_thread_id: None, source: SessionSource::Cli, diff --git a/codex-rs/app-server/tests/suite/v2/analytics.rs b/codex-rs/app-server/tests/suite/v2/analytics.rs index 8e8f2a7557d..ea876940abd 100644 --- a/codex-rs/app-server/tests/suite/v2/analytics.rs +++ b/codex-rs/app-server/tests/suite/v2/analytics.rs @@ -124,6 +124,31 @@ pub(crate) async fn wait_for_analytics_event( server: &MockServer, read_timeout: Duration, event_type: &str, +) -> Result { + wait_for_matching_analytics_event(server, read_timeout, |event| { + event["event_type"] == event_type + }) + .await +} + +pub(crate) async fn wait_for_goal_event( + server: &MockServer, + read_timeout: Duration, + event_kind: &str, + goal_status: &str, +) -> Result { + wait_for_matching_analytics_event(server, read_timeout, |event| { + event["event_type"] == "codex_goal_event" + && event["event_params"]["event_kind"] == event_kind + && event["event_params"]["goal_status"] == goal_status + }) + .await +} + +async fn wait_for_matching_analytics_event( + server: &MockServer, + read_timeout: Duration, + matches: impl Fn(&Value) -> bool, ) -> Result { timeout(read_timeout, async { loop { @@ -142,10 +167,7 @@ pub(crate) async fn wait_for_analytics_event( let Some(events) = payload["events"].as_array() else { continue; }; - if let Some(event) = events - .iter() - .find(|event| event["event_type"] == event_type) - { + if let Some(event) = events.iter().find(|event| matches(event)) { return Ok::(event.clone()); } } diff --git a/codex-rs/app-server/tests/suite/v2/app_list.rs b/codex-rs/app-server/tests/suite/v2/app_list.rs index ea7ff8fa4b2..fa4c2042af8 100644 --- a/codex-rs/app-server/tests/suite/v2/app_list.rs +++ b/codex-rs/app-server/tests/suite/v2/app_list.rs @@ -1,5 +1,4 @@ use std::borrow::Cow; -use std::collections::BTreeMap; use std::collections::HashMap; use std::sync::Arc; use std::sync::Mutex as StdMutex; @@ -28,7 +27,6 @@ use codex_app_server_protocol::AppScreenshot; use codex_app_server_protocol::AppsListParams; use codex_app_server_protocol::AppsListResponse; use codex_app_server_protocol::AuthMode; -use codex_app_server_protocol::ExperimentalFeatureEnablementSetParams; use codex_app_server_protocol::JSONRPCError; use codex_app_server_protocol::JSONRPCResponse; use codex_app_server_protocol::RequestId; @@ -120,6 +118,8 @@ async fn list_apps_returns_empty_with_api_key_auth() -> Result<()> { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }, AuthCredentialsStoreMode::File, )?; @@ -1335,108 +1335,6 @@ async fn list_apps_force_refetch_patches_updates_from_cached_snapshots() -> Resu Ok(()) } -#[tokio::test] -async fn experimental_feature_enablement_set_refreshes_apps_list_when_apps_turn_on() -> Result<()> { - let initial_connectors = vec![AppInfo { - id: "alpha".to_string(), - name: "Alpha".to_string(), - description: Some("Alpha v1".to_string()), - logo_url: None, - logo_url_dark: None, - distribution_channel: None, - branding: None, - app_metadata: None, - labels: None, - install_url: None, - is_accessible: false, - is_enabled: true, - plugin_display_names: Vec::new(), - }]; - let (server_url, server_handle, server_control) = start_apps_server_with_delays_and_control( - initial_connectors, - Vec::new(), - Duration::ZERO, - Duration::ZERO, - ) - .await?; - - let codex_home = TempDir::new()?; - write_connectors_config(codex_home.path(), &server_url)?; - write_chatgpt_auth( - codex_home.path(), - ChatGptAuthFixture::new("chatgpt-token") - .account_id("account-123") - .chatgpt_user_id("user-enable-refresh") - .chatgpt_account_id("account-123"), - AuthCredentialsStoreMode::File, - )?; - - let mut mcp = TestAppServer::new(codex_home.path()).await?; - timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - - let disable_request = mcp - .send_experimental_feature_enablement_set_request(ExperimentalFeatureEnablementSetParams { - enablement: BTreeMap::from([("apps".to_string(), false)]), - }) - .await?; - let _disable_response: JSONRPCResponse = timeout( - DEFAULT_TIMEOUT, - mcp.read_stream_until_response_message(RequestId::Integer(disable_request)), - ) - .await??; - - server_control.set_connectors(vec![AppInfo { - id: "alpha".to_string(), - name: "Alpha".to_string(), - description: Some("Alpha v2".to_string()), - logo_url: None, - logo_url_dark: None, - distribution_channel: None, - branding: None, - app_metadata: None, - labels: None, - install_url: None, - is_accessible: false, - is_enabled: true, - plugin_display_names: Vec::new(), - }]); - server_control.set_tools(vec![connector_tool("alpha", "Alpha App")?]); - - let enable_request = mcp - .send_experimental_feature_enablement_set_request(ExperimentalFeatureEnablementSetParams { - enablement: BTreeMap::from([("apps".to_string(), true)]), - }) - .await?; - let _enable_response: JSONRPCResponse = timeout( - DEFAULT_TIMEOUT, - mcp.read_stream_until_response_message(RequestId::Integer(enable_request)), - ) - .await??; - - let update = read_app_list_updated_notification(&mut mcp).await?; - assert_eq!( - update.data, - vec![AppInfo { - id: "alpha".to_string(), - name: "Alpha".to_string(), - description: Some("Alpha v2".to_string()), - logo_url: None, - logo_url_dark: None, - distribution_channel: None, - branding: None, - app_metadata: None, - labels: None, - install_url: Some("https://chatgpt.com/apps/alpha/alpha".to_string()), - is_accessible: true, - is_enabled: true, - plugin_display_names: Vec::new(), - }] - ); - - server_handle.abort(); - Ok(()) -} - async fn read_app_list_updated_notification( mcp: &mut TestAppServer, ) -> Result { @@ -1619,7 +1517,7 @@ async fn start_apps_server_with_delays_and_control_inner( get(workspace_settings_response), ) .with_state(state) - .nest_service("/api/codex/apps", mcp_service); + .nest_service("/api/codex/ps/mcp", mcp_service); let handle = tokio::spawn(async move { let _ = axum::serve(listener, router).await; diff --git a/codex-rs/app-server/tests/suite/v2/client_metadata.rs b/codex-rs/app-server/tests/suite/v2/client_metadata.rs index 873a1cc0444..681e11ae343 100644 --- a/codex-rs/app-server/tests/suite/v2/client_metadata.rs +++ b/codex-rs/app-server/tests/suite/v2/client_metadata.rs @@ -112,6 +112,7 @@ async fn turn_start_forwards_client_metadata_to_responses_request_v2() -> Result assert_eq!(metadata["origin"].as_str(), Some("gaas")); assert_eq!(metadata["thread_source"].as_str(), Some("client-supplied")); assert_eq!(metadata["turn_id"].as_str(), Some(turn.id.as_str())); + assert!(metadata.get("installation_id").is_some()); assert!(metadata.get("session_id").is_some()); assert_eq!( metadata["window_id"].as_str(), diff --git a/codex-rs/app-server/tests/suite/v2/compaction.rs b/codex-rs/app-server/tests/suite/v2/compaction.rs index 690c6d8bff9..08ddfa4c619 100644 --- a/codex-rs/app-server/tests/suite/v2/compaction.rs +++ b/codex-rs/app-server/tests/suite/v2/compaction.rs @@ -29,6 +29,7 @@ use codex_app_server_protocol::TurnStartParams; use codex_app_server_protocol::TurnStartResponse; use codex_app_server_protocol::UserInput as V2UserInput; use codex_config::types::AuthCredentialsStoreMode; +use codex_features::Feature; use codex_protocol::models::ContentItem; use codex_protocol::models::ResponseItem; use core_test_support::responses; @@ -150,7 +151,7 @@ async fn auto_compaction_remote_emits_started_and_completed_items() -> Result<() write_mock_responses_config_toml( codex_home.path(), &server.uri(), - &BTreeMap::default(), + &BTreeMap::from([(Feature::RemoteCompactionV2, false)]), REMOTE_AUTO_COMPACT_LIMIT, Some(true), "mock_provider", diff --git a/codex-rs/app-server/tests/suite/v2/executor_skills.rs b/codex-rs/app-server/tests/suite/v2/executor_skills.rs new file mode 100644 index 00000000000..ede5b20fb8e --- /dev/null +++ b/codex-rs/app-server/tests/suite/v2/executor_skills.rs @@ -0,0 +1,148 @@ +use std::time::Duration; + +use anyhow::Result; +use app_test_support::TestAppServer; +use app_test_support::to_response; +use codex_app_server_protocol::CapabilityRootLocation; +use codex_app_server_protocol::JSONRPCResponse; +use codex_app_server_protocol::RequestId; +use codex_app_server_protocol::SelectedCapabilityRoot; +use codex_app_server_protocol::ThreadStartParams; +use codex_app_server_protocol::ThreadStartResponse; +use codex_app_server_protocol::TurnStartParams; +use codex_app_server_protocol::UserInput; +use core_test_support::responses; +use tempfile::TempDir; +use tokio::time::timeout; + +const READ_TIMEOUT: Duration = Duration::from_secs(10); +const SKILL_NAME: &str = "demo-plugin:deploy"; +const SKILL_MARKER: &str = "EXECUTOR_SKILL_BODY_MARKER"; +const LOCAL_SKILL_MARKER: &str = "LOCAL_SKILL_BODY_MARKER"; + +#[tokio::test] +async fn selected_executor_root_exposes_plugin_skill() -> Result<()> { + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-selected"), + responses::ev_assistant_message("msg-selected", "Done"), + responses::ev_completed("resp-selected"), + ]), + ) + .await; + + let codex_home = TempDir::new()?; + std::fs::write( + codex_home.path().join("config.toml"), + format!( + r#" +model = "mock-model" +approval_policy = "never" +sandbox_mode = "read-only" +model_provider = "mock_provider" + +[skills] +include_instructions = true + +[model_providers.mock_provider] +name = "Mock provider for test" +base_url = "{}/v1" +wire_api = "responses" +request_max_retries = 0 +stream_max_retries = 0 +"#, + server.uri() + ), + )?; + let local_skill_dir = codex_home.path().join("skills/local-deploy"); + std::fs::create_dir_all(&local_skill_dir)?; + std::fs::write( + local_skill_dir.join("SKILL.md"), + format!( + "---\nname: {SKILL_NAME}\ndescription: Colliding local skill.\n---\n\n# Local deploy\n\n{LOCAL_SKILL_MARKER}\n" + ), + )?; + let plugin_dir = TempDir::new()?; + let manifest_dir = plugin_dir.path().join(".codex-plugin"); + let skill_dir = plugin_dir.path().join("skills/deploy"); + std::fs::create_dir_all(&manifest_dir)?; + std::fs::create_dir_all(&skill_dir)?; + std::fs::write( + manifest_dir.join("plugin.json"), + r#"{"name":"demo-plugin"}"#, + )?; + std::fs::write( + skill_dir.join("SKILL.md"), + format!( + "---\nname: deploy\ndescription: Deploy through the executor.\n---\n\n# Deploy\n\n{SKILL_MARKER}\n" + ), + )?; + + let mut app_server = TestAppServer::new(codex_home.path()).await?; + timeout(READ_TIMEOUT, app_server.initialize()).await??; + + let request_id = app_server + .send_thread_start_request(ThreadStartParams { + model: Some("mock-model".to_string()), + selected_capability_roots: Some(vec![SelectedCapabilityRoot { + id: "demo-plugin@1".to_string(), + location: CapabilityRootLocation::Environment { + environment_id: "local".to_string(), + path: plugin_dir.path().to_string_lossy().into_owned(), + }, + }]), + ..Default::default() + }) + .await?; + let response: JSONRPCResponse = timeout( + READ_TIMEOUT, + app_server.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let ThreadStartResponse { thread, .. } = to_response(response)?; + + let request_id = app_server + .send_turn_start_request(TurnStartParams { + thread_id: thread.id, + input: vec![UserInput::Text { + text: format!("Use ${SKILL_NAME}"), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + timeout( + READ_TIMEOUT, + app_server.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + timeout( + READ_TIMEOUT, + app_server.read_stream_until_notification_message("turn/completed"), + ) + .await??; + + let request = response_mock.single_request(); + assert!( + request + .message_input_texts("developer") + .iter() + .any(|text| text.contains(SKILL_NAME)) + ); + let skill_fragments = request + .message_input_texts("user") + .into_iter() + .filter(|text| text.starts_with("")) + .collect::>(); + assert_eq!(1, skill_fragments.len()); + let skill_fragment = skill_fragments + .first() + .expect("executor skill instructions should be model-visible"); + assert!(skill_fragment.contains(&format!("{SKILL_NAME}"))); + assert!(skill_fragment.contains(SKILL_MARKER)); + assert!(!skill_fragment.contains(LOCAL_SKILL_MARKER)); + + Ok(()) +} diff --git a/codex-rs/app-server/tests/suite/v2/experimental_api.rs b/codex-rs/app-server/tests/suite/v2/experimental_api.rs index fc1100d17b3..03c9d455f05 100644 --- a/codex-rs/app-server/tests/suite/v2/experimental_api.rs +++ b/codex-rs/app-server/tests/suite/v2/experimental_api.rs @@ -80,10 +80,12 @@ async fn realtime_conversation_start_requires_experimental_api_capability() -> R let request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: "thr_123".to_string(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("hello".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, }) .await?; @@ -186,12 +188,14 @@ async fn realtime_webrtc_start_requires_experimental_api_capability() -> Result< let request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: "thr_123".to_string(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("hello".to_string())), realtime_session_id: None, transport: Some(ThreadRealtimeStartTransport::Webrtc { sdp: "v=offer\r\n".to_string(), }), + version: None, voice: None, }) .await?; diff --git a/codex-rs/app-server/tests/suite/v2/experimental_feature_list.rs b/codex-rs/app-server/tests/suite/v2/experimental_feature_list.rs index 60a0f948399..797736b7af6 100644 --- a/codex-rs/app-server/tests/suite/v2/experimental_feature_list.rs +++ b/codex-rs/app-server/tests/suite/v2/experimental_feature_list.rs @@ -267,13 +267,15 @@ async fn experimental_feature_enablement_set_applies_to_global_and_thread_config let mut mcp = TestAppServer::new(codex_home.path()).await?; timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - let actual = - set_experimental_feature_enablement(&mut mcp, BTreeMap::from([("apps".to_string(), true)])) - .await?; + let actual = set_experimental_feature_enablement( + &mut mcp, + BTreeMap::from([("auth_elicitation".to_string(), true)]), + ) + .await?; assert_eq!( actual, ExperimentalFeatureEnablementSetResponse { - enablement: BTreeMap::from([("apps".to_string(), true)]), + enablement: BTreeMap::from([("auth_elicitation".to_string(), true)]), } ); @@ -284,7 +286,7 @@ async fn experimental_feature_enablement_set_applies_to_global_and_thread_config config .additional .get("features") - .and_then(|features| features.get("apps")), + .and_then(|features| features.get("auth_elicitation")), Some(&json!(true)) ); } @@ -333,16 +335,18 @@ async fn experimental_feature_enablement_set_only_updates_named_features() -> Re let mut mcp = TestAppServer::new(codex_home.path()).await?; timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - set_experimental_feature_enablement(&mut mcp, BTreeMap::from([("apps".to_string(), true)])) - .await?; + set_experimental_feature_enablement( + &mut mcp, + BTreeMap::from([("mentions_v2".to_string(), true)]), + ) + .await?; let actual = set_experimental_feature_enablement( &mut mcp, BTreeMap::from([ + ("auth_elicitation".to_string(), true), ("memories".to_string(), true), - ("plugins".to_string(), true), ("remote_plugin".to_string(), true), - ("tool_suggest".to_string(), true), - ("tool_call_mcp_elicitation".to_string(), false), + ("tool_suggest".to_string(), false), ]), ) .await?; @@ -351,11 +355,10 @@ async fn experimental_feature_enablement_set_only_updates_named_features() -> Re actual, ExperimentalFeatureEnablementSetResponse { enablement: BTreeMap::from([ + ("auth_elicitation".to_string(), true), ("memories".to_string(), true), - ("plugins".to_string(), true), ("remote_plugin".to_string(), true), - ("tool_suggest".to_string(), true), - ("tool_call_mcp_elicitation".to_string(), false), + ("tool_suggest".to_string(), false), ]), } ); @@ -366,21 +369,21 @@ async fn experimental_feature_enablement_set_only_updates_named_features() -> Re config .additional .get("features") - .and_then(|features| features.get("apps")), + .and_then(|features| features.get("mentions_v2")), Some(&json!(true)) ); assert_eq!( config .additional .get("features") - .and_then(|features| features.get("memories")), + .and_then(|features| features.get("auth_elicitation")), Some(&json!(true)) ); assert_eq!( config .additional .get("features") - .and_then(|features| features.get("plugins")), + .and_then(|features| features.get("memories")), Some(&json!(true)) ); assert_eq!( @@ -395,13 +398,6 @@ async fn experimental_feature_enablement_set_only_updates_named_features() -> Re .additional .get("features") .and_then(|features| features.get("tool_suggest")), - Some(&json!(true)) - ); - assert_eq!( - config - .additional - .get("features") - .and_then(|features| features.get("tool_call_mcp_elicitation")), Some(&json!(false)) ); @@ -432,8 +428,11 @@ async fn experimental_feature_enablement_set_empty_map_is_no_op() -> Result<()> let mut mcp = TestAppServer::new(codex_home.path()).await?; timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - set_experimental_feature_enablement(&mut mcp, BTreeMap::from([("apps".to_string(), true)])) - .await?; + set_experimental_feature_enablement( + &mut mcp, + BTreeMap::from([("mentions_v2".to_string(), true)]), + ) + .await?; let actual = set_experimental_feature_enablement(&mut mcp, BTreeMap::new()).await?; assert_eq!( @@ -449,7 +448,7 @@ async fn experimental_feature_enablement_set_empty_map_is_no_op() -> Result<()> config .additional .get("features") - .and_then(|features| features.get("apps")), + .and_then(|features| features.get("mentions_v2")), Some(&json!(true)) ); @@ -457,36 +456,30 @@ async fn experimental_feature_enablement_set_empty_map_is_no_op() -> Result<()> } #[tokio::test] -async fn experimental_feature_enablement_set_rejects_non_allowlisted_feature() -> Result<()> { +async fn experimental_feature_enablement_set_ignores_invalid_features() -> Result<()> { let codex_home = TempDir::new()?; let mut mcp = TestAppServer::new(codex_home.path()).await?; timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - let request_id = mcp - .send_experimental_feature_enablement_set_request(ExperimentalFeatureEnablementSetParams { - enablement: BTreeMap::from([("personality".to_string(), true)]), - }) - .await?; - let JSONRPCError { error, .. } = timeout( - DEFAULT_TIMEOUT, - mcp.read_stream_until_error_message(RequestId::Integer(request_id)), + let actual = set_experimental_feature_enablement( + &mut mcp, + BTreeMap::from([ + ("apps".to_string(), false), + ("auth_elicitation".to_string(), true), + ("connectors".to_string(), false), + ("personality".to_string(), false), + ("plugins".to_string(), false), + ("tool_call_mcp_elicitation".to_string(), false), + ("unknown_feature".to_string(), true), + ]), ) - .await??; + .await?; - assert_eq!(error.code, -32600); - assert!( - error - .message - .contains("unsupported feature enablement `personality`"), - "{}", - error.message - ); - assert!( - error.message.contains( - "apps, memories, mentions_v2, plugins, remote_control, remote_plugin, tool_suggest, tool_call_mcp_elicitation" - ), - "{}", - error.message + assert_eq!( + actual, + ExperimentalFeatureEnablementSetResponse { + enablement: BTreeMap::from([("auth_elicitation".to_string(), true)]), + } ); Ok(()) diff --git a/codex-rs/app-server/tests/suite/v2/external_agent_config.rs b/codex-rs/app-server/tests/suite/v2/external_agent_config.rs index fdb996c2f41..991e12dc789 100644 --- a/codex-rs/app-server/tests/suite/v2/external_agent_config.rs +++ b/codex-rs/app-server/tests/suite/v2/external_agent_config.rs @@ -435,6 +435,98 @@ async fn external_agent_config_import_creates_session_rollouts() -> Result<()> { Ok(()) } +#[tokio::test] +async fn external_agent_config_import_does_not_initialize_required_mcp() -> Result<()> { + let server = create_mock_responses_server_repeating_assistant("unused").await; + let codex_home = TempDir::new()?; + create_config_toml(codex_home.path(), &server.uri())?; + let mut config = std::fs::read_to_string(codex_home.path().join("config.toml"))?; + config.push_str( + r#" +[mcp_servers.required_broken] +command = "this-command-does-not-exist" +required = true +"#, + ); + std::fs::write(codex_home.path().join("config.toml"), config)?; + let project_root = codex_home.path().join("repo"); + let recent_timestamp = chrono::Utc::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true); + let session_dir = codex_home.path().join(".claude/projects/repo"); + let session_path = session_dir.join("session.jsonl"); + std::fs::create_dir_all(&project_root)?; + std::fs::create_dir_all(&session_dir)?; + std::fs::write( + &session_path, + serde_json::json!({ + "type": "user", + "cwd": &project_root, + "timestamp": &recent_timestamp, + "message": { "content": "first request" }, + }) + .to_string(), + )?; + + let home_dir = codex_home.path().display().to_string(); + let mut mcp = + TestAppServer::new_with_env(codex_home.path(), &[("HOME", Some(home_dir.as_str()))]) + .await?; + timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_raw_request( + "externalAgentConfig/import", + Some(serde_json::json!({ + "migrationItems": [{ + "itemType": "SESSIONS", + "description": "Migrate recent sessions", + "cwd": null, + "details": { + "sessions": [{ + "path": session_path, + "cwd": project_root, + "title": "first request" + }] + } + }] + })), + ) + .await?; + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_notification_message("externalAgentConfig/import/completed"), + ) + .await??; + + let request_id = mcp + .send_thread_list_request(ThreadListParams { + cursor: None, + limit: None, + sort_key: None, + sort_direction: None, + model_providers: None, + source_kinds: None, + archived: None, + cwd: None, + use_state_db_only: false, + search_term: None, + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let response: ThreadListResponse = to_response(response)?; + assert_eq!(response.data.len(), 1); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn external_agent_config_import_accepts_detected_session_payload_after_restart() -> Result<()> { diff --git a/codex-rs/app-server/tests/suite/v2/hooks_list.rs b/codex-rs/app-server/tests/suite/v2/hooks_list.rs index b7270f317ed..1fd1340a6c4 100644 --- a/codex-rs/app-server/tests/suite/v2/hooks_list.rs +++ b/codex-rs/app-server/tests/suite/v2/hooks_list.rs @@ -264,6 +264,84 @@ async fn hooks_list_shows_discovered_plugin_hook() -> Result<()> { Ok(()) } +#[tokio::test] +async fn hooks_list_warms_plugin_capabilities_for_thread_start() -> Result<()> { + let codex_home = TempDir::new()?; + let cwd = TempDir::new()?; + write_plugin_hook_config( + codex_home.path(), + r#"{ + "hooks": { + "PreToolUse": [ + { + "hooks": [ + { + "type": "command", + "command": "echo plugin hook" + } + ] + } + ] + } +}"#, + )?; + let plugin_mcp_path = codex_home + .path() + .join("plugins/cache/test/demo/local/.mcp.json"); + std::fs::write( + &plugin_mcp_path, + r#"{ + "mcpServers": { + "plugin-server": { + "url": "http://127.0.0.1:1/mcp" + } + } +}"#, + )?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; + + let hooks_list_id = mcp + .send_hooks_list_request(HooksListParams { + cwds: vec![cwd.path().to_path_buf()], + }) + .await?; + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(hooks_list_id)), + ) + .await??; + + std::fs::remove_file(plugin_mcp_path)?; + + let thread_start_id = mcp + .send_thread_start_request(ThreadStartParams::default()) + .await?; + let _: ThreadStartResponse = to_response( + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(thread_start_id)), + ) + .await??, + )?; + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_matching_notification("plugin MCP server starting", |notification| { + notification.method == "mcpServer/startupStatus/updated" + && notification + .params + .as_ref() + .and_then(|params| params.get("name")) + .and_then(serde_json::Value::as_str) + == Some("plugin-server") + }), + ) + .await??; + + Ok(()) +} + #[tokio::test] async fn hooks_list_shows_plugin_hook_load_warnings() -> Result<()> { let codex_home = TempDir::new()?; diff --git a/codex-rs/app-server/tests/suite/v2/imagegen_extension.rs b/codex-rs/app-server/tests/suite/v2/imagegen_extension.rs index 3469bf44c13..025c6ec186a 100644 --- a/codex-rs/app-server/tests/suite/v2/imagegen_extension.rs +++ b/codex-rs/app-server/tests/suite/v2/imagegen_extension.rs @@ -29,6 +29,12 @@ use wiremock::matchers::method; use wiremock::matchers::path; const RESULT: &str = "cG5n"; +const TINY_PNG_BYTES: &[u8] = &[ + 137, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82, 0, 0, 0, 1, 0, 0, 0, 1, 8, 6, 0, + 0, 0, 31, 21, 196, 137, 0, 0, 0, 11, 73, 68, 65, 84, 120, 156, 99, 96, 0, 2, 0, 0, 5, 0, 1, + 122, 94, 171, 63, 0, 0, 0, 0, 73, 69, 78, 68, 174, 66, 96, 130, +]; +const TINY_PNG_DATA_URL: &str = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAC0lEQVR4nGNgAAIAAAUAAXpeqz8AAAAASUVORK5CYII="; #[derive(Clone, Copy)] enum ImagegenTestMode { @@ -44,7 +50,7 @@ const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(60); const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(10); #[tokio::test] -async fn standalone_image_generation_persists_image_and_returns_it_to_model() -> Result<()> { +async fn standalone_image_generation_returns_saved_path_hint_to_model() -> Result<()> { let call_id = "image-run-1"; let server = responses::start_mock_server().await; mount_image_response(&server).await; @@ -59,7 +65,6 @@ async fn standalone_image_generation_persists_image_and_returns_it_to_model() -> "image_gen", "imagegen", &json!({ - "action": "generate", "prompt": "paint a blue whale", }) .to_string(), @@ -124,7 +129,13 @@ async fn standalone_image_generation_persists_image_and_returns_it_to_model() -> "detail": "high", }) ); - assert_eq!(output["output"].as_array().map(Vec::len), Some(1)); + let output_hint = output["output"][1]["text"] + .as_str() + .context("image output should include model-visible path hint")?; + assert!( + output_hint.contains(&saved_path.display().to_string()), + "output hint should identify the path core saved" + ); assert!( !requests[1] .message_input_texts("developer") @@ -136,6 +147,63 @@ async fn standalone_image_generation_persists_image_and_returns_it_to_model() -> Ok(()) } +#[tokio::test] +async fn standalone_image_edit_uses_attached_model_visible_image() -> Result<()> { + let edit_request = run_image_edit_test(|codex_home| { + let image_path = codex_home.join("attached.png"); + std::fs::write(&image_path, TINY_PNG_BYTES)?; + Ok(( + json!({ + "prompt": "add a red hat", + "referenced_image_paths": [image_path.display().to_string()], + }), + vec![ + V2UserInput::Text { + text: "Edit the attached image".to_string(), + text_elements: Vec::new(), + }, + V2UserInput::LocalImage { + path: image_path, + detail: None, + }, + ], + )) + }) + .await?; + assert_eq!(edit_request["prompt"], "add a red hat"); + assert_eq!(edit_request["images"][0]["image_url"], TINY_PNG_DATA_URL); + + Ok(()) +} + +#[tokio::test] +async fn standalone_image_edit_uses_recent_pathless_image() -> Result<()> { + let image_url = "https://example.com/reference.png"; + let edit_request = run_image_edit_test(|_| { + Ok(( + json!({ + "prompt": "add a red hat", + "num_last_images_to_include": 1, + }), + vec![ + V2UserInput::Text { + text: "Edit the attached image".to_string(), + text_elements: Vec::new(), + }, + V2UserInput::Image { + url: image_url.to_string(), + detail: None, + }, + ], + )) + }) + .await?; + assert_eq!(edit_request["prompt"], "add a red hat"); + assert_eq!(edit_request["images"][0]["image_url"], image_url); + + Ok(()) +} + #[tokio::test] async fn standalone_image_generation_is_exposed_in_code_mode_only() -> Result<()> { let server = responses::start_mock_server().await; @@ -196,10 +264,9 @@ async fn standalone_image_generation_is_callable_from_code_mode_only() -> Result "exec", r#" const result = await tools.image_gen__imagegen({ - action: "generate", prompt: "paint a blue whale", }); -image(result); +generatedImage(result); "#, ), responses::ev_completed("resp-1"), @@ -246,12 +313,92 @@ image(result); "detail": "high", }) ); - assert_eq!(output["output"].as_array().map(Vec::len), Some(2)); + assert!( + output["output"][2]["text"] + .as_str() + .is_some_and(|text| text.contains("Generated images are saved")) + ); + assert_eq!(output["output"].as_array().map(Vec::len), Some(3)); Ok(()) } async fn start_image_generation_turn(mcp: &mut TestAppServer) -> Result<()> { + start_turn( + mcp, + vec![V2UserInput::Text { + text: "Generate an image".to_string(), + text_elements: Vec::new(), + }], + ) + .await +} + +async fn run_image_edit_test( + input: impl FnOnce(&Path) -> Result<(serde_json::Value, Vec)>, +) -> Result { + let call_id = "image-edit-1"; + let server = responses::start_mock_server().await; + mount_image_edit_response(&server).await; + + let codex_home = TempDir::new()?; + let (arguments, input) = input(codex_home.path())?; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_function_call_with_namespace( + call_id, + "image_gen", + "imagegen", + &arguments.to_string(), + ), + responses::ev_completed("resp-1"), + ]), + responses::sse(vec![ + responses::ev_assistant_message("msg-1", "Done"), + responses::ev_completed("resp-2"), + ]), + ], + ) + .await; + + create_config_toml(codex_home.path(), &server.uri(), ImagegenTestMode::Direct)?; + write_chatgpt_auth( + codex_home.path(), + ChatGptAuthFixture::new("access-chatgpt"), + AuthCredentialsStoreMode::File, + )?; + + let mut mcp = + TestAppServer::new_with_env(codex_home.path(), &[("OPENAI_API_KEY", None)]).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + start_turn(&mut mcp, input).await?; + timeout( + DEFAULT_READ_TIMEOUT, + wait_for_image_generation_completed(&mut mcp), + ) + .await??; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("turn/completed"), + ) + .await??; + + assert_eq!(response_mock.requests().len(), 2); + let requests = server + .received_requests() + .await + .context("failed to fetch received requests")?; + Ok(requests + .iter() + .find(|request| request.url.path() == "/api/codex/images/edits") + .context("image edit request should be sent")? + .body_json::()?) +} + +async fn start_turn(mcp: &mut TestAppServer, input: Vec) -> Result<()> { let thread_req = mcp .send_thread_start_request(ThreadStartParams::default()) .await?; @@ -266,10 +413,7 @@ async fn start_image_generation_turn(mcp: &mut TestAppServer) -> Result<()> { .send_turn_start_request(TurnStartParams { thread_id: thread.id, client_user_message_id: None, - input: vec![V2UserInput::Text { - text: "Generate an image".to_string(), - text_elements: Vec::new(), - }], + input, ..Default::default() }) .await?; @@ -313,6 +457,18 @@ async fn mount_image_response(server: &MockServer) { .await; } +async fn mount_image_edit_response(server: &MockServer) { + Mock::given(method("POST")) + .and(path("/api/codex/images/edits")) + .respond_with(ResponseTemplate::new(200).set_body_json(json!({ + "created": 1, + "data": [{"b64_json": RESULT}], + }))) + .expect(1) + .mount(server) + .await; +} + fn create_config_toml( codex_home: &Path, server_uri: &str, diff --git a/codex-rs/app-server/tests/suite/v2/mcp_resource.rs b/codex-rs/app-server/tests/suite/v2/mcp_resource.rs index d8ecb889968..9e91e3e8724 100644 --- a/codex-rs/app-server/tests/suite/v2/mcp_resource.rs +++ b/codex-rs/app-server/tests/suite/v2/mcp_resource.rs @@ -19,6 +19,8 @@ use codex_app_server_protocol::McpResourceReadResponse; use codex_app_server_protocol::RequestId; use codex_app_server_protocol::ThreadStartParams; use codex_app_server_protocol::ThreadStartResponse; +use codex_app_server_protocol::TurnStartParams; +use codex_app_server_protocol::UserInput; use codex_arg0::Arg0DispatchPaths; use codex_config::CloudConfigBundleLoader; use codex_config::LoaderOverrides; @@ -30,9 +32,14 @@ use codex_protocol::protocol::SessionSource; use core_test_support::responses; use pretty_assertions::assert_eq; use rmcp::handler::server::ServerHandler; +use rmcp::model::ListResourcesResult; +use rmcp::model::Meta; +use rmcp::model::PaginatedRequestParams; use rmcp::model::ProtocolVersion; +use rmcp::model::RawResource; use rmcp::model::ReadResourceRequestParams; use rmcp::model::ReadResourceResult; +use rmcp::model::Resource; use rmcp::model::ResourceContents; use rmcp::model::ServerCapabilities; use rmcp::model::ServerInfo; @@ -41,6 +48,7 @@ use rmcp::service::RoleServer; use rmcp::transport::StreamableHttpServerConfig; use rmcp::transport::StreamableHttpService; use rmcp::transport::streamable_http_server::session::local::LocalSessionManager; +use serde_json::json; use tempfile::TempDir; use tokio::net::TcpListener; use tokio::task::JoinHandle; @@ -51,49 +59,34 @@ const TEST_RESOURCE_URI: &str = "test://codex/resource"; const TEST_BLOB_RESOURCE_URI: &str = "test://codex/resource.bin"; const TEST_RESOURCE_BLOB: &str = "YmluYXJ5LXJlc291cmNl"; const TEST_RESOURCE_TEXT: &str = "Resource body from the MCP server."; +const SKILL_NAME: &str = "demo-plugin:deploy"; +const RAW_SKILL_DESCRIPTION: &str = "Deploy\nthrough the orchestrator."; +const SKILL_DESCRIPTION: &str = "Deploy through the <hosted> orchestrator."; +const SKILL_RESOURCE_URI: &str = "skill://plugin_demo/deploy"; +const SKILL_MAIN_PROMPT_URI: &str = "skill://plugin_demo/deploy/SKILL.md"; +const SKILL_REFERENCE_URI: &str = "skill://plugin_demo/deploy/references/deploy.md"; +const SKILL_MARKER: &str = "ORCHESTRATOR_SKILL_BODY_MARKER"; +const SKILL_CONTENTS: &str = concat!( + "---\n", + "name: deploy\n", + "description: Deploy through the orchestrator.\n", + "---\n\n", + "# Deploy\n\n", + "ORCHESTRATOR_SKILL_BODY_MARKER\n\n", + "Read the [deployment reference](skill://plugin_demo/deploy/references/deploy.md).\n", +); +const SKILL_REFERENCE_CONTENTS: &str = + "# Deploy reference\n\nUse the orchestrator deployment API.\n"; +const SKILLS_LIST_CALL_ID: &str = "skills-list"; +const SKILLS_READ_CALL_ID: &str = "skills-read"; #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn mcp_resource_read_returns_resource_contents() -> Result<()> { let responses_server = responses::start_mock_server().await; let (apps_server_url, apps_server_handle) = start_resource_apps_mcp_server().await?; - - let codex_home = TempDir::new()?; let responses_server_uri = responses_server.uri(); - std::fs::write( - codex_home.path().join("config.toml"), - format!( - r#" -model = "mock-model" -approval_policy = "untrusted" -sandbox_mode = "read-only" - -model_provider = "mock_provider" -chatgpt_base_url = "{apps_server_url}" -mcp_oauth_credentials_store = "file" - -[features] -apps = true - -[model_providers.mock_provider] -name = "Mock provider for test" -base_url = "{responses_server_uri}/v1" -wire_api = "responses" -request_max_retries = 0 -stream_max_retries = 0 -"# - ), - )?; - write_chatgpt_auth( - codex_home.path(), - ChatGptAuthFixture::new("chatgpt-token") - .account_id("account-123") - .chatgpt_user_id("user-123") - .chatgpt_account_id("account-123"), - AuthCredentialsStoreMode::File, - )?; - - let mut mcp = TestAppServer::new(codex_home.path()).await?; - timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + let (_codex_home, mut mcp) = + start_resource_test_app_server(&apps_server_url, &responses_server_uri).await?; let thread_start_id = mcp .send_thread_start_request(ThreadStartParams { @@ -120,7 +113,6 @@ stream_max_retries = 0 mcp.read_stream_until_response_message(RequestId::Integer(read_request_id)), ) .await??; - assert_eq!( to_response::(read_response)?, expected_resource_read_response() @@ -131,6 +123,165 @@ stream_max_retries = 0 Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +#[ignore = "orchestrator skills are disabled until /ps/mcp serves complete skill packages"] +async fn orchestrator_skill_can_read_referenced_resource_without_an_executor() -> Result<()> { + let responses_server = responses::start_mock_server().await; + let (apps_server_url, apps_server_handle) = start_resource_apps_mcp_server().await?; + let responses_server_uri = responses_server.uri(); + let (_codex_home, mut mcp) = + start_resource_test_app_server(&apps_server_url, &responses_server_uri).await?; + + let thread_start_id = mcp + .send_thread_start_request(ThreadStartParams { + model: Some("mock-model".to_string()), + environments: Some(Vec::new()), + ..Default::default() + }) + .await?; + let thread_start_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(thread_start_id)), + ) + .await??; + let ThreadStartResponse { thread, .. } = to_response(thread_start_resp)?; + + let response_mock = responses::mount_sse_sequence( + &responses_server, + vec![ + responses::sse(vec![ + responses::ev_response_created("resp-skills-list"), + responses::ev_function_call_with_namespace( + SKILLS_LIST_CALL_ID, + "skills", + "list", + &json!({ + "authority": { + "kind": "orchestrator", + }, + }) + .to_string(), + ), + responses::ev_completed("resp-skills-list"), + ]), + responses::sse(vec![ + responses::ev_response_created("resp-skills-read"), + responses::ev_function_call_with_namespace( + SKILLS_READ_CALL_ID, + "skills", + "read", + &json!({ + "authority": { + "kind": "orchestrator", + }, + "package": SKILL_RESOURCE_URI, + "resource": SKILL_REFERENCE_URI, + }) + .to_string(), + ), + responses::ev_completed("resp-skills-read"), + ]), + responses::sse(vec![ + responses::ev_response_created("resp-orchestrator-skill"), + responses::ev_assistant_message("msg-orchestrator-skill", "Done"), + responses::ev_completed("resp-orchestrator-skill"), + ]), + ], + ) + .await; + let turn_start_id = mcp + .send_turn_start_request(TurnStartParams { + thread_id: thread.id, + input: vec![UserInput::Text { + text: format!("Use ${SKILL_NAME}"), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(turn_start_id)), + ) + .await??; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("turn/completed"), + ) + .await??; + + let requests = response_mock.requests(); + assert_eq!(requests.len(), 3); + let first_request = &requests[0]; + assert!(first_request.tool_by_name("skills", "list").is_some()); + assert!(first_request.tool_by_name("skills", "read").is_some()); + assert!(first_request.tool_by_name("skills", "search").is_none()); + + let developer_messages = first_request.message_input_texts("developer"); + let catalog_line = format!( + "- {SKILL_NAME}: {SKILL_DESCRIPTION} (orchestrator resource: {SKILL_RESOURCE_URI})" + ); + assert_eq!( + 1, + developer_messages + .iter() + .filter(|text| text.contains(&catalog_line)) + .count() + ); + assert!( + developer_messages + .iter() + .all(|text| !text.contains("ignored-plugin:ignored")) + ); + assert!( + developer_messages + .iter() + .any(|text| text.contains("do not treat `skill://` identifiers as filesystem paths")) + ); + let skill_fragments = first_request + .message_input_texts("user") + .into_iter() + .filter(|text| text.starts_with("")) + .collect::>(); + assert_eq!(1, skill_fragments.len()); + assert!(skill_fragments[0].contains(&format!("{SKILL_NAME}"))); + assert!(skill_fragments[0].contains(SKILL_MARKER)); + assert!(skill_fragments[0].contains(SKILL_REFERENCE_URI)); + + let list_output = requests[1] + .function_call_output_text(SKILLS_LIST_CALL_ID) + .ok_or_else(|| anyhow::anyhow!("skills.list output should be sent to the model"))?; + assert_eq!( + serde_json::from_str::(&list_output)?, + json!({ + "skills": [{ + "authority": { + "kind": "orchestrator", + }, + "package": SKILL_RESOURCE_URI, + "name": SKILL_NAME, + "description": SKILL_DESCRIPTION, + "main_resource": SKILL_MAIN_PROMPT_URI, + }], + "warnings": ["Orchestrator skill discovery stopped after 2 resource pages: failed to list orchestrator skill resources: resources/list failed for `codex_apps`: Mcp error: -32603: simulated later-page failure"], + }) + ); + + let read_output = requests[2] + .function_call_output_text(SKILLS_READ_CALL_ID) + .ok_or_else(|| anyhow::anyhow!("skills.read output should be sent to the model"))?; + assert_eq!( + serde_json::from_str::(&read_output)?, + json!({ + "resource": SKILL_REFERENCE_URI, + "contents": SKILL_REFERENCE_CONTENTS, + }) + ); + apps_server_handle.abort(); + let _ = apps_server_handle.await; + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn mcp_resource_read_returns_resource_contents_without_thread() -> Result<()> { let (apps_server_url, apps_server_handle) = start_resource_apps_mcp_server().await?; @@ -246,6 +397,52 @@ async fn mcp_resource_read_returns_error_for_unknown_thread() -> Result<()> { Ok(()) } +async fn start_resource_test_app_server( + apps_server_url: &str, + responses_server_uri: &str, +) -> Result<(TempDir, TestAppServer)> { + let codex_home = TempDir::new()?; + std::fs::write( + codex_home.path().join("config.toml"), + format!( + r#" +model = "mock-model" +approval_policy = "untrusted" +sandbox_mode = "read-only" + +model_provider = "mock_provider" +chatgpt_base_url = "{apps_server_url}" +mcp_oauth_credentials_store = "file" + +[features] +apps = true + +[skills] +include_instructions = true + +[model_providers.mock_provider] +name = "Mock provider for test" +base_url = "{responses_server_uri}/v1" +wire_api = "responses" +request_max_retries = 0 +stream_max_retries = 0 +"# + ), + )?; + write_chatgpt_auth( + codex_home.path(), + ChatGptAuthFixture::new("chatgpt-token") + .account_id("account-123") + .chatgpt_user_id("user-123") + .chatgpt_account_id("account-123"), + AuthCredentialsStoreMode::File, + )?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + Ok((codex_home, mcp)) +} + async fn start_resource_apps_mcp_server() -> Result<(String, JoinHandle<()>)> { let listener = TcpListener::bind("127.0.0.1:0").await?; let addr = listener.local_addr()?; @@ -256,7 +453,7 @@ async fn start_resource_apps_mcp_server() -> Result<(String, JoinHandle<()>)> { Arc::new(LocalSessionManager::default()), StreamableHttpServerConfig::default(), ); - let router = Router::new().nest_service("/api/codex/apps", mcp_service); + let router = Router::new().nest_service("/api/codex/ps/mcp", mcp_service); let apps_server_handle = tokio::spawn(async move { let _ = axum::serve(listener, router).await; }); @@ -292,12 +489,79 @@ impl ServerHandler for ResourceAppsMcpServer { .with_protocol_version(ProtocolVersion::V_2025_06_18) } + async fn list_resources( + &self, + request: Option, + _context: RequestContext, + ) -> Result { + let cursor = request.and_then(|request| request.cursor); + if cursor.is_none() { + return Ok(ListResourcesResult { + resources: vec![skill_resource( + "skill://plugin_ignored/ignored", + "plugin_ignored/ignored", + "Not an MCP skill resource.", + "text/plain", + "ignored-plugin", + "ignored", + )], + next_cursor: Some("skills-page".to_string()), + meta: None, + }); + } + if cursor.as_deref() == Some("failing-page") { + return Err(rmcp::ErrorData::internal_error( + "simulated later-page failure", + /*data*/ None, + )); + } + if cursor.as_deref() != Some("skills-page") { + return Err(rmcp::ErrorData::invalid_params( + "unexpected resources/list cursor", + /*data*/ None, + )); + } + + Ok(ListResourcesResult { + resources: vec![skill_resource( + SKILL_RESOURCE_URI, + "plugin_demo/deploy", + RAW_SKILL_DESCRIPTION, + "mcp/skill", + "demo-plugin", + "deploy", + )], + next_cursor: Some("failing-page".to_string()), + meta: None, + }) + } + async fn read_resource( &self, request: ReadResourceRequestParams, _context: RequestContext, ) -> Result { let uri = request.uri; + if uri == SKILL_MAIN_PROMPT_URI { + return Ok(ReadResourceResult::new(vec![ + ResourceContents::TextResourceContents { + uri: SKILL_MAIN_PROMPT_URI.to_string(), + mime_type: Some("text/markdown".to_string()), + text: SKILL_CONTENTS.to_string(), + meta: None, + }, + ])); + } + if uri == SKILL_REFERENCE_URI { + return Ok(ReadResourceResult::new(vec![ + ResourceContents::TextResourceContents { + uri: SKILL_REFERENCE_URI.to_string(), + mime_type: Some("text/markdown".to_string()), + text: SKILL_REFERENCE_CONTENTS.to_string(), + meta: None, + }, + ])); + } if uri != TEST_RESOURCE_URI { return Err(rmcp::ErrorData::resource_not_found( format!("resource not found: {uri}"), @@ -321,3 +585,27 @@ impl ServerHandler for ResourceAppsMcpServer { ])) } } + +fn skill_resource( + uri: &str, + name: &str, + description: &str, + mime_type: &str, + plugin_name: &str, + skill_name: &str, +) -> Resource { + Resource::new( + RawResource::new(uri, name) + .with_description(description) + .with_mime_type(mime_type) + .with_meta(skill_resource_meta(plugin_name, skill_name)), + /*annotations*/ None, + ) +} + +fn skill_resource_meta(plugin_name: &str, skill_name: &str) -> Meta { + Meta(serde_json::Map::from_iter([ + ("plugin_name".to_string(), json!(plugin_name)), + ("skill_name".to_string(), json!(skill_name)), + ])) +} diff --git a/codex-rs/app-server/tests/suite/v2/mcp_server_elicitation.rs b/codex-rs/app-server/tests/suite/v2/mcp_server_elicitation.rs index 8d0387ee972..b4bd1d377a9 100644 --- a/codex-rs/app-server/tests/suite/v2/mcp_server_elicitation.rs +++ b/codex-rs/app-server/tests/suite/v2/mcp_server_elicitation.rs @@ -406,7 +406,7 @@ async fn start_apps_server() -> Result<(String, JoinHandle<()>)> { get(list_directory_connectors), ) .with_state(state) - .nest_service("/api/codex/apps", mcp_service); + .nest_service("/api/codex/ps/mcp", mcp_service); let handle = tokio::spawn(async move { let _ = axum::serve(listener, router).await; diff --git a/codex-rs/app-server/tests/suite/v2/mod.rs b/codex-rs/app-server/tests/suite/v2/mod.rs index 9aef40aadeb..e038a131e40 100644 --- a/codex-rs/app-server/tests/suite/v2/mod.rs +++ b/codex-rs/app-server/tests/suite/v2/mod.rs @@ -12,6 +12,7 @@ mod connection_handling_websocket; #[cfg(unix)] mod connection_handling_websocket_unix; mod dynamic_tools; +mod executor_skills; mod experimental_api; mod experimental_feature_list; mod external_agent_config; @@ -49,6 +50,7 @@ mod review; mod safety_check_downgrade; mod skills_list; mod thread_archive; +mod thread_delete; mod thread_fork; mod thread_inject_items; mod thread_list; diff --git a/codex-rs/app-server/tests/suite/v2/model_list.rs b/codex-rs/app-server/tests/suite/v2/model_list.rs index 778577f8579..d2538629c8f 100644 --- a/codex-rs/app-server/tests/suite/v2/model_list.rs +++ b/codex-rs/app-server/tests/suite/v2/model_list.rs @@ -1,5 +1,6 @@ use std::time::Duration; +use anyhow::Error; use anyhow::Result; use app_test_support::ChatGptAuthFixture; use app_test_support::TestAppServer; @@ -48,11 +49,11 @@ fn model_from_preset(preset: &ModelPreset) -> Model { .supported_reasoning_efforts .iter() .map(|preset| ReasoningEffortOption { - reasoning_effort: preset.effort, + reasoning_effort: preset.effort.clone(), description: preset.description.clone(), }) .collect(), - default_reasoning_effort: preset.default_reasoning_effort, + default_reasoning_effort: preset.default_reasoning_effort.clone(), input_modalities: preset.input_modalities.clone(), // `write_models_cache()` round-trips through a simplified ModelInfo fixture that does not // preserve personality placeholders in base instructions, so app-server list results from @@ -164,10 +165,11 @@ async fn list_models_uses_chatgpt_remote_catalog_as_source_of_truth() -> Result< "slug": "chatgpt-remote-only", "display_name": "ChatGPT Remote Only", "description": "Remote-only model for app-server model/list coverage", - "default_reasoning_level": "medium", + "default_reasoning_level": "max", "supported_reasoning_levels": [ - {"effort": "low", "description": "low"}, - {"effort": "medium", "description": "medium"} + {"effort": "max", "description": "Maximum"}, + {"effort": "low", "description": "Low"}, + {"effort": "focused", "description": "Focused"} ], "shell_type": "shell_command", "visibility": "list", @@ -238,10 +240,24 @@ openai_base_url = "{server_uri}/v1" } = to_response::(response)?; let mut expected_presets: Vec = vec![remote_model.into()]; ModelPreset::mark_default_by_picker_visibility(&mut expected_presets); - let expected_items = expected_presets + let mut expected_items = expected_presets .iter() .map(model_from_preset) .collect::>(); + expected_items[0].supported_reasoning_efforts = vec![ + ReasoningEffortOption { + reasoning_effort: "max".parse().map_err(Error::msg)?, + description: "Maximum".to_string(), + }, + ReasoningEffortOption { + reasoning_effort: "low".parse().map_err(Error::msg)?, + description: "Low".to_string(), + }, + ReasoningEffortOption { + reasoning_effort: "focused".parse().map_err(Error::msg)?, + description: "Focused".to_string(), + }, + ]; assert_eq!(items, expected_items); assert!(next_cursor.is_none()); diff --git a/codex-rs/app-server/tests/suite/v2/plugin_install.rs b/codex-rs/app-server/tests/suite/v2/plugin_install.rs index 2de63f14510..1be64b8faca 100644 --- a/codex-rs/app-server/tests/suite/v2/plugin_install.rs +++ b/codex-rs/app-server/tests/suite/v2/plugin_install.rs @@ -288,6 +288,74 @@ async fn plugin_install_writes_remote_plugin_to_cloud_and_cache() -> Result<()> Ok(()) } +#[tokio::test] +async fn plugin_install_uses_remote_apps_needing_auth_response() -> Result<()> { + let codex_home = TempDir::new()?; + let server = MockServer::start().await; + let remote_app_manifest = json!({ + "apps": { + "alpha": { + "id": "alpha", + "category": "Developer Tools" + } + } + }); + let bundle_url = mount_remote_plugin_bundle( + &server, + /*status_code*/ 200, + remote_plugin_bundle_tar_gz_bytes("linear")?, + ) + .await; + configure_remote_plugin_with_apps_test(codex_home.path(), &server)?; + mount_remote_plugin_detail_with_app_manifest( + &server, + REMOTE_PLUGIN_ID, + "1.2.3", + Some(&bundle_url), + remote_app_manifest, + ) + .await; + mount_empty_remote_installed_plugins(&server).await; + mount_remote_plugin_install_with_apps_needing_auth(&server, REMOTE_PLUGIN_ID, &["alpha"]).await; + + let mut mcp = TestAppServer::new_with_env( + codex_home.path(), + &[(TEST_ALLOW_HTTP_REMOTE_PLUGIN_BUNDLE_DOWNLOADS, Some("1"))], + ) + .await?; + timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; + + let request_id = send_remote_plugin_install_request(&mut mcp, REMOTE_PLUGIN_ID).await?; + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let response: PluginInstallResponse = to_response(response)?; + + assert_eq!( + response, + PluginInstallResponse { + auth_policy: PluginAuthPolicy::OnUse, + apps_needing_auth: vec![AppSummary { + id: "alpha".to_string(), + name: "alpha".to_string(), + description: None, + install_url: Some("https://chatgpt.com/apps/alpha/alpha".to_string()), + category: Some("Developer Tools".to_string()), + }], + } + ); + wait_for_remote_plugin_request_count( + &server, + "GET", + "/backend-api/connectors/directory/list", + /*expected_count*/ 0, + ) + .await?; + Ok(()) +} + #[tokio::test] async fn plugin_install_rejects_missing_remote_bundle_url() -> Result<()> { let codex_home = TempDir::new()?; @@ -948,7 +1016,7 @@ async fn plugin_install_returns_apps_needing_auth() -> Result<()> { name: "Alpha".to_string(), description: Some("Alpha connector".to_string()), install_url: Some("https://chatgpt.com/apps/alpha/alpha".to_string()), - needs_auth: true, + category: None, }], } ); @@ -1036,7 +1104,7 @@ async fn plugin_install_filters_disallowed_apps_needing_auth() -> Result<()> { name: "Alpha".to_string(), description: Some("Alpha connector".to_string()), install_url: Some("https://chatgpt.com/apps/alpha/alpha".to_string()), - needs_auth: true, + category: None, }], } ); @@ -1236,7 +1304,7 @@ async fn start_apps_server( get(list_directory_connectors), ) .with_state(state) - .nest_service("/api/codex/apps", mcp_service); + .nest_service("/api/codex/ps/mcp", mcp_service); let handle = tokio::spawn(async move { let _ = axum::serve(listener, router).await; @@ -1398,6 +1466,34 @@ fn configure_remote_plugin_test(codex_home: &std::path::Path, server: &MockServe ) } +fn configure_remote_plugin_with_apps_test( + codex_home: &std::path::Path, + server: &MockServer, +) -> Result<()> { + std::fs::write( + codex_home.join("config.toml"), + format!( + r#" +chatgpt_base_url = "{}/backend-api/" + +[features] +plugins = true +remote_plugin = true +connectors = true +"#, + server.uri() + ), + )?; + write_chatgpt_auth( + codex_home, + ChatGptAuthFixture::new("chatgpt-token") + .account_id("account-123") + .chatgpt_user_id("user-123") + .chatgpt_account_id("account-123"), + AuthCredentialsStoreMode::File, + ) +} + async fn mount_remote_plugin_bundle( server: &MockServer, status_code: u16, @@ -1552,6 +1648,27 @@ async fn mount_remote_plugin_install(server: &MockServer, remote_plugin_id: &str .await; } +async fn mount_remote_plugin_install_with_apps_needing_auth( + server: &MockServer, + remote_plugin_id: &str, + app_ids_needing_auth: &[&str], +) { + Mock::given(method("POST")) + .and(path(format!( + "/backend-api/ps/plugins/{remote_plugin_id}/install" + ))) + .and(query_param("includeAppsNeedingAuth", "true")) + .and(header("authorization", "Bearer chatgpt-token")) + .and(header("chatgpt-account-id", "account-123")) + .respond_with(ResponseTemplate::new(200).set_body_json(json!({ + "id": remote_plugin_id, + "enabled": true, + "app_ids_needing_auth": app_ids_needing_auth, + }))) + .mount(server) + .await; +} + #[derive(Debug, Clone)] struct CacheManifestExists { manifest_path: std::path::PathBuf, diff --git a/codex-rs/app-server/tests/suite/v2/plugin_list.rs b/codex-rs/app-server/tests/suite/v2/plugin_list.rs index ae622db8a87..a49c5d3c75e 100644 --- a/codex-rs/app-server/tests/suite/v2/plugin_list.rs +++ b/codex-rs/app-server/tests/suite/v2/plugin_list.rs @@ -38,7 +38,6 @@ use wiremock::matchers::query_param; const DEFAULT_TIMEOUT: Duration = Duration::from_secs(30); const TEST_CURATED_PLUGIN_SHA: &str = "0123456789abcdef0123456789abcdef01234567"; -const STARTUP_REMOTE_PLUGIN_SYNC_MARKER_FILE: &str = ".tmp/app-server-remote-plugin-sync-v1"; const TEST_ALLOW_HTTP_REMOTE_PLUGIN_BUNDLE_DOWNLOADS: &str = "CODEX_TEST_ALLOW_HTTP_REMOTE_PLUGIN_BUNDLE_DOWNLOADS"; const ALTERNATE_MARKETPLACE_RELATIVE_PATH: &str = ".claude-plugin/marketplace.json"; @@ -1460,94 +1459,6 @@ enabled = true Ok(()) } -#[tokio::test] -async fn app_server_startup_remote_plugin_sync_runs_once() -> Result<()> { - let codex_home = TempDir::new()?; - let server = MockServer::start().await; - write_plugin_sync_config(codex_home.path(), &format!("{}/backend-api/", server.uri()))?; - write_chatgpt_auth( - codex_home.path(), - ChatGptAuthFixture::new("chatgpt-token") - .account_id("account-123") - .chatgpt_user_id("user-123") - .chatgpt_account_id("account-123"), - AuthCredentialsStoreMode::File, - )?; - write_openai_curated_marketplace(codex_home.path(), &["linear"])?; - - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .and(header("authorization", "Bearer chatgpt-token")) - .and(header("chatgpt-account-id", "account-123")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"linear","marketplace_name":"openai-curated","version":"1.0.0","enabled":true} -]"#, - )) - .mount(&server) - .await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/featured")) - .and(query_param("platform", "codex")) - .and(header("authorization", "Bearer chatgpt-token")) - .and(header("chatgpt-account-id", "account-123")) - .respond_with(ResponseTemplate::new(200).set_body_string(r#"["linear@openai-curated"]"#)) - .mount(&server) - .await; - - let marker_path = codex_home - .path() - .join(STARTUP_REMOTE_PLUGIN_SYNC_MARKER_FILE); - - { - let mut mcp = TestAppServer::new_with_plugin_startup_tasks(codex_home.path()).await?; - timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - - wait_for_path_exists(&marker_path).await?; - wait_for_remote_plugin_request_count(&server, "/plugins/list", /*expected_count*/ 1) - .await?; - let request_id = mcp - .send_plugin_list_request(PluginListParams { - cwds: None, - marketplace_kinds: None, - }) - .await?; - let response: JSONRPCResponse = timeout( - DEFAULT_TIMEOUT, - mcp.read_stream_until_response_message(RequestId::Integer(request_id)), - ) - .await??; - let response: PluginListResponse = to_response(response)?; - let curated_marketplace = response - .marketplaces - .into_iter() - .find(|marketplace| marketplace.name == "openai-curated") - .expect("expected openai-curated marketplace entry"); - assert_eq!( - curated_marketplace - .plugins - .into_iter() - .map(|plugin| (plugin.id, plugin.installed, plugin.enabled)) - .collect::>(), - vec![("linear@openai-curated".to_string(), true, true)] - ); - wait_for_remote_plugin_request_count(&server, "/plugins/list", /*expected_count*/ 1) - .await?; - } - - let config = std::fs::read_to_string(codex_home.path().join("config.toml"))?; - assert!(config.contains(r#"[plugins."linear@openai-curated"]"#)); - - { - let mut mcp = TestAppServer::new_with_plugin_startup_tasks(codex_home.path()).await?; - timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; - } - - tokio::time::sleep(Duration::from_millis(250)).await; - wait_for_remote_plugin_request_count(&server, "/plugins/list", /*expected_count*/ 1).await?; - Ok(()) -} - #[tokio::test] async fn app_server_startup_sync_downloads_remote_installed_plugin_bundles() -> Result<()> { let codex_home = TempDir::new()?; @@ -1812,6 +1723,7 @@ async fn plugin_list_includes_remote_marketplaces_when_remote_plugin_enabled() - .and(query_param("limit", "200")) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) + .and(header("oai-product-sku", "codex")) .respond_with(ResponseTemplate::new(200).set_body_string(global_directory_body)) .mount(&server) .await; @@ -1821,6 +1733,7 @@ async fn plugin_list_includes_remote_marketplaces_when_remote_plugin_enabled() - .and(query_param("limit", "200")) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) + .and(header("oai-product-sku", "codex")) .respond_with(ResponseTemplate::new(200).set_body_string(empty_page_body)) .mount(&server) .await; @@ -1829,6 +1742,7 @@ async fn plugin_list_includes_remote_marketplaces_when_remote_plugin_enabled() - .and(query_param("scope", "GLOBAL")) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) + .and(header("oai-product-sku", "codex")) .respond_with(ResponseTemplate::new(200).set_body_string(global_installed_body)) .mount(&server) .await; @@ -1837,6 +1751,7 @@ async fn plugin_list_includes_remote_marketplaces_when_remote_plugin_enabled() - .and(query_param("scope", "WORKSPACE")) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) + .and(header("oai-product-sku", "codex")) .respond_with(ResponseTemplate::new(200).set_body_string(empty_page_body)) .mount(&server) .await; @@ -1948,6 +1863,102 @@ async fn plugin_list_includes_remote_marketplaces_when_remote_plugin_enabled() - Ok(()) } +#[tokio::test] +async fn plugin_list_uses_cached_global_remote_catalog_and_refreshes_it() -> Result<()> { + let codex_home = TempDir::new()?; + let server = MockServer::start().await; + write_remote_plugin_catalog_config( + codex_home.path(), + &format!("{}/backend-api/", server.uri()), + )?; + write_chatgpt_auth( + codex_home.path(), + ChatGptAuthFixture::new("chatgpt-token") + .account_id("account-123") + .chatgpt_user_id("user-123") + .chatgpt_account_id("account-123"), + AuthCredentialsStoreMode::File, + )?; + + let cached_remote_plugin_id = "plugins~Plugin_00000000000000000000000000000000"; + let refreshed_remote_plugin_id = "plugins~Plugin_11111111111111111111111111111111"; + let cached_body = + remote_plugin_list_body(cached_remote_plugin_id, "linear", "Linear", "Plan work"); + let refreshed_body = remote_plugin_list_body( + refreshed_remote_plugin_id, + "notion", + "Notion", + "Capture notes", + ); + mount_remote_plugin_list(&server, "GLOBAL", &cached_body).await; + mount_remote_installed_plugins(&server, "GLOBAL", empty_remote_installed_plugins_body()).await; + mount_remote_installed_plugins(&server, "WORKSPACE", empty_remote_installed_plugins_body()) + .await; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_plugin_list_request(PluginListParams { + cwds: None, + marketplace_kinds: None, + }) + .await?; + let response: PluginListResponse = to_response( + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??, + )?; + let remote_marketplace = response + .marketplaces + .iter() + .find(|marketplace| marketplace.name == "openai-curated-remote") + .expect("expected warmed remote marketplace"); + assert_eq!( + remote_marketplace.plugins[0].id, + "linear@openai-curated-remote" + ); + wait_for_remote_plugin_request_count(&server, "/ps/plugins/list", /*expected_count*/ 1).await?; + wait_for_cached_remote_catalog_plugin_ids(codex_home.path(), &[cached_remote_plugin_id]) + .await?; + + server.reset().await; + mount_remote_plugin_list(&server, "GLOBAL", &refreshed_body).await; + mount_remote_installed_plugins(&server, "GLOBAL", empty_remote_installed_plugins_body()).await; + mount_remote_installed_plugins(&server, "WORKSPACE", empty_remote_installed_plugins_body()) + .await; + + let request_id = mcp + .send_plugin_list_request(PluginListParams { + cwds: None, + marketplace_kinds: None, + }) + .await?; + let response: PluginListResponse = to_response( + timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??, + )?; + let remote_marketplace = response + .marketplaces + .iter() + .find(|marketplace| marketplace.name == "openai-curated-remote") + .expect("expected cached remote marketplace"); + assert_eq!( + remote_marketplace.plugins[0].id, + "linear@openai-curated-remote" + ); + wait_for_remote_plugin_request_count(&server, "/ps/plugins/list", /*expected_count*/ 1).await?; + wait_for_cached_remote_catalog_plugin_ids(codex_home.path(), &[refreshed_remote_plugin_id]) + .await?; + + Ok(()) +} + #[tokio::test] async fn plugin_list_includes_openai_curated_remote_collection_when_requested() -> Result<()> { let codex_home = TempDir::new()?; @@ -2360,6 +2371,92 @@ plugin_sharing = true Ok(()) } +#[tokio::test] +async fn plugin_installed_includes_workspace_directory_without_plugin_sharing() -> Result<()> { + let codex_home = TempDir::new()?; + let server = MockServer::start().await; + std::fs::write( + codex_home.path().join("config.toml"), + format!( + r#"chatgpt_base_url = "{}/backend-api/" + +[features] +plugins = true +remote_plugin = false +plugin_sharing = false +"#, + server.uri() + ), + )?; + write_chatgpt_auth( + codex_home.path(), + ChatGptAuthFixture::new("chatgpt-token") + .account_id("account-123") + .chatgpt_user_id("user-123") + .chatgpt_account_id("account-123"), + AuthCredentialsStoreMode::File, + )?; + let mut workspace_installed_body: serde_json::Value = + serde_json::from_str(&workspace_remote_plugin_page_body( + "plugins~Plugin_11111111111111111111111111111111", + "workspace-linear", + "Workspace Linear", + "LISTED", + /*enabled*/ Some(true), + ))?; + let shared_installed_body: serde_json::Value = + serde_json::from_str(&workspace_remote_plugin_page_body( + "plugins~Plugin_22222222222222222222222222222222", + "shared-linear", + "Shared Linear", + "PRIVATE", + /*enabled*/ Some(true), + ))?; + workspace_installed_body["plugins"] + .as_array_mut() + .expect("installed plugins should be an array") + .push(shared_installed_body["plugins"][0].clone()); + let workspace_installed_body = serde_json::to_string(&workspace_installed_body)?; + mount_remote_installed_plugins(&server, "GLOBAL", empty_remote_installed_plugins_body()).await; + mount_remote_installed_plugins(&server, "WORKSPACE", &workspace_installed_body).await; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_plugin_installed_request(PluginInstalledParams { + cwds: None, + install_suggestion_plugin_names: None, + }) + .await?; + + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let response: PluginInstalledResponse = to_response(response)?; + + assert_eq!(response.marketplaces.len(), 1); + let marketplace = &response.marketplaces[0]; + assert_eq!(marketplace.name, "workspace-directory"); + assert_eq!( + marketplace + .plugins + .iter() + .map(|plugin| (plugin.id.clone(), plugin.installed, plugin.enabled)) + .collect::>(), + vec![( + "workspace-linear@workspace-directory".to_string(), + true, + true + )] + ); + wait_for_remote_installed_scope_request(&server, "WORKSPACE").await?; + wait_for_remote_installed_scope_request(&server, "GLOBAL").await?; + Ok(()) +} + #[tokio::test] async fn plugin_installed_starts_remote_installed_bundle_sync() -> Result<()> { let codex_home = TempDir::new()?; @@ -3110,6 +3207,52 @@ async fn wait_for_remote_installed_scope_request(server: &MockServer, scope: &st Ok(()) } +async fn wait_for_cached_remote_catalog_plugin_ids( + codex_home: &std::path::Path, + expected_plugin_ids: &[&str], +) -> Result<()> { + let mut expected_plugin_ids = expected_plugin_ids + .iter() + .copied() + .map(str::to_string) + .collect::>(); + expected_plugin_ids.sort(); + timeout(DEFAULT_TIMEOUT, async { + loop { + let plugin_ids = cached_remote_catalog_plugin_ids(codex_home)?; + if plugin_ids == expected_plugin_ids { + return Ok::<(), anyhow::Error>(()); + } + tokio::time::sleep(Duration::from_millis(10)).await; + } + }) + .await??; + Ok(()) +} + +fn cached_remote_catalog_plugin_ids(codex_home: &std::path::Path) -> Result> { + let cache_dir = codex_home.join("cache/remote_plugin_catalog"); + if !cache_dir.exists() { + return Ok(Vec::new()); + } + let mut plugin_ids = Vec::new(); + for entry in std::fs::read_dir(cache_dir)? { + let path = entry?.path(); + let cached_catalog: serde_json::Value = serde_json::from_slice(&std::fs::read(path)?)?; + let Some(plugins) = cached_catalog["plugins"].as_array() else { + continue; + }; + plugin_ids.extend( + plugins + .iter() + .filter_map(|plugin| plugin["id"].as_str()) + .map(str::to_string), + ); + } + plugin_ids.sort(); + Ok(plugin_ids) +} + async fn wait_for_path_exists(path: &std::path::Path) -> Result<()> { timeout(DEFAULT_TIMEOUT, async { loop { @@ -3148,6 +3291,43 @@ async fn mount_remote_plugin_list(server: &MockServer, scope: &str, body: &str) .await; } +fn remote_plugin_list_body( + remote_plugin_id: &str, + plugin_name: &str, + display_name: &str, + short_description: &str, +) -> String { + format!( + r#"{{ + "plugins": [ + {{ + "id": "{remote_plugin_id}", + "name": "{plugin_name}", + "scope": "GLOBAL", + "installation_policy": "AVAILABLE", + "authentication_policy": "ON_USE", + "status": "ENABLED", + "release": {{ + "version": "1.2.3", + "display_name": "{display_name}", + "description": "{display_name}", + "app_ids": [], + "interface": {{ + "short_description": "{short_description}", + "capabilities": ["Read"] + }}, + "skills": [] + }} + }} + ], + "pagination": {{ + "limit": 50, + "next_page_token": null + }} +}}"# + ) +} + async fn mount_openai_curated_remote_collection_plugin_list(server: &MockServer, body: &str) { Mock::given(method("GET")) .and(path("/backend-api/ps/plugins/list")) diff --git a/codex-rs/app-server/tests/suite/v2/plugin_read.rs b/codex-rs/app-server/tests/suite/v2/plugin_read.rs index f78cd2a0881..51bbd75bfbe 100644 --- a/codex-rs/app-server/tests/suite/v2/plugin_read.rs +++ b/codex-rs/app-server/tests/suite/v2/plugin_read.rs @@ -1,4 +1,3 @@ -use std::borrow::Cow; use std::sync::Arc; use std::sync::Mutex as StdMutex; use std::time::Duration; @@ -17,6 +16,9 @@ use axum::http::Uri; use axum::http::header::AUTHORIZATION; use axum::routing::get; use codex_app_server_protocol::AppInfo; +use codex_app_server_protocol::AppMetadata; +use codex_app_server_protocol::AppTemplateSummary; +use codex_app_server_protocol::AppTemplateUnavailableReason; use codex_app_server_protocol::HookEventName; use codex_app_server_protocol::JSONRPCError; use codex_app_server_protocol::JSONRPCResponse; @@ -35,17 +37,6 @@ use codex_app_server_protocol::RequestId; use codex_config::types::AuthCredentialsStoreMode; use codex_utils_absolute_path::AbsolutePathBuf; use pretty_assertions::assert_eq; -use rmcp::handler::server::ServerHandler; -use rmcp::model::JsonObject; -use rmcp::model::ListToolsResult; -use rmcp::model::Meta; -use rmcp::model::ServerCapabilities; -use rmcp::model::ServerInfo; -use rmcp::model::Tool; -use rmcp::model::ToolAnnotations; -use rmcp::transport::StreamableHttpServerConfig; -use rmcp::transport::StreamableHttpService; -use rmcp::transport::streamable_http_server::session::local::LocalSessionManager; use serde_json::json; use tempfile::TempDir; use tokio::net::TcpListener; @@ -122,7 +113,7 @@ async fn plugin_read_rejects_multiple_read_sources() -> Result<()> { } #[tokio::test] -async fn plugin_read_reads_remote_plugin_details_when_remote_plugin_is_disabled() -> Result<()> { +async fn plugin_read_returns_remote_mcp_servers_when_uninstalled() -> Result<()> { let codex_home = TempDir::new()?; let server = MockServer::start().await; std::fs::write( @@ -148,22 +139,31 @@ plugins = true let detail_body = r#"{ "id": "plugins~Plugin_00000000000000000000000000000000", - "name": "linear", + "name": "example-plugin", "scope": "GLOBAL", "installation_policy": "AVAILABLE", "authentication_policy": "ON_USE", "release": { - "display_name": "Linear", - "description": "Track work in Linear", + "version": "1.2.1", + "display_name": "Example Plugin", + "description": "Example plugin", "app_ids": [], "keywords": [], "interface": { - "short_description": "Plan and track work", + "short_description": "Example plugin", "capabilities": [], - "default_prompt": "Use the legacy Linear prompt", + "default_prompt": "Use the legacy example prompt", "default_prompts": [] }, - "skills": [] + "skills": [], + "mcp_servers": [ + { + "key": "example-server", + "metadata": { + "command": "example-mcp" + } + } + ] } }"#; let installed_body = r#"{ @@ -211,12 +211,15 @@ plugins = true let response: PluginReadResponse = to_response(response)?; assert_eq!(response.plugin.marketplace_name, "openai-curated-remote"); - assert_eq!(response.plugin.summary.id, "linear@openai-curated-remote"); + assert_eq!( + response.plugin.summary.id, + "example-plugin@openai-curated-remote" + ); assert_eq!( response.plugin.summary.remote_plugin_id.as_deref(), Some("plugins~Plugin_00000000000000000000000000000000") ); - assert_eq!(response.plugin.summary.name, "linear"); + assert_eq!(response.plugin.summary.name, "example-plugin"); assert_eq!(response.plugin.summary.source, PluginSource::Remote); assert_eq!(response.plugin.summary.share_context, None); assert_eq!( @@ -226,7 +229,11 @@ plugins = true .interface .as_ref() .and_then(|interface| interface.default_prompt.clone()), - Some(vec!["Use the legacy Linear prompt".to_string()]) + Some(vec!["Use the legacy example prompt".to_string()]) + ); + assert_eq!( + response.plugin.mcp_servers, + vec!["example-server".to_string()] ); Ok(()) } @@ -411,6 +418,29 @@ async fn plugin_read_reads_remote_plugin_details_when_remote_plugin_enabled() -> "display_name": "Linear", "description": "Track work in Linear", "app_ids": [], + "app_templates": [ + { + "template_id": "templated_apps_GitHubEnterprise", + "name": "GitHub Enterprise", + "description": "Connect GitHub Enterprise", + "category": "Developer Tools", + "canonical_connector_id": "github_enterprise", + "logo_url": "https://example.com/ghe-light.png", + "logo_url_dark": "https://example.com/ghe-dark.png", + "materialized_app_ids": ["asdk_app_ghe"], + "reason": null + }, + { + "template_id": "templated_apps_Databricks", + "name": "Databricks", + "description": null, + "canonical_connector_id": null, + "logo_url": null, + "logo_url_dark": null, + "materialized_app_ids": [], + "reason": "NOT_CONFIGURED_FOR_WORKSPACE" + } + ], "keywords": ["issue-tracking", "project management"], "interface": { "short_description": "Plan and track work", @@ -548,6 +578,33 @@ async fn plugin_read_reads_remote_plugin_details_when_remote_plugin_enabled() -> assert_eq!(response.plugin.skills[0].path, None); assert_eq!(response.plugin.skills[0].enabled, false); assert_eq!(response.plugin.apps.len(), 0); + assert_eq!( + response.plugin.app_templates, + vec![ + AppTemplateSummary { + template_id: "templated_apps_GitHubEnterprise".to_string(), + name: "GitHub Enterprise".to_string(), + description: Some("Connect GitHub Enterprise".to_string()), + category: Some("Developer Tools".to_string()), + canonical_connector_id: Some("github_enterprise".to_string()), + logo_url: Some("https://example.com/ghe-light.png".to_string()), + logo_url_dark: Some("https://example.com/ghe-dark.png".to_string()), + materialized_app_ids: vec!["asdk_app_ghe".to_string()], + reason: None, + }, + AppTemplateSummary { + template_id: "templated_apps_Databricks".to_string(), + name: "Databricks".to_string(), + description: None, + category: None, + canonical_connector_id: None, + logo_url: None, + logo_url_dark: None, + materialized_app_ids: Vec::new(), + reason: Some(AppTemplateUnavailableReason::NotConfiguredForWorkspace), + }, + ] + ); Ok(()) } @@ -1248,7 +1305,8 @@ description: Visible only for ChatGPT r#"{ "apps": { "gmail": { - "id": "gmail" + "id": "gmail", + "category": "Communication" } } }"#, @@ -1418,14 +1476,17 @@ enabled = false response.plugin.apps[0].install_url.as_deref(), Some("https://chatgpt.com/apps/gmail/gmail") ); - assert_eq!(response.plugin.apps[0].needs_auth, true); + assert_eq!( + response.plugin.apps[0].category.as_deref(), + Some("Communication") + ); assert_eq!(response.plugin.mcp_servers.len(), 1); assert_eq!(response.plugin.mcp_servers[0], "demo"); Ok(()) } #[tokio::test] -async fn plugin_read_returns_app_needs_auth() -> Result<()> { +async fn plugin_read_returns_app_metadata_category() -> Result<()> { let connectors = vec![ AppInfo { id: "alpha".to_string(), @@ -1435,7 +1496,20 @@ async fn plugin_read_returns_app_needs_auth() -> Result<()> { logo_url_dark: None, distribution_channel: Some("featured".to_string()), branding: None, - app_metadata: None, + app_metadata: Some(AppMetadata { + review: None, + categories: Some(vec!["Productivity".to_string()]), + sub_categories: None, + seo_description: None, + screenshots: None, + developer: None, + version: None, + version_id: None, + version_notes: None, + first_party_type: None, + first_party_requires_install: None, + show_in_composer_when_unlinked: None, + }), labels: None, install_url: None, is_accessible: false, @@ -1458,8 +1532,7 @@ async fn plugin_read_returns_app_needs_auth() -> Result<()> { plugin_display_names: Vec::new(), }, ]; - let tools = vec![connector_tool("beta", "Beta App")?]; - let (server_url, server_handle) = start_apps_server(connectors, tools).await?; + let (server_url, server_handle) = start_apps_server(connectors).await?; let codex_home = TempDir::new()?; write_connectors_config(codex_home.path(), &server_url)?; @@ -1506,9 +1579,9 @@ async fn plugin_read_returns_app_needs_auth() -> Result<()> { .plugin .apps .iter() - .map(|app| (app.id.as_str(), app.needs_auth)) + .map(|app| (app.id.as_str(), app.category.as_deref())) .collect::>(), - vec![("alpha", true), ("beta", false)] + vec![("alpha", Some("Productivity")), ("beta", None)] ); server_handle.abort(); @@ -1786,70 +1859,22 @@ struct AppsServerState { response: Arc>, } -#[derive(Clone)] -struct PluginReadMcpServer { - tools: Arc>>, -} - -impl ServerHandler for PluginReadMcpServer { - fn get_info(&self) -> ServerInfo { - ServerInfo::new(ServerCapabilities::builder().enable_tools().build()) - } - - fn list_tools( - &self, - _request: Option, - _context: rmcp::service::RequestContext, - ) -> impl std::future::Future> + Send + '_ - { - let tools = self.tools.clone(); - async move { - let tools = tools - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .clone(); - Ok(ListToolsResult { - tools, - next_cursor: None, - meta: None, - }) - } - } -} - -async fn start_apps_server( - connectors: Vec, - tools: Vec, -) -> Result<(String, JoinHandle<()>)> { +async fn start_apps_server(connectors: Vec) -> Result<(String, JoinHandle<()>)> { let state = Arc::new(AppsServerState { response: Arc::new(StdMutex::new( json!({ "apps": connectors, "next_token": null }), )), }); - let tools = Arc::new(StdMutex::new(tools)); let listener = TcpListener::bind("127.0.0.1:0").await?; let addr = listener.local_addr()?; - let mcp_service = StreamableHttpService::new( - { - let tools = tools.clone(); - move || { - Ok(PluginReadMcpServer { - tools: tools.clone(), - }) - } - }, - Arc::new(LocalSessionManager::default()), - StreamableHttpServerConfig::default(), - ); let router = Router::new() .route("/connectors/directory/list", get(list_directory_connectors)) .route( "/connectors/directory/list_workspace", get(list_directory_connectors), ) - .with_state(state) - .nest_service("/api/codex/apps", mcp_service); + .with_state(state); let handle = tokio::spawn(async move { let _ = axum::serve(listener, router).await; @@ -1889,27 +1914,6 @@ async fn list_directory_connectors( } } -fn connector_tool(connector_id: &str, connector_name: &str) -> Result { - let schema: JsonObject = serde_json::from_value(json!({ - "type": "object", - "additionalProperties": false - }))?; - let mut tool = Tool::new( - Cow::Owned(format!("connector_{connector_id}")), - Cow::Borrowed("Connector test tool"), - Arc::new(schema), - ); - tool.annotations = Some(ToolAnnotations::new().read_only(true)); - - let mut meta = Meta::new(); - meta.0 - .insert("connector_id".to_string(), json!(connector_id)); - meta.0 - .insert("connector_name".to_string(), json!(connector_name)); - tool.meta = Some(meta); - Ok(tool) -} - fn write_connectors_config(codex_home: &std::path::Path, base_url: &str) -> std::io::Result<()> { std::fs::write( codex_home.join("config.toml"), diff --git a/codex-rs/app-server/tests/suite/v2/plugin_uninstall.rs b/codex-rs/app-server/tests/suite/v2/plugin_uninstall.rs index 46299d11863..5d31d8390f9 100644 --- a/codex-rs/app-server/tests/suite/v2/plugin_uninstall.rs +++ b/codex-rs/app-server/tests/suite/v2/plugin_uninstall.rs @@ -206,7 +206,7 @@ async fn plugin_uninstall_writes_remote_plugin_to_cloud_when_remote_plugin_enabl Mock::given(method("POST")) .and(path(format!( - "/backend-api/plugins/{REMOTE_PLUGIN_ID}/uninstall" + "/backend-api/ps/plugins/{REMOTE_PLUGIN_ID}/uninstall" ))) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) @@ -249,7 +249,7 @@ async fn plugin_uninstall_writes_remote_plugin_to_cloud_when_remote_plugin_enabl wait_for_remote_plugin_request_count( &server, "POST", - &format!("/plugins/{REMOTE_PLUGIN_ID}/uninstall"), + &format!("/ps/plugins/{REMOTE_PLUGIN_ID}/uninstall"), /*expected_count*/ 1, ) .await?; @@ -278,7 +278,7 @@ async fn plugin_uninstall_uses_detail_scope_for_cache_namespace() -> Result<()> Mock::given(method("POST")) .and(path(format!( - "/backend-api/plugins/{REMOTE_PLUGIN_ID}/uninstall" + "/backend-api/ps/plugins/{REMOTE_PLUGIN_ID}/uninstall" ))) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) @@ -321,7 +321,7 @@ async fn plugin_uninstall_uses_detail_scope_for_cache_namespace() -> Result<()> wait_for_remote_plugin_request_count( &server, "POST", - &format!("/plugins/{REMOTE_PLUGIN_ID}/uninstall"), + &format!("/ps/plugins/{REMOTE_PLUGIN_ID}/uninstall"), /*expected_count*/ 1, ) .await?; @@ -357,7 +357,7 @@ async fn plugin_uninstall_accepts_workspace_remote_plugin_id_shape() -> Result<( Mock::given(method("POST")) .and(path(format!( - "/backend-api/plugins/{WORKSPACE_REMOTE_PLUGIN_ID}/uninstall" + "/backend-api/ps/plugins/{WORKSPACE_REMOTE_PLUGIN_ID}/uninstall" ))) .and(header("authorization", "Bearer chatgpt-token")) .and(header("chatgpt-account-id", "account-123")) @@ -395,7 +395,7 @@ async fn plugin_uninstall_accepts_workspace_remote_plugin_id_shape() -> Result<( wait_for_remote_plugin_request_count( &server, "POST", - &format!("/plugins/{WORKSPACE_REMOTE_PLUGIN_ID}/uninstall"), + &format!("/ps/plugins/{WORKSPACE_REMOTE_PLUGIN_ID}/uninstall"), /*expected_count*/ 1, ) .await?; @@ -451,7 +451,7 @@ async fn plugin_uninstall_rejects_before_post_when_remote_detail_fetch_fails() - wait_for_remote_plugin_request_count( &server, "POST", - &format!("/plugins/{REMOTE_PLUGIN_ID}/uninstall"), + &format!("/ps/plugins/{REMOTE_PLUGIN_ID}/uninstall"), /*expected_count*/ 0, ) .await?; @@ -487,7 +487,7 @@ async fn plugin_uninstall_rejects_remote_plugin_id_with_spaces_before_network_ca wait_for_remote_plugin_request_count( &server, "POST", - "/plugins/sample plugin/uninstall", + "/ps/plugins/sample plugin/uninstall", /*expected_count*/ 0, ) .await?; @@ -522,7 +522,7 @@ async fn plugin_uninstall_rejects_invalid_remote_plugin_id_before_network_call() wait_for_remote_plugin_request_count( &server, "POST", - "/plugins/linear/../../oops/uninstall", + "/ps/plugins/linear/../../oops/uninstall", /*expected_count*/ 0, ) .await?; diff --git a/codex-rs/app-server/tests/suite/v2/realtime_conversation.rs b/codex-rs/app-server/tests/suite/v2/realtime_conversation.rs index f88fb549292..ddc0eae404b 100644 --- a/codex-rs/app-server/tests/suite/v2/realtime_conversation.rs +++ b/codex-rs/app-server/tests/suite/v2/realtime_conversation.rs @@ -36,7 +36,10 @@ use codex_app_server_protocol::ThreadRealtimeTranscriptDoneNotification; use codex_app_server_protocol::ThreadStartParams; use codex_app_server_protocol::ThreadStartResponse; use codex_app_server_protocol::TurnCompletedNotification; +use codex_app_server_protocol::TurnStartParams; +use codex_app_server_protocol::TurnStartResponse; use codex_app_server_protocol::TurnStartedNotification; +use codex_app_server_protocol::UserInput as V2UserInput; use codex_features::FEATURES; use codex_features::Feature; use codex_protocol::protocol::RealtimeConversationVersion; @@ -311,12 +314,14 @@ impl RealtimeE2eHarness { .mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: self.thread_id.clone(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: Some(ThreadRealtimeStartTransport::Webrtc { sdp: offer_sdp.to_string(), }), + version: None, voice: None, }) .await?; @@ -556,10 +561,12 @@ async fn realtime_conversation_streams_v2_notifications() -> Result<()> { let start_request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: thread_start.thread.id.clone(), + model: Some("realtime-treatment-model".to_string()), output_modality: RealtimeOutputModality::Audio, prompt: None, realtime_session_id: None, transport: None, + version: None, voice: Some(RealtimeVoice::Cedar), }) .await?; @@ -588,6 +595,10 @@ async fn realtime_conversation_streams_v2_notifications() -> Result<()> { startup_context_request.body_json()["session"]["audio"]["output"]["voice"], "cedar" ); + assert_eq!( + realtime_server.single_handshake().uri(), + "/v1/realtime?model=realtime-treatment-model" + ); assert_eq!( startup_context_request.body_json()["session"]["output_modalities"], json!(["audio"]) @@ -805,10 +816,12 @@ async fn realtime_text_output_modality_requests_text_output_and_final_transcript let start_request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: thread_start.thread.id.clone(), + model: None, output_modality: RealtimeOutputModality::Text, prompt: None, realtime_session_id: None, transport: None, + version: None, voice: None, }) .await?; @@ -979,10 +992,12 @@ async fn realtime_conversation_stop_emits_closed_notification() -> Result<()> { let start_request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: thread_start.thread.id.clone(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, }) .await?; @@ -1076,12 +1091,14 @@ async fn realtime_webrtc_start_emits_sdp_notification() -> Result<()> { let start_request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: thread_id.clone(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: Some(ThreadRealtimeStartTransport::Webrtc { sdp: "v=offer\r\n".to_string(), }), + version: None, voice: None, }) .await?; @@ -1328,6 +1345,136 @@ async fn webrtc_v1_handoff_request_delegates_and_appends_result() -> Result<()> Ok(()) } +#[tokio::test] +async fn webrtc_assistant_output_without_handoff_reaches_realtime() -> Result<()> { + skip_if_no_network!(Ok(())); + + let final_answer = "long output ".repeat(1_000); + for (version, expected_version, preamble) in [ + ( + RealtimeTestVersion::V1, + RealtimeConversationVersion::V1, + "direct preamble from v1", + ), + ( + RealtimeTestVersion::V2, + RealtimeConversationVersion::V2, + "direct preamble from v2", + ), + ] { + let mut harness = RealtimeE2eHarness::new( + version, + main_loop_responses(vec![responses::sse(vec![ + responses::ev_response_created("resp-1"), + json!({ + "type": "response.output_item.done", + "item": { + "type": "message", + "role": "assistant", + "id": "msg-preamble", + "phase": "commentary", + "content": [{"type": "output_text", "text": preamble}] + } + }), + responses::ev_assistant_message("msg-final", &final_answer), + responses::ev_completed("resp-1"), + ])]), + realtime_sideband(vec![realtime_sideband_connection(vec![ + vec![session_updated("sess_standalone_output")], + vec![], + match version { + RealtimeTestVersion::V1 => vec![], + RealtimeTestVersion::V2 => vec![ + json!({ + "type": "response.created", + "response": { "id": "resp_preamble" } + }), + json!({ + "type": "response.done", + "response": { "id": "resp_preamble" } + }), + ], + }, + vec![], + vec![], + ])]), + ) + .await?; + + let started = harness.start_webrtc_realtime("v=offer\r\n").await?; + assert_eq!(started.started.version, expected_version); + + let request_id = harness + .mcp + .send_turn_start_request(TurnStartParams { + thread_id: harness.thread_id.clone(), + input: vec![V2UserInput::Text { + text: "direct text turn".to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + harness + .mcp + .read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let _: TurnStartResponse = to_response(response)?; + let _ = harness + .read_notification::("turn/completed") + .await?; + + let preamble_request = harness.sideband_outbound_request(/*request_index*/ 1).await; + let output_text = match version { + RealtimeTestVersion::V1 => { + let final_request = harness.sideband_outbound_request(/*request_index*/ 2).await; + assert_eq!( + preamble_request, + json!({ + "type": "conversation.handoff.append", + "handoff_id": "codex", + "output_text": preamble, + }) + ); + assert_eq!(final_request["type"], "conversation.handoff.append"); + assert_eq!(final_request["handoff_id"], "codex"); + final_request["output_text"] + .as_str() + .expect("output text") + .to_string() + } + RealtimeTestVersion::V2 => { + assert_v2_progress_update(&preamble_request, preamble); + assert_v2_response_create( + &harness.sideband_outbound_request(/*request_index*/ 2).await, + ); + let final_request = harness.sideband_outbound_request(/*request_index*/ 3).await; + assert_eq!(final_request["type"], "conversation.item.create"); + assert_eq!(final_request["item"]["type"], "message"); + assert_eq!(final_request["item"]["role"], "user"); + assert_eq!(final_request["item"]["content"][0]["type"], "input_text"); + let output_text = final_request["item"]["content"][0]["text"] + .as_str() + .expect("output text"); + assert!(output_text.starts_with("[BACKEND] ")); + assert_v2_response_create( + &harness.sideband_outbound_request(/*request_index*/ 4).await, + ); + output_text.to_string() + } + }; + assert!(output_text.contains("tokens truncated")); + assert!(output_text.len() <= 4_000); + + harness.shutdown().await; + } + + Ok(()) +} + #[tokio::test] async fn webrtc_v2_forwards_audio_and_text_between_client_and_sideband() -> Result<()> { skip_if_no_network!(Ok(())); @@ -1991,12 +2138,14 @@ async fn realtime_webrtc_start_surfaces_backend_error() -> Result<()> { let start_request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: thread_start.thread.id, + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: Some(ThreadRealtimeStartTransport::Webrtc { sdp: "v=offer\r\n".to_string(), }), + version: None, voice: None, }) .await?; @@ -2050,10 +2199,12 @@ async fn realtime_conversation_requires_feature_flag() -> Result<()> { let start_request_id = mcp .send_thread_realtime_start_request(ThreadRealtimeStartParams { thread_id: thread_start.thread.id.clone(), + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, }) .await?; diff --git a/codex-rs/app-server/tests/suite/v2/remote_control.rs b/codex-rs/app-server/tests/suite/v2/remote_control.rs index b5384d3bad9..0229b0e5af2 100644 --- a/codex-rs/app-server/tests/suite/v2/remote_control.rs +++ b/codex-rs/app-server/tests/suite/v2/remote_control.rs @@ -19,12 +19,15 @@ use codex_app_server_protocol::RemoteControlDisableResponse; use codex_app_server_protocol::RemoteControlEnableResponse; use codex_app_server_protocol::RemoteControlPairingStartParams; use codex_app_server_protocol::RemoteControlPairingStartResponse; +use codex_app_server_protocol::RemoteControlPairingStatusParams; +use codex_app_server_protocol::RemoteControlPairingStatusResponse; use codex_app_server_protocol::RemoteControlStatusReadResponse; use codex_app_server_protocol::RequestId; use codex_config::types::AuthCredentialsStoreMode; use pretty_assertions::assert_eq; use tempfile::TempDir; use tokio::io::AsyncBufReadExt; +use tokio::io::AsyncReadExt; use tokio::io::AsyncWriteExt; use tokio::io::BufReader; use tokio::net::TcpListener; @@ -181,6 +184,80 @@ async fn remote_control_pairing_start_returns_pairing_artifacts() -> Result<()> assert_eq!(response.result.get("serverId"), None); let received: RemoteControlPairingStartResponse = to_response(response)?; + assert_eq!( + received, + RemoteControlPairingStartResponse { + pairing_code: "pairing-code".to_string(), + manual_pairing_code: Some("ABCD-EFGH".to_string()), + environment_id: "environment-id".to_string(), + expires_at: 33_336_362_096, + } + ); + + let request_id = mcp + .send_remote_control_pairing_status_request(RemoteControlPairingStatusParams { + pairing_code: Some("pairing-code".to_string()), + manual_pairing_code: None, + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + assert_eq!(response.result.get("serverId"), None); + let received: RemoteControlPairingStatusResponse = to_response(response)?; + + assert_eq!( + received, + RemoteControlPairingStatusResponse { claimed: true } + ); + + let request_id = mcp + .send_remote_control_pairing_status_request(RemoteControlPairingStatusParams { + pairing_code: None, + manual_pairing_code: Some("ABCD-EFGH".to_string()), + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + assert_eq!(response.result.get("serverId"), None); + let received: RemoteControlPairingStatusResponse = to_response(response)?; + + assert_eq!( + received, + RemoteControlPairingStatusResponse { claimed: true } + ); + Ok(()) +} + +#[tokio::test] +async fn remote_control_pairing_start_returns_pairing_artifacts_while_disabled() -> Result<()> { + let codex_home = TempDir::new()?; + let mut backend = PairingRemoteControlBackend::start(codex_home.path()).await?; + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_remote_control_pairing_start_request(RemoteControlPairingStartParams { + manual_code: true, + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + assert_eq!( + timeout(DEFAULT_TIMEOUT, backend.wait_for_enroll_request()).await??, + "POST /backend-api/wham/remote/control/server/enroll HTTP/1.1" + ); + assert_eq!(response.result.get("serverId"), None); + let received: RemoteControlPairingStartResponse = to_response(response)?; + assert_eq!( received, RemoteControlPairingStartResponse { @@ -376,8 +453,12 @@ impl PairingRemoteControlBackend { ) .await?; - let _websocket_request = read_http_request(&listener).await?; - let pair_http_request = read_http_request(&listener).await?; + let request_after_enroll = read_http_request(&listener).await?; + let pair_http_request = if request_after_enroll.request_line.starts_with("GET ") { + read_http_request(&listener).await? + } else { + request_after_enroll + }; respond_with_json( pair_http_request.reader.into_inner(), serde_json::json!({ @@ -389,6 +470,25 @@ impl PairingRemoteControlBackend { }), ) .await?; + for expected_body in [ + serde_json::json!({ "pairing_code": "pairing-code" }), + serde_json::json!({ "manual_pairing_code": "ABCD-EFGH" }), + ] { + let status_http_request = read_http_request(&listener).await?; + assert_eq!( + status_http_request.request_line, + "POST /backend-api/wham/remote/control/server/pair/status HTTP/1.1" + ); + assert_eq!( + serde_json::from_str::(&status_http_request.body)?, + expected_body + ); + respond_with_json( + status_http_request.reader.into_inner(), + serde_json::json!({ "claimed": true }), + ) + .await?; + } std::future::pending::<()>().await; Ok::<(), anyhow::Error>(()) } @@ -436,6 +536,7 @@ impl Drop for ClientManagementRemoteControlBackend { struct HttpRequest { request_line: String, + body: String, reader: BufReader, } @@ -468,16 +569,29 @@ async fn read_http_request(listener: &TcpListener) -> Result { let mut request_line = String::new(); reader.read_line(&mut request_line).await?; + let mut content_length = 0; loop { let mut line = String::new(); reader.read_line(&mut line).await?; if line == "\r\n" { break; } + if let Some(value) = line + .trim_end() + .strip_prefix("content-length:") + .or_else(|| line.trim_end().strip_prefix("Content-Length:")) + { + content_length = value.trim().parse::()?; + } + } + let mut body = vec![0; content_length]; + if content_length > 0 { + reader.read_exact(&mut body).await?; } Ok(HttpRequest { request_line: request_line.trim_end().to_string(), + body: String::from_utf8(body)?, reader, }) } diff --git a/codex-rs/app-server/tests/suite/v2/remote_thread_store.rs b/codex-rs/app-server/tests/suite/v2/remote_thread_store.rs index 016e4c3df8e..18d1dcd43fd 100644 --- a/codex-rs/app-server/tests/suite/v2/remote_thread_store.rs +++ b/codex-rs/app-server/tests/suite/v2/remote_thread_store.rs @@ -20,6 +20,7 @@ use std::sync::Arc; use anyhow::Result; use app_test_support::create_mock_responses_server_repeating_assistant; use codex_app_server::in_process; +use codex_app_server::in_process::InProcessClientHandle; use codex_app_server::in_process::InProcessServerEvent; use codex_app_server::in_process::InProcessStartArgs; use codex_app_server_protocol::ClientInfo; @@ -27,8 +28,11 @@ use codex_app_server_protocol::ClientRequest; use codex_app_server_protocol::InitializeParams; use codex_app_server_protocol::RequestId; use codex_app_server_protocol::ServerNotification; +use codex_app_server_protocol::ThreadDeleteParams; +use codex_app_server_protocol::ThreadDeleteResponse; use codex_app_server_protocol::ThreadListParams; use codex_app_server_protocol::ThreadListResponse; +use codex_app_server_protocol::ThreadResumeParams; use codex_app_server_protocol::ThreadStartParams; use codex_app_server_protocol::ThreadStartResponse; use codex_app_server_protocol::TurnStartParams; @@ -37,11 +41,18 @@ use codex_arg0::Arg0DispatchPaths; use codex_config::CloudConfigBundleLoader; use codex_config::LoaderOverrides; use codex_config::NoopThreadConfigLoader; +use codex_core::config::Config; use codex_core::config::ConfigBuilder; use codex_exec_server::EnvironmentManager; use codex_feedback::CodexFeedback; +use codex_protocol::ThreadId; +use codex_protocol::models::BaseInstructions; use codex_protocol::protocol::SessionSource; +use codex_protocol::protocol::ThreadMemoryMode; +use codex_thread_store::CreateThreadParams as StoreCreateThreadParams; use codex_thread_store::InMemoryThreadStore; +use codex_thread_store::ThreadPersistenceMetadata; +use codex_thread_store::ThreadStore; use pretty_assertions::assert_eq; use tempfile::TempDir; use tokio::time::timeout; @@ -50,7 +61,7 @@ use uuid::Uuid; const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(10); #[tokio::test] -async fn thread_start_with_non_local_thread_store_does_not_create_local_persistence() -> Result<()> +async fn thread_delete_with_non_local_thread_store_does_not_create_local_persistence() -> Result<()> { let server = create_mock_responses_server_repeating_assistant("Done").await; let codex_home = TempDir::new()?; @@ -59,43 +70,10 @@ async fn thread_start_with_non_local_thread_store_does_not_create_local_persiste // here so this regression stays focused on thread persistence artifacts. create_config_toml_with_thread_store(codex_home.path(), &server.uri(), &store_id)?; - let loader_overrides = LoaderOverrides::without_managed_config_for_tests(); - let config = ConfigBuilder::default() - .codex_home(codex_home.path().to_path_buf()) - .fallback_cwd(Some(codex_home.path().to_path_buf())) - .loader_overrides(loader_overrides.clone()) - .build() - .await?; - let thread_store = InMemoryThreadStore::for_id(store_id.clone()); let _in_memory_store = InMemoryThreadStoreId { store_id }; - let mut client = in_process::start(InProcessStartArgs { - arg0_paths: Arg0DispatchPaths::default(), - config: Arc::new(config), - cli_overrides: Vec::new(), - loader_overrides, - strict_config: false, - cloud_config_bundle: CloudConfigBundleLoader::default(), - thread_config_loader: Arc::new(NoopThreadConfigLoader), - feedback: CodexFeedback::new(), - log_db: None, - state_db: None, - environment_manager: Arc::new(EnvironmentManager::default_for_tests()), - config_warnings: Vec::new(), - session_source: SessionSource::Cli, - enable_codex_api_key_env: false, - initialize: InitializeParams { - client_info: ClientInfo { - name: "codex-app-server-tests".to_string(), - title: None, - version: "0.1.0".to_string(), - }, - capabilities: None, - }, - channel_capacity: in_process::DEFAULT_IN_PROCESS_CHANNEL_CAPACITY, - }) - .await?; + let mut client = start_in_process_server(codex_home.path()).await?; let response = client .request(ClientRequest::ThreadStart { @@ -164,11 +142,39 @@ async fn thread_start_with_non_local_thread_store_does_not_create_local_persiste assert_eq!(data[0].id, thread.id); assert_eq!(data[0].path, None); + delete_thread(&client, /*request_id*/ 4, thread.id.clone()).await?; + let unloaded_thread_id = ThreadId::from_string(&Uuid::new_v4().to_string())?; + thread_store + .create_thread(StoreCreateThreadParams { + thread_id: unloaded_thread_id, + extra_config: None, + forked_from_id: None, + parent_thread_id: None, + source: SessionSource::Cli, + thread_source: None, + base_instructions: BaseInstructions::default(), + dynamic_tools: Vec::new(), + multi_agent_version: None, + metadata: ThreadPersistenceMetadata { + cwd: Some(codex_home.path().to_path_buf()), + model_provider: "mock_provider".to_string(), + memory_mode: ThreadMemoryMode::Enabled, + }, + }) + .await?; + delete_thread( + &client, + /*request_id*/ 5, + unloaded_thread_id.to_string(), + ) + .await?; + client.shutdown().await?; let calls = thread_store.calls().await; - assert_eq!(calls.create_thread, 1); + assert_eq!(calls.create_thread, 2); assert_eq!(calls.list_threads, 1); + assert_eq!(calls.delete_thread, 2); assert!( calls.append_items > 0, "turn/start should append rollout items through the injected store" @@ -183,6 +189,152 @@ async fn thread_start_with_non_local_thread_store_does_not_create_local_persiste Ok(()) } +#[tokio::test] +async fn cold_thread_resume_reuses_non_local_history_probe() -> Result<()> { + let server = create_mock_responses_server_repeating_assistant("Done").await; + let codex_home = TempDir::new()?; + let store_id = Uuid::new_v4().to_string(); + create_config_toml_with_thread_store(codex_home.path(), &server.uri(), &store_id)?; + + let loader_overrides = LoaderOverrides::without_managed_config_for_tests(); + let config = Arc::new( + ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .loader_overrides(loader_overrides.clone()) + .build() + .await?, + ); + let thread_store = InMemoryThreadStore::for_id(store_id.clone()); + let _in_memory_store = InMemoryThreadStoreId { store_id }; + + let mut client = start_in_process_client(config.clone(), loader_overrides.clone()).await?; + let response = client + .request(ClientRequest::ThreadStart { + request_id: RequestId::Integer(1), + params: ThreadStartParams::default(), + }) + .await? + .expect("thread/start should succeed"); + let ThreadStartResponse { thread, .. } = serde_json::from_value(response)?; + + client + .request(ClientRequest::TurnStart { + request_id: RequestId::Integer(2), + params: TurnStartParams { + thread_id: thread.id.clone(), + client_user_message_id: None, + input: vec![V2UserInput::Text { + text: "Materialize the thread".to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }, + }) + .await? + .expect("turn/start should succeed"); + timeout(DEFAULT_READ_TIMEOUT, async { + loop { + let Some(event) = client.next_event().await else { + anyhow::bail!("in-process app-server stopped before turn/completed"); + }; + if let InProcessServerEvent::ServerNotification(ServerNotification::TurnCompleted( + completed, + )) = event + && completed.thread_id == thread.id + { + return Ok::<(), anyhow::Error>(()); + } + } + }) + .await??; + client.shutdown().await?; + + let client = start_in_process_client(config, loader_overrides).await?; + let reads_before_resume = thread_store.calls().await.read_thread_with_history; + // The in-memory store is pathless, so resume currently fails later while + // assembling the response. The history-bearing probe must still be reused. + let _resume_result = client + .request(ClientRequest::ThreadResume { + request_id: RequestId::Integer(3), + params: ThreadResumeParams { + thread_id: thread.id.clone(), + ..Default::default() + }, + }) + .await?; + + assert_eq!( + thread_store.calls().await.read_thread_with_history, + reads_before_resume + 1 + ); + + client.shutdown().await?; + Ok(()) +} + +async fn start_in_process_server(codex_home: &Path) -> Result { + let loader_overrides = LoaderOverrides::without_managed_config_for_tests(); + let config = Arc::new( + ConfigBuilder::default() + .codex_home(codex_home.to_path_buf()) + .fallback_cwd(Some(codex_home.to_path_buf())) + .loader_overrides(loader_overrides.clone()) + .build() + .await?, + ); + + Ok(start_in_process_client(config, loader_overrides).await?) +} + +async fn start_in_process_client( + config: Arc, + loader_overrides: LoaderOverrides, +) -> std::io::Result { + in_process::start(InProcessStartArgs { + arg0_paths: Arg0DispatchPaths::default(), + config, + cli_overrides: Vec::new(), + loader_overrides, + strict_config: false, + cloud_config_bundle: CloudConfigBundleLoader::default(), + thread_config_loader: Arc::new(NoopThreadConfigLoader), + feedback: CodexFeedback::new(), + log_db: None, + state_db: None, + environment_manager: Arc::new(EnvironmentManager::default_for_tests()), + config_warnings: Vec::new(), + session_source: SessionSource::Cli, + enable_codex_api_key_env: false, + initialize: InitializeParams { + client_info: ClientInfo { + name: "codex-app-server-tests".to_string(), + title: None, + version: "0.1.0".to_string(), + }, + capabilities: None, + }, + channel_capacity: in_process::DEFAULT_IN_PROCESS_CHANNEL_CAPACITY, + }) + .await +} + +async fn delete_thread( + client: &InProcessClientHandle, + request_id: i64, + thread_id: String, +) -> Result<()> { + let response = client + .request(ClientRequest::ThreadDelete { + request_id: RequestId::Integer(request_id), + params: ThreadDeleteParams { thread_id }, + }) + .await? + .map_err(|error| anyhow::anyhow!("thread/delete failed: {}", error.message))?; + let _: ThreadDeleteResponse = serde_json::from_value(response)?; + Ok(()) +} + fn assert_no_local_persistence_artifacts(codex_home: &Path) -> Result<()> { // These are the observable tripwires for accidental local persistence. If a // future code path constructs a local rollout/session store or opens the diff --git a/codex-rs/app-server/tests/suite/v2/safety_check_downgrade.rs b/codex-rs/app-server/tests/suite/v2/safety_check_downgrade.rs index c5b70b2334b..ea3cd8dada0 100644 --- a/codex-rs/app-server/tests/suite/v2/safety_check_downgrade.rs +++ b/codex-rs/app-server/tests/suite/v2/safety_check_downgrade.rs @@ -15,6 +15,7 @@ use codex_app_server_protocol::RequestId; use codex_app_server_protocol::ThreadItem; use codex_app_server_protocol::ThreadStartParams; use codex_app_server_protocol::ThreadStartResponse; +use codex_app_server_protocol::TurnModerationMetadataNotification; use codex_app_server_protocol::TurnStartParams; use codex_app_server_protocol::TurnStartResponse; use codex_app_server_protocol::UserInput; @@ -309,6 +310,87 @@ async fn model_verification_emits_typed_notification_and_warning_v2() -> Result< Ok(()) } +#[tokio::test] +async fn turn_moderation_metadata_emits_typed_notification_v2() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let body = responses::sse(vec![ + responses::ev_response_created("resp-1"), + serde_json::json!({ + "type": "response.metadata", + "sequence_number": 1, + "response_id": "resp-1", + "metadata": { + "openai_chatgpt_moderation_metadata": { + "presentation": "inline" + } + } + }), + responses::ev_assistant_message("msg-1", "Done"), + responses::ev_completed("resp-1"), + ]); + let response = responses::sse_response(body); + let _response_mock = responses::mount_response_once(&server, response).await; + + let codex_home = TempDir::new()?; + create_config_toml(codex_home.path(), &server.uri())?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let thread_req = mcp + .send_thread_start_request(ThreadStartParams { + model: Some(REQUESTED_MODEL.to_string()), + ..Default::default() + }) + .await?; + let thread_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(thread_req)), + ) + .await??; + let ThreadStartResponse { thread, .. } = to_response::(thread_resp)?; + + let turn_req = mcp + .send_turn_start_request(TurnStartParams { + thread_id: thread.id.clone(), + client_user_message_id: None, + input: vec![UserInput::Text { + text: "trigger moderation metadata".to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + let turn_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(turn_req)), + ) + .await??; + let turn_start: TurnStartResponse = to_response(turn_resp)?; + + let notification = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("turn/moderationMetadata"), + ) + .await??; + let metadata: TurnModerationMetadataNotification = + serde_json::from_value(notification.params.ok_or_else(|| { + anyhow::anyhow!("turn/moderationMetadata notifications must include params") + })?)?; + assert_eq!( + metadata, + TurnModerationMetadataNotification { + thread_id: thread.id, + turn_id: turn_start.turn.id, + metadata: serde_json::json!({"presentation": "inline"}), + } + ); + + Ok(()) +} + async fn collect_turn_notifications_and_validate_no_warning_item( mcp: &mut TestAppServer, ) -> Result { diff --git a/codex-rs/app-server/tests/suite/v2/skills_list.rs b/codex-rs/app-server/tests/suite/v2/skills_list.rs index cba2f4ee3f3..147d40c47a2 100644 --- a/codex-rs/app-server/tests/suite/v2/skills_list.rs +++ b/codex-rs/app-server/tests/suite/v2/skills_list.rs @@ -793,6 +793,7 @@ async fn skills_changed_notification_is_emitted_after_skill_change() -> Result<( thread_source: None, dynamic_tools: None, environments: None, + selected_capability_roots: None, mock_experimental_field: None, experimental_raw_events: false, }) diff --git a/codex-rs/app-server/tests/suite/v2/thread_delete.rs b/codex-rs/app-server/tests/suite/v2/thread_delete.rs new file mode 100644 index 00000000000..bef155f9ada --- /dev/null +++ b/codex-rs/app-server/tests/suite/v2/thread_delete.rs @@ -0,0 +1,200 @@ +use anyhow::Result; +use app_test_support::TestAppServer; +use app_test_support::create_fake_rollout; +use app_test_support::to_response; +use codex_app_server_protocol::JSONRPCError; +use codex_app_server_protocol::JSONRPCResponse; +use codex_app_server_protocol::RequestId; +use codex_app_server_protocol::ThreadDeleteParams; +use codex_app_server_protocol::ThreadDeleteResponse; +use codex_app_server_protocol::ThreadDeletedNotification; +use codex_app_server_protocol::ThreadLoadedListParams; +use codex_app_server_protocol::ThreadLoadedListResponse; +use codex_app_server_protocol::ThreadStartParams; +use codex_app_server_protocol::ThreadStartResponse; +use codex_core::find_thread_path_by_id_str; +use codex_protocol::ThreadId; +use codex_state::DirectionalThreadSpawnEdgeStatus; +use codex_state::StateRuntime; +use pretty_assertions::assert_eq; +use std::path::Path; +use tempfile::TempDir; +use tokio::time::timeout; + +const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(10); + +#[tokio::test] +async fn thread_delete_deletes_spawned_descendants() -> Result<()> { + let codex_home = TempDir::new()?; + + let parent_id = create_delete_test_rollout(codex_home.path(), /*minute*/ 0, "parent")?; + let child_id = create_delete_test_rollout(codex_home.path(), /*minute*/ 1, "child")?; + let grandchild_id = + create_delete_test_rollout(codex_home.path(), /*minute*/ 2, "grandchild")?; + + let state_db = + StateRuntime::init(codex_home.path().to_path_buf(), "mock_provider".into()).await?; + let parent_thread_id = ThreadId::from_string(&parent_id)?; + let child_thread_id = ThreadId::from_string(&child_id)?; + let grandchild_thread_id = ThreadId::from_string(&grandchild_id)?; + + for (parent, child, status) in [ + ( + parent_thread_id, + child_thread_id, + DirectionalThreadSpawnEdgeStatus::Closed, + ), + ( + child_thread_id, + grandchild_thread_id, + DirectionalThreadSpawnEdgeStatus::Open, + ), + ] { + state_db + .upsert_thread_spawn_edge(parent, child, status) + .await?; + } + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let delete_id = mcp + .send_thread_delete_request(ThreadDeleteParams { + thread_id: parent_id.clone(), + }) + .await?; + let delete_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(delete_id)), + ) + .await??; + let _: ThreadDeleteResponse = to_response::(delete_resp)?; + + let mut deleted_ids = Vec::new(); + for _ in 0..3 { + let notification = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("thread/deleted"), + ) + .await??; + let deleted_notification: ThreadDeletedNotification = serde_json::from_value( + notification + .params + .expect("thread/deleted notification params"), + )?; + deleted_ids.push(deleted_notification.thread_id); + } + assert_eq!(deleted_ids, vec![grandchild_id, child_id, parent_id]); + + for thread_id in [parent_thread_id, child_thread_id, grandchild_thread_id] { + let rollout_path = find_thread_path_by_id_str( + codex_home.path(), + &thread_id.to_string(), + /*state_db_ctx*/ None, + ) + .await?; + assert!( + rollout_path.is_none(), + "expected active rollout for {thread_id} to be deleted" + ); + } + assert_eq!( + state_db + .list_thread_spawn_descendants(parent_thread_id) + .await?, + Vec::::new() + ); + Ok(()) +} + +fn create_delete_test_rollout(codex_home: &Path, minute: u8, preview: &str) -> Result { + create_fake_rollout( + codex_home, + &format!("2025-01-01T00-{minute:02}-00"), + &format!("2025-01-01T00:{minute:02}:00Z"), + preview, + Some("mock_provider"), + /*git_info*/ None, + ) +} + +#[tokio::test] +async fn thread_delete_handles_live_threads_before_rollout_exists() -> Result<()> { + let codex_home = TempDir::new()?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let start_id = mcp + .send_thread_start_request(ThreadStartParams::default()) + .await?; + let start_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(start_id)), + ) + .await??; + let persisted_thread = to_response::(start_resp)?.thread; + let rollout_path = find_thread_path_by_id_str( + codex_home.path(), + &persisted_thread.id, + /*state_db_ctx*/ None, + ) + .await?; + assert_eq!(rollout_path, None); + + let delete_id = mcp + .send_thread_delete_request(ThreadDeleteParams { + thread_id: persisted_thread.id, + }) + .await?; + let delete_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(delete_id)), + ) + .await??; + let _: ThreadDeleteResponse = to_response::(delete_resp)?; + + let start_id = mcp + .send_thread_start_request(ThreadStartParams { + ephemeral: Some(true), + ..Default::default() + }) + .await?; + let start_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(start_id)), + ) + .await??; + let ThreadStartResponse { thread, .. } = to_response::(start_resp)?; + + let delete_id = mcp + .send_thread_delete_request(ThreadDeleteParams { + thread_id: thread.id.clone(), + }) + .await?; + let delete_err: JSONRPCError = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_error_message(RequestId::Integer(delete_id)), + ) + .await??; + let expected_message = format!( + "thread is not persisted and cannot be deleted: {}", + thread.id + ); + assert_eq!(delete_err.error.message, expected_message); + + let list_id = mcp + .send_thread_loaded_list_request(ThreadLoadedListParams::default()) + .await?; + let list_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(list_id)), + ) + .await??; + let ThreadLoadedListResponse { mut data, .. } = + to_response::(list_resp)?; + data.sort(); + assert_eq!(data, vec![thread.id]); + + Ok(()) +} diff --git a/codex-rs/app-server/tests/suite/v2/thread_fork.rs b/codex-rs/app-server/tests/suite/v2/thread_fork.rs index ff9f6556306..a335b441ffc 100644 --- a/codex-rs/app-server/tests/suite/v2/thread_fork.rs +++ b/codex-rs/app-server/tests/suite/v2/thread_fork.rs @@ -490,6 +490,13 @@ async fn thread_fork_tracks_thread_initialized_analytics() -> Result<()> { "forked", "user", ); + assert_eq!( + event["event_params"]["forked_from_thread_id"], + thread + .forked_from_id + .as_deref() + .expect("forked thread has a source thread") + ); Ok(()) } diff --git a/codex-rs/app-server/tests/suite/v2/thread_read.rs b/codex-rs/app-server/tests/suite/v2/thread_read.rs index 0a99d30ada7..272ecac79f8 100644 --- a/codex-rs/app-server/tests/suite/v2/thread_read.rs +++ b/codex-rs/app-server/tests/suite/v2/thread_read.rs @@ -1356,6 +1356,7 @@ async fn seed_pathless_store_thread( store .create_thread(CreateThreadParams { thread_id, + extra_config: None, forked_from_id: None, parent_thread_id: None, source: ProtocolSessionSource::Cli, diff --git a/codex-rs/app-server/tests/suite/v2/thread_resume.rs b/codex-rs/app-server/tests/suite/v2/thread_resume.rs index d18a405164a..cf797ff6be4 100644 --- a/codex-rs/app-server/tests/suite/v2/thread_resume.rs +++ b/codex-rs/app-server/tests/suite/v2/thread_resume.rs @@ -103,6 +103,7 @@ use super::analytics::assert_basic_thread_initialized_event; use super::analytics::mount_analytics_capture; use super::analytics::thread_initialized_event; use super::analytics::wait_for_analytics_payload; +use super::analytics::wait_for_goal_event; #[cfg(windows)] const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(25); @@ -256,6 +257,82 @@ async fn thread_resume_with_empty_path_uses_running_thread_id() -> Result<()> { Ok(()) } +#[tokio::test] +async fn thread_resume_running_thread_uses_cached_instruction_sources() -> Result<()> { + let server = create_mock_responses_server_repeating_assistant("Done").await; + let codex_home = TempDir::new()?; + create_config_toml(codex_home.path(), &server.uri())?; + let workspace = TempDir::new()?; + let project_agents = workspace.path().join("AGENTS.md"); + std::fs::write(&project_agents, "project instructions")?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let start_id = mcp + .send_thread_start_request(ThreadStartParams { + cwd: Some(workspace.path().display().to_string()), + ..Default::default() + }) + .await?; + let start_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(start_id)), + ) + .await??; + let ThreadStartResponse { + thread, + instruction_sources, + .. + } = to_response::(start_resp)?; + let project_agents = AbsolutePathBuf::try_from(project_agents)?; + assert_eq!(instruction_sources, vec![project_agents.clone()]); + + let turn_id = mcp + .send_turn_start_request(TurnStartParams { + thread_id: thread.id.clone(), + client_user_message_id: None, + input: vec![UserInput::Text { + text: "materialize rollout".to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(turn_id)), + ) + .await??; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("turn/completed"), + ) + .await??; + + std::fs::remove_file(project_agents.as_path())?; + + let resume_id = mcp + .send_thread_resume_request(ThreadResumeParams { + thread_id: thread.id, + ..Default::default() + }) + .await?; + let resume_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(resume_id)), + ) + .await??; + let ThreadResumeResponse { + instruction_sources, + .. + } = to_response::(resume_resp)?; + + assert_eq!(instruction_sources, vec![project_agents]); + + Ok(()) +} + #[tokio::test] async fn turn_start_updates_runtime_workspace_roots_for_loaded_thread() -> Result<()> { let server = create_mock_responses_server_repeating_assistant("Done").await; @@ -290,7 +367,10 @@ async fn turn_start_updates_runtime_workspace_roots_for_loaded_thread() -> Resul text: "Hello".to_string(), text_elements: Vec::new(), }], - runtime_workspace_roots: Some(vec![extra_root.clone(), extra_root.join(".")]), + runtime_workspace_roots: Some(vec![ + AbsolutePathBuf::from_absolute_path(&extra_root)?, + AbsolutePathBuf::from_absolute_path(extra_root.join("."))?, + ]), ..Default::default() }) .await?; @@ -1237,19 +1317,30 @@ async fn thread_goal_set_edits_objective_without_resetting_usage() -> Result<()> } #[tokio::test] -async fn thread_goal_clear_deletes_goal_and_notifies() -> Result<()> { - let server = create_mock_responses_server_repeating_assistant("Done").await; +async fn thread_goal_lifecycle_emits_analytics_and_clear_deletes_goal() -> Result<()> { + let server = create_mock_responses_server_sequence_unchecked(vec![ + responses::sse(vec![ + responses::ev_response_created("materialize-thread"), + responses::ev_completed("materialize-thread"), + ]), + responses::sse(vec![ + responses::ev_response_created("goal-continuation"), + responses::ev_completed_with_tokens("goal-continuation", /*total_tokens*/ 200), + ]), + ]) + .await; let codex_home = TempDir::new()?; - create_config_toml(codex_home.path(), &server.uri())?; + create_config_toml_with_chatgpt_base_url(codex_home.path(), &server.uri(), &server.uri())?; let config_path = codex_home.path().join("config.toml"); let config = std::fs::read_to_string(&config_path)?; std::fs::write( &config_path, config.replace("personality = true\n", "personality = true\ngoals = true\n"), )?; + mount_analytics_capture(&server, codex_home.path()).await?; let mut mcp = TestAppServer::new_without_managed_config(codex_home.path()).await?; - timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + timeout(DEFAULT_READ_TIMEOUT.saturating_mul(2), mcp.initialize()).await??; let start_id = mcp .send_thread_start_request(ThreadStartParams { @@ -1291,7 +1382,8 @@ async fn thread_goal_clear_deletes_goal_and_notifies() -> Result<()> { "thread/goal/set", Some(json!({ "threadId": thread.id, - "objective": "keep polishing", + "objective": "do not serialize this objective", + "tokenBudget": 100, })), ) .await?; @@ -1307,6 +1399,55 @@ async fn thread_goal_clear_deletes_goal_and_notifies() -> Result<()> { ) .await??; + let created = wait_for_goal_event(&server, DEFAULT_READ_TIMEOUT, "created", "active").await?; + let persisted_goal_id = created["event_params"]["goal_id"] + .as_str() + .expect("created goal id"); + assert_eq!(created["event_params"]["thread_id"], thread.id); + assert_eq!(created["event_params"]["turn_id"], serde_json::Value::Null); + assert_eq!(created["event_params"]["has_token_budget"], true); + assert!(created["event_params"]["session_id"].is_string()); + assert!(created["event_params"]["app_server_client"].is_object()); + assert!(created["event_params"]["runtime"].is_object()); + assert!(created["event_params"].get("objective").is_none()); + assert!(created["event_params"].get("token_budget").is_none()); + + let usage = wait_for_goal_event( + &server, + DEFAULT_READ_TIMEOUT, + "usage_accounted", + "budget_limited", + ) + .await?; + let causal_turn_id = usage["event_params"]["turn_id"] + .as_str() + .expect("accounted usage turn id"); + assert_eq!(usage["event_params"]["goal_id"], persisted_goal_id); + assert_eq!(usage["event_params"]["cumulative_tokens_accounted"], 200); + assert!( + usage["event_params"]["cumulative_time_accounted_seconds"] + .as_i64() + .is_some() + ); + + let status = wait_for_goal_event( + &server, + DEFAULT_READ_TIMEOUT, + "status_changed", + "budget_limited", + ) + .await?; + assert_eq!(status["event_params"]["goal_id"], persisted_goal_id); + assert_eq!(status["event_params"]["turn_id"], causal_turn_id); + assert_eq!( + status["event_params"]["cumulative_tokens_accounted"], + serde_json::Value::Null + ); + assert_eq!( + status["event_params"]["cumulative_time_accounted_seconds"], + serde_json::Value::Null + ); + let clear_id = mcp .send_raw_request( "thread/goal/clear", @@ -1329,6 +1470,11 @@ async fn thread_goal_clear_deletes_goal_and_notifies() -> Result<()> { ) .await??; + let cleared = + wait_for_goal_event(&server, DEFAULT_READ_TIMEOUT, "cleared", "budget_limited").await?; + assert_eq!(cleared["event_params"]["goal_id"], persisted_goal_id); + assert_eq!(cleared["event_params"]["turn_id"], serde_json::Value::Null); + let get_id = mcp .send_raw_request( "thread/goal/get", diff --git a/codex-rs/app-server/tests/suite/v2/thread_start.rs b/codex-rs/app-server/tests/suite/v2/thread_start.rs index 7a7ed5522a6..82a2b6b2c07 100644 --- a/codex-rs/app-server/tests/suite/v2/thread_start.rs +++ b/codex-rs/app-server/tests/suite/v2/thread_start.rs @@ -1,3 +1,4 @@ +use anyhow::Context; use anyhow::Result; use app_test_support::ChatGptAuthFixture; use app_test_support::PathBufExt; @@ -21,6 +22,8 @@ use codex_app_server_protocol::ThreadStartedNotification; use codex_app_server_protocol::ThreadStatus; use codex_app_server_protocol::ThreadStatusChangedNotification; use codex_app_server_protocol::TurnEnvironmentParams; +use codex_app_server_protocol::TurnStartParams; +use codex_app_server_protocol::UserInput as V2UserInput; use codex_config::loader::project_trust_key; use codex_config::types::AuthCredentialsStoreMode; use codex_core::config::set_project_trust_level; @@ -197,15 +200,15 @@ async fn thread_start_creates_thread_and_emits_started() -> Result<()> { } #[tokio::test] -async fn thread_start_resolves_runtime_workspace_roots_against_cwd() -> Result<()> { +async fn thread_start_accepts_absolute_runtime_workspace_roots() -> Result<()> { let server = create_mock_responses_server_repeating_assistant("Done").await; let codex_home = TempDir::new()?; create_config_toml_without_approval_policy(codex_home.path(), &server.uri())?; let cwd_tmp = TempDir::new()?; let cwd = cwd_tmp.path().to_path_buf(); - let relative_root = PathBuf::from("extra-root"); - std::fs::create_dir_all(cwd.join(&relative_root))?; + let extra_root = cwd.join("extra-root"); + std::fs::create_dir_all(&extra_root)?; let mut mcp = TestAppServer::new(codex_home.path()).await?; timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; @@ -213,7 +216,7 @@ async fn thread_start_resolves_runtime_workspace_roots_against_cwd() -> Result<( let req_id = mcp .send_thread_start_request(ThreadStartParams { cwd: Some(cwd.to_string_lossy().to_string()), - runtime_workspace_roots: Some(vec![relative_root.clone()]), + runtime_workspace_roots: Some(vec![extra_root.abs()]), ..Default::default() }) .await?; @@ -230,10 +233,7 @@ async fn thread_start_resolves_runtime_workspace_roots_against_cwd() -> Result<( } = to_response::(resp)?; assert_eq!(response_cwd, cwd.abs()); - assert_eq!( - runtime_workspace_roots, - vec![cwd_tmp.path().join(relative_root).abs()] - ); + assert_eq!(runtime_workspace_roots, vec![extra_root.abs()]); Ok(()) } @@ -348,7 +348,7 @@ async fn thread_start_response_includes_loaded_instruction_sources() -> Result<( .collect::>(); let expected_instruction_sources = vec![ std::fs::canonicalize(global_agents_path)?, - std::fs::canonicalize(project_agents_path)?, + project_agents_path, ] .into_iter() .map(normalize_path_for_comparison) @@ -359,6 +359,130 @@ async fn thread_start_response_includes_loaded_instruction_sources() -> Result<( Ok(()) } +#[tokio::test] +async fn thread_start_response_excludes_empty_project_instruction_source() -> Result<()> { + let server = create_mock_responses_server_repeating_assistant("Done").await; + let codex_home = TempDir::new()?; + create_config_toml_without_approval_policy(codex_home.path(), &server.uri())?; + let global_agents_path = codex_home.path().join("AGENTS.md"); + std::fs::write(&global_agents_path, "global instructions")?; + let workspace = TempDir::new()?; + let project_agents_path = workspace.path().join("AGENTS.md"); + std::fs::write(project_agents_path, "")?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_thread_start_request(ThreadStartParams { + cwd: Some(workspace.path().display().to_string()), + ..Default::default() + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let ThreadStartResponse { + instruction_sources, + .. + } = to_response::(response)?; + + let instruction_sources = instruction_sources + .into_iter() + .map(normalize_path_for_comparison) + .collect::>(); + let expected_instruction_sources = vec![normalize_path_for_comparison(std::fs::canonicalize( + global_agents_path, + )?)]; + + assert_eq!(instruction_sources, expected_instruction_sources); + + Ok(()) +} + +#[tokio::test] +async fn thread_start_without_selected_environment_includes_only_global_instruction_source() +-> Result<()> { + let server = create_mock_responses_server_repeating_assistant("Done").await; + let codex_home = TempDir::new()?; + create_config_toml_without_approval_policy(codex_home.path(), &server.uri())?; + let global_agents_path = codex_home.path().join("AGENTS.md"); + std::fs::write(&global_agents_path, "global instructions")?; + let workspace = TempDir::new()?; + std::fs::write(workspace.path().join("AGENTS.md"), "project instructions")?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let request_id = mcp + .send_thread_start_request(ThreadStartParams { + cwd: Some(workspace.path().display().to_string()), + environments: Some(Vec::new()), + ..Default::default() + }) + .await?; + let response: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(request_id)), + ) + .await??; + let ThreadStartResponse { + thread, + instruction_sources, + .. + } = to_response::(response)?; + + assert_eq!( + instruction_sources + .into_iter() + .map(normalize_path_for_comparison) + .collect::>(), + vec![normalize_path_for_comparison(std::fs::canonicalize( + global_agents_path, + )?)] + ); + + let turn_request_id = mcp + .send_turn_start_request(TurnStartParams { + thread_id: thread.id, + input: vec![V2UserInput::Text { + text: "inspect instructions".to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(turn_request_id)), + ) + .await??; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("turn/completed"), + ) + .await??; + + let requests = server + .received_requests() + .await + .context("failed to fetch received requests")?; + let model_request = requests + .iter() + .find(|request| request.url.path().ends_with("/responses")) + .context("expected model request")?; + let model_request_body = model_request + .body_json::() + .context("model request body should be JSON")? + .to_string(); + assert!(model_request_body.contains("global instructions")); + assert!(!model_request_body.contains("project instructions")); + + Ok(()) +} + #[cfg(windows)] fn normalize_path_for_comparison(path: impl AsRef) -> PathBuf { let path = path.as_ref(); @@ -634,7 +758,7 @@ async fn thread_start_emits_mcp_server_status_updated_notifications() -> Result< .send_thread_start_request(ThreadStartParams::default()) .await?; - let _: ThreadStartResponse = to_response( + let start_response: ThreadStartResponse = to_response( timeout( DEFAULT_READ_TIMEOUT, mcp.read_stream_until_response_message(RequestId::Integer(req_id)), @@ -671,6 +795,7 @@ async fn thread_start_emits_mcp_server_status_updated_notifications() -> Result< assert_eq!( starting, McpServerStatusUpdatedNotification { + thread_id: Some(start_response.thread.id.clone()), name: "optional_broken".to_string(), status: McpServerStartupState::Starting, error: None, @@ -703,6 +828,7 @@ async fn thread_start_emits_mcp_server_status_updated_notifications() -> Result< let ServerNotification::McpServerStatusUpdated(failed) = failed else { anyhow::bail!("unexpected notification variant"); }; + assert_eq!(failed.thread_id, Some(start_response.thread.id)); assert_eq!(failed.name, "optional_broken"); assert_eq!(failed.status, McpServerStartupState::Failed); assert!( diff --git a/codex-rs/app-server/tests/suite/v2/thread_unarchive.rs b/codex-rs/app-server/tests/suite/v2/thread_unarchive.rs index 84fffd19bae..7267ab073ac 100644 --- a/codex-rs/app-server/tests/suite/v2/thread_unarchive.rs +++ b/codex-rs/app-server/tests/suite/v2/thread_unarchive.rs @@ -209,6 +209,7 @@ async fn thread_unarchive_preserves_pathless_store_metadata() -> Result<()> { store .create_thread(CreateThreadParams { thread_id, + extra_config: None, forked_from_id: Some(parent_thread_id), parent_thread_id: None, source: SessionSource::Cli, diff --git a/codex-rs/app-server/tests/suite/v2/turn_start.rs b/codex-rs/app-server/tests/suite/v2/turn_start.rs index 9f6a027a75e..7fc0d8c71dc 100644 --- a/codex-rs/app-server/tests/suite/v2/turn_start.rs +++ b/codex-rs/app-server/tests/suite/v2/turn_start.rs @@ -9,6 +9,7 @@ use app_test_support::create_final_assistant_message_sse_response; use app_test_support::create_mock_responses_server_repeating_assistant; use app_test_support::create_mock_responses_server_sequence; use app_test_support::create_mock_responses_server_sequence_unchecked; +use app_test_support::create_request_user_input_sse_response; use app_test_support::create_shell_command_sse_response; use app_test_support::format_with_current_shell_display; use app_test_support::to_response; @@ -40,8 +41,14 @@ use codex_app_server_protocol::PatchChangeKind; use codex_app_server_protocol::RequestId; use codex_app_server_protocol::ServerRequest; use codex_app_server_protocol::ServerRequestResolvedNotification; +use codex_app_server_protocol::SubAgentActivityKind; use codex_app_server_protocol::TextElement; +use codex_app_server_protocol::ThreadDeleteParams; +use codex_app_server_protocol::ThreadDeleteResponse; +use codex_app_server_protocol::ThreadDeletedNotification; use codex_app_server_protocol::ThreadItem; +use codex_app_server_protocol::ThreadLoadedListParams; +use codex_app_server_protocol::ThreadLoadedListResponse; use codex_app_server_protocol::ThreadSource; use codex_app_server_protocol::ThreadStartParams; use codex_app_server_protocol::ThreadStartResponse; @@ -52,6 +59,7 @@ use codex_app_server_protocol::TurnStartParams; use codex_app_server_protocol::TurnStartResponse; use codex_app_server_protocol::TurnStartedNotification; use codex_app_server_protocol::TurnStatus; +use codex_app_server_protocol::TurnSteerParams; use codex_app_server_protocol::UserInput as V2UserInput; use codex_app_server_protocol::WarningNotification; use codex_config::config_toml::ConfigToml; @@ -78,6 +86,7 @@ use std::collections::HashMap; use std::path::Path; use tempfile::TempDir; use tokio::time::timeout; +use wiremock::ResponseTemplate; use super::analytics::mount_analytics_capture; use super::analytics::wait_for_analytics_event; @@ -587,7 +596,15 @@ async fn turn_start_emits_thread_scoped_warning_notification_for_trimmed_skills( write_test_skill(codex_home.path(), "alpha-skill")?; write_test_skill(codex_home.path(), "beta-skill")?; - let mut mcp = TestAppServer::new(codex_home.path()).await?; + let isolated_home = codex_home.path().to_string_lossy(); + let mut mcp = TestAppServer::new_with_env( + codex_home.path(), + &[ + ("HOME", Some(isolated_home.as_ref())), + ("USERPROFILE", Some(isolated_home.as_ref())), + ], + ) + .await?; timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; let thread_req = mcp @@ -819,8 +836,20 @@ async fn thread_start_omits_empty_instruction_overrides_from_model_request() -> #[tokio::test] async fn turn_start_tracks_turn_event_analytics() -> Result<()> { - let responses = vec![create_final_assistant_message_sse_response("Done")?]; - let server = create_mock_responses_server_sequence_unchecked(responses).await; + let server = responses::start_mock_server().await; + let response_mock = responses::mount_response_sequence( + &server, + vec![ + ResponseTemplate::new(500).set_body_json(json!({ + "error": { + "type": "server_error", + "message": "synthetic retryable error" + } + })), + responses::sse_response(create_final_assistant_message_sse_response("Done")?), + ], + ) + .await; let codex_home = TempDir::new()?; write_mock_responses_config_toml_with_chatgpt_base_url( @@ -828,6 +857,10 @@ async fn turn_start_tracks_turn_event_analytics() -> Result<()> { &server.uri(), &server.uri(), )?; + let config_path = codex_home.path().join("config.toml"); + let config = std::fs::read_to_string(&config_path)? + .replace("stream_max_retries = 0", "stream_max_retries = 1"); + std::fs::write(config_path, config)?; mount_analytics_capture(&server, codex_home.path()).await?; let mut mcp = TestAppServer::new_without_managed_config(codex_home.path()).await?; @@ -908,6 +941,136 @@ async fn turn_start_tracks_turn_event_analytics() -> Result<()> { assert_eq!(event["event_params"]["output_tokens"], 0); assert_eq!(event["event_params"]["reasoning_output_tokens"], 0); assert_eq!(event["event_params"]["total_tokens"], 0); + let params = &event["event_params"]; + let timings_are_numbers = [ + "before_first_sampling_ms", + "sampling_ms", + "between_sampling_overhead_ms", + "tool_blocking_ms", + "after_last_sampling_ms", + ] + .into_iter() + .all(|field| params[field].as_u64().is_some()); + assert_eq!( + json!({ + "timingsAreNumbers": timings_are_numbers, + "toolBlockingMs": params["tool_blocking_ms"], + "samplingRequestCount": params["sampling_request_count"], + "samplingRetryCount": params["sampling_retry_count"], + "responseRequestCount": response_mock.requests().len(), + }), + json!({ + "timingsAreNumbers": true, + "toolBlockingMs": 0, + "samplingRequestCount": 2, + "samplingRetryCount": 1, + "responseRequestCount": 2, + }) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 4)] +async fn turn_profile_tracks_blocking_tool_and_follow_up_sampling() -> Result<()> { + let responses = vec![ + create_request_user_input_sse_response("call1")?, + create_final_assistant_message_sse_response("Done")?, + ]; + let server = create_mock_responses_server_sequence(responses).await; + + let codex_home = TempDir::new()?; + write_mock_responses_config_toml_with_chatgpt_base_url( + codex_home.path(), + &server.uri(), + &server.uri(), + )?; + mount_analytics_capture(&server, codex_home.path()).await?; + + let mut mcp = TestAppServer::new_without_managed_config(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let thread_req = mcp + .send_thread_start_request(ThreadStartParams { + model: Some("mock-model".to_string()), + ..Default::default() + }) + .await?; + let thread_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(thread_req)), + ) + .await??; + let ThreadStartResponse { thread, .. } = to_response::(thread_resp)?; + + let turn_req = mcp + .send_turn_start_request(TurnStartParams { + thread_id: thread.id.clone(), + client_user_message_id: None, + input: vec![V2UserInput::Text { + text: "ask something".to_string(), + text_elements: Vec::new(), + }], + collaboration_mode: Some(CollaborationMode { + mode: ModeKind::Plan, + settings: Settings { + model: "mock-model".to_string(), + reasoning_effort: Some(ReasoningEffort::Medium), + developer_instructions: None, + }, + }), + ..Default::default() + }) + .await?; + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(turn_req)), + ) + .await??; + + let server_req = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_request_message(), + ) + .await??; + let ServerRequest::ToolRequestUserInput { request_id, .. } = server_req else { + panic!("expected ToolRequestUserInput request, got: {server_req:?}"); + }; + tokio::time::sleep(std::time::Duration::from_millis(25)).await; + mcp.send_response( + request_id, + json!({ + "answers": { + "confirm_path": { "answers": ["yes"] } + } + }), + ) + .await?; + + timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("turn/completed"), + ) + .await??; + + let event = wait_for_analytics_event(&server, DEFAULT_READ_TIMEOUT, "codex_turn_event").await?; + let params = &event["event_params"]; + assert_eq!( + json!({ + "toolBlockingIsPositive": params["tool_blocking_ms"] + .as_u64() + .is_some_and(|duration| duration > 0), + "samplingRequestCount": params["sampling_request_count"], + "samplingRetryCount": params["sampling_retry_count"], + "status": params["status"], + }), + json!({ + "toolBlockingIsPositive": true, + "samplingRequestCount": 2, + "samplingRetryCount": 0, + "status": "completed", + }) + ); Ok(()) } @@ -2301,6 +2464,8 @@ async fn turn_start_permission_profile_rebinds_runtime_workspace_roots_between_t std::fs::create_dir(&new_root)?; let old_root_text = old_root.to_string_lossy().into_owned(); let new_root_text = new_root.to_string_lossy().into_owned(); + let old_root = codex_utils_absolute_path::AbsolutePathBuf::from_absolute_path(old_root)?; + let new_root = codex_utils_absolute_path::AbsolutePathBuf::from_absolute_path(new_root)?; let server = responses::start_mock_server().await; let response_mock = responses::mount_sse_sequence( @@ -3210,6 +3375,177 @@ async fn turn_start_emits_spawn_agent_item_with_model_metadata_v2() -> Result<() assert_eq!(turn_completed.thread_id, thread.id); assert_eq!(turn_completed.turn.id, turn.turn.id); + // Reuse this live spawn setup to cover thread/delete's ThreadManager descendant path. + let delete_req = mcp + .send_thread_delete_request(ThreadDeleteParams { + thread_id: thread.id.clone(), + }) + .await?; + let delete_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(delete_req)), + ) + .await??; + let _: ThreadDeleteResponse = to_response::(delete_resp)?; + + let mut deleted_thread_ids = Vec::new(); + for _ in 0..2 { + let deleted_notif = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_notification_message("thread/deleted"), + ) + .await??; + let deleted: ThreadDeletedNotification = serde_json::from_value( + deleted_notif + .params + .expect("thread/deleted notification params"), + )?; + deleted_thread_ids.push(deleted.thread_id); + } + assert_eq!( + deleted_thread_ids, + vec![receiver_thread_id, thread.id.clone()] + ); + + let list_req = mcp + .send_thread_loaded_list_request(ThreadLoadedListParams::default()) + .await?; + let list_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(list_req)), + ) + .await??; + let ThreadLoadedListResponse { data, .. } = to_response::(list_resp)?; + assert_eq!(data, Vec::::new()); + + Ok(()) +} + +#[tokio::test] +async fn direct_input_to_multi_agent_v2_subagent_is_rejected() -> Result<()> { + const CHILD_PROMPT: &str = "child: do work"; + const PARENT_PROMPT: &str = "spawn a child and continue"; + const SPAWN_CALL_ID: &str = "spawn-call-direct-input-rejection"; + const ERROR_MESSAGE: &str = + "direct app-server input is not allowed for multi-agent v2 sub-agents"; + + let server = responses::start_mock_server().await; + let spawn_args = serde_json::to_string(&json!({ + "message": CHILD_PROMPT, + "task_name": "worker", + }))?; + let _parent_turn = responses::mount_sse_once_match( + &server, + |req: &wiremock::Request| body_contains(req, PARENT_PROMPT), + responses::sse(vec![ + responses::ev_response_created("resp-parent-1"), + responses::ev_function_call(SPAWN_CALL_ID, "spawn_agent", &spawn_args), + responses::ev_completed("resp-parent-1"), + ]), + ) + .await; + let codex_home = TempDir::new()?; + create_config_toml( + codex_home.path(), + &server.uri(), + "never", + &BTreeMap::from([(Feature::MultiAgentV2, true)]), + )?; + write_models_cache(codex_home.path())?; + + let mut mcp = TestAppServer::new(codex_home.path()).await?; + timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??; + + let thread_req = mcp + .send_thread_start_request(ThreadStartParams { + model: Some("gpt-5.3-codex".to_string()), + ..Default::default() + }) + .await?; + let thread_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(thread_req)), + ) + .await??; + let ThreadStartResponse { thread, .. } = to_response::(thread_resp)?; + + let turn_req = mcp + .send_turn_start_request(TurnStartParams { + thread_id: thread.id, + input: vec![V2UserInput::Text { + text: PARENT_PROMPT.to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + let turn_resp: JSONRPCResponse = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_response_message(RequestId::Integer(turn_req)), + ) + .await??; + let _: TurnStartResponse = to_response(turn_resp)?; + + let child_thread_id = timeout(DEFAULT_READ_TIMEOUT, async { + loop { + let completed_notif = mcp + .read_stream_until_notification_message("item/completed") + .await?; + let completed: ItemCompletedNotification = + serde_json::from_value(completed_notif.params.expect("item/completed params"))?; + if let ThreadItem::SubAgentActivity { + id, + kind: SubAgentActivityKind::Started, + agent_thread_id, + .. + } = completed.item + && id == SPAWN_CALL_ID + { + return Ok::(agent_thread_id); + } + } + }) + .await??; + + let direct_turn_req = mcp + .send_turn_start_request(TurnStartParams { + thread_id: child_thread_id.clone(), + input: vec![V2UserInput::Text { + text: "direct app-server turn".to_string(), + text_elements: Vec::new(), + }], + ..Default::default() + }) + .await?; + let direct_turn_error: JSONRPCError = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_error_message(RequestId::Integer(direct_turn_req)), + ) + .await??; + assert_eq!(direct_turn_error.error.code, INVALID_REQUEST_ERROR_CODE); + assert_eq!(direct_turn_error.error.message, ERROR_MESSAGE); + + let direct_steer_req = mcp + .send_turn_steer_request(TurnSteerParams { + thread_id: child_thread_id, + client_user_message_id: None, + input: vec![V2UserInput::Text { + text: "direct app-server steer".to_string(), + text_elements: Vec::new(), + }], + responsesapi_client_metadata: None, + additional_context: None, + expected_turn_id: "any-active-turn".to_string(), + }) + .await?; + let direct_steer_error: JSONRPCError = timeout( + DEFAULT_READ_TIMEOUT, + mcp.read_stream_until_error_message(RequestId::Integer(direct_steer_req)), + ) + .await??; + assert_eq!(direct_steer_error.error.code, INVALID_REQUEST_ERROR_CODE); + assert_eq!(direct_steer_error.error.message, ERROR_MESSAGE); + Ok(()) } diff --git a/codex-rs/app-server/tests/suite/v2/web_search.rs b/codex-rs/app-server/tests/suite/v2/web_search.rs index 13c595d1480..626767132b7 100644 --- a/codex-rs/app-server/tests/suite/v2/web_search.rs +++ b/codex-rs/app-server/tests/suite/v2/web_search.rs @@ -41,7 +41,7 @@ const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(60); const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(10); #[tokio::test] -async fn standalone_web_search_round_trips_encrypted_output() -> Result<()> { +async fn standalone_web_search_round_trips_output() -> Result<()> { let call_id = "web-run-1"; let server = responses::start_mock_server().await; mount_search_response(&server).await; @@ -170,8 +170,8 @@ async fn standalone_web_search_round_trips_encrypted_output() -> Result<()> { "type": "function_call_output", "call_id": call_id, "output": [{ - "type": "encrypted_content", - "encrypted_content": "ciphertext", + "type": "input_text", + "text": "Search result", }], }) ); @@ -259,6 +259,7 @@ async fn mount_search_response(server: &MockServer) { .and(path("/api/codex/alpha/search")) .respond_with(ResponseTemplate::new(200).set_body_json(json!({ "encrypted_output": "ciphertext", + "output": "Search result", }))) .expect(1) .mount(server) diff --git a/codex-rs/apply-patch/Cargo.toml b/codex-rs/apply-patch/Cargo.toml index 25843386185..8e1d7f651f4 100644 --- a/codex-rs/apply-patch/Cargo.toml +++ b/codex-rs/apply-patch/Cargo.toml @@ -20,6 +20,7 @@ workspace = true anyhow = { workspace = true } codex-exec-server = { workspace = true } codex-utils-absolute-path = { workspace = true } +codex-utils-path-uri = { workspace = true } similar = { workspace = true } thiserror = { workspace = true } tokio = { workspace = true, features = ["macros", "rt"] } diff --git a/codex-rs/apply-patch/src/invocation.rs b/codex-rs/apply-patch/src/invocation.rs index 1aa429e0d32..b66ee2291d1 100644 --- a/codex-rs/apply-patch/src/invocation.rs +++ b/codex-rs/apply-patch/src/invocation.rs @@ -21,6 +21,7 @@ use crate::parser::Hunk; use crate::parser::ParseError; use crate::parser::parse_patch; use crate::unified_diff_from_chunks; +use codex_utils_path_uri::PathUri; use std::str::Utf8Error; use tree_sitter::LanguageError; @@ -185,7 +186,18 @@ pub async fn verify_apply_patch_args( ); } Hunk::DeleteFile { .. } => { - let content = match fs.read_file_text(&path, sandbox).await { + let path_uri = match PathUri::from_abs_path(&path) { + Ok(path_uri) => path_uri, + Err(e) => { + return MaybeApplyPatchVerified::CorrectnessError( + ApplyPatchError::IoError(IoError { + context: format!("Failed to read {}", path.display()), + source: e, + }), + ); + } + }; + let content = match fs.read_file_text(&path_uri, sandbox).await { Ok(content) => content, Err(e) => { return MaybeApplyPatchVerified::CorrectnessError( diff --git a/codex-rs/apply-patch/src/lib.rs b/codex-rs/apply-patch/src/lib.rs index 29d42e1c072..0800ed04b66 100644 --- a/codex-rs/apply-patch/src/lib.rs +++ b/codex-rs/apply-patch/src/lib.rs @@ -16,6 +16,7 @@ use codex_exec_server::ExecutorFileSystem; use codex_exec_server::FileSystemSandboxContext; use codex_exec_server::RemoveOptions; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; pub use parser::Hunk; pub use parser::ParseError; use parser::ParseError::*; @@ -390,6 +391,7 @@ async fn apply_hunks_to_files( for hunk in hunks { let affected_path = hunk.path().to_path_buf(); let path_abs = hunk.resolve_path(cwd); + let path_uri = PathUri::from_abs_path(&path_abs)?; match hunk { Hunk::AddFile { contents, .. } => { let overwritten_content = @@ -415,7 +417,7 @@ async fn apply_hunks_to_files( } Hunk::DeleteFile { .. } => { note_existing_path_delta_support(&path_abs, fs, sandbox, &mut delta.exact).await; - let deleted_content = fs.read_file_text(&path_abs, sandbox).await.ok(); + let deleted_content = fs.read_file_text(&path_uri, sandbox).await.ok(); if deleted_content.is_none() { delta.exact = false; } @@ -424,7 +426,7 @@ async fn apply_hunks_to_files( .with_context(|| format!("Failed to delete file {}", path_abs.display()))?; if let Err(error) = fs .remove( - &path_abs, + &path_uri, RemoveOptions { recursive: false, force: false, @@ -488,7 +490,7 @@ async fn apply_hunks_to_files( })?; if let Err(error) = fs .remove( - &path_abs, + &path_uri, RemoveOptions { recursive: false, force: false, @@ -521,7 +523,7 @@ async fn apply_hunks_to_files( modified.push(affected_path); } else { try_write!( - fs.write_file(&path_abs, new_contents.clone().into_bytes(), sandbox) + fs.write_file(&path_uri, new_contents.clone().into_bytes(), sandbox) .await .with_context(|| format!( "Failed to write file {}", @@ -554,7 +556,8 @@ async fn ensure_not_directory( fs: &dyn ExecutorFileSystem, sandbox: Option<&FileSystemSandboxContext>, ) -> io::Result<()> { - let metadata = fs.get_metadata(path, sandbox).await?; + let path_uri = PathUri::from_abs_path(path)?; + let metadata = fs.get_metadata(&path_uri, sandbox).await?; if metadata.is_directory { return Err(io::Error::new( io::ErrorKind::InvalidInput, @@ -570,9 +573,12 @@ async fn remove_failure_was_side_effect_free( fs: &dyn ExecutorFileSystem, sandbox: Option<&FileSystemSandboxContext>, ) -> bool { + let Ok(path_uri) = PathUri::from_abs_path(path) else { + return false; + }; match expected_content { Some(expected_content) => fs - .read_file_text(path, sandbox) + .read_file_text(&path_uri, sandbox) .await .is_ok_and(|content| content == expected_content), None => false, @@ -586,7 +592,14 @@ async fn read_optional_file_text_for_delta( exact: &mut bool, ) -> Option { note_existing_path_delta_support(path, fs, sandbox, exact).await; - match fs.read_file_text(path, sandbox).await { + let path_uri = match PathUri::from_abs_path(path) { + Ok(path_uri) => path_uri, + Err(_) => { + *exact = false; + return None; + } + }; + match fs.read_file_text(&path_uri, sandbox).await { Ok(content) => Some(content), Err(source) if source.kind() == io::ErrorKind::NotFound => None, Err(_) => { @@ -602,7 +615,11 @@ async fn note_existing_path_delta_support( sandbox: Option<&FileSystemSandboxContext>, exact: &mut bool, ) { - match fs.get_metadata(path, sandbox).await { + let Ok(path_uri) = PathUri::from_abs_path(path) else { + *exact = false; + return; + }; + match fs.get_metadata(&path_uri, sandbox).await { Ok(metadata) if metadata.is_file && !metadata.is_symlink => {} Ok(_) => *exact = false, Err(source) if source.kind() == io::ErrorKind::NotFound => {} @@ -616,12 +633,14 @@ async fn write_file_with_missing_parent_retry( contents: Vec, sandbox: Option<&FileSystemSandboxContext>, ) -> anyhow::Result<()> { - match fs.write_file(path_abs, contents.clone(), sandbox).await { + let path_uri = PathUri::from_abs_path(path_abs)?; + match fs.write_file(&path_uri, contents.clone(), sandbox).await { Ok(()) => Ok(()), Err(err) if err.kind() == io::ErrorKind::NotFound => { if let Some(parent_abs) = path_abs.parent() { + let parent_uri = PathUri::from_abs_path(&parent_abs)?; fs.create_directory( - &parent_abs, + &parent_uri, CreateDirectoryOptions { recursive: true }, sandbox, ) @@ -633,7 +652,7 @@ async fn write_file_with_missing_parent_retry( ) })?; } - fs.write_file(path_abs, contents, sandbox) + fs.write_file(&path_uri, contents, sandbox) .await .with_context(|| format!("Failed to write file {}", path_abs.display()))?; Ok(()) @@ -657,7 +676,8 @@ async fn derive_new_contents_from_chunks( fs: &dyn ExecutorFileSystem, sandbox: Option<&FileSystemSandboxContext>, ) -> std::result::Result { - let original_contents = fs.read_file_text(path_abs, sandbox).await.map_err(|err| { + let path_uri = PathUri::from_abs_path(path_abs)?; + let original_contents = fs.read_file_text(&path_uri, sandbox).await.map_err(|err| { ApplyPatchError::IoError(IoError { context: format!("Failed to read file to update {}", path_abs.display()), source: err, diff --git a/codex-rs/arg0/Cargo.toml b/codex-rs/arg0/Cargo.toml index 55526b4d064..c806f011aa6 100644 --- a/codex-rs/arg0/Cargo.toml +++ b/codex-rs/arg0/Cargo.toml @@ -21,6 +21,7 @@ codex-linux-sandbox = { workspace = true } codex-sandboxing = { workspace = true } codex-shell-escalation = { workspace = true } codex-utils-absolute-path = { workspace = true } +codex-utils-file-lock = { workspace = true } codex-utils-home-dir = { workspace = true } dotenvy = { workspace = true } tempfile = { workspace = true } diff --git a/codex-rs/arg0/src/lib.rs b/codex-rs/arg0/src/lib.rs index ba254d57abf..512c9666213 100644 --- a/codex-rs/arg0/src/lib.rs +++ b/codex-rs/arg0/src/lib.rs @@ -8,6 +8,8 @@ use codex_apply_patch::CODEX_CORE_APPLY_PATCH_ARG1; use codex_exec_server::CODEX_FS_HELPER_ARG1; use codex_install_context::InstallContext; use codex_sandboxing::landlock::CODEX_LINUX_SANDBOX_ARG0; +use codex_utils_file_lock::TryFileLockOutcome; +use codex_utils_file_lock::try_lock_exclusive_optional; use codex_utils_home_dir::find_codex_home; #[cfg(unix)] use std::os::unix::fs::symlink; @@ -35,12 +37,12 @@ pub struct Arg0DispatchPaths { /// Keeps the per-session PATH entry alive and locked for the process lifetime. pub struct Arg0PathEntryGuard { _temp_dir: TempDir, - _lock_file: File, + _lock_file: Option, paths: Arg0DispatchPaths, } impl Arg0PathEntryGuard { - fn new(temp_dir: TempDir, lock_file: File, paths: Arg0DispatchPaths) -> Self { + fn new(temp_dir: TempDir, lock_file: Option, paths: Arg0DispatchPaths) -> Self { Self { _temp_dir: temp_dir, _lock_file: lock_file, @@ -364,7 +366,13 @@ fn prepare_path_entry_for_codex_aliases( .create(true) .truncate(false) .open(&lock_path)?; - lock_file.try_lock()?; + let lock_file = match try_lock_exclusive_optional(&lock_file)? { + TryFileLockOutcome::Acquired => Some(lock_file), + TryFileLockOutcome::Unsupported => None, + TryFileLockOutcome::WouldBlock => { + return Err(std::io::Error::from(std::io::ErrorKind::WouldBlock).into()); + } + }; for filename in &[ APPLY_PATCH_ARG0, @@ -497,10 +505,9 @@ fn try_lock_dir(dir: &Path) -> std::io::Result> { Err(err) => return Err(err), }; - match lock_file.try_lock() { - Ok(()) => Ok(Some(lock_file)), - Err(std::fs::TryLockError::WouldBlock) => Ok(None), - Err(err) => Err(err.into()), + match try_lock_exclusive_optional(&lock_file)? { + TryFileLockOutcome::Acquired => Ok(Some(lock_file)), + TryFileLockOutcome::WouldBlock | TryFileLockOutcome::Unsupported => Ok(None), } } @@ -715,7 +722,13 @@ mod tests { let dir = root.path().join("locked"); fs::create_dir(&dir)?; let lock_file = create_lock(&dir)?; - lock_file.try_lock()?; + match try_lock_exclusive_optional(&lock_file)? { + TryFileLockOutcome::Acquired => {} + TryFileLockOutcome::Unsupported => return Ok(()), + TryFileLockOutcome::WouldBlock => { + panic!("newly created lock file should not be locked"); + } + } janitor_cleanup(root.path())?; diff --git a/codex-rs/async-utils/Cargo.toml b/codex-rs/async-utils/Cargo.toml index 9f81ff818e6..093bbe0972b 100644 --- a/codex-rs/async-utils/Cargo.toml +++ b/codex-rs/async-utils/Cargo.toml @@ -8,7 +8,6 @@ license.workspace = true workspace = true [dependencies] -async-trait.workspace = true tokio = { workspace = true, features = ["macros", "rt", "rt-multi-thread", "time"] } tokio-util.workspace = true diff --git a/codex-rs/async-utils/src/lib.rs b/codex-rs/async-utils/src/lib.rs index bd880ae1fb9..caa3479a670 100644 --- a/codex-rs/async-utils/src/lib.rs +++ b/codex-rs/async-utils/src/lib.rs @@ -1,4 +1,3 @@ -use async_trait::async_trait; use std::future::Future; use tokio_util::sync::CancellationToken; @@ -7,14 +6,15 @@ pub enum CancelErr { Cancelled, } -#[async_trait] pub trait OrCancelExt: Sized { type Output; - async fn or_cancel(self, token: &CancellationToken) -> Result; + fn or_cancel( + self, + token: &CancellationToken, + ) -> impl Future> + Send; } -#[async_trait] impl OrCancelExt for F where F: Future + Send, diff --git a/codex-rs/backend-client/src/client.rs b/codex-rs/backend-client/src/client.rs index 24d27765909..52275eb4be5 100644 --- a/codex-rs/backend-client/src/client.rs +++ b/codex-rs/backend-client/src/client.rs @@ -4,6 +4,7 @@ use crate::types::ConfigBundleResponse; use crate::types::PaginatedListTaskListItem; use crate::types::RateLimitReachedKind as BackendRateLimitReachedKind; use crate::types::RateLimitStatusPayload; +use crate::types::TokenUsageProfile; use crate::types::TurnAttemptsSiblingTurnsResponse; use anyhow::Result; use codex_api::SharedAuthProvider; @@ -313,6 +314,20 @@ impl Client { self.decode_json(&url, &ct, &body) } + pub async fn get_token_usage_profile(&self) -> Result { + let url = self.token_usage_profile_url(); + let req = self.http.get(&url).headers(self.headers()); + let (body, ct) = self.exec_request(req, "GET", &url).await?; + self.decode_json(&url, &ct, &body) + } + + fn token_usage_profile_url(&self) -> String { + match self.path_style { + PathStyle::CodexApi => format!("{}/api/codex/profiles/me", self.base_url), + PathStyle::ChatGptApi => format!("{}/wham/profiles/me", self.base_url), + } + } + pub async fn send_add_credits_nudge_email( &self, credit_type: AddCreditsNudgeCreditType, @@ -883,29 +898,13 @@ mod tests { #[test] fn add_credits_nudge_email_uses_expected_paths_and_bodies() { - let codex_client = Client { - base_url: "https://example.test".to_string(), - http: reqwest::Client::new(), - auth_provider: codex_model_provider::unauthenticated_auth_provider(), - user_agent: None, - chatgpt_account_id: None, - chatgpt_account_is_fedramp: false, - path_style: PathStyle::CodexApi, - }; + let codex_client = test_client("https://example.test", PathStyle::CodexApi); assert_eq!( codex_client.send_add_credits_nudge_email_url(), "https://example.test/api/codex/accounts/send_add_credits_nudge_email" ); - let chatgpt_client = Client { - base_url: "https://chatgpt.com/backend-api".to_string(), - http: reqwest::Client::new(), - auth_provider: codex_model_provider::unauthenticated_auth_provider(), - user_agent: None, - chatgpt_account_id: None, - chatgpt_account_is_fedramp: false, - path_style: PathStyle::ChatGptApi, - }; + let chatgpt_client = test_client("https://chatgpt.com/backend-api", PathStyle::ChatGptApi); assert_eq!( chatgpt_client.send_add_credits_nudge_email_url(), "https://chatgpt.com/backend-api/wham/accounts/send_add_credits_nudge_email" @@ -926,4 +925,31 @@ mod tests { serde_json::json!({ "credit_type": "usage_limit" }) ); } + + #[test] + fn token_usage_profile_uses_expected_paths() { + let codex_client = test_client("https://example.test", PathStyle::CodexApi); + assert_eq!( + codex_client.token_usage_profile_url(), + "https://example.test/api/codex/profiles/me" + ); + + let chatgpt_client = test_client("https://chatgpt.com/backend-api", PathStyle::ChatGptApi); + assert_eq!( + chatgpt_client.token_usage_profile_url(), + "https://chatgpt.com/backend-api/wham/profiles/me" + ); + } + + fn test_client(base_url: &str, path_style: PathStyle) -> Client { + Client { + base_url: base_url.to_string(), + http: reqwest::Client::new(), + auth_provider: codex_model_provider::unauthenticated_auth_provider(), + user_agent: None, + chatgpt_account_id: None, + chatgpt_account_is_fedramp: false, + path_style, + } + } } diff --git a/codex-rs/backend-client/src/lib.rs b/codex-rs/backend-client/src/lib.rs index dfd7e816f66..e50fd8db40c 100644 --- a/codex-rs/backend-client/src/lib.rs +++ b/codex-rs/backend-client/src/lib.rs @@ -14,4 +14,7 @@ pub use types::DeliveredRequirementsToml; pub use types::DeliveredTomlFragment; pub use types::PaginatedListTaskListItem; pub use types::TaskListItem; +pub use types::TokenUsageProfile; +pub use types::TokenUsageProfileDailyBucket; +pub use types::TokenUsageProfileStats; pub use types::TurnAttemptsSiblingTurnsResponse; diff --git a/codex-rs/backend-client/src/types.rs b/codex-rs/backend-client/src/types.rs index 06989241fa4..3ccacbc8c94 100644 --- a/codex-rs/backend-client/src/types.rs +++ b/codex-rs/backend-client/src/types.rs @@ -409,6 +409,27 @@ pub struct TurnAttemptsSiblingTurnsResponse { pub sibling_turns: Vec>, } +#[derive(Clone, Debug, Deserialize, PartialEq, Eq)] +pub struct TokenUsageProfile { + pub stats: TokenUsageProfileStats, +} + +#[derive(Clone, Debug, Deserialize, PartialEq, Eq)] +pub struct TokenUsageProfileStats { + pub lifetime_tokens: Option, + pub peak_daily_tokens: Option, + pub longest_running_turn_sec: Option, + pub current_streak_days: Option, + pub longest_streak_days: Option, + pub daily_usage_buckets: Option>, +} + +#[derive(Clone, Debug, Deserialize, PartialEq, Eq)] +pub struct TokenUsageProfileDailyBucket { + pub start_date: String, + pub tokens: i64, +} + #[cfg(test)] mod tests { use super::*; diff --git a/codex-rs/chatgpt/src/connectors.rs b/codex-rs/chatgpt/src/connectors.rs index 63b34e73556..4bbf40813e5 100644 --- a/codex-rs/chatgpt/src/connectors.rs +++ b/codex-rs/chatgpt/src/connectors.rs @@ -14,6 +14,7 @@ use codex_connectors::merge::merge_plugin_connectors; use codex_core::config::Config; pub use codex_core::connectors::list_accessible_connectors_from_mcp_tools; pub use codex_core::connectors::list_accessible_connectors_from_mcp_tools_with_environment_manager; +pub use codex_core::connectors::list_accessible_connectors_from_mcp_tools_with_mcp_manager; pub use codex_core::connectors::list_accessible_connectors_from_mcp_tools_with_options; pub use codex_core::connectors::list_accessible_connectors_from_mcp_tools_with_options_and_status; pub use codex_core::connectors::list_cached_accessible_connectors_from_mcp_tools; diff --git a/codex-rs/chatgpt/src/workspace_settings.rs b/codex-rs/chatgpt/src/workspace_settings.rs index a1772155182..d5875adcf82 100644 --- a/codex-rs/chatgpt/src/workspace_settings.rs +++ b/codex-rs/chatgpt/src/workspace_settings.rs @@ -3,7 +3,6 @@ use std::sync::RwLock; use std::time::Duration; use std::time::Instant; -use anyhow::Context; use codex_core::config::Config; use codex_login::CodexAuth; use serde::Deserialize; @@ -93,20 +92,17 @@ pub async fn codex_plugins_enabled_for_workspace( return Ok(true); } - let token_data = auth - .get_token_data() - .context("ChatGPT token data is not available")?; - if !token_data.id_token.is_workspace_account() { + if !auth.is_workspace_account() { return Ok(true); } - let Some(account_id) = token_data.account_id.as_deref().filter(|id| !id.is_empty()) else { + let Some(account_id) = auth.get_account_id().filter(|id| !id.is_empty()) else { return Ok(true); }; let cache_key = WorkspaceSettingsCacheKey { chatgpt_base_url: config.chatgpt_base_url.clone(), - account_id: account_id.to_string(), + account_id: account_id.clone(), }; if let Some(cache) = cache && let Some(enabled) = cache.get_codex_plugins_enabled(&cache_key) @@ -114,7 +110,7 @@ pub async fn codex_plugins_enabled_for_workspace( return Ok(enabled); } - let encoded_account_id = encode_path_segment(account_id); + let encoded_account_id = encode_path_segment(&account_id); let settings: WorkspaceSettingsResponse = chatgpt_get_request_with_timeout( config, format!("/accounts/{encoded_account_id}/settings"), diff --git a/codex-rs/cli/BUILD.bazel b/codex-rs/cli/BUILD.bazel index a8a97cef004..97c868845b8 100644 --- a/codex-rs/cli/BUILD.bazel +++ b/codex-rs/cli/BUILD.bazel @@ -1,8 +1,12 @@ -load("//:defs.bzl", "MACOS_WEBRTC_RUSTC_LINK_FLAGS", "codex_rust_crate", "multiplatform_binaries") +load("//:defs.bzl", "MACOS_WEBRTC_RUSTC_LINK_FLAGS", "codex_rust_crate") +load("//bazel/platforms:release_binaries.bzl", "multiplatform_binaries") codex_rust_crate( name = "cli", crate_name = "codex_cli", + extra_binaries = [ + "//codex-rs/bwrap:bwrap", + ], rustc_flags_extra = MACOS_WEBRTC_RUSTC_LINK_FLAGS, ) diff --git a/codex-rs/cli/Cargo.toml b/codex-rs/cli/Cargo.toml index 6a4d78fbc74..727f367502e 100644 --- a/codex-rs/cli/Cargo.toml +++ b/codex-rs/cli/Cargo.toml @@ -33,6 +33,7 @@ codex-utils-cli = { workspace = true } codex-config = { workspace = true } codex-core = { workspace = true } codex-core-plugins = { workspace = true } +codex-home = { workspace = true } codex-exec = { workspace = true } codex-exec-server = { workspace = true } codex-execpolicy = { workspace = true } diff --git a/codex-rs/cli/src/debug_sandbox.rs b/codex-rs/cli/src/debug_sandbox.rs index 6d59bf7d234..a1931aced03 100644 --- a/codex-rs/cli/src/debug_sandbox.rs +++ b/codex-rs/cli/src/debug_sandbox.rs @@ -258,6 +258,9 @@ async fn run_command_under_sandbox( let network = network_proxy .as_ref() .map(codex_core::config::StartedNetworkProxy::proxy); + // Proxy containment depends on whether a proxy is active, not whether its + // policy came from managed requirements. + let enforce_managed_network = network.is_some(); let managed_mitm_ca_trust_bundle_path = match network.as_ref() { Some(network) => network.managed_mitm_ca_trust_bundle_path(), None => None, @@ -278,7 +281,7 @@ async fn run_command_under_sandbox( file_system_sandbox_policy: &file_system_sandbox_policy, network_sandbox_policy, sandbox_policy_cwd: sandbox_policy_cwd.as_path(), - enforce_managed_network: false, + enforce_managed_network, network: network.as_ref(), extra_allow_unix_sockets: allow_unix_sockets, }); @@ -311,7 +314,7 @@ async fn run_command_under_sandbox( &runtime_permission_profile, sandbox_policy_cwd.as_path(), use_legacy_landlock, - allow_network_for_proxy(managed_network_requirements_enabled), + allow_network_for_proxy(enforce_managed_network), ); spawn_debug_sandbox_child( codex_linux_sandbox_exe, diff --git a/codex-rs/cli/src/desktop_app/windows.rs b/codex-rs/cli/src/desktop_app/windows.rs index 932ca00cf2b..717c54dda48 100644 --- a/codex-rs/cli/src/desktop_app/windows.rs +++ b/codex-rs/cli/src/desktop_app/windows.rs @@ -11,13 +11,11 @@ pub async fn run_windows_app_open_or_install( workspace: PathBuf, download_url_override: Option, ) -> anyhow::Result<()> { - if let Some(app_id) = find_codex_app_id().await? { - eprintln!("Opening Codex Desktop..."); - open_installed_codex_app(&app_id).await?; - eprintln!( - "In Codex Desktop, open workspace {workspace}.", - workspace = display_workspace_path(&workspace) - ); + let workspace_path = workspace.display().to_string(); + let display_workspace = display_workspace_path(&workspace); + if codex_app_is_installed().await? { + eprintln!("Opening Codex Desktop workspace {display_workspace}..."); + open_url(&codex_new_thread_url(&workspace_path)).await?; return Ok(()); } @@ -28,14 +26,11 @@ pub async fn run_windows_app_open_or_install( if open_url(download_url).await.is_err() && download_url_override.is_none() { open_url(CODEX_MICROSOFT_STORE_WEB_URL).await?; } - eprintln!( - "After installing Codex Desktop, open workspace {workspace}.", - workspace = display_workspace_path(&workspace) - ); + eprintln!("After installing Codex Desktop, open workspace {display_workspace}."); Ok(()) } -async fn find_codex_app_id() -> anyhow::Result> { +async fn codex_app_is_installed() -> anyhow::Result { let output = Command::new("powershell.exe") .arg("-NoProfile") .arg("-Command") @@ -45,20 +40,10 @@ async fn find_codex_app_id() -> anyhow::Result> { .context("failed to invoke `powershell.exe`")?; if !output.status.success() { - return Ok(None); + return Ok(false); } - let app_id = String::from_utf8_lossy(&output.stdout).trim().to_string(); - if app_id.is_empty() { - Ok(None) - } else { - Ok(Some(app_id)) - } -} - -async fn open_installed_codex_app(app_id: &str) -> anyhow::Result<()> { - let target = format!("shell:AppsFolder\\{app_id}"); - open_shell_target(&target).await + Ok(!String::from_utf8_lossy(&output.stdout).trim().is_empty()) } async fn open_url(url: &str) -> anyhow::Result<()> { @@ -78,15 +63,11 @@ async fn open_url(url: &str) -> anyhow::Result<()> { } } -async fn open_shell_target(target: &str) -> anyhow::Result<()> { - // Explorer can successfully hand off shell targets and still return exit code 1. - let _status = Command::new("explorer.exe") - .arg(target) - .status() - .await - .with_context(|| format!("failed to open {target}"))?; - - Ok(()) +fn codex_new_thread_url(workspace: &str) -> String { + let mut serializer = url::form_urlencoded::Serializer::new(String::new()); + serializer.append_pair("path", workspace); + let query = serializer.finish(); + format!("codex://threads/new?{query}") } fn display_workspace_path(workspace: &Path) -> String { @@ -102,6 +83,7 @@ fn display_workspace_path(workspace: &Path) -> String { #[cfg(test)] mod tests { + use super::codex_new_thread_url; use super::display_workspace_path; use pretty_assertions::assert_eq; use std::path::Path; @@ -129,4 +111,20 @@ mod tests { r"C:\Users\fcoury\code\codex" ); } + + #[test] + fn codex_new_thread_url_encodes_windows_workspace_path() { + assert_eq!( + codex_new_thread_url(r"C:\Users\akuma\repos\koba"), + r"codex://threads/new?path=C%3A%5CUsers%5Cakuma%5Crepos%5Ckoba" + ); + } + + #[test] + fn codex_new_thread_url_preserves_verbatim_workspace_path() { + assert_eq!( + codex_new_thread_url(r"\\?\C:\Users\akuma\repos\koba"), + r"codex://threads/new?path=%5C%5C%3F%5CC%3A%5CUsers%5Cakuma%5Crepos%5Ckoba" + ); + } } diff --git a/codex-rs/cli/src/doctor.rs b/codex-rs/cli/src/doctor.rs index 2e53d5d51f1..0b7e7cfe7b2 100644 --- a/codex-rs/cli/src/doctor.rs +++ b/codex-rs/cli/src/doctor.rs @@ -682,7 +682,7 @@ fn structured_json_details(details: &[String]) -> (BTreeMap existing.push(value), None => { @@ -693,6 +693,21 @@ fn structured_json_details(details: &[String]) -> (BTreeMap String { + if matches!( + key, + "VISUAL" | "EDITOR" | "PAGER" | "GIT_PAGER" | "GH_PAGER" | "LESS" + ) && !value.eq_ignore_ascii_case("not set") + { + // Editor and pager configuration can contain arbitrary arguments or + // inline environment assignments. Keep full values local to human output + // because the JSON report may be attached to feedback. + "set".to_string() + } else { + value.to_string() + } +} + fn run_sync_check( label: &'static str, progress: Arc, @@ -1308,6 +1323,8 @@ fn stored_auth_mode(auth: &codex_login::AuthDotJson) -> &'static str { codex_app_server_protocol::AuthMode::Chatgpt => "chatgpt", codex_app_server_protocol::AuthMode::ChatgptAuthTokens => "chatgpt_auth_tokens", codex_app_server_protocol::AuthMode::AgentIdentity => "agent_identity", + codex_app_server_protocol::AuthMode::PersonalAccessToken => "personal_access_token", + codex_app_server_protocol::AuthMode::BedrockApiKey => "bedrock_api_key", } } @@ -1315,7 +1332,11 @@ fn stored_auth_mode_value(auth: &AuthDotJson) -> codex_app_server_protocol::Auth if let Some(mode) = auth.auth_mode { return mode; } - if auth.openai_api_key.is_some() { + if auth.personal_access_token.is_some() { + codex_app_server_protocol::AuthMode::PersonalAccessToken + } else if auth.bedrock_api_key.is_some() { + codex_app_server_protocol::AuthMode::BedrockApiKey + } else if auth.openai_api_key.is_some() { codex_app_server_protocol::AuthMode::ApiKey } else { codex_app_server_protocol::AuthMode::Chatgpt @@ -1380,6 +1401,20 @@ fn stored_auth_issues( issues.push("agent identity auth is missing an agent identity token"); } } + codex_app_server_protocol::AuthMode::PersonalAccessToken => { + if auth + .personal_access_token + .as_deref() + .is_none_or(|token| token.trim().is_empty()) + { + issues.push("personal access token auth is missing a personal access token"); + } + } + codex_app_server_protocol::AuthMode::BedrockApiKey => { + if auth.bedrock_api_key.is_none() { + issues.push("Bedrock API key auth is missing a Bedrock API key"); + } + } } issues } @@ -2114,8 +2149,9 @@ async fn state_check(config: &Config) -> DoctorCheck { }; let mut check = DoctorCheck::new("state.paths", "state", status, summary).details(details); if status == CheckStatus::Fail { - check = check - .remediation("Back up CODEX_HOME, then remove or repair the affected SQLite database."); + check = check.remediation( + "Move the damaged SQLite database aside, then restart the interactive CLI or app server so it can rebuild that runtime database from saved data. Other entry points may not rebuild automatically.", + ); } check } @@ -2408,6 +2444,8 @@ fn auth_mode_name(auth: &CodexAuth) -> &'static str { codex_app_server_protocol::AuthMode::Chatgpt => "chatgpt", codex_app_server_protocol::AuthMode::ChatgptAuthTokens => "chatgpt_auth_tokens", codex_app_server_protocol::AuthMode::AgentIdentity => "agent_identity", + codex_app_server_protocol::AuthMode::PersonalAccessToken => "personal_access_token", + codex_app_server_protocol::AuthMode::BedrockApiKey => "bedrock_api_key", } } @@ -2537,11 +2575,15 @@ fn provider_auth_reachability_mode_from_auth( return ProviderAuthReachabilityMode::Chatgpt; } match stored_auth.map(stored_auth_mode_value) { - Some(codex_app_server_protocol::AuthMode::ApiKey) => ProviderAuthReachabilityMode::ApiKey, + Some( + codex_app_server_protocol::AuthMode::ApiKey + | codex_app_server_protocol::AuthMode::BedrockApiKey, + ) => ProviderAuthReachabilityMode::ApiKey, Some( codex_app_server_protocol::AuthMode::Chatgpt | codex_app_server_protocol::AuthMode::ChatgptAuthTokens - | codex_app_server_protocol::AuthMode::AgentIdentity, + | codex_app_server_protocol::AuthMode::AgentIdentity + | codex_app_server_protocol::AuthMode::PersonalAccessToken, ) | None => ProviderAuthReachabilityMode::Chatgpt, } @@ -3212,6 +3254,18 @@ mod tests { overall_status: CheckStatus::Warning, codex_version: "0.0.0".to_string(), checks: vec![ + DoctorCheck::new( + "system.environment", + "system", + CheckStatus::Ok, + "OS language en-US", + ) + .detail("VISUAL: code --wait") + .detail("EDITOR: env AWS_ACCESS_KEY_ID=AKIAEXAMPLE vim") + .detail("PAGER: env PRIVATE_PAGER_VALUE=pager-secret less") + .detail("GIT_PAGER: delta") + .detail("GH_PAGER: less") + .detail("LESS: -FRX"), DoctorCheck::new( "mcp.config", "mcp", @@ -3246,8 +3300,35 @@ mod tests { assert!(!redacted.contains("user:pass")); assert!(!redacted.contains("x=abc")); assert!(!redacted.contains("sk-live-secret")); + assert!(!redacted.contains("AKIAEXAMPLE")); + assert!(!redacted.contains("pager-secret")); + assert!(!redacted.contains("code --wait")); assert!(redacted.contains("https://example.com/mcp")); assert_eq!(json["checks"].is_object(), true); + assert_eq!( + json["checks"]["system.environment"]["details"]["VISUAL"], + "set" + ); + assert_eq!( + json["checks"]["system.environment"]["details"]["EDITOR"], + "set" + ); + assert_eq!( + json["checks"]["system.environment"]["details"]["PAGER"], + "set" + ); + assert_eq!( + json["checks"]["system.environment"]["details"]["GIT_PAGER"], + "set" + ); + assert_eq!( + json["checks"]["system.environment"]["details"]["GH_PAGER"], + "set" + ); + assert_eq!( + json["checks"]["system.environment"]["details"]["LESS"], + "set" + ); assert_eq!(json["checks"]["mcp.config"]["id"], "mcp.config"); assert_eq!( json["checks"]["mcp.config"]["details"]["OPENAI_API_KEY"], @@ -3401,6 +3482,8 @@ mod tests { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; assert_eq!( @@ -3418,6 +3501,8 @@ mod tests { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; assert_eq!( @@ -3429,6 +3514,29 @@ mod tests { ); } + #[test] + fn stored_auth_validation_handles_personal_access_token() { + let mut auth = AuthDotJson { + auth_mode: None, + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: Some("at-test".to_string()), + bedrock_api_key: None, + }; + + assert_eq!(stored_auth_mode(&auth), "personal_access_token"); + assert!(stored_auth_issues(&auth, |_| false).is_empty()); + + auth.auth_mode = Some(codex_app_server_protocol::AuthMode::PersonalAccessToken); + auth.personal_access_token = None; + assert_eq!( + stored_auth_issues(&auth, |_| false), + vec!["personal access token auth is missing a personal access token"] + ); + } + #[test] fn provider_reachability_mode_uses_api_key_auth() { let api_key_auth = AuthDotJson { @@ -3437,6 +3545,8 @@ mod tests { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; assert_eq!( diff --git a/codex-rs/cli/src/doctor/output.rs b/codex-rs/cli/src/doctor/output.rs index 3f6e2f05d2b..81f92314821 100644 --- a/codex-rs/cli/src/doctor/output.rs +++ b/codex-rs/cli/src/doctor/output.rs @@ -1133,7 +1133,13 @@ mod tests { "OS language en-US", ) .detail("os: macOS 15.0") - .detail("os language: en-US"), + .detail("os language: en-US") + .detail("VISUAL: code --wait") + .detail("EDITOR: vim") + .detail("PAGER: less -R") + .detail("GIT_PAGER: delta") + .detail("GH_PAGER: less") + .detail("LESS: -FRX"), DoctorCheck::new( "runtime.provenance", "runtime", @@ -1246,6 +1252,12 @@ Environment ✓ system en-US os macOS 15.0 OS language en-US + VISUAL code --wait + EDITOR vim + PAGER less -R + GIT_PAGER delta + GH_PAGER less + LESS -FRX ✓ runtime running local build on darwin-arm64 ✓ install consistent managed by npm: no · bun: no · package root — diff --git a/codex-rs/cli/src/doctor/output/detail.rs b/codex-rs/cli/src/doctor/output/detail.rs index 6c6cf8633c2..05e7af404e7 100644 --- a/codex-rs/cli/src/doctor/output/detail.rs +++ b/codex-rs/cli/src/doctor/output/detail.rs @@ -62,6 +62,12 @@ fn system_details(parsed: &[ParsedDetail]) -> Vec { push_row_if_present(&mut out, parsed, "LC_ALL", "LC_ALL"); push_row_if_present(&mut out, parsed, "LC_CTYPE", "LC_CTYPE"); push_row_if_present(&mut out, parsed, "LANG", "LANG"); + push_row_if_present(&mut out, parsed, "VISUAL", "VISUAL"); + push_row_if_present(&mut out, parsed, "EDITOR", "EDITOR"); + push_row_if_present(&mut out, parsed, "PAGER", "PAGER"); + push_row_if_present(&mut out, parsed, "GIT_PAGER", "GIT_PAGER"); + push_row_if_present(&mut out, parsed, "GH_PAGER", "GH_PAGER"); + push_row_if_present(&mut out, parsed, "LESS", "LESS"); push_remaining( &mut out, parsed, @@ -73,6 +79,12 @@ fn system_details(parsed: &[ParsedDetail]) -> Vec { "LC_ALL", "LC_CTYPE", "LANG", + "VISUAL", + "EDITOR", + "PAGER", + "GIT_PAGER", + "GH_PAGER", + "LESS", ], &[], ); diff --git a/codex-rs/cli/src/doctor/snapshots/codex__doctor__output__tests__doctor_human_report_environment_rows.snap b/codex-rs/cli/src/doctor/snapshots/codex__doctor__output__tests__doctor_human_report_environment_rows.snap index 84d3441fb29..b3c8d1ee78e 100644 --- a/codex-rs/cli/src/doctor/snapshots/codex__doctor__output__tests__doctor_human_report_environment_rows.snap +++ b/codex-rs/cli/src/doctor/snapshots/codex__doctor__output__tests__doctor_human_report_environment_rows.snap @@ -13,6 +13,12 @@ Environment ✓ system en-US os macOS 15.0 OS language en-US + VISUAL code --wait + EDITOR vim + PAGER less -R + GIT_PAGER delta + GH_PAGER less + LESS -FRX ✓ runtime running local build on darwin-arm64 ✓ install consistent managed by npm: no · bun: no · package root — diff --git a/codex-rs/cli/src/doctor/system.rs b/codex-rs/cli/src/doctor/system.rs index c72b76561d0..cbab5aa1bf4 100644 --- a/codex-rs/cli/src/doctor/system.rs +++ b/codex-rs/cli/src/doctor/system.rs @@ -4,6 +4,9 @@ use std::env; use super::DoctorCheck; use super::LOCALE_ENV_VARS; +const EDITOR_ENV_VARS: &[&str] = &["VISUAL", "EDITOR"]; +const PAGER_ENV_VARS: &[&str] = &["PAGER", "GIT_PAGER", "GH_PAGER", "LESS"]; + #[derive(Clone, Debug, Default, Eq, PartialEq)] struct SystemCheckInputs { os: String, @@ -11,6 +14,8 @@ struct SystemCheckInputs { os_version: String, os_language: Option, locale_env: BTreeMap, + editor_env: BTreeMap, + pager_env: BTreeMap, } impl SystemCheckInputs { @@ -24,12 +29,30 @@ impl SystemCheckInputs { .map(|value| ((*name).to_string(), value)) }) .collect(); + let editor_env = EDITOR_ENV_VARS + .iter() + .map(|name| { + let value = env::var_os(name) + .map(|value| value.to_string_lossy().into_owned()) + .unwrap_or_else(|| "not set".to_string()); + ((*name).to_string(), value) + }) + .collect(); + let pager_env = PAGER_ENV_VARS + .iter() + .filter_map(|name| { + env::var_os(name) + .map(|value| ((*name).to_string(), value.to_string_lossy().into_owned())) + }) + .collect(); Self { os: info.to_string(), os_type: info.os_type().to_string(), os_version: info.version().to_string(), os_language: sys_locale::get_locale(), locale_env, + editor_env, + pager_env, } } } @@ -54,6 +77,16 @@ fn system_check_from_inputs(inputs: SystemCheckInputs) -> DoctorCheck { details.push(format!("{name}: {value}")); } } + for name in EDITOR_ENV_VARS { + if let Some(value) = inputs.editor_env.get(*name) { + details.push(format!("{name}: {value}")); + } + } + for name in PAGER_ENV_VARS { + if let Some(value) = inputs.pager_env.get(*name) { + details.push(format!("{name}: {value}")); + } + } let summary = inputs .os_language @@ -76,20 +109,46 @@ mod tests { use super::*; #[test] - fn system_check_reports_os_language_and_locale_env() { + fn system_check_reports_os_language_locale_editor_and_pager_env() { let mut locale_env = BTreeMap::new(); locale_env.insert("LANG".to_string(), "en_US.UTF-8".to_string()); + let editor_env = BTreeMap::from([ + ("EDITOR".to_string(), "vim".to_string()), + ("VISUAL".to_string(), "code --wait".to_string()), + ]); + let pager_env = BTreeMap::from([ + ("GH_PAGER".to_string(), "less".to_string()), + ("GIT_PAGER".to_string(), "delta".to_string()), + ("LESS".to_string(), "-FRX".to_string()), + ("PAGER".to_string(), "less -R".to_string()), + ]); let check = system_check_from_inputs(SystemCheckInputs { os: "macOS 15.0".to_string(), os_type: "macos".to_string(), os_version: "15.0".to_string(), os_language: Some("en-US".to_string()), locale_env, + editor_env, + pager_env, }); assert_eq!(check.summary, "OS language en-US"); - assert!(check.details.contains(&"os language: en-US".to_string())); - assert!(check.details.contains(&"LANG: en_US.UTF-8".to_string())); + assert_eq!( + check.details, + vec![ + "os: macOS 15.0", + "os type: macos", + "os version: 15.0", + "os language: en-US", + "LANG: en_US.UTF-8", + "VISUAL: code --wait", + "EDITOR: vim", + "PAGER: less -R", + "GIT_PAGER: delta", + "GH_PAGER: less", + "LESS: -FRX", + ] + ); } #[test] @@ -100,13 +159,24 @@ mod tests { os_version: "unknown".to_string(), os_language: None, locale_env: BTreeMap::new(), + editor_env: BTreeMap::from([ + ("EDITOR".to_string(), "not set".to_string()), + ("VISUAL".to_string(), "not set".to_string()), + ]), + pager_env: BTreeMap::new(), }); assert_eq!(check.summary, "OS language unavailable"); - assert!( - check - .details - .contains(&"os language: unavailable".to_string()) + assert_eq!( + check.details, + vec![ + "os: Linux", + "os type: linux", + "os version: unknown", + "os language: unavailable", + "VISUAL: not set", + "EDITOR: not set", + ] ); } } diff --git a/codex-rs/cli/src/lib.rs b/codex-rs/cli/src/lib.rs index 5e2ba0caa5b..4e63df187ea 100644 --- a/codex-rs/cli/src/lib.rs +++ b/codex-rs/cli/src/lib.rs @@ -26,7 +26,7 @@ pub use login::run_logout; #[derive(Debug, Parser)] pub struct SeatbeltCommand { /// Named permissions profile to apply from the active configuration stack. - #[arg(long = "permissions-profile", value_name = "NAME")] + #[arg(long = "permissions-profile", short = 'P', value_name = "NAME")] pub permissions_profile: Option, /// Layer $CODEX_HOME/.config.toml on top of the base user config. @@ -74,7 +74,7 @@ fn parse_allow_unix_socket_path(raw: &str) -> Result { #[derive(Debug, Parser)] pub struct LandlockCommand { /// Named permissions profile to apply from the active configuration stack. - #[arg(long = "permissions-profile", value_name = "NAME")] + #[arg(long = "permissions-profile", short = 'P', value_name = "NAME")] pub permissions_profile: Option, /// Layer $CODEX_HOME/.config.toml on top of the base user config. @@ -109,7 +109,7 @@ pub struct LandlockCommand { #[derive(Debug, Parser)] pub struct WindowsCommand { /// Named permissions profile to apply from the active configuration stack. - #[arg(long = "permissions-profile", value_name = "NAME")] + #[arg(long = "permissions-profile", short = 'P', value_name = "NAME")] pub permissions_profile: Option, /// Layer $CODEX_HOME/.config.toml on top of the base user config. diff --git a/codex-rs/cli/src/login.rs b/codex-rs/cli/src/login.rs index 6fdc62fdb12..64413617e1e 100644 --- a/codex-rs/cli/src/login.rs +++ b/codex-rs/cli/src/login.rs @@ -207,6 +207,7 @@ pub async fn run_login_with_access_token( &config.codex_home, &access_token, config.cli_auth_credentials_store_mode, + config.forced_chatgpt_workspace_id.as_deref(), Some(&config.chatgpt_base_url), ) .await @@ -391,6 +392,14 @@ pub async fn run_login_status(cli_config_overrides: CliConfigOverrides) -> ! { eprintln!("Logged in using access token"); std::process::exit(0); } + AuthMode::PersonalAccessToken => { + eprintln!("Logged in using personal access token"); + std::process::exit(0); + } + AuthMode::BedrockApiKey => { + eprintln!("Logged in using Amazon Bedrock API key"); + std::process::exit(0); + } }, Ok(None) => { eprintln!("Not logged in"); diff --git a/codex-rs/cli/src/main.rs b/codex-rs/cli/src/main.rs index 2a5ce171b7a..8b2c02ad190 100644 --- a/codex-rs/cli/src/main.rs +++ b/codex-rs/cli/src/main.rs @@ -36,10 +36,12 @@ use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_cli::CliConfigOverrides; use codex_utils_cli::ProfileV2Name; use codex_utils_cli::SharedCliOptions; -use codex_utils_cli::resume_hint; use owo_colors::OwoColorize; +use std::collections::HashSet; use std::io::IsTerminal; +use std::io::Write; use std::path::PathBuf; +use std::sync::Arc; use supports_color::Stream; #[cfg(any(target_os = "macos", target_os = "windows"))] @@ -74,6 +76,7 @@ use codex_core::config::resolve_profile_v2_config_path; use codex_features::FEATURES; use codex_features::Stage; use codex_features::is_known_feature_key; +use codex_home::CodexHomeUserInstructionsProvider; use codex_login::AuthManager; use codex_login::CodexAuth; use codex_login::read_codex_access_token_from_env; @@ -179,6 +182,9 @@ enum Subcommand { /// Archive a saved session by id or session name. Archive(SessionArchiveCommand), + /// Permanently delete a saved session by id or session name. + Delete(DeleteCommand), + /// Unarchive a saved session by id or session name. Unarchive(SessionArchiveCommand), @@ -324,7 +330,7 @@ struct ResumeCommand { remote: InteractiveRemoteOptions, #[clap(flatten)] - config_overrides: TuiCli, + config_overrides: SessionTuiCli, } #[derive(Debug, Parser)] @@ -353,6 +359,16 @@ struct SessionArchiveConfigOverrides { config_overrides: CliConfigOverrides, } +#[derive(Debug, Args)] +struct DeleteCommand { + #[clap(flatten)] + session: SessionArchiveCommand, + + /// Delete without prompting. SESSION must be a UUID. + #[arg(long, default_value_t = false)] + force: bool, +} + #[derive(Debug, Parser)] struct ForkCommand { /// Conversation/session id (UUID). When provided, forks this session. @@ -361,7 +377,7 @@ struct ForkCommand { session_id: Option, /// Fork the most recent session without showing the picker. - #[arg(long = "last", default_value_t = false, conflicts_with = "session_id")] + #[arg(long = "last", default_value_t = false)] last: bool, /// Show all sessions (disables cwd filtering and shows CWD column). @@ -372,7 +388,33 @@ struct ForkCommand { remote: InteractiveRemoteOptions, #[clap(flatten)] - config_overrides: TuiCli, + config_overrides: SessionTuiCli, +} + +/// TUI arguments for session commands where a parsed prompt implies an explicit session id. +/// +/// This keeps `--last PROMPT` valid while rejecting `--last SESSION_ID PROMPT`. +#[derive(Debug)] +struct SessionTuiCli(TuiCli); + +impl Args for SessionTuiCli { + fn augment_args(cmd: clap::Command) -> clap::Command { + TuiCli::augment_args(cmd).mut_arg("prompt", |arg| arg.conflicts_with("last")) + } + + fn augment_args_for_update(cmd: clap::Command) -> clap::Command { + TuiCli::augment_args_for_update(cmd).mut_arg("prompt", |arg| arg.conflicts_with("last")) + } +} + +impl clap::FromArgMatches for SessionTuiCli { + fn from_arg_matches(matches: &clap::ArgMatches) -> Result { + TuiCli::from_arg_matches(matches).map(Self) + } + + fn update_from_arg_matches(&mut self, matches: &clap::ArgMatches) -> Result<(), clap::Error> { + self.0.update_from_arg_matches(matches) + } } #[cfg(target_os = "macos")] @@ -658,10 +700,11 @@ fn parse_socket_path(raw: &str) -> Result { } fn format_exit_messages(exit_info: AppExitInfo, color_enabled: bool) -> Vec { + let is_fatal = matches!(&exit_info.exit_reason, ExitReason::Fatal(_)); let AppExitInfo { token_usage, thread_id: conversation_id, - thread_name, + resume_hint, .. } = exit_info; @@ -670,13 +713,15 @@ fn format_exit_messages(exit_info: AppExitInfo, color_enabled: bool) -> Vec Vec anyhow::Result<()> { - match exit_info.exit_reason { + let is_fatal = match &exit_info.exit_reason { ExitReason::Fatal(message) => { eprintln!("ERROR: {message}"); - std::process::exit(1); + true } - ExitReason::UserRequested => { /* normal exit */ } - } + ExitReason::UserRequested => false, + }; let update_action = exit_info.update_action; let color_enabled = supports_color::on(Stream::Stdout).is_some(); for line in format_exit_messages(exit_info, color_enabled) { println!("{line}"); } + if is_fatal { + std::io::stdout().flush()?; + std::process::exit(1); + } if let Some(action) = update_action { run_update_action(action)?; } @@ -802,6 +851,17 @@ async fn run_session_archive_cli_command( .map_err(|err| anyhow::anyhow!("{err}")) } +fn delete_action(target: &str, force: bool) -> anyhow::Result { + if force && codex_protocol::ThreadId::from_string(target).is_err() { + anyhow::bail!("--force requires a session UUID; names must be confirmed interactively"); + } + let confirmation = match force { + true => codex_tui::DeleteConfirmation::Skip, + false => codex_tui::DeleteConfirmation::Prompt, + }; + Ok(codex_tui::SessionArchiveAction::Delete(confirmation)) +} + async fn run_debug_app_server_command(cmd: DebugAppServerCommand) -> anyhow::Result<()> { match cmd.subcommand { DebugAppServerSubcommand::SendMessageV2(cmd) => { @@ -1172,6 +1232,7 @@ async fn cli_main(arg0_paths: Arg0DispatchPaths) -> anyhow::Result<()> { remote, config_overrides, })) => { + let SessionTuiCli(config_overrides) = config_overrides; interactive = finalize_resume_interactive( interactive, root_config_overrides.clone(), @@ -1205,6 +1266,20 @@ async fn cli_main(arg0_paths: Arg0DispatchPaths) -> anyhow::Result<()> { .await?; println!("{output}"); } + Some(Subcommand::Delete(DeleteCommand { session, force })) => { + let action = delete_action(&session.target, force)?; + let output = run_session_archive_cli_command( + action, + session, + interactive, + root_config_overrides.clone(), + root_remote.clone(), + root_remote_auth_token_env.clone(), + arg0_paths.clone(), + ) + .await?; + println!("{output}"); + } Some(Subcommand::Unarchive(cmd)) => { let output = run_session_archive_cli_command( codex_tui::SessionArchiveAction::Unarchive, @@ -1225,6 +1300,7 @@ async fn cli_main(arg0_paths: Arg0DispatchPaths) -> anyhow::Result<()> { remote, config_overrides, })) => { + let SessionTuiCli(config_overrides) = config_overrides; interactive = finalize_fork_interactive( interactive, root_config_overrides.clone(), @@ -1568,6 +1644,7 @@ fn profile_v2_for_subcommand<'a>( | Subcommand::Review(_) | Subcommand::Resume(_) | Subcommand::Archive(_) + | Subcommand::Delete(_) | Subcommand::Unarchive(_) | Subcommand::Fork(_) | Subcommand::Mcp(_) @@ -1576,7 +1653,7 @@ fn profile_v2_for_subcommand<'a>( subcommand: DebugSubcommand::PromptInput(_), }) => Ok(Some(profile_v2)), _ => anyhow::bail!( - "--profile only applies to runtime commands and `codex mcp`: `codex`, `codex exec`, `codex review`, `codex resume`, `codex archive`, `codex unarchive`, `codex fork`, `codex mcp`, `codex sandbox`, and `codex debug prompt-input`." + "--profile only applies to runtime commands and `codex mcp`: `codex`, `codex exec`, `codex review`, `codex resume`, `codex archive`, `codex delete`, `codex unarchive`, `codex fork`, `codex mcp`, `codex sandbox`, and `codex debug prompt-input`." ), } } @@ -1866,7 +1943,16 @@ async fn run_debug_prompt_input_command( }); } - let prompt_input = codex_core::build_prompt_input(config, input, /*state_db*/ None).await?; + let user_instructions_provider = Arc::new(CodexHomeUserInstructionsProvider::new( + config.codex_home.clone(), + )); + let prompt_input = codex_core::build_prompt_input( + config, + input, + /*state_db*/ None, + user_instructions_provider, + ) + .await?; println!("{}", serde_json::to_string_pretty(&prompt_input)?); Ok(()) @@ -1997,6 +2083,7 @@ fn unsupported_subcommand_name_for_strict_config( | Some(Subcommand::ExecServer(_)) | Some(Subcommand::Resume(_)) | Some(Subcommand::Archive(_)) + | Some(Subcommand::Delete(_)) | Some(Subcommand::Unarchive(_)) | Some(Subcommand::Fork(_)) | Some(Subcommand::Doctor(_)) => None, @@ -2160,7 +2247,7 @@ async fn run_interactive_tui( remote_endpoint.clone(), ) }; - let mut attempted_repair = false; + let mut attempted_backups = HashSet::new(); loop { let err = match start_tui().await { Ok(exit_info) => return Ok(exit_info), @@ -2173,25 +2260,25 @@ async fn run_interactive_tui( local_state_db::print_locked_guidance(startup_error); return Ok(AppExitInfo::fatal(startup_error.to_string())); } - if attempted_repair { + if !local_state_db::is_auto_backup_recoverable(startup_error) { local_state_db::print_diagnostic_guidance(startup_error); return Ok(AppExitInfo::fatal(startup_error.to_string())); } - if !local_state_db::confirm_repair(startup_error)? { + if !attempted_backups.insert(startup_error.database_path().to_path_buf()) { local_state_db::print_diagnostic_guidance(startup_error); return Ok(AppExitInfo::fatal(startup_error.to_string())); } - match local_state_db::repair_files(startup_error).await { - Ok(backups) => local_state_db::print_repair_backups(&backups), - Err(repair_err) => { + local_state_db::print_auto_backup_start(startup_error); + match local_state_db::backup_files_for_fresh_start(startup_error).await { + Ok(backups) => local_state_db::confirm_fresh_start_rebuild(startup_error, &backups)?, + Err(backup_err) => { local_state_db::print_diagnostic_guidance(startup_error); return Ok(AppExitInfo::fatal(format!( - "failed to repair Codex local data automatically: {repair_err}" + "failed to move damaged Codex local database files into a backup folder automatically: {backup_err}" ))); } } - attempted_repair = true; } } @@ -2252,11 +2339,18 @@ fn finalize_resume_interactive( last: bool, show_all: bool, include_non_interactive: bool, - resume_cli: TuiCli, + mut resume_cli: TuiCli, ) -> TuiCli { // Start with the parsed interactive CLI so resume shares the same // configuration surface area as `codex` without additional flags. - let resume_session_id = session_id; + // Clap assigns the first positional to `session_id`. With `--last`, reinterpret it as the + // prompt when no second positional prompt was provided. + let resume_session_id = if last && resume_cli.prompt.is_none() { + resume_cli.prompt = session_id; + None + } else { + session_id + }; interactive.resume_picker = resume_session_id.is_none() && !last; interactive.resume_last = last; interactive.resume_session_id = resume_session_id; @@ -2279,11 +2373,18 @@ fn finalize_fork_interactive( session_id: Option, last: bool, show_all: bool, - fork_cli: TuiCli, + mut fork_cli: TuiCli, ) -> TuiCli { // Start with the parsed interactive CLI so fork shares the same // configuration surface area as `codex` without additional flags. - let fork_session_id = session_id; + // Clap assigns the first positional to `session_id`. With `--last`, reinterpret it as the + // prompt when no second positional prompt was provided. + let fork_session_id = if last && fork_cli.prompt.is_none() { + fork_cli.prompt = session_id; + None + } else { + session_id + }; interactive.fork_picker = fork_session_id.is_none() && !last; interactive.fork_last = last; interactive.fork_session_id = fork_session_id; @@ -2448,6 +2549,7 @@ mod tests { else { unreachable!() }; + let SessionTuiCli(resume_cli) = resume_cli; finalize_resume_interactive( interactive, @@ -2480,6 +2582,7 @@ mod tests { else { unreachable!() }; + let SessionTuiCli(fork_cli) = fork_cli; finalize_fork_interactive(interactive, root_overrides, session_id, last, all, fork_cli) } @@ -2555,6 +2658,14 @@ mod tests { ); } + #[test] + fn import_remains_an_interactive_prompt() { + let cli = MultitoolCli::try_parse_from(["codex", "import"]).expect("parse"); + + assert!(cli.subcommand.is_none()); + assert_eq!(cli.interactive.prompt.as_deref(), Some("import")); + } + #[test] fn profile_v2_rejects_non_plain_names_at_parse_time() { assert!( @@ -2815,6 +2926,17 @@ mod tests { assert!(interactive.bypass_hook_trust); } + #[test] + fn delete_force_requires_uuid() { + assert!(delete_action("123e4567-e89b-12d3-a456-426614174000", true).is_ok()); + + let err = delete_action("my-thread", true).expect_err("name should require prompt"); + assert_eq!( + err.to_string(), + "--force requires a session UUID; names must be confirmed interactively" + ); + } + #[cfg(any(target_os = "macos", target_os = "linux", target_os = "windows"))] #[test] fn sandbox_parses_permissions_profile() { @@ -2836,6 +2958,21 @@ mod tests { assert_eq!(command.command, vec!["echo"]); } + #[cfg(any(target_os = "macos", target_os = "linux", target_os = "windows"))] + #[test] + fn sandbox_parses_permissions_profile_short_alias() { + let cli = + MultitoolCli::try_parse_from(["codex", "sandbox", "-P", ":workspace", "--", "echo"]) + .expect("parse"); + + let Some(Subcommand::Sandbox(command)) = cli.subcommand else { + panic!("expected sandbox command"); + }; + + assert_eq!(command.permissions_profile.as_deref(), Some(":workspace")); + assert_eq!(command.command, vec!["echo"]); + } + #[cfg(any(target_os = "macos", target_os = "linux", target_os = "windows"))] #[test] fn sandbox_parses_config_profile() { @@ -2918,12 +3055,13 @@ mod tests { total_tokens: 2, ..Default::default() }; + let thread_id = conversation_id + .map(ThreadId::from_string) + .map(Result::unwrap); AppExitInfo { token_usage, - thread_id: conversation_id - .map(ThreadId::from_string) - .map(Result::unwrap), - thread_name: thread_name.map(str::to_string), + thread_id, + resume_hint: codex_utils_cli::resume_hint(thread_name, thread_id), update_action: None, exit_reason: ExitReason::UserRequested, } @@ -2934,7 +3072,7 @@ mod tests { let exit_info = AppExitInfo { token_usage: TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::UserRequested, }; @@ -2942,6 +3080,40 @@ mod tests { assert!(lines.is_empty()); } + #[test] + fn format_exit_messages_includes_session_id_for_fatal_exit_without_resume_hint() { + let exit_info = AppExitInfo { + token_usage: TokenUsage::default(), + thread_id: Some(ThreadId::from_string("123e4567-e89b-12d3-a456-426614174000").unwrap()), + resume_hint: None, + update_action: None, + exit_reason: ExitReason::Fatal("boom".to_string()), + }; + let lines = format_exit_messages(exit_info, /*color_enabled*/ false); + assert_eq!( + lines, + vec!["Session ID: 123e4567-e89b-12d3-a456-426614174000".to_string()] + ); + } + + #[test] + fn format_exit_messages_includes_resume_hint_for_fatal_exit() { + let mut exit_info = sample_exit_info( + Some("123e4567-e89b-12d3-a456-426614174000"), + /*thread_name*/ None, + ); + exit_info.exit_reason = ExitReason::Fatal("boom".to_string()); + let lines = format_exit_messages(exit_info, /*color_enabled*/ false); + assert_eq!( + lines, + vec![ + "Token usage: total=2 input=0 output=2".to_string(), + "To continue this session, run codex resume 123e4567-e89b-12d3-a456-426614174000" + .to_string(), + ] + ); + } + #[test] fn format_exit_messages_includes_resume_hint_without_color() { let exit_info = sample_exit_info( @@ -3015,6 +3187,30 @@ mod tests { assert!(!interactive.resume_show_all); } + #[test] + fn resume_last_accepts_prompt_positional() { + let interactive = finalize_resume_from_args( + ["codex", "resume", "--last", "/compact focus on auth"].as_ref(), + ); + + assert!(!interactive.resume_picker); + assert!(interactive.resume_last); + assert_eq!(interactive.resume_session_id, None); + assert_eq!( + interactive.prompt.as_deref(), + Some("/compact focus on auth") + ); + } + + #[test] + fn resume_last_rejects_explicit_session_and_prompt() { + let err = + MultitoolCli::try_parse_from(["codex", "resume", "--last", "1234", "continue here"]) + .expect_err("--last with an explicit session and prompt should be rejected"); + + assert_eq!(err.kind(), clap::error::ErrorKind::ArgumentConflict); + } + #[test] fn resume_picker_logic_with_session_id() { let interactive = finalize_resume_from_args(["codex", "resume", "1234"].as_ref()); @@ -3024,6 +3220,17 @@ mod tests { assert!(!interactive.resume_show_all); } + #[test] + fn resume_with_session_id_accepts_prompt_positional() { + let interactive = + finalize_resume_from_args(["codex", "resume", "1234", "continue here"].as_ref()); + + assert!(!interactive.resume_picker); + assert!(!interactive.resume_last); + assert_eq!(interactive.resume_session_id.as_deref(), Some("1234")); + assert_eq!(interactive.prompt.as_deref(), Some("continue here")); + } + #[test] fn resume_all_flag_sets_show_all() { let interactive = finalize_resume_from_args(["codex", "resume", "--all"].as_ref()); @@ -3143,6 +3350,29 @@ mod tests { assert!(!interactive.fork_show_all); } + #[test] + fn fork_last_accepts_prompt_positional() { + let interactive = + finalize_fork_from_args(["codex", "fork", "--last", "/compact focus on auth"].as_ref()); + + assert!(!interactive.fork_picker); + assert!(interactive.fork_last); + assert_eq!(interactive.fork_session_id, None); + assert_eq!( + interactive.prompt.as_deref(), + Some("/compact focus on auth") + ); + } + + #[test] + fn fork_last_rejects_explicit_session_and_prompt() { + let err = + MultitoolCli::try_parse_from(["codex", "fork", "--last", "1234", "continue here"]) + .expect_err("--last with an explicit session and prompt should be rejected"); + + assert_eq!(err.kind(), clap::error::ErrorKind::ArgumentConflict); + } + #[test] fn fork_picker_logic_with_session_id() { let interactive = finalize_fork_from_args(["codex", "fork", "1234"].as_ref()); @@ -3152,6 +3382,17 @@ mod tests { assert!(!interactive.fork_show_all); } + #[test] + fn fork_with_session_id_accepts_prompt_positional() { + let interactive = + finalize_fork_from_args(["codex", "fork", "1234", "continue here"].as_ref()); + + assert!(!interactive.fork_picker); + assert!(!interactive.fork_last); + assert_eq!(interactive.fork_session_id.as_deref(), Some("1234")); + assert_eq!(interactive.prompt.as_deref(), Some("continue here")); + } + #[test] fn fork_all_flag_sets_show_all() { let interactive = finalize_fork_from_args(["codex", "fork", "--all"].as_ref()); diff --git a/codex-rs/cli/src/marketplace_cmd.rs b/codex-rs/cli/src/marketplace_cmd.rs index 95dba06f17b..b392bb53b93 100644 --- a/codex-rs/cli/src/marketplace_cmd.rs +++ b/codex-rs/cli/src/marketplace_cmd.rs @@ -5,16 +5,27 @@ use clap::Parser; use codex_core::config::Config; use codex_core::config::find_codex_home; use codex_core_plugins::PluginMarketplaceUpgradeOutcome; +use codex_core_plugins::PluginsConfigInput; use codex_core_plugins::PluginsManager; +use codex_core_plugins::installed_marketplaces::marketplace_install_root; +use codex_core_plugins::installed_marketplaces::resolve_configured_marketplace_root; use codex_core_plugins::marketplace::marketplace_root_dir; +use codex_core_plugins::marketplace_add::MarketplaceAddOutcome; use codex_core_plugins::marketplace_add::MarketplaceAddRequest; use codex_core_plugins::marketplace_add::add_marketplace; +use codex_core_plugins::marketplace_remove::MarketplaceRemoveOutcome; use codex_core_plugins::marketplace_remove::MarketplaceRemoveRequest; use codex_core_plugins::marketplace_remove::remove_marketplace; use codex_utils_cli::CliConfigOverrides; +use serde::Serialize; +use std::collections::HashMap; use std::collections::HashSet; +use std::path::Path; +use std::path::PathBuf; +use crate::plugin_cmd::JsonMarketplaceSource; use crate::plugin_cmd::configured_marketplace_snapshot_issues; +use crate::plugin_cmd::configured_marketplace_sources; #[derive(Debug, Parser)] #[command(bin_name = "codex plugin marketplace")] @@ -32,7 +43,7 @@ enum MarketplaceSubcommand { Add(AddMarketplaceArgs), /// List plugin marketplaces Codex is currently considering and their roots. - List, + List(ListMarketplaceArgs), /// Refresh configured Git marketplace snapshots. /// @@ -64,6 +75,18 @@ struct AddMarketplaceArgs { action = clap::ArgAction::Append )] sparse_paths: Vec, + + /// Output add result as JSON. + #[arg(long = "json")] + json: bool, +} + +#[derive(Debug, Parser)] +#[command(bin_name = "codex plugin marketplace list")] +struct ListMarketplaceArgs { + /// Output marketplace list as JSON. + #[arg(long = "json")] + json: bool, } #[derive(Debug, Parser)] @@ -75,6 +98,10 @@ struct UpgradeMarketplaceArgs { /// Optional configured marketplace name to upgrade. Omit to upgrade all Git marketplaces. #[arg(value_name = "MARKETPLACE_NAME")] marketplace_name: Option, + + /// Output upgrade result as JSON. + #[arg(long = "json")] + json: bool, } #[derive(Debug, Parser)] @@ -86,6 +113,10 @@ struct RemoveMarketplaceArgs { /// Configured marketplace name to remove. #[arg(value_name = "MARKETPLACE_NAME")] marketplace_name: String, + + /// Output remove result as JSON. + #[arg(long = "json")] + json: bool, } impl MarketplaceCli { @@ -101,7 +132,7 @@ impl MarketplaceCli { match subcommand { MarketplaceSubcommand::Add(args) => run_add(args).await?, - MarketplaceSubcommand::List => run_list(overrides).await?, + MarketplaceSubcommand::List(args) => run_list(overrides, args).await?, MarketplaceSubcommand::Upgrade(args) => run_upgrade(overrides, args).await?, MarketplaceSubcommand::Remove(args) => run_remove(args).await?, } @@ -115,6 +146,7 @@ async fn run_add(args: AddMarketplaceArgs) -> Result<()> { source, ref_name, sparse_paths, + json, } = args; let codex_home = find_codex_home().context("failed to resolve CODEX_HOME")?; @@ -128,6 +160,12 @@ async fn run_add(args: AddMarketplaceArgs) -> Result<()> { ) .await?; + if json { + let output = JsonMarketplaceAddOutput::from_outcome(outcome); + println!("{}", serde_json::to_string_pretty(&output)?); + return Ok(()); + } + if outcome.already_added { println!( "Marketplace `{}` is already added from {}.", @@ -147,7 +185,25 @@ async fn run_add(args: AddMarketplaceArgs) -> Result<()> { Ok(()) } -async fn run_list(overrides: Vec<(String, toml::Value)>) -> Result<()> { +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonMarketplaceAddOutput { + marketplace_name: String, + installed_root: String, + already_added: bool, +} + +impl JsonMarketplaceAddOutput { + fn from_outcome(outcome: MarketplaceAddOutcome) -> Self { + Self { + marketplace_name: outcome.marketplace_name, + installed_root: outcome.installed_root.as_path().display().to_string(), + already_added: outcome.already_added, + } + } +} + +async fn run_list(overrides: Vec<(String, toml::Value)>, args: ListMarketplaceArgs) -> Result<()> { let config = Config::load_with_cli_overrides(overrides) .await .context("failed to load configuration")?; @@ -191,6 +247,15 @@ async fn run_list(overrides: Vec<(String, toml::Value)>) -> Result<()> { bail!("failed to load marketplace(s):\n{issue_lines}"); } let marketplaces = marketplace_listing.marketplaces; + if args.json { + let marketplace_sources = + configured_marketplace_sources_by_root(config.codex_home.as_path(), &plugins_input); + let output = + JsonMarketplaceListOutput::from_marketplaces(marketplaces, &marketplace_sources); + println!("{}", serde_json::to_string_pretty(&output)?); + return Ok(()); + } + if marketplaces.is_empty() { println!("No plugin marketplaces in scope."); return Ok(()); @@ -227,11 +292,84 @@ async fn run_list(overrides: Vec<(String, toml::Value)>) -> Result<()> { Ok(()) } +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonMarketplaceListOutput { + marketplaces: Vec, +} + +impl JsonMarketplaceListOutput { + fn from_marketplaces( + marketplaces: Vec, + marketplace_sources: &HashMap, + ) -> Self { + let mut seen_roots = HashSet::new(); + let marketplaces = marketplaces + .into_iter() + .filter_map(|marketplace| { + let root = marketplace_root_dir(&marketplace.path).ok()?; + if !seen_roots.insert(root.clone()) { + return None; + } + Some(JsonMarketplaceListEntry { + marketplace_source: marketplace_sources.get(root.as_path()).cloned(), + name: marketplace.name, + root: root.display().to_string(), + }) + }) + .collect(); + + Self { marketplaces } + } +} + +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonMarketplaceListEntry { + name: String, + root: String, + #[serde(skip_serializing_if = "Option::is_none")] + marketplace_source: Option, +} + +fn configured_marketplace_sources_by_root( + codex_home: &Path, + plugins_input: &PluginsConfigInput, +) -> HashMap { + let marketplace_sources = configured_marketplace_sources(plugins_input); + let Some(user_config) = plugins_input.config_layer_stack.effective_user_config() else { + return HashMap::new(); + }; + let Some(marketplaces) = user_config + .get("marketplaces") + .and_then(toml::Value::as_table) + else { + return HashMap::new(); + }; + + let default_install_root = marketplace_install_root(codex_home); + marketplaces + .iter() + .filter_map(|(marketplace_name, marketplace)| { + let marketplace_source = marketplace_sources.get(marketplace_name)?; + let root = resolve_configured_marketplace_root( + marketplace_name, + marketplace, + &default_install_root, + )?; + Some((root, marketplace_source.clone())) + }) + .collect() +} + async fn run_upgrade( overrides: Vec<(String, toml::Value)>, args: UpgradeMarketplaceArgs, ) -> Result<()> { - let UpgradeMarketplaceArgs { marketplace_name } = args; + let UpgradeMarketplaceArgs { + marketplace_name, + json, + } = args; let config = Config::load_with_cli_overrides(overrides) .await .context("failed to load configuration")?; @@ -241,11 +379,18 @@ async fn run_upgrade( let outcome = manager .upgrade_configured_marketplaces_for_config(&plugins_input, marketplace_name.as_deref()) .map_err(anyhow::Error::msg)?; - print_upgrade_outcome(&outcome, marketplace_name.as_deref()) + if json { + print_upgrade_outcome_json(&outcome) + } else { + print_upgrade_outcome(&outcome, marketplace_name.as_deref()) + } } async fn run_remove(args: RemoveMarketplaceArgs) -> Result<()> { - let RemoveMarketplaceArgs { marketplace_name } = args; + let RemoveMarketplaceArgs { + marketplace_name, + json, + } = args; let codex_home = find_codex_home().context("failed to resolve CODEX_HOME")?; let outcome = remove_marketplace( codex_home.to_path_buf(), @@ -253,6 +398,12 @@ async fn run_remove(args: RemoveMarketplaceArgs) -> Result<()> { ) .await?; + if json { + let output = JsonMarketplaceRemoveOutput::from_outcome(outcome); + println!("{}", serde_json::to_string_pretty(&output)?); + return Ok(()); + } + println!("Removed marketplace `{}`.", outcome.marketplace_name); if let Some(installed_root) = outcome.removed_installed_root { println!( @@ -264,6 +415,76 @@ async fn run_remove(args: RemoveMarketplaceArgs) -> Result<()> { Ok(()) } +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonMarketplaceRemoveOutput { + marketplace_name: String, + installed_root: Option, +} + +impl JsonMarketplaceRemoveOutput { + fn from_outcome(outcome: MarketplaceRemoveOutcome) -> Self { + Self { + marketplace_name: outcome.marketplace_name, + installed_root: outcome + .removed_installed_root + .map(|root| root.as_path().display().to_string()), + } + } +} + +fn print_upgrade_outcome_json(outcome: &PluginMarketplaceUpgradeOutcome) -> Result<()> { + for error in &outcome.errors { + eprintln!( + "Failed to upgrade marketplace `{}`: {}", + error.marketplace_name, error.message + ); + } + if !outcome.all_succeeded() { + bail!("{} upgrade failure(s) occurred.", outcome.errors.len()); + } + + let output = JsonMarketplaceUpgradeOutput::from_outcome(outcome); + println!("{}", serde_json::to_string_pretty(&output)?); + Ok(()) +} + +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonMarketplaceUpgradeOutput { + selected_marketplaces: Vec, + upgraded_roots: Vec, + errors: Vec, +} + +impl JsonMarketplaceUpgradeOutput { + fn from_outcome(outcome: &PluginMarketplaceUpgradeOutcome) -> Self { + Self { + selected_marketplaces: outcome.selected_marketplaces.clone(), + upgraded_roots: outcome + .upgraded_roots + .iter() + .map(|root| root.display().to_string()) + .collect(), + errors: outcome + .errors + .iter() + .map(|error| JsonMarketplaceUpgradeError { + marketplace_name: error.marketplace_name.clone(), + message: error.message.clone(), + }) + .collect(), + } + } +} + +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonMarketplaceUpgradeError { + marketplace_name: String, + message: String, +} + fn print_upgrade_outcome( outcome: &PluginMarketplaceUpgradeOutcome, marketplace_name: Option<&str>, diff --git a/codex-rs/cli/src/plugin_cmd.rs b/codex-rs/cli/src/plugin_cmd.rs index 9ed2c1be6e2..d6e28b5da04 100644 --- a/codex-rs/cli/src/plugin_cmd.rs +++ b/codex-rs/cli/src/plugin_cmd.rs @@ -6,6 +6,7 @@ use codex_core::config::Config; use codex_core::config::find_codex_home; use codex_core_plugins::ConfiguredMarketplace; use codex_core_plugins::OPENAI_BUNDLED_MARKETPLACE_NAME; +use codex_core_plugins::PluginInstallOutcome; use codex_core_plugins::PluginInstallRequest; use codex_core_plugins::PluginsConfigInput; use codex_core_plugins::PluginsManager; @@ -20,6 +21,7 @@ use codex_plugin::PluginId; use codex_plugin::validate_plugin_segment; use codex_utils_cli::CliConfigOverrides; use serde::Serialize; +use std::collections::HashMap; use std::path::Path; use std::path::PathBuf; @@ -72,6 +74,10 @@ pub struct AddPluginArgs { /// Configured marketplace name to use when PLUGIN does not include @MARKETPLACE. #[arg(long = "marketplace", short = 'm', value_name = "MARKETPLACE")] marketplace_name: Option, + + /// Output install result as JSON. + #[arg(long = "json")] + json: bool, } #[derive(Debug, Parser)] @@ -106,6 +112,10 @@ pub struct RemovePluginArgs { /// Marketplace name to use when PLUGIN does not include @MARKETPLACE. #[arg(long = "marketplace", short = 'm', value_name = "MARKETPLACE")] marketplace_name: Option, + + /// Output remove result as JSON. + #[arg(long = "json")] + json: bool, } pub async fn run_plugin_add( @@ -117,11 +127,16 @@ pub async fn run_plugin_add( plugins_input, manager, } = load_plugin_command_context(overrides).await?; + let AddPluginArgs { + plugin, + marketplace_name, + json, + } = args; let PluginSelection { plugin_name, marketplace_name, .. - } = parse_plugin_selection(args.plugin, args.marketplace_name)?; + } = parse_plugin_selection(plugin, marketplace_name)?; let marketplace = find_marketplace_for_plugin( &manager, codex_home.as_path(), @@ -136,6 +151,12 @@ pub async fn run_plugin_add( }) .await?; + if json { + let output = JsonPluginAddOutput::from_outcome(outcome); + println!("{}", serde_json::to_string_pretty(&output)?); + return Ok(()); + } + println!( "Added plugin `{}` from marketplace `{}`.", outcome.plugin_id.plugin_name, outcome.plugin_id.marketplace_name @@ -148,6 +169,30 @@ pub async fn run_plugin_add( Ok(()) } +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonPluginAddOutput { + plugin_id: String, + name: String, + marketplace_name: String, + version: String, + installed_path: String, + auth_policy: &'static str, +} + +impl JsonPluginAddOutput { + fn from_outcome(outcome: PluginInstallOutcome) -> Self { + Self { + plugin_id: outcome.plugin_id.as_key(), + name: outcome.plugin_id.plugin_name, + marketplace_name: outcome.plugin_id.marketplace_name, + version: outcome.plugin_version, + installed_path: outcome.installed_path.as_path().display().to_string(), + auth_policy: auth_policy_label(outcome.auth_policy), + } + } +} + pub async fn run_plugin_list( overrides: Vec<(String, toml::Value)>, args: ListPluginsArgs, @@ -159,7 +204,7 @@ pub async fn run_plugin_list( .. } = load_plugin_command_context(overrides).await?; let outcome = manager - .list_marketplaces_for_config(&plugins_input, &[]) + .list_marketplaces_for_config(&plugins_input, &[], /*include_openai_curated*/ true) .context("failed to list marketplace plugins")?; ensure_configured_marketplace_snapshots_loaded( codex_home.as_path(), @@ -177,9 +222,14 @@ pub async fn run_plugin_list( .is_none_or(|name| marketplace.name == *name) }) .collect::>(); + let marketplace_sources = configured_marketplace_sources(&plugins_input); if args.json { - let output = JsonPluginListOutput::from_marketplaces(marketplaces, args.available); + let output = JsonPluginListOutput::from_marketplaces( + marketplaces, + args.available, + &marketplace_sources, + ); println!("{}", serde_json::to_string_pretty(&output)?); return Ok(()); } @@ -269,13 +319,19 @@ impl JsonPluginListOutput { fn from_marketplaces( marketplaces: Vec, include_available: bool, + marketplace_sources: &HashMap, ) -> Self { let mut installed = Vec::new(); let mut available = Vec::new(); for marketplace in marketplaces { + let marketplace_source = marketplace_sources.get(&marketplace.name).cloned(); for plugin in marketplace.plugins { - let entry = JsonPluginListEntry::from_configured_plugin(&marketplace.name, plugin); + let entry = JsonPluginListEntry::from_configured_plugin( + &marketplace.name, + marketplace_source.clone(), + plugin, + ); if entry.installed { installed.push(entry); } else if include_available { @@ -301,6 +357,8 @@ struct JsonPluginListEntry { installed: bool, enabled: bool, source: JsonPluginSource, + #[serde(skip_serializing_if = "Option::is_none")] + marketplace_source: Option, install_policy: &'static str, auth_policy: &'static str, } @@ -308,6 +366,7 @@ struct JsonPluginListEntry { impl JsonPluginListEntry { fn from_configured_plugin( marketplace_name: &str, + marketplace_source: Option, plugin: codex_core_plugins::ConfiguredMarketplacePlugin, ) -> Self { let version = plugin.installed_version.or(plugin.local_version); @@ -319,6 +378,7 @@ impl JsonPluginListEntry { installed: plugin.installed, enabled: plugin.enabled, source: JsonPluginSource::from_marketplace_source(plugin.source), + marketplace_source, install_policy: install_policy_label(plugin.policy.installation), auth_policy: auth_policy_label(plugin.policy.authentication), } @@ -375,6 +435,44 @@ impl JsonPluginSource { } } +#[derive(Debug, Clone, Serialize)] +#[serde(rename_all = "camelCase")] +pub(crate) struct JsonMarketplaceSource { + source_type: String, + source: String, +} + +pub(crate) fn configured_marketplace_sources( + plugins_input: &PluginsConfigInput, +) -> HashMap { + let Some(user_config) = plugins_input.config_layer_stack.effective_user_config() else { + return HashMap::new(); + }; + let Some(marketplaces) = user_config + .get("marketplaces") + .and_then(toml::Value::as_table) + else { + return HashMap::new(); + }; + + marketplaces + .iter() + .filter_map(|(marketplace_name, marketplace)| { + let source_type = marketplace + .get("source_type") + .and_then(toml::Value::as_str)?; + let source = marketplace.get("source").and_then(toml::Value::as_str)?; + Some(( + marketplace_name.clone(), + JsonMarketplaceSource { + source_type: source_type.to_string(), + source: source.to_string(), + }, + )) + }) + .collect() +} + fn install_policy_label(policy: MarketplacePluginInstallPolicy) -> &'static str { match policy { MarketplacePluginInstallPolicy::NotAvailable => "NOT_AVAILABLE", @@ -395,9 +493,22 @@ pub async fn run_plugin_remove( args: RemovePluginArgs, ) -> Result<()> { let PluginCommandContext { manager, .. } = load_plugin_command_context(overrides).await?; - let selection = parse_plugin_selection(args.plugin, args.marketplace_name)?; + let RemovePluginArgs { + plugin, + marketplace_name, + json, + } = args; + let selection = parse_plugin_selection(plugin, marketplace_name)?; + + manager + .uninstall_plugin(selection.plugin_key.clone()) + .await?; + if json { + let output = JsonPluginRemoveOutput::from_selection(selection); + println!("{}", serde_json::to_string_pretty(&output)?); + return Ok(()); + } - manager.uninstall_plugin(selection.plugin_key).await?; println!( "Removed plugin `{}` from marketplace `{}`.", selection.plugin_name, selection.marketplace_name @@ -406,6 +517,24 @@ pub async fn run_plugin_remove( Ok(()) } +#[derive(Debug, Serialize)] +#[serde(rename_all = "camelCase")] +struct JsonPluginRemoveOutput { + plugin_id: String, + name: String, + marketplace_name: String, +} + +impl JsonPluginRemoveOutput { + fn from_selection(selection: PluginSelection) -> Self { + Self { + plugin_id: selection.plugin_key, + name: selection.plugin_name, + marketplace_name: selection.marketplace_name, + } + } +} + struct PluginCommandContext { codex_home: PathBuf, plugins_input: PluginsConfigInput, @@ -480,7 +609,7 @@ fn find_marketplace_for_plugin( plugin_name: &str, ) -> Result { let outcome = manager - .list_marketplaces_for_config(plugins_input, &[]) + .list_marketplaces_for_config(plugins_input, &[], /*include_openai_curated*/ true) .context("failed to list marketplace plugins")?; ensure_configured_marketplace_snapshots_loaded( codex_home, diff --git a/codex-rs/cli/src/state_db_recovery.rs b/codex-rs/cli/src/state_db_recovery.rs index 7aeffaca3ae..89bb16643ce 100644 --- a/codex-rs/cli/src/state_db_recovery.rs +++ b/codex-rs/cli/src/state_db_recovery.rs @@ -1,10 +1,12 @@ -//! CLI recovery for local state database startup failures. +//! CLI handling for local state database startup failures. //! -//! This keeps user-facing repair and lock-contention handling out of the main +//! This keeps user-facing backup and lock-contention handling out of the main //! CLI dispatch path while preserving the TUI startup error as the boundary type. +use codex_state::RuntimeDbBackup; use codex_tui::LocalStateDbStartupError; -use std::path::PathBuf; +use std::io::IsTerminal; +use std::path::Path; pub(crate) fn startup_error(err: &std::io::Error) -> Option<&LocalStateDbStartupError> { err.get_ref() @@ -12,66 +14,60 @@ pub(crate) fn startup_error(err: &std::io::Error) -> Option<&LocalStateDbStartup } pub(crate) fn is_locked(detail: &str) -> bool { - let detail = detail.to_ascii_lowercase(); - detail.contains("database is locked") || detail.contains("database is busy") + codex_state::sqlite_error_detail_is_lock(detail) } -pub(crate) fn confirm_repair(startup_error: &LocalStateDbStartupError) -> std::io::Result { +pub(crate) fn is_corruption(detail: &str) -> bool { + codex_state::sqlite_error_detail_is_corruption(detail) +} + +pub(crate) fn is_auto_backup_recoverable(startup_error: &LocalStateDbStartupError) -> bool { + is_corruption(startup_error.detail()) || sqlite_home_is_blocking_file(startup_error) +} + +fn sqlite_home_is_blocking_file(startup_error: &LocalStateDbStartupError) -> bool { + startup_error + .database_path() + .parent() + .and_then(|path| std::fs::metadata(path).ok()) + .is_some_and(|metadata| metadata.is_file()) +} + +pub(crate) fn print_auto_backup_start(startup_error: &LocalStateDbStartupError) { eprintln!("Codex couldn't start because its local database appears to be damaged."); - eprintln!("Codex can try a safe repair by backing up those files and rebuilding them."); + eprintln!("Moving the damaged local database aside so Codex can rebuild it from saved data."); print_technical_details(startup_error); - crate::confirm("Repair Codex local data now? [y/N]: ") } -pub(crate) async fn repair_files( +pub(crate) async fn backup_files_for_fresh_start( startup_error: &LocalStateDbStartupError, -) -> std::io::Result> { - let state_db_path = startup_error.state_db_path(); - let sqlite_home = state_db_path.parent().ok_or_else(|| { - std::io::Error::other("state database path does not have a parent directory") - })?; - let timestamp = std::time::SystemTime::now() - .duration_since(std::time::UNIX_EPOCH) - .map_or(0, |duration| duration.as_secs()); - let repair_suffix = format!("codex-repair-{timestamp}"); - let mut backups = Vec::new(); - - match tokio::fs::metadata(sqlite_home).await { - Ok(metadata) if metadata.is_dir() => {} - Ok(_) => { - backups.push(backup_path(sqlite_home, &repair_suffix).await?); - tokio::fs::create_dir_all(sqlite_home).await?; - } - Err(err) if err.kind() == std::io::ErrorKind::NotFound => { - tokio::fs::create_dir_all(sqlite_home).await?; - } - Err(err) => return Err(err), - } - - for path in codex_state::runtime_db_paths(sqlite_home) - .into_iter() - .flat_map(|db| sqlite_paths(db.path.as_path())) - { - if tokio::fs::try_exists(path.as_path()).await? { - backups.push(backup_path(path.as_path(), &repair_suffix).await?); - } - } +) -> std::io::Result> { + codex_state::backup_runtime_db_for_fresh_start(startup_error.database_path()).await +} - if backups.is_empty() { - return Err(std::io::Error::other( - "no repairable Codex local data files were found", - )); +pub(crate) fn confirm_fresh_start_rebuild( + startup_error: &LocalStateDbStartupError, + backups: &[RuntimeDbBackup], +) -> std::io::Result<()> { + eprintln!("Codex rebuilt its local database."); + eprintln!( + "Codex detected a damaged local database, moved it into a backup folder, and will continue startup with a fresh database." + ); + eprintln!("Database path: {}", startup_error.database_path().display()); + if let Some(backup_folder) = backup_folder(backups) { + eprintln!("Backup folder: {}", backup_folder.display()); + } else { + eprintln!("Backup folder: unavailable"); } - Ok(backups) -} - -pub(crate) fn print_repair_backups(backups: &[PathBuf]) { - eprintln!("Backed up Codex local data before repair:"); - for backup in backups { - eprintln!(" {}", backup.display()); + if std::io::stdin().is_terminal() && std::io::stderr().is_terminal() { + eprintln!("Press Enter to continue."); + let mut input = String::new(); + std::io::stdin().read_line(&mut input)?; + } else { + eprintln!("Continuing startup with a fresh local database..."); } - eprintln!("Retrying startup with rebuilt local data..."); + Ok(()) } pub(crate) fn print_diagnostic_guidance(startup_error: &LocalStateDbStartupError) { @@ -87,79 +83,50 @@ pub(crate) fn print_locked_guidance(startup_error: &LocalStateDbStartupError) { print_technical_details(startup_error); } -fn sqlite_paths(db_path: &std::path::Path) -> Vec { - let mut wal_path = db_path.as_os_str().to_os_string(); - wal_path.push("-wal"); - let mut shm_path = db_path.as_os_str().to_os_string(); - shm_path.push("-shm"); - vec![ - db_path.to_path_buf(), - PathBuf::from(wal_path), - PathBuf::from(shm_path), - ] -} - -async fn backup_path(path: &std::path::Path, repair_suffix: &str) -> std::io::Result { - let file_name = path.file_name().ok_or_else(|| { - std::io::Error::other(format!( - "cannot create a repair backup name for {}", - path.display() - )) - })?; - let mut sequence = 0; - loop { - let mut backup_name = file_name.to_os_string(); - backup_name.push(format!(".{repair_suffix}.{sequence}.bak")); - let backup_path = path.with_file_name(backup_name); - if !tokio::fs::try_exists(backup_path.as_path()).await? { - tokio::fs::rename(path, backup_path.as_path()).await?; - return Ok(backup_path); - } - sequence += 1; - } -} - fn print_technical_details(startup_error: &LocalStateDbStartupError) { eprintln!("Technical details:"); - eprintln!(" Location: {}", startup_error.state_db_path().display()); + eprintln!(" Location: {}", startup_error.database_path().display()); eprintln!(" Cause: {}", startup_error.detail()); } +fn backup_folder(backups: &[RuntimeDbBackup]) -> Option<&Path> { + backups.first()?.backup_path.parent() +} + #[cfg(test)] mod tests { use super::*; use pretty_assertions::assert_eq; + use std::path::PathBuf; use tempfile::TempDir; #[tokio::test] - async fn repair_backs_up_owned_database_files() -> std::io::Result<()> { + async fn backup_backs_up_only_failed_database_file() -> std::io::Result<()> { let temp_dir = TempDir::new()?; let state_path = codex_state::state_db_path(temp_dir.path()); - let logs_path = codex_state::logs_db_path(temp_dir.path()); - let goals_path = codex_state::goals_db_path(temp_dir.path()); - let state_sidecars = sqlite_paths(state_path.as_path()); + let failed_db_path = codex_state::logs_db_path(temp_dir.path()); tokio::fs::write(state_path.as_path(), b"state").await?; - tokio::fs::write(state_sidecars[1].as_path(), b"state-wal").await?; - tokio::fs::write(logs_path.as_path(), b"logs").await?; - tokio::fs::write(goals_path.as_path(), b"goals").await?; + tokio::fs::write(failed_db_path.as_path(), b"logs").await?; let startup_error = - LocalStateDbStartupError::new(state_path.clone(), "corrupt".to_string()); - let backups = repair_files(&startup_error).await?; - - assert_eq!(backups.len(), 4); - assert!(!tokio::fs::try_exists(state_path.as_path()).await?); - assert!(!tokio::fs::try_exists(state_sidecars[1].as_path()).await?); - assert!(!tokio::fs::try_exists(logs_path.as_path()).await?); - assert!(!tokio::fs::try_exists(goals_path.as_path()).await?); - for backup in backups { - assert!(tokio::fs::try_exists(backup.as_path()).await?); - } + LocalStateDbStartupError::new(failed_db_path.clone(), "corrupt".to_string()); + let backups = backup_files_for_fresh_start(&startup_error).await?; + + assert_eq!( + backups + .iter() + .map(|backup| &backup.original_path) + .collect::>(), + vec![&failed_db_path] + ); + assert!(!tokio::fs::try_exists(failed_db_path.as_path()).await?); + assert!(tokio::fs::try_exists(state_path.as_path()).await?); + assert!(tokio::fs::try_exists(backups[0].backup_path.as_path()).await?); Ok(()) } #[tokio::test] - async fn repair_replaces_blocking_sqlite_home_file() -> std::io::Result<()> { + async fn backup_replaces_blocking_sqlite_home_file() -> std::io::Result<()> { let temp_dir = TempDir::new()?; let sqlite_home = temp_dir.path().join("sqlite-home"); tokio::fs::write(sqlite_home.as_path(), b"not-a-directory").await?; @@ -168,18 +135,25 @@ mod tests { "File exists".to_string(), ); - let backups = repair_files(&startup_error).await?; + assert!(is_auto_backup_recoverable(&startup_error)); + let backups = backup_files_for_fresh_start(&startup_error).await?; assert_eq!(backups.len(), 1); assert!(tokio::fs::metadata(sqlite_home.as_path()).await?.is_dir()); - assert!(tokio::fs::try_exists(backups[0].as_path()).await?); + assert!(tokio::fs::try_exists(backups[0].backup_path.as_path()).await?); Ok(()) } #[test] - fn lock_failures_skip_repair() { - assert!(is_locked("database is locked")); - assert!(is_locked("database is busy")); - assert!(!is_locked("database disk image is malformed")); + fn backup_folder_uses_parent_of_first_backup_path() { + let backups = vec![RuntimeDbBackup { + original_path: PathBuf::from("/tmp/state_5.sqlite"), + backup_path: PathBuf::from("/tmp/db-backups/sqlite-1-0/state_5.sqlite"), + }]; + + assert_eq!( + backup_folder(&backups), + Some(Path::new("/tmp/db-backups/sqlite-1-0")) + ); } } diff --git a/codex-rs/cli/tests/delete.rs b/codex-rs/cli/tests/delete.rs new file mode 100644 index 00000000000..854b87b56ee --- /dev/null +++ b/codex-rs/cli/tests/delete.rs @@ -0,0 +1,17 @@ +use predicates::prelude::*; + +#[test] +fn missing_session_fails_before_delete_confirmation() -> anyhow::Result<()> { + let codex_home = tempfile::tempdir()?; + let mut cmd = assert_cmd::Command::new(codex_utils_cargo_bin::cargo_bin("codex")?); + cmd.env("CODEX_HOME", codex_home.path()) + .args(["delete", "123e4567-e89b-12d3-a456-426614174000"]); + + cmd.assert() + .failure() + .stderr(predicate::str::contains( + "No active or archived session found matching", + )) + .stderr(predicate::str::contains("cannot confirm").not()); + Ok(()) +} diff --git a/codex-rs/cli/tests/marketplace_add.rs b/codex-rs/cli/tests/marketplace_add.rs index 5ab18e24c48..0439846a30f 100644 --- a/codex-rs/cli/tests/marketplace_add.rs +++ b/codex-rs/cli/tests/marketplace_add.rs @@ -1,8 +1,10 @@ use anyhow::Result; use codex_config::CONFIG_TOML_FILE; use codex_core_plugins::installed_marketplaces::marketplace_install_root; +use codex_utils_absolute_path::AbsolutePathBuf; use predicates::str::contains; use pretty_assertions::assert_eq; +use serde_json::json; use std::path::Path; use tempfile::TempDir; @@ -70,6 +72,41 @@ async fn marketplace_add_local_directory_source() -> Result<()> { Ok(()) } +#[tokio::test] +async fn marketplace_add_json_prints_add_outcome() -> Result<()> { + let codex_home = TempDir::new()?; + let source = TempDir::new()?; + write_marketplace_source(source.path(), "local ref")?; + let source_parent = source.path().parent().unwrap(); + let source_arg = format!("./{}", source.path().file_name().unwrap().to_string_lossy()); + + let assert = codex_command(codex_home.path())? + .current_dir(source_parent) + .args([ + "plugin", + "marketplace", + "add", + source_arg.as_str(), + "--json", + ]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + let expected_installed_root = AbsolutePathBuf::try_from(source.path().canonicalize()?)?; + + assert_eq!( + actual, + json!({ + "marketplaceName": "debug", + "installedRoot": expected_installed_root.as_path().display().to_string(), + "alreadyAdded": false, + }) + ); + + Ok(()) +} + #[tokio::test] async fn marketplace_add_rejects_local_manifest_file_source() -> Result<()> { let codex_home = TempDir::new()?; diff --git a/codex-rs/cli/tests/marketplace_remove.rs b/codex-rs/cli/tests/marketplace_remove.rs index 5c8c7a1f916..b124574106f 100644 --- a/codex-rs/cli/tests/marketplace_remove.rs +++ b/codex-rs/cli/tests/marketplace_remove.rs @@ -2,7 +2,10 @@ use anyhow::Result; use codex_config::MarketplaceConfigUpdate; use codex_config::record_user_marketplace; use codex_core_plugins::installed_marketplaces::marketplace_install_root; +use codex_utils_absolute_path::canonicalize_existing_preserving_symlinks; use predicates::str::contains; +use pretty_assertions::assert_eq; +use serde_json::json; use std::path::Path; use tempfile::TempDir; @@ -54,6 +57,32 @@ async fn marketplace_remove_deletes_config_and_installed_root() -> Result<()> { Ok(()) } +#[tokio::test] +async fn marketplace_remove_json_prints_remove_outcome() -> Result<()> { + let codex_home = TempDir::new()?; + record_user_marketplace(codex_home.path(), "debug", &configured_marketplace_update())?; + write_installed_marketplace(codex_home.path(), "debug")?; + let installed_root = marketplace_install_root(codex_home.path()).join("debug"); + let normalized_installed_root = canonicalize_existing_preserving_symlinks(&installed_root)?; + + let assert = codex_command(codex_home.path())? + .args(["plugin", "marketplace", "remove", "debug", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "marketplaceName": "debug", + "installedRoot": normalized_installed_root.display().to_string(), + }) + ); + + Ok(()) +} + #[tokio::test] async fn marketplace_remove_rejects_unknown_marketplace() -> Result<()> { let codex_home = TempDir::new()?; diff --git a/codex-rs/cli/tests/marketplace_upgrade.rs b/codex-rs/cli/tests/marketplace_upgrade.rs index 268d75358e9..a2cf11f4af3 100644 --- a/codex-rs/cli/tests/marketplace_upgrade.rs +++ b/codex-rs/cli/tests/marketplace_upgrade.rs @@ -1,5 +1,7 @@ use anyhow::Result; use predicates::str::contains; +use pretty_assertions::assert_eq; +use serde_json::json; use std::path::Path; use tempfile::TempDir; @@ -22,6 +24,29 @@ async fn marketplace_upgrade_runs_under_plugin() -> Result<()> { Ok(()) } +#[tokio::test] +async fn marketplace_upgrade_json_prints_upgrade_outcome() -> Result<()> { + let codex_home = TempDir::new()?; + + let assert = codex_command(codex_home.path())? + .args(["plugin", "marketplace", "upgrade", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "selectedMarketplaces": [], + "upgradedRoots": [], + "errors": [], + }) + ); + + Ok(()) +} + #[tokio::test] async fn marketplace_upgrade_no_longer_runs_at_top_level() -> Result<()> { let codex_home = TempDir::new()?; diff --git a/codex-rs/cli/tests/plugin_cli.rs b/codex-rs/cli/tests/plugin_cli.rs index 4ce36172114..c8bd7b54298 100644 --- a/codex-rs/cli/tests/plugin_cli.rs +++ b/codex-rs/cli/tests/plugin_cli.rs @@ -2,6 +2,7 @@ use anyhow::Result; use codex_config::CONFIG_TOML_FILE; use codex_config::MarketplaceConfigUpdate; use codex_config::record_user_marketplace; +use codex_utils_absolute_path::canonicalize_existing_preserving_symlinks; use predicates::prelude::PredicateBooleanExt; use predicates::str::contains; use pretty_assertions::assert_eq; @@ -337,6 +338,138 @@ async fn marketplace_list_shows_configured_marketplace_names() -> Result<()> { Ok(()) } +#[tokio::test] +async fn marketplace_list_json_prints_configured_marketplaces() -> Result<()> { + let (codex_home, source) = setup_local_marketplace()?; + let source_path = source.path().display().to_string(); + + let assert = codex_command(codex_home.path())? + .args(["plugin", "marketplace", "list", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "marketplaces": [ + { + "name": "debug", + "root": source_path, + "marketplaceSource": { + "sourceType": "local", + "source": source_path, + }, + }, + ], + }) + ); + + Ok(()) +} + +#[tokio::test] +async fn marketplace_list_json_includes_configured_git_marketplace_source() -> Result<()> { + let codex_home = TempDir::new()?; + let marketplace_root = codex_home + .path() + .join(".tmp") + .join("marketplaces") + .join("debug"); + write_plugins_enabled_config(codex_home.path())?; + write_marketplace_source(&marketplace_root)?; + let update = MarketplaceConfigUpdate { + last_updated: "2026-06-04T08:39:49Z", + last_revision: Some("abc123"), + source_type: "git", + source: "https://example.com/acme/agent-skills.git", + ref_name: None, + sparse_paths: &[], + }; + record_user_marketplace(codex_home.path(), "debug", &update)?; + let normalized_root = canonicalize_existing_preserving_symlinks(&marketplace_root)?; + + let assert = codex_command(codex_home.path())? + .args(["plugin", "marketplace", "list", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "marketplaces": [ + { + "name": "debug", + "root": normalized_root.display().to_string(), + "marketplaceSource": { + "sourceType": "git", + "source": "https://example.com/acme/agent-skills.git", + }, + }, + ], + }) + ); + + Ok(()) +} + +#[tokio::test] +async fn marketplace_list_json_keys_configured_source_by_root() -> Result<()> { + let codex_home = TempDir::new()?; + let home = TempDir::new()?; + let marketplace_root = codex_home + .path() + .join(".tmp") + .join("marketplaces") + .join("debug"); + write_plugins_enabled_config(codex_home.path())?; + write_marketplace_source(home.path())?; + write_marketplace_source(&marketplace_root)?; + let update = MarketplaceConfigUpdate { + last_updated: "2026-06-04T08:39:49Z", + last_revision: Some("abc123"), + source_type: "git", + source: "https://example.com/acme/agent-skills.git", + ref_name: None, + sparse_paths: &[], + }; + record_user_marketplace(codex_home.path(), "debug", &update)?; + let normalized_root = canonicalize_existing_preserving_symlinks(&marketplace_root)?; + + let assert = codex_command(codex_home.path())? + .env("HOME", home.path()) + .args(["plugin", "marketplace", "list", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "marketplaces": [ + { + "name": "debug", + "root": home.path().display().to_string(), + }, + { + "name": "debug", + "root": normalized_root.display().to_string(), + "marketplaceSource": { + "sourceType": "git", + "source": "https://example.com/acme/agent-skills.git", + }, + }, + ], + }) + ); + + Ok(()) +} + #[tokio::test] async fn marketplace_list_includes_home_marketplace_when_present() -> Result<()> { let codex_home = TempDir::new()?; @@ -495,6 +628,7 @@ async fn plugin_list_prints_plugins_in_a_table() -> Result<()> { async fn plugin_list_json_prints_available_plugins_when_requested() -> Result<()> { let (codex_home, source) = setup_local_marketplace()?; let plugin_path = source.path().join("plugins").join("sample"); + let source_path = source.path().to_string_lossy().into_owned(); let assert = codex_command(codex_home.path())? .args(["plugin", "list", "--available", "--json"]) @@ -519,6 +653,69 @@ async fn plugin_list_json_prints_available_plugins_when_requested() -> Result<() "source": "local", "path": plugin_path.display().to_string(), }, + "marketplaceSource": { + "sourceType": "local", + "source": source_path, + }, + "installPolicy": "AVAILABLE", + "authPolicy": "ON_INSTALL", + }, + ], + }) + ); + + Ok(()) +} + +#[tokio::test] +async fn plugin_list_json_includes_configured_git_marketplace_source() -> Result<()> { + let codex_home = TempDir::new()?; + let marketplace_root = codex_home + .path() + .join(".tmp") + .join("marketplaces") + .join("debug"); + write_plugins_enabled_config(codex_home.path())?; + write_marketplace_source(&marketplace_root)?; + let update = MarketplaceConfigUpdate { + last_updated: "2026-06-04T08:39:49Z", + last_revision: Some("abc123"), + source_type: "git", + source: "https://example.com/acme/agent-skills.git", + ref_name: None, + sparse_paths: &[], + }; + record_user_marketplace(codex_home.path(), "debug", &update)?; + let plugin_path = marketplace_root.join("plugins").join("sample"); + let normalized_plugin_path = canonicalize_existing_preserving_symlinks(&plugin_path)?; + + let assert = codex_command(codex_home.path())? + .args(["plugin", "list", "--available", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "installed": [], + "available": [ + { + "pluginId": "sample@debug", + "name": "sample", + "marketplaceName": "debug", + "version": "1.2.3", + "installed": false, + "enabled": false, + "source": { + "source": "local", + "path": normalized_plugin_path.display().to_string(), + }, + "marketplaceSource": { + "sourceType": "git", + "source": "https://example.com/acme/agent-skills.git", + }, "installPolicy": "AVAILABLE", "authPolicy": "ON_INSTALL", }, @@ -533,6 +730,7 @@ async fn plugin_list_json_prints_available_plugins_when_requested() -> Result<() async fn plugin_list_json_prints_installed_plugins() -> Result<()> { let (codex_home, source) = setup_local_marketplace()?; let plugin_path = source.path().join("plugins").join("sample"); + let source_path = source.path().to_string_lossy().into_owned(); codex_command(codex_home.path())? .args(["plugin", "add", "sample@debug"]) @@ -561,6 +759,10 @@ async fn plugin_list_json_prints_installed_plugins() -> Result<()> { "source": "local", "path": plugin_path.display().to_string(), }, + "marketplaceSource": { + "sourceType": "local", + "source": source_path, + }, "installPolicy": "AVAILABLE", "authPolicy": "ON_INSTALL", }, @@ -732,6 +934,69 @@ async fn plugin_add_and_remove_updates_installed_plugin_config() -> Result<()> { Ok(()) } +#[tokio::test] +async fn plugin_add_json_prints_install_outcome() -> Result<()> { + let (codex_home, _source) = setup_local_marketplace()?; + + let assert = codex_command(codex_home.path())? + .args(["plugin", "add", "sample@debug", "--json"]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + let installed_path = codex_home.path().join("plugins/cache/debug/sample/1.2.3"); + let normalized_installed_path = canonicalize_existing_preserving_symlinks(&installed_path)?; + + assert_eq!( + actual, + json!({ + "pluginId": "sample@debug", + "name": "sample", + "marketplaceName": "debug", + "version": "1.2.3", + "installedPath": normalized_installed_path.display().to_string(), + "authPolicy": "ON_INSTALL", + }) + ); + + Ok(()) +} + +#[tokio::test] +async fn plugin_remove_json_prints_remove_outcome() -> Result<()> { + let (codex_home, _source) = setup_local_marketplace()?; + + codex_command(codex_home.path())? + .args(["plugin", "add", "sample@debug"]) + .assert() + .success(); + + let assert = codex_command(codex_home.path())? + .args([ + "plugin", + "remove", + "sample", + "--marketplace", + "debug", + "--json", + ]) + .assert() + .success(); + let stdout = assert.get_output().stdout.as_slice(); + let actual: serde_json::Value = serde_json::from_slice(stdout)?; + + assert_eq!( + actual, + json!({ + "pluginId": "sample@debug", + "name": "sample", + "marketplaceName": "debug", + }) + ); + + Ok(()) +} + #[tokio::test] async fn plugin_add_rejects_unconfigured_repo_local_marketplaces() -> Result<()> { let (codex_home, source) = setup_unconfigured_local_marketplace()?; diff --git a/codex-rs/cli/tests/sandbox_network_proxy.rs b/codex-rs/cli/tests/sandbox_network_proxy.rs new file mode 100644 index 00000000000..22bdcce49d8 --- /dev/null +++ b/codex-rs/cli/tests/sandbox_network_proxy.rs @@ -0,0 +1,70 @@ +#![cfg(target_os = "linux")] + +use std::net::TcpListener; + +use anyhow::Result; +use tempfile::TempDir; + +const BWRAP_UNAVAILABLE_ERR: &str = "bubblewrap is unavailable"; + +#[test] +fn sandbox_with_network_proxy_blocks_direct_loopback_access() -> Result<()> { + let codex_home = TempDir::new()?; + let listener = TcpListener::bind("127.0.0.2:0")?; + let port = listener.local_addr()?.port(); + std::fs::write( + codex_home.path().join("config.toml"), + r#" +default_permissions = "network-test" + +[features] +network_proxy = true +use_legacy_landlock = true + +[permissions.network-test] +extends = ":workspace" + +[permissions.network-test.network] +enabled = true +mode = "full" +"#, + )?; + + let url = format!("http://127.0.0.2:{port}/"); + let output = std::process::Command::new(codex_utils_cargo_bin::cargo_bin("codex")?) + .env("CODEX_HOME", codex_home.path()) + .args([ + "sandbox", + "--permissions-profile", + "network-test", + "--", + "curl", + "--noproxy", + "*", + "--silent", + "--show-error", + "--connect-timeout", + "1", + "--max-time", + "2", + url.as_str(), + ]) + .output()?; + + let stderr = String::from_utf8_lossy(&output.stderr); + if stderr.contains(BWRAP_UNAVAILABLE_ERR) { + eprintln!("skipping network proxy sandbox test: bubblewrap is unavailable"); + return Ok(()); + } + + assert_eq!( + output.status.code(), + Some(7), + "expected direct loopback access to be blocked; status={:?}; stdout={}; stderr={}", + output.status.code(), + String::from_utf8_lossy(&output.stdout), + stderr, + ); + + Ok(()) +} diff --git a/codex-rs/cloud-config/src/cache.rs b/codex-rs/cloud-config/src/cache.rs index 1e686461590..e5d1d4dc84a 100644 --- a/codex-rs/cloud-config/src/cache.rs +++ b/codex-rs/cloud-config/src/cache.rs @@ -22,7 +22,7 @@ use tokio::fs; const CLOUD_CONFIG_BUNDLE_CACHE_VERSION: u32 = 1; pub(super) const CLOUD_CONFIG_BUNDLE_CACHE_FILENAME: &str = "cloud-config-bundle-cache.json"; -const CLOUD_CONFIG_BUNDLE_CACHE_TTL: Duration = Duration::from_secs(30 * 60); +const CLOUD_CONFIG_BUNDLE_CACHE_TTL: Duration = Duration::from_secs(60 * 60); const CLOUD_CONFIG_BUNDLE_CACHE_WRITE_HMAC_KEY: &[u8] = b"codex-cloud-config-bundle-cache-v1-6160ae70-bcfd-4ca8-a99b-40f73b3b072e"; const CLOUD_CONFIG_BUNDLE_CACHE_READ_HMAC_KEYS: &[&[u8]] = diff --git a/codex-rs/cloud-config/src/cache_tests.rs b/codex-rs/cloud-config/src/cache_tests.rs index 0416ed7e773..28899f930db 100644 --- a/codex-rs/cloud-config/src/cache_tests.rs +++ b/codex-rs/cloud-config/src/cache_tests.rs @@ -81,7 +81,7 @@ async fn save_writes_signed_payload_and_loads_for_matching_identity() { .expect("parse cache"); assert!( cache_file.signed_payload.expires_at - <= cache_file.signed_payload.cached_at + ChronoDuration::minutes(30) + <= cache_file.signed_payload.cached_at + ChronoDuration::minutes(60) ); assert!(cache_file.signed_payload.expires_at > cache_file.signed_payload.cached_at); assert_eq!( diff --git a/codex-rs/cloud-config/src/service.rs b/codex-rs/cloud-config/src/service.rs index eed94c0a105..1a7104bf523 100644 --- a/codex-rs/cloud-config/src/service.rs +++ b/codex-rs/cloud-config/src/service.rs @@ -32,7 +32,7 @@ use tokio::time::timeout; pub(crate) const CLOUD_CONFIG_BUNDLE_TIMEOUT: Duration = Duration::from_secs(15); const CLOUD_CONFIG_BUNDLE_MAX_ATTEMPTS: usize = 5; -const CLOUD_CONFIG_BUNDLE_CACHE_REFRESH_INTERVAL: Duration = Duration::from_secs(5 * 60); +const CLOUD_CONFIG_BUNDLE_CACHE_REFRESH_INTERVAL: Duration = Duration::from_secs(15 * 60); const CLOUD_CONFIG_BUNDLE_LOAD_FAILED_MESSAGE: &str = "Failed to load cloud config bundle (workspace-managed policies)."; const CLOUD_CONFIG_BUNDLE_AUTH_RECOVERY_FAILED_MESSAGE: &str = concat!( diff --git a/codex-rs/cloud-tasks-client/Cargo.toml b/codex-rs/cloud-tasks-client/Cargo.toml index df8ec12b206..dc07550d086 100644 --- a/codex-rs/cloud-tasks-client/Cargo.toml +++ b/codex-rs/cloud-tasks-client/Cargo.toml @@ -15,7 +15,6 @@ workspace = true [dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } chrono = { workspace = true, features = ["serde"] } codex-api = { workspace = true } codex-backend-client = { workspace = true } diff --git a/codex-rs/cloud-tasks-client/src/api.rs b/codex-rs/cloud-tasks-client/src/api.rs index 7059bdb39fd..a9c75dedc67 100644 --- a/codex-rs/cloud-tasks-client/src/api.rs +++ b/codex-rs/cloud-tasks-client/src/api.rs @@ -2,8 +2,11 @@ use chrono::DateTime; use chrono::Utc; use serde::Deserialize; use serde::Serialize; +use std::future::Future; +use std::pin::Pin; pub type Result = std::result::Result; +pub type CloudBackendFuture<'a, T> = Pin> + Send + 'a>>; #[derive(Debug, thiserror::Error)] pub enum CloudTaskError { @@ -130,41 +133,44 @@ impl Default for TaskText { } } -#[async_trait::async_trait] pub trait CloudBackend: Send + Sync { - async fn list_tasks( - &self, - env: Option<&str>, + fn list_tasks<'a>( + &'a self, + env: Option<&'a str>, limit: Option, - cursor: Option<&str>, - ) -> Result; - async fn get_task_summary(&self, id: TaskId) -> Result; - async fn get_task_diff(&self, id: TaskId) -> Result>; + cursor: Option<&'a str>, + ) -> CloudBackendFuture<'a, TaskListPage>; + fn get_task_summary(&self, id: TaskId) -> CloudBackendFuture<'_, TaskSummary>; + fn get_task_diff(&self, id: TaskId) -> CloudBackendFuture<'_, Option>; /// Return assistant output messages (no diff) when available. - async fn get_task_messages(&self, id: TaskId) -> Result>; + fn get_task_messages(&self, id: TaskId) -> CloudBackendFuture<'_, Vec>; /// Return the creating prompt and assistant messages (when available). - async fn get_task_text(&self, id: TaskId) -> Result; + fn get_task_text(&self, id: TaskId) -> CloudBackendFuture<'_, TaskText>; /// Return any sibling attempts (best-of-N) for the given assistant turn. - async fn list_sibling_attempts( + fn list_sibling_attempts( &self, task: TaskId, turn_id: String, - ) -> Result>; + ) -> CloudBackendFuture<'_, Vec>; /// Dry-run apply (preflight) that validates whether the patch would apply cleanly. /// Never modifies the working tree. When `diff_override` is supplied, the provided diff is /// used instead of re-fetching the task details so callers can apply alternate attempts. - async fn apply_task_preflight( + fn apply_task_preflight( &self, id: TaskId, diff_override: Option, - ) -> Result; - async fn apply_task(&self, id: TaskId, diff_override: Option) -> Result; - async fn create_task( + ) -> CloudBackendFuture<'_, ApplyOutcome>; + fn apply_task( &self, - env_id: &str, - prompt: &str, - git_ref: &str, + id: TaskId, + diff_override: Option, + ) -> CloudBackendFuture<'_, ApplyOutcome>; + fn create_task<'a>( + &'a self, + env_id: &'a str, + prompt: &'a str, + git_ref: &'a str, qa_mode: bool, best_of_n: usize, - ) -> Result; + ) -> CloudBackendFuture<'a, CreatedTask>; } diff --git a/codex-rs/cloud-tasks-client/src/http.rs b/codex-rs/cloud-tasks-client/src/http.rs index 46fed812bac..2f0fd613f79 100644 --- a/codex-rs/cloud-tasks-client/src/http.rs +++ b/codex-rs/cloud-tasks-client/src/http.rs @@ -2,6 +2,7 @@ use crate::ApplyOutcome; use crate::ApplyStatus; use crate::AttemptStatus; use crate::CloudBackend; +use crate::CloudBackendFuture; use crate::CloudTaskError; use crate::DiffSummary; use crate::Result; @@ -61,68 +62,77 @@ impl HttpClient { } } -#[async_trait::async_trait] impl CloudBackend for HttpClient { - async fn list_tasks( - &self, - env: Option<&str>, + fn list_tasks<'a>( + &'a self, + env: Option<&'a str>, limit: Option, - cursor: Option<&str>, - ) -> Result { - self.tasks_api().list(env, limit, cursor).await + cursor: Option<&'a str>, + ) -> CloudBackendFuture<'a, TaskListPage> { + Box::pin(async move { self.tasks_api().list(env, limit, cursor).await }) } - async fn get_task_summary(&self, id: TaskId) -> Result { - self.tasks_api().summary(id).await + fn get_task_summary(&self, id: TaskId) -> CloudBackendFuture<'_, TaskSummary> { + Box::pin(async move { self.tasks_api().summary(id).await }) } - async fn get_task_diff(&self, id: TaskId) -> Result> { - self.tasks_api().diff(id).await + fn get_task_diff(&self, id: TaskId) -> CloudBackendFuture<'_, Option> { + Box::pin(async move { self.tasks_api().diff(id).await }) } - async fn get_task_messages(&self, id: TaskId) -> Result> { - self.tasks_api().messages(id).await + fn get_task_messages(&self, id: TaskId) -> CloudBackendFuture<'_, Vec> { + Box::pin(async move { self.tasks_api().messages(id).await }) } - async fn get_task_text(&self, id: TaskId) -> Result { - self.tasks_api().task_text(id).await + fn get_task_text(&self, id: TaskId) -> CloudBackendFuture<'_, TaskText> { + Box::pin(async move { self.tasks_api().task_text(id).await }) } - async fn list_sibling_attempts( + fn list_sibling_attempts( &self, task: TaskId, turn_id: String, - ) -> Result> { - self.attempts_api().list(task, turn_id).await + ) -> CloudBackendFuture<'_, Vec> { + Box::pin(async move { self.attempts_api().list(task, turn_id).await }) } - async fn apply_task(&self, id: TaskId, diff_override: Option) -> Result { - self.apply_api() - .run(id, diff_override, /*preflight*/ false) - .await + fn apply_task( + &self, + id: TaskId, + diff_override: Option, + ) -> CloudBackendFuture<'_, ApplyOutcome> { + Box::pin(async move { + self.apply_api() + .run(id, diff_override, /*preflight*/ false) + .await + }) } - async fn apply_task_preflight( + fn apply_task_preflight( &self, id: TaskId, diff_override: Option, - ) -> Result { - self.apply_api() - .run(id, diff_override, /*preflight*/ true) - .await + ) -> CloudBackendFuture<'_, ApplyOutcome> { + Box::pin(async move { + self.apply_api() + .run(id, diff_override, /*preflight*/ true) + .await + }) } - async fn create_task( - &self, - env_id: &str, - prompt: &str, - git_ref: &str, + fn create_task<'a>( + &'a self, + env_id: &'a str, + prompt: &'a str, + git_ref: &'a str, qa_mode: bool, best_of_n: usize, - ) -> Result { - self.tasks_api() - .create(env_id, prompt, git_ref, qa_mode, best_of_n) - .await + ) -> CloudBackendFuture<'a, crate::CreatedTask> { + Box::pin(async move { + self.tasks_api() + .create(env_id, prompt, git_ref, qa_mode, best_of_n) + .await + }) } } diff --git a/codex-rs/cloud-tasks-client/src/lib.rs b/codex-rs/cloud-tasks-client/src/lib.rs index 8ed6469a533..a3f883403b0 100644 --- a/codex-rs/cloud-tasks-client/src/lib.rs +++ b/codex-rs/cloud-tasks-client/src/lib.rs @@ -4,6 +4,7 @@ pub use api::ApplyOutcome; pub use api::ApplyStatus; pub use api::AttemptStatus; pub use api::CloudBackend; +pub use api::CloudBackendFuture; pub use api::CloudTaskError; pub use api::CreatedTask; pub use api::DiffSummary; diff --git a/codex-rs/cloud-tasks-mock-client/Cargo.toml b/codex-rs/cloud-tasks-mock-client/Cargo.toml index b4531cff63b..b249b654e02 100644 --- a/codex-rs/cloud-tasks-mock-client/Cargo.toml +++ b/codex-rs/cloud-tasks-mock-client/Cargo.toml @@ -15,7 +15,6 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } chrono = { workspace = true } codex-cloud-tasks-client = { workspace = true } diffy = { workspace = true } diff --git a/codex-rs/cloud-tasks-mock-client/src/mock.rs b/codex-rs/cloud-tasks-mock-client/src/mock.rs index 4bde0e93b99..08fadee371c 100644 --- a/codex-rs/cloud-tasks-mock-client/src/mock.rs +++ b/codex-rs/cloud-tasks-mock-client/src/mock.rs @@ -3,6 +3,7 @@ use codex_cloud_tasks_client::ApplyOutcome; use codex_cloud_tasks_client::ApplyStatus; use codex_cloud_tasks_client::AttemptStatus; use codex_cloud_tasks_client::CloudBackend; +use codex_cloud_tasks_client::CloudBackendFuture; use codex_cloud_tasks_client::CloudTaskError; use codex_cloud_tasks_client::CreatedTask; use codex_cloud_tasks_client::DiffSummary; @@ -17,8 +18,7 @@ use codex_cloud_tasks_client::TurnAttempt; #[derive(Clone, Default)] pub struct MockClient; -#[async_trait::async_trait] -impl CloudBackend for MockClient { +impl MockClient { async fn list_tasks( &self, _env: Option<&str>, @@ -160,6 +160,70 @@ impl CloudBackend for MockClient { } } +impl CloudBackend for MockClient { + fn list_tasks<'a>( + &'a self, + env: Option<&'a str>, + limit: Option, + cursor: Option<&'a str>, + ) -> CloudBackendFuture<'a, TaskListPage> { + Box::pin(MockClient::list_tasks(self, env, limit, cursor)) + } + + fn get_task_summary(&self, id: TaskId) -> CloudBackendFuture<'_, TaskSummary> { + Box::pin(MockClient::get_task_summary(self, id)) + } + + fn get_task_diff(&self, id: TaskId) -> CloudBackendFuture<'_, Option> { + Box::pin(MockClient::get_task_diff(self, id)) + } + + fn get_task_messages(&self, id: TaskId) -> CloudBackendFuture<'_, Vec> { + Box::pin(MockClient::get_task_messages(self, id)) + } + + fn get_task_text(&self, id: TaskId) -> CloudBackendFuture<'_, TaskText> { + Box::pin(MockClient::get_task_text(self, id)) + } + + fn apply_task( + &self, + id: TaskId, + diff_override: Option, + ) -> CloudBackendFuture<'_, ApplyOutcome> { + Box::pin(MockClient::apply_task(self, id, diff_override)) + } + + fn apply_task_preflight( + &self, + id: TaskId, + diff_override: Option, + ) -> CloudBackendFuture<'_, ApplyOutcome> { + Box::pin(MockClient::apply_task_preflight(self, id, diff_override)) + } + + fn list_sibling_attempts( + &self, + task: TaskId, + turn_id: String, + ) -> CloudBackendFuture<'_, Vec> { + Box::pin(MockClient::list_sibling_attempts(self, task, turn_id)) + } + + fn create_task<'a>( + &'a self, + env_id: &'a str, + prompt: &'a str, + git_ref: &'a str, + qa_mode: bool, + best_of_n: usize, + ) -> CloudBackendFuture<'a, CreatedTask> { + Box::pin(MockClient::create_task( + self, env_id, prompt, git_ref, qa_mode, best_of_n, + )) + } +} + fn mock_diff_for(id: &TaskId) -> String { match id.0.as_str() { "T-1000" => { diff --git a/codex-rs/cloud-tasks/Cargo.toml b/codex-rs/cloud-tasks/Cargo.toml index 7bdcaaddbaa..e7997259a58 100644 --- a/codex-rs/cloud-tasks/Cargo.toml +++ b/codex-rs/cloud-tasks/Cargo.toml @@ -39,8 +39,5 @@ tracing = { workspace = true, features = ["log"] } tracing-subscriber = { workspace = true, features = ["env-filter"] } unicode-width = { workspace = true } -[dependencies.async-trait] -workspace = true - [dev-dependencies] pretty_assertions = { workspace = true } diff --git a/codex-rs/cloud-tasks/src/app.rs b/codex-rs/cloud-tasks/src/app.rs index aa02be97f1b..7b227f07460 100644 --- a/codex-rs/cloud-tasks/src/app.rs +++ b/codex-rs/cloud-tasks/src/app.rs @@ -354,6 +354,7 @@ pub enum AppEvent { mod tests { use super::*; use chrono::Utc; + use codex_cloud_tasks_client::CloudBackendFuture; use codex_cloud_tasks_client::CloudTaskError; struct FakeBackend { @@ -361,14 +362,13 @@ mod tests { by_env: std::collections::HashMap, Vec<&'static str>>, } - #[async_trait::async_trait] - impl codex_cloud_tasks_client::CloudBackend for FakeBackend { + impl FakeBackend { async fn list_tasks( &self, env: Option<&str>, limit: Option, cursor: Option<&str>, - ) -> codex_cloud_tasks_client::Result { + ) -> Result { let key = env.map(str::to_string); let titles = self .by_env @@ -404,10 +404,7 @@ mod tests { }) } - async fn get_task_summary( - &self, - id: TaskId, - ) -> codex_cloud_tasks_client::Result { + async fn get_task_summary(&self, id: TaskId) -> Result { self.list_tasks(/*env*/ None, /*limit*/ None, /*cursor*/ None) .await? .tasks @@ -416,25 +413,10 @@ mod tests { .ok_or_else(|| CloudTaskError::Msg(format!("Task {} not found", id.0))) } - async fn get_task_diff( - &self, - _id: TaskId, - ) -> codex_cloud_tasks_client::Result> { - Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( - "not used in test", - )) - } - - async fn get_task_messages( - &self, - _id: TaskId, - ) -> codex_cloud_tasks_client::Result> { - Ok(vec![]) - } async fn get_task_text( &self, _id: TaskId, - ) -> codex_cloud_tasks_client::Result { + ) -> Result { Ok(codex_cloud_tasks_client::TaskText { prompt: Some("Example prompt".to_string()), messages: Vec::new(), @@ -444,46 +426,86 @@ mod tests { attempt_status: codex_cloud_tasks_client::AttemptStatus::Completed, }) } + } + + impl codex_cloud_tasks_client::CloudBackend for FakeBackend { + fn list_tasks<'a>( + &'a self, + env: Option<&'a str>, + limit: Option, + cursor: Option<&'a str>, + ) -> CloudBackendFuture<'a, codex_cloud_tasks_client::TaskListPage> { + Box::pin(FakeBackend::list_tasks(self, env, limit, cursor)) + } + + fn get_task_summary(&self, id: TaskId) -> CloudBackendFuture<'_, TaskSummary> { + Box::pin(FakeBackend::get_task_summary(self, id)) + } + + fn get_task_diff(&self, _id: TaskId) -> CloudBackendFuture<'_, Option> { + Box::pin(async { + Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( + "not used in test", + )) + }) + } + + fn get_task_messages(&self, _id: TaskId) -> CloudBackendFuture<'_, Vec> { + Box::pin(async { Ok(vec![]) }) + } - async fn list_sibling_attempts( + fn get_task_text( + &self, + id: TaskId, + ) -> CloudBackendFuture<'_, codex_cloud_tasks_client::TaskText> { + Box::pin(FakeBackend::get_task_text(self, id)) + } + + fn list_sibling_attempts( &self, _task: TaskId, _turn_id: String, - ) -> codex_cloud_tasks_client::Result> { - Ok(Vec::new()) + ) -> CloudBackendFuture<'_, Vec> { + Box::pin(async { Ok(Vec::new()) }) } - async fn apply_task( + fn apply_task( &self, _id: TaskId, _diff_override: Option, - ) -> codex_cloud_tasks_client::Result { - Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( - "not used in test", - )) + ) -> CloudBackendFuture<'_, codex_cloud_tasks_client::ApplyOutcome> { + Box::pin(async { + Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( + "not used in test", + )) + }) } - async fn apply_task_preflight( + fn apply_task_preflight( &self, _id: TaskId, _diff_override: Option, - ) -> codex_cloud_tasks_client::Result { - Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( - "not used in test", - )) + ) -> CloudBackendFuture<'_, codex_cloud_tasks_client::ApplyOutcome> { + Box::pin(async { + Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( + "not used in test", + )) + }) } - async fn create_task( - &self, - _env_id: &str, - _prompt: &str, - _git_ref: &str, + fn create_task<'a>( + &'a self, + _env_id: &'a str, + _prompt: &'a str, + _git_ref: &'a str, _qa_mode: bool, _best_of_n: usize, - ) -> codex_cloud_tasks_client::Result { - Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( - "not used in test", - )) + ) -> CloudBackendFuture<'a, codex_cloud_tasks_client::CreatedTask> { + Box::pin(async { + Err(codex_cloud_tasks_client::CloudTaskError::Unimplemented( + "not used in test", + )) + }) } } diff --git a/codex-rs/cloud-tasks/src/lib.rs b/codex-rs/cloud-tasks/src/lib.rs index e8d6b545b50..4b99bb8c87a 100644 --- a/codex-rs/cloud-tasks/src/lib.rs +++ b/codex-rs/cloud-tasks/src/lib.rs @@ -106,16 +106,20 @@ async fn init_backend(user_agent_suffix: &str) -> anyhow::Result }) } -#[async_trait::async_trait] trait GitInfoProvider { - async fn default_branch_name(&self, path: &std::path::Path) -> Option; - - async fn current_branch_name(&self, path: &std::path::Path) -> Option; + fn default_branch_name( + &self, + path: &std::path::Path, + ) -> impl std::future::Future> + Send; + + fn current_branch_name( + &self, + path: &std::path::Path, + ) -> impl std::future::Future> + Send; } struct RealGitInfo; -#[async_trait::async_trait] impl GitInfoProvider for RealGitInfo { async fn default_branch_name(&self, path: &std::path::Path) -> Option { default_branch_name(path).await @@ -2156,7 +2160,6 @@ mod tests { } } - #[async_trait::async_trait] impl super::GitInfoProvider for StubGitInfo { async fn default_branch_name(&self, _path: &std::path::Path) -> Option { self.default_branch.clone() diff --git a/codex-rs/code-mode/src/description.rs b/codex-rs/code-mode/src/description.rs index 50fcc034bac..7e0801ed255 100644 --- a/codex-rs/code-mode/src/description.rs +++ b/codex-rs/code-mode/src/description.rs @@ -25,6 +25,7 @@ const EXEC_DESCRIPTION_TEMPLATE: &str = r#"Run JavaScript code to orchestrate/co - `exit()`: Immediately ends the current script successfully (like an early return from the top level). - `text(value: string | number | boolean | undefined | null)`: Appends a text item. Non-string values are stringified with `JSON.stringify(...)` when possible. - `image(imageUrlOrItem: string | { image_url: string; detail?: "auto" | "low" | "high" | "original" | null } | ImageContent, detail?: "auto" | "low" | "high" | "original" | null)`: Appends an image item. `image_url` can be an HTTPS URL or a base64-encoded `data:` URL. To forward an MCP tool image, pass an individual `ImageContent` block from `result.content`, for example `image(result.content[0])`. MCP image blocks may request detail with `_meta: { "codex/imageDetail": "original" }`. When provided, the second `detail` argument overrides any detail embedded in the first argument. +- `generatedImage(result: { image_url: string; output_hint?: string })`: Appends an image-generation result and its optional output hint. - `store(key: string, value: any)`: stores a serializable value under a string key for later `exec` calls in the same session. - `load(key: string)`: returns the stored value for a string key, or `undefined` if it is missing. - `notify(value: string | number | boolean | undefined | null)`: immediately injects an extra `custom_tool_call_output` for the current `exec` call. Values are stringified like `text(...)`. diff --git a/codex-rs/code-mode/src/runtime/callbacks.rs b/codex-rs/code-mode/src/runtime/callbacks.rs index 7d8a28662a5..dde63617ecd 100644 --- a/codex-rs/code-mode/src/runtime/callbacks.rs +++ b/codex-rs/code-mode/src/runtime/callbacks.rs @@ -129,6 +129,58 @@ pub(super) fn image_callback( retval.set(v8::undefined(scope).into()); } +pub(super) fn generated_image_callback( + scope: &mut v8::PinScope<'_, '_>, + args: v8::FunctionCallbackArguments, + mut retval: v8::ReturnValue, +) { + let value = if args.length() == 0 { + v8::undefined(scope).into() + } else { + args.get(0) + }; + let output_hint = match generated_image_output_hint(scope, value) { + Ok(output_hint) => output_hint, + Err(error_text) => { + throw_type_error(scope, &error_text); + return; + } + }; + let image_item = match normalize_output_image(scope, value, /*detail_override*/ None) { + Ok(image_item) => image_item, + Err(()) => return, + }; + if let Some(state) = scope.get_slot::() { + let _ = state.event_tx.send(RuntimeEvent::ContentItem(image_item)); + if let Some(text) = output_hint { + let _ = state.event_tx.send(RuntimeEvent::ContentItem( + FunctionCallOutputContentItem::InputText { text }, + )); + } + } + retval.set(v8::undefined(scope).into()); +} + +fn generated_image_output_hint( + scope: &mut v8::PinScope<'_, '_>, + value: v8::Local<'_, v8::Value>, +) -> Result, String> { + let object = v8::Local::::try_from(value) + .map_err(|_| "generatedImage expects an image generation result object".to_string())?; + let key = v8::String::new(scope, "output_hint") + .ok_or_else(|| "failed to allocate generatedImage helper keys".to_string())?; + let output_hint = object + .get(scope, key.into()) + .ok_or_else(|| "failed to read generatedImage output_hint".to_string())?; + if output_hint.is_undefined() { + return Ok(None); + } + if !output_hint.is_string() { + return Err("generatedImage output_hint must be a string when provided".to_string()); + } + Ok(Some(output_hint.to_rust_string_lossy(scope))) +} + pub(super) fn store_callback( scope: &mut v8::PinScope<'_, '_>, args: v8::FunctionCallbackArguments, diff --git a/codex-rs/code-mode/src/runtime/globals.rs b/codex-rs/code-mode/src/runtime/globals.rs index 2ec6953f093..fe3df4c9584 100644 --- a/codex-rs/code-mode/src/runtime/globals.rs +++ b/codex-rs/code-mode/src/runtime/globals.rs @@ -1,6 +1,7 @@ use super::RuntimeState; use super::callbacks::clear_timeout_callback; use super::callbacks::exit_callback; +use super::callbacks::generated_image_callback; use super::callbacks::image_callback; use super::callbacks::load_callback; use super::callbacks::notify_callback; @@ -23,6 +24,7 @@ pub(super) fn install_globals(scope: &mut v8::PinScope<'_, '_>) -> Result<(), St let set_timeout = helper_function(scope, "setTimeout", set_timeout_callback)?; let text = helper_function(scope, "text", text_callback)?; let image = helper_function(scope, "image", image_callback)?; + let generated_image = helper_function(scope, "generatedImage", generated_image_callback)?; let store = helper_function(scope, "store", store_callback)?; let load = helper_function(scope, "load", load_callback)?; let notify = helper_function(scope, "notify", notify_callback)?; @@ -35,6 +37,7 @@ pub(super) fn install_globals(scope: &mut v8::PinScope<'_, '_>) -> Result<(), St set_global(scope, global, "setTimeout", set_timeout.into())?; set_global(scope, global, "text", text.into())?; set_global(scope, global, "image", image.into())?; + set_global(scope, global, "generatedImage", generated_image.into())?; set_global(scope, global, "store", store.into())?; set_global(scope, global, "load", load.into())?; set_global(scope, global, "notify", notify.into())?; diff --git a/codex-rs/code-mode/src/service.rs b/codex-rs/code-mode/src/service.rs index 6589e6ec5aa..b348d1d35fe 100644 --- a/codex-rs/code-mode/src/service.rs +++ b/codex-rs/code-mode/src/service.rs @@ -1563,6 +1563,44 @@ image({ ); } + #[tokio::test] + async fn generated_image_helper_appends_image_and_output_hint() { + let service = CodeModeService::new(); + + let response = execute( + &service, + ExecuteRequest { + source: r#" +generatedImage({ + image_url: "https://example.com/image.jpg", + output_hint: "generated image save hint", +}); +"# + .to_string(), + yield_time_ms: None, + ..execute_request("") + }, + ) + .await; + + assert_eq!( + response, + RuntimeResponse::Result { + cell_id: cell_id("1"), + content_items: vec![ + FunctionCallOutputContentItem::InputImage { + image_url: "https://example.com/image.jpg".to_string(), + detail: Some(crate::DEFAULT_IMAGE_DETAIL), + }, + FunctionCallOutputContentItem::InputText { + text: "generated image save hint".to_string(), + }, + ], + error_text: None, + } + ); + } + #[tokio::test] async fn image_helper_second_arg_overrides_explicit_object_detail() { let service = CodeModeService::new(); diff --git a/codex-rs/codex-api/Cargo.toml b/codex-rs/codex-api/Cargo.toml index 07d855725a0..3b34b1569b9 100644 --- a/codex-rs/codex-api/Cargo.toml +++ b/codex-rs/codex-api/Cargo.toml @@ -6,7 +6,6 @@ license.workspace = true [dependencies] async-channel = { workspace = true } -async-trait = { workspace = true } base64 = { workspace = true } bytes = { workspace = true } chrono = { workspace = true } diff --git a/codex-rs/codex-api/src/auth.rs b/codex-rs/codex-api/src/auth.rs index 41394a22584..2d88dd6e2d0 100644 --- a/codex-rs/codex-api/src/auth.rs +++ b/codex-rs/codex-api/src/auth.rs @@ -1,7 +1,8 @@ -use async_trait::async_trait; use codex_client::Request; use codex_client::TransportError; use http::HeaderMap; +use std::future::Future; +use std::pin::Pin; use std::sync::Arc; /// Error returned while applying authentication to an outbound request. @@ -26,7 +27,6 @@ impl From for TransportError { /// /// Header-only providers can implement `add_auth_headers`; providers that sign /// complete requests can override `apply_auth`. -#[async_trait] pub trait AuthProvider: Send + Sync { /// Adds any auth headers that are available without request body access. /// @@ -52,13 +52,18 @@ pub trait AuthProvider: Send + Sync { /// /// Callers must always use the returned request as authoritative. /// If this returns [`AuthError`], the request should not be sent. - async fn apply_auth(&self, request: Request) -> Result { - let mut request = request; - self.add_auth_headers(&mut request.headers); - Ok(request) + fn apply_auth(&self, request: Request) -> AuthProviderFuture<'_> { + Box::pin(async move { + let mut request = request; + self.add_auth_headers(&mut request.headers); + Ok(request) + }) } } +pub type AuthProviderFuture<'a> = + Pin> + Send + 'a>>; + /// Shared auth handle passed through API clients. pub type SharedAuthProvider = Arc; diff --git a/codex-rs/codex-api/src/common.rs b/codex-rs/codex-api/src/common.rs index 91b251c41f6..17753e799ad 100644 --- a/codex-rs/codex-api/src/common.rs +++ b/codex-rs/codex-api/src/common.rs @@ -6,6 +6,7 @@ use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; use codex_protocol::protocol::ModelVerification; use codex_protocol::protocol::RateLimitSnapshot; use codex_protocol::protocol::TokenUsage; +use codex_protocol::protocol::TurnModerationMetadataEvent; use codex_protocol::protocol::W3cTraceContext; use futures::Stream; use serde::Deserialize; @@ -78,6 +79,8 @@ pub enum ResponseEvent { ServerModel(String), /// Emitted when the server recommends additional account verification. ModelVerifications(Vec), + /// Emitted when the server includes moderation metadata for first-party turn presentation. + TurnModerationMetadata(TurnModerationMetadataEvent), /// Emitted when `X-Reasoning-Included: true` is present on the response, /// meaning the server already accounted for past reasoning tokens and the /// client should not re-estimate them. @@ -110,12 +113,22 @@ pub enum ResponseEvent { ModelsEtag(String), } +#[derive(Debug, Serialize, Clone, PartialEq)] +#[serde(rename_all = "snake_case")] +pub enum ReasoningContext { + Auto, + CurrentTurn, + AllTurns, +} + #[derive(Debug, Serialize, Clone, PartialEq)] pub struct Reasoning { #[serde(skip_serializing_if = "Option::is_none")] pub effort: Option, #[serde(skip_serializing_if = "Option::is_none")] pub summary: Option, + #[serde(skip_serializing_if = "Option::is_none")] + pub context: Option, } #[derive(Debug, Serialize, Default, Clone, PartialEq)] @@ -239,11 +252,6 @@ pub struct ResponseCreateWsRequest { pub client_metadata: Option>, } -#[derive(Debug, Serialize)] -pub struct ResponseProcessedWsRequest { - pub response_id: String, -} - pub fn response_create_client_metadata( client_metadata: Option>, trace: Option<&W3cTraceContext>, @@ -272,8 +280,6 @@ pub fn response_create_client_metadata( pub enum ResponsesWsRequest { #[serde(rename = "response.create")] ResponseCreate(ResponseCreateWsRequest), - #[serde(rename = "response.processed")] - ResponseProcessed(ResponseProcessedWsRequest), } pub fn create_text_param_for_request( diff --git a/codex-rs/codex-api/src/endpoint/compact.rs b/codex-rs/codex-api/src/endpoint/compact.rs index a3da854844c..939bc7d8587 100644 --- a/codex-rs/codex-api/src/endpoint/compact.rs +++ b/codex-rs/codex-api/src/endpoint/compact.rs @@ -77,7 +77,6 @@ struct CompactHistoryResponse { #[cfg(test)] mod tests { use super::*; - use async_trait::async_trait; use codex_client::Request; use codex_client::Response; use codex_client::StreamResponse; @@ -86,7 +85,6 @@ mod tests { #[derive(Clone, Default)] struct DummyTransport; - #[async_trait] impl HttpTransport for DummyTransport { async fn execute(&self, _req: Request) -> Result { Err(TransportError::Build("execute should not run".to_string())) diff --git a/codex-rs/codex-api/src/endpoint/images.rs b/codex-rs/codex-api/src/endpoint/images.rs index 9d1bd41eea3..9f585637942 100644 --- a/codex-rs/codex-api/src/endpoint/images.rs +++ b/codex-rs/codex-api/src/endpoint/images.rs @@ -80,7 +80,6 @@ mod tests { use crate::images::ImageQuality; use crate::images::ImageUrl; use crate::provider::RetryConfig; - use async_trait::async_trait; use codex_client::Request; use codex_client::RequestBody; use codex_client::Response; @@ -114,7 +113,6 @@ mod tests { } } - #[async_trait] impl HttpTransport for CapturingTransport { async fn execute(&self, req: Request) -> Result { *self.last_request.lock().expect("lock request store") = Some(req); diff --git a/codex-rs/codex-api/src/endpoint/memories.rs b/codex-rs/codex-api/src/endpoint/memories.rs index a6c25641f25..122ca565f70 100644 --- a/codex-rs/codex-api/src/endpoint/memories.rs +++ b/codex-rs/codex-api/src/endpoint/memories.rs @@ -71,7 +71,6 @@ mod tests { use crate::common::RawMemory; use crate::common::RawMemoryMetadata; use crate::provider::RetryConfig; - use async_trait::async_trait; use codex_client::Request; use codex_client::RequestBody; use codex_client::Response; @@ -89,7 +88,6 @@ mod tests { #[derive(Clone, Default)] struct DummyTransport; - #[async_trait] impl HttpTransport for DummyTransport { async fn execute(&self, _req: Request) -> Result { Err(TransportError::Build("execute should not run".to_string())) @@ -122,7 +120,6 @@ mod tests { } } - #[async_trait] impl HttpTransport for CapturingTransport { async fn execute(&self, req: Request) -> Result { *self.last_request.lock().expect("lock request store") = Some(req); diff --git a/codex-rs/codex-api/src/endpoint/models.rs b/codex-rs/codex-api/src/endpoint/models.rs index ec9ee7aac6d..2f1b799c3ba 100644 --- a/codex-rs/codex-api/src/endpoint/models.rs +++ b/codex-rs/codex-api/src/endpoint/models.rs @@ -78,7 +78,6 @@ mod tests { use super::*; use crate::auth::AuthProvider; use crate::provider::RetryConfig; - use async_trait::async_trait; use codex_client::Request; use codex_client::Response; use codex_client::StreamResponse; @@ -108,7 +107,6 @@ mod tests { } } - #[async_trait] impl HttpTransport for CapturingTransport { async fn execute(&self, req: Request) -> Result { *self.last_request.lock().unwrap() = Some(req); diff --git a/codex-rs/codex-api/src/endpoint/realtime_call.rs b/codex-rs/codex-api/src/endpoint/realtime_call.rs index b0342c53498..227b85c70c0 100644 --- a/codex-rs/codex-api/src/endpoint/realtime_call.rs +++ b/codex-rs/codex-api/src/endpoint/realtime_call.rs @@ -226,7 +226,6 @@ mod tests { use crate::endpoint::realtime_websocket::RealtimeOutputModality; use crate::endpoint::realtime_websocket::RealtimeSessionMode; use crate::provider::RetryConfig; - use async_trait::async_trait; use codex_client::Request; use codex_client::Response; use codex_client::StreamResponse; @@ -265,7 +264,6 @@ mod tests { } } - #[async_trait] impl HttpTransport for CapturingTransport { async fn execute(&self, req: Request) -> Result { *self.last_request.lock().unwrap() = Some(req); diff --git a/codex-rs/codex-api/src/endpoint/realtime_websocket/methods.rs b/codex-rs/codex-api/src/endpoint/realtime_websocket/methods.rs index ad26549a266..d9a67c7b97c 100644 --- a/codex-rs/codex-api/src/endpoint/realtime_websocket/methods.rs +++ b/codex-rs/codex-api/src/endpoint/realtime_websocket/methods.rs @@ -291,6 +291,18 @@ impl RealtimeWebsocketWriter { .await } + pub async fn send_conversation_handoff_append( + &self, + handoff_id: String, + output_text: String, + ) -> Result<(), ApiError> { + self.send_json(&RealtimeOutboundMessage::ConversationHandoffAppend { + handoff_id, + output_text, + }) + .await + } + pub async fn send_conversation_function_call_output( &self, call_id: String, diff --git a/codex-rs/codex-api/src/endpoint/responses_websocket.rs b/codex-rs/codex-api/src/endpoint/responses_websocket.rs index f0a00198172..44cb6a544be 100644 --- a/codex-rs/codex-api/src/endpoint/responses_websocket.rs +++ b/codex-rs/codex-api/src/endpoint/responses_websocket.rs @@ -1,6 +1,5 @@ use crate::auth::SharedAuthProvider; use crate::common::ResponseEvent; -use crate::common::ResponseProcessedWsRequest; use crate::common::ResponseStream; use crate::common::ResponsesWsRequest; use crate::error::ApiError; @@ -206,40 +205,6 @@ impl ResponsesWebsocketConnection { self.stream.lock().await.is_none() } - #[instrument( - name = "responses_websocket.send_response_processed", - level = "info", - skip_all, - fields(transport = "responses_websocket", api.path = "responses") - )] - #[expect( - clippy::await_holding_invalid_type, - reason = "the guard serializes exclusive use of the websocket while sending a request frame" - )] - pub async fn send_response_processed(&self, response_id: String) -> Result<(), ApiError> { - let request = - ResponsesWsRequest::ResponseProcessed(ResponseProcessedWsRequest { response_id }); - let request_body = serde_json::to_value(&request).map_err(|err| { - ApiError::Stream(format!("failed to encode websocket request: {err}")) - })?; - - let mut guard = self.stream.lock().await; - let Some(ws_stream) = guard.as_mut() else { - return Err(ApiError::Stream( - "websocket connection is closed".to_string(), - )); - }; - - send_websocket_request( - ws_stream, - request_body, - self.idle_timeout, - self.telemetry.as_ref(), - /*connection_reused*/ true, - ) - .await - } - #[instrument( name = "responses_websocket.stream_request", level = "info", @@ -718,6 +683,7 @@ async fn run_websocket_response_stream( } }; let model_verifications = event.model_verifications(); + let turn_moderation_metadata = event.turn_moderation_metadata(); if event.kind() == "codex.rate_limits" { if let Some(snapshot) = parse_rate_limit_event(&text) { let _ = tx_event.send(Ok(ResponseEvent::RateLimits(snapshot))).await; @@ -742,6 +708,16 @@ async fn run_websocket_response_stream( "response event consumer dropped".to_string(), )); } + if let Some(metadata) = turn_moderation_metadata + && tx_event + .send(Ok(ResponseEvent::TurnModerationMetadata(metadata))) + .await + .is_err() + { + return Err(ApiError::Stream( + "response event consumer dropped".to_string(), + )); + } match process_responses_event(event) { Ok(Some(event)) => { let is_completed = matches!(event, ResponseEvent::Completed { .. }); diff --git a/codex-rs/codex-api/src/endpoint/search.rs b/codex-rs/codex-api/src/endpoint/search.rs index d01fbfb7808..860f4f283e6 100644 --- a/codex-rs/codex-api/src/endpoint/search.rs +++ b/codex-rs/codex-api/src/endpoint/search.rs @@ -64,7 +64,6 @@ mod tests { use crate::search::SearchInput; use crate::search::SearchQuery; use crate::search::SearchSettings; - use async_trait::async_trait; use codex_client::Request; use codex_client::RequestBody; use codex_client::Response; @@ -100,7 +99,6 @@ mod tests { } } - #[async_trait] impl HttpTransport for CapturingTransport { async fn execute(&self, req: Request) -> Result { *self.last_request.lock().expect("lock request store") = Some(req); @@ -134,10 +132,13 @@ mod tests { } #[tokio::test] - async fn search_posts_typed_request_and_parses_encrypted_output() { + async fn search_posts_typed_request_and_parses_output() { let transport = CapturingTransport::new( - serde_json::to_vec(&json!({"encrypted_output": "ciphertext"})) - .expect("serialize response"), + serde_json::to_vec(&json!({ + "encrypted_output": "ciphertext", + "output": "search result", + })) + .expect("serialize response"), ); let client = SearchClient::new(transport.clone(), provider(), Arc::new(DummyAuth)); @@ -203,7 +204,8 @@ mod tests { assert_eq!( response, SearchResponse { - encrypted_output: "ciphertext".to_string(), + encrypted_output: Some("ciphertext".to_string()), + output: "search result".to_string(), } ); diff --git a/codex-rs/codex-api/src/lib.rs b/codex-rs/codex-api/src/lib.rs index 08176d8dec6..cc9b58c0343 100644 --- a/codex-rs/codex-api/src/lib.rs +++ b/codex-rs/codex-api/src/lib.rs @@ -21,6 +21,7 @@ pub use crate::api_bridge::map_api_error; pub use crate::auth::AuthError; pub use crate::auth::AuthHeaderTelemetry; pub use crate::auth::AuthProvider; +pub use crate::auth::AuthProviderFuture; pub use crate::auth::SharedAuthProvider; pub use crate::auth::auth_header_telemetry; pub use crate::common::CompactionInput; @@ -30,9 +31,9 @@ pub use crate::common::OpenAiVerbosity; pub use crate::common::RawMemory; pub use crate::common::RawMemoryMetadata; pub use crate::common::Reasoning; +pub use crate::common::ReasoningContext; pub use crate::common::ResponseCreateWsRequest; pub use crate::common::ResponseEvent; -pub use crate::common::ResponseProcessedWsRequest; pub use crate::common::ResponseStream; pub use crate::common::ResponsesApiRequest; pub use crate::common::ResponsesWsRequest; diff --git a/codex-rs/codex-api/src/search.rs b/codex-rs/codex-api/src/search.rs index 061b3ac8c6c..bae7c8a7da4 100644 --- a/codex-rs/codex-api/src/search.rs +++ b/codex-rs/codex-api/src/search.rs @@ -280,5 +280,6 @@ pub enum AllowedCaller { #[derive(Debug, Clone, Deserialize, PartialEq, Eq)] pub struct SearchResponse { - pub encrypted_output: String, + pub encrypted_output: Option, + pub output: String, } diff --git a/codex-rs/codex-api/src/sse/responses.rs b/codex-rs/codex-api/src/sse/responses.rs index c9f35e5a4ec..ab1be640df9 100644 --- a/codex-rs/codex-api/src/sse/responses.rs +++ b/codex-rs/codex-api/src/sse/responses.rs @@ -8,6 +8,7 @@ use codex_client::StreamResponse; use codex_protocol::models::ResponseItem; use codex_protocol::protocol::ModelVerification; use codex_protocol::protocol::TokenUsage; +use codex_protocol::protocol::TurnModerationMetadataEvent; use eventsource_stream::Eventsource; use futures::StreamExt; use serde::Deserialize; @@ -193,6 +194,18 @@ impl ResponsesStreamEvent { .and_then(|metadata| metadata.get("openai_verification_recommendation")) .and_then(model_verifications_from_json_value) } + + pub(crate) fn turn_moderation_metadata(&self) -> Option { + if self.kind() != "response.metadata" { + return None; + } + + self.metadata + .as_ref() + .and_then(|metadata| metadata.get("openai_chatgpt_moderation_metadata")) + .cloned() + .map(|metadata| TurnModerationMetadataEvent { metadata }) + } } fn header_openai_model_value_from_json(value: &Value) -> Option { @@ -444,6 +457,7 @@ pub async fn process_sse( } }; let model_verifications = event.model_verifications(); + let turn_moderation_metadata = event.turn_moderation_metadata(); if let Some(model) = event.response_model() && last_server_model.as_deref() != Some(model.as_str()) @@ -465,6 +479,14 @@ pub async fn process_sse( { return; } + if let Some(metadata) = turn_moderation_metadata + && tx_event + .send(Ok(ResponseEvent::TurnModerationMetadata(metadata))) + .await + .is_err() + { + return; + } match process_responses_event(event) { Ok(Some(event)) => { @@ -1215,6 +1237,41 @@ mod tests { ); } + #[tokio::test] + async fn process_sse_emits_turn_moderation_metadata_field() { + let events = run_sse(vec![ + json!({ + "type": "response.metadata", + "metadata": { + "openai_chatgpt_moderation_metadata": { + "presentation": "inline" + } + } + }), + json!({ + "type": "response.completed", + "response": { + "id": "resp-1" + } + }), + ]) + .await; + + assert_matches!( + &events[0], + ResponseEvent::TurnModerationMetadata(result) + if result.metadata == json!({"presentation": "inline"}) + ); + assert_matches!( + &events[1], + ResponseEvent::Completed { + response_id, + token_usage: None, + end_turn: None, + } if response_id == "resp-1" + ); + } + #[test] fn responses_stream_event_response_model_reads_top_level_headers() { let ev: ResponsesStreamEvent = serde_json::from_value(json!({ diff --git a/codex-rs/codex-api/tests/clients.rs b/codex-rs/codex-api/tests/clients.rs index afaf82389f0..34284634f7c 100644 --- a/codex-rs/codex-api/tests/clients.rs +++ b/codex-rs/codex-api/tests/clients.rs @@ -3,7 +3,6 @@ use std::sync::Mutex; use std::time::Duration; use anyhow::Result; -use async_trait::async_trait; use bytes::Bytes; use codex_api::ApiError; use codex_api::AuthError; @@ -71,7 +70,6 @@ impl RecordingTransport { } } -#[async_trait] impl HttpTransport for RecordingTransport { async fn execute(&self, _req: Request) -> Result { Err(TransportError::Build("execute should not run".to_string())) @@ -195,11 +193,6 @@ impl FailsOnceAuth { .lock() .unwrap_or_else(|err| panic!("mutex poisoned: {err}")) } -} - -#[async_trait] -impl AuthProvider for FailsOnceAuth { - fn add_auth_headers(&self, _headers: &mut HeaderMap) {} async fn apply_auth(&self, request: Request) -> Result { let mut attempts = self @@ -219,7 +212,14 @@ impl AuthProvider for FailsOnceAuth { } } -#[async_trait] +impl AuthProvider for FailsOnceAuth { + fn add_auth_headers(&self, _headers: &mut HeaderMap) {} + + fn apply_auth(&self, request: Request) -> codex_api::AuthProviderFuture<'_> { + Box::pin(FailsOnceAuth::apply_auth(self, request)) + } +} + impl HttpTransport for FlakyTransport { async fn execute(&self, _req: Request) -> Result { Err(TransportError::Build("execute should not run".to_string())) diff --git a/codex-rs/codex-api/tests/models_integration.rs b/codex-rs/codex-api/tests/models_integration.rs index 9ff273211ff..5f421dc1ad8 100644 --- a/codex-rs/codex-api/tests/models_integration.rs +++ b/codex-rs/codex-api/tests/models_integration.rs @@ -93,11 +93,13 @@ async fn models_client_hits_models_endpoint() { context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/codex-api/tests/sse_end_to_end.rs b/codex-rs/codex-api/tests/sse_end_to_end.rs index bf880fefcf9..eef8c882300 100644 --- a/codex-rs/codex-api/tests/sse_end_to_end.rs +++ b/codex-rs/codex-api/tests/sse_end_to_end.rs @@ -2,7 +2,6 @@ use std::sync::Arc; use std::time::Duration; use anyhow::Result; -use async_trait::async_trait; use bytes::Bytes; use codex_api::AuthProvider; use codex_api::Compression; @@ -32,7 +31,6 @@ impl FixtureSseTransport { } } -#[async_trait] impl HttpTransport for FixtureSseTransport { async fn execute(&self, _req: Request) -> Result { Err(TransportError::Build("execute should not run".to_string())) diff --git a/codex-rs/codex-client/Cargo.toml b/codex-rs/codex-client/Cargo.toml index 184505eb559..87f95de655e 100644 --- a/codex-rs/codex-client/Cargo.toml +++ b/codex-rs/codex-client/Cargo.toml @@ -5,7 +5,6 @@ name = "codex-client" version.workspace = true [dependencies] -async-trait = { workspace = true } bytes = { workspace = true } eventsource-stream = { workspace = true } futures = { workspace = true } diff --git a/codex-rs/codex-client/src/transport.rs b/codex-rs/codex-client/src/transport.rs index 4ed062c483b..00b84a614b9 100644 --- a/codex-rs/codex-client/src/transport.rs +++ b/codex-rs/codex-client/src/transport.rs @@ -4,7 +4,6 @@ use crate::error::TransportError; use crate::request::Request; use crate::request::RequestBody; use crate::request::Response; -use async_trait::async_trait; use bytes::Bytes; use futures::StreamExt; use futures::stream::BoxStream; @@ -23,10 +22,15 @@ pub struct StreamResponse { pub bytes: ByteStream, } -#[async_trait] pub trait HttpTransport: Send + Sync { - async fn execute(&self, req: Request) -> Result; - async fn stream(&self, req: Request) -> Result; + fn execute( + &self, + req: Request, + ) -> impl std::future::Future> + Send; + fn stream( + &self, + req: Request, + ) -> impl std::future::Future> + Send; } #[derive(Clone, Debug)] @@ -86,7 +90,6 @@ fn request_body_for_trace(req: &Request) -> String { } } -#[async_trait] impl HttpTransport for ReqwestTransport { async fn execute(&self, req: Request) -> Result { if enabled!(Level::TRACE) { diff --git a/codex-rs/codex-home/BUILD.bazel b/codex-rs/codex-home/BUILD.bazel new file mode 100644 index 00000000000..a5a01e4e34f --- /dev/null +++ b/codex-rs/codex-home/BUILD.bazel @@ -0,0 +1,6 @@ +load("//:defs.bzl", "codex_rust_crate") + +codex_rust_crate( + name = "codex-home", + crate_name = "codex_home", +) diff --git a/codex-rs/codex-home/Cargo.toml b/codex-rs/codex-home/Cargo.toml new file mode 100644 index 00000000000..a8fa625dcfc --- /dev/null +++ b/codex-rs/codex-home/Cargo.toml @@ -0,0 +1,21 @@ +[package] +edition.workspace = true +license.workspace = true +name = "codex-home" +version.workspace = true + +[lib] +doctest = false + +[lints] +workspace = true + +[dependencies] +codex-extension-api = { workspace = true } +codex-utils-absolute-path = { workspace = true } +tokio = { workspace = true, features = ["fs"] } + +[dev-dependencies] +pretty_assertions = { workspace = true } +tempfile = { workspace = true } +tokio = { workspace = true, features = ["macros", "rt"] } diff --git a/codex-rs/codex-home/src/instructions/mod.rs b/codex-rs/codex-home/src/instructions/mod.rs new file mode 100644 index 00000000000..0840263a13f --- /dev/null +++ b/codex-rs/codex-home/src/instructions/mod.rs @@ -0,0 +1,83 @@ +use std::io; + +use codex_extension_api::LoadUserInstructionsFuture; +use codex_extension_api::LoadedUserInstructions; +use codex_extension_api::UserInstructions; +use codex_extension_api::UserInstructionsProvider; +use codex_utils_absolute_path::AbsolutePathBuf; + +const DEFAULT_AGENTS_MD_FILENAME: &str = "AGENTS.md"; +const LOCAL_AGENTS_MD_FILENAME: &str = "AGENTS.override.md"; + +/// Loads user instructions from a Codex home directory. +#[derive(Clone, Debug)] +pub struct CodexHomeUserInstructionsProvider { + codex_home: AbsolutePathBuf, +} + +impl CodexHomeUserInstructionsProvider { + /// Creates a provider rooted at the supplied absolute Codex home directory. + pub fn new(codex_home: AbsolutePathBuf) -> Self { + Self { codex_home } + } + + async fn load_from_codex_home(&self) -> LoadedUserInstructions { + let mut warnings = Vec::new(); + for candidate in [LOCAL_AGENTS_MD_FILENAME, DEFAULT_AGENTS_MD_FILENAME] { + let path = self.codex_home.join(candidate); + match tokio::fs::metadata(path.as_path()).await { + Ok(metadata) if !metadata.is_file() => continue, + Ok(_) => {} + Err(err) if err.kind() == io::ErrorKind::NotFound => continue, + Err(err) => { + warnings.push(format!( + "Failed to read global AGENTS.md instructions from `{}`: {err}", + path.display() + )); + continue; + } + } + let data = match tokio::fs::read(path.as_path()).await { + Ok(data) => data, + Err(err) if err.kind() == io::ErrorKind::NotFound => continue, + Err(err) => { + warnings.push(format!( + "Failed to read global AGENTS.md instructions from `{}`: {err}", + path.display() + )); + continue; + } + }; + if let Err(err) = std::str::from_utf8(&data) { + warnings.push(format!( + "Global AGENTS.md instructions from `{}` contain invalid UTF-8: {err}. Invalid byte sequences were replaced.", + path.display() + )); + } + let contents = String::from_utf8_lossy(&data); + let trimmed = contents.trim(); + if !trimmed.is_empty() { + return LoadedUserInstructions { + instructions: Some(UserInstructions { + text: trimmed.to_string(), + source: path, + }), + warnings, + }; + } + } + LoadedUserInstructions { + instructions: None, + warnings, + } + } +} + +impl UserInstructionsProvider for CodexHomeUserInstructionsProvider { + fn load_user_instructions(&self) -> LoadUserInstructionsFuture<'_> { + Box::pin(self.load_from_codex_home()) + } +} + +#[cfg(test)] +mod tests; diff --git a/codex-rs/codex-home/src/instructions/tests.rs b/codex-rs/codex-home/src/instructions/tests.rs new file mode 100644 index 00000000000..e8842104032 --- /dev/null +++ b/codex-rs/codex-home/src/instructions/tests.rs @@ -0,0 +1,152 @@ +use std::fs; +use std::path::Path; + +use codex_extension_api::LoadedUserInstructions; +use codex_extension_api::UserInstructions; +use codex_extension_api::UserInstructionsProvider; +use codex_utils_absolute_path::AbsolutePathBuf; +use pretty_assertions::assert_eq; +use tempfile::TempDir; + +use super::CodexHomeUserInstructionsProvider; +use super::DEFAULT_AGENTS_MD_FILENAME; +use super::LOCAL_AGENTS_MD_FILENAME; + +fn provider(home: &TempDir) -> CodexHomeUserInstructionsProvider { + CodexHomeUserInstructionsProvider::new( + AbsolutePathBuf::try_from(home.path().to_path_buf()).expect("absolute temp dir"), + ) +} + +fn expected( + home: &TempDir, + filename: &str, + text: &str, + warnings: Vec, +) -> LoadedUserInstructions { + LoadedUserInstructions { + instructions: Some(UserInstructions { + text: text.to_string(), + source: AbsolutePathBuf::try_from(home.path().join(filename)) + .expect("absolute source path"), + }), + warnings, + } +} + +#[cfg(unix)] +fn create_symlink_loop(path: &Path) { + std::os::unix::fs::symlink( + path.file_name().expect("override path should have a name"), + path, + ) + .expect("create symlink loop"); +} + +#[cfg(windows)] +fn create_symlink_loop(path: &Path) { + std::os::windows::fs::symlink_file( + path.file_name().expect("override path should have a name"), + path, + ) + .expect("create symlink loop"); +} + +#[tokio::test] +async fn missing_files_return_no_instructions() { + let home = TempDir::new().expect("temp dir"); + + assert_eq!( + provider(&home).load_user_instructions().await, + LoadedUserInstructions::default() + ); +} + +#[tokio::test] +async fn override_takes_precedence_over_default() { + let home = TempDir::new().expect("temp dir"); + fs::write(home.path().join(DEFAULT_AGENTS_MD_FILENAME), "default").expect("write default"); + fs::write(home.path().join(LOCAL_AGENTS_MD_FILENAME), "override").expect("write override"); + + assert_eq!( + provider(&home).load_user_instructions().await, + expected(&home, LOCAL_AGENTS_MD_FILENAME, "override", Vec::new()) + ); +} + +#[tokio::test] +async fn empty_override_falls_back_to_trimmed_default() { + let home = TempDir::new().expect("temp dir"); + fs::write(home.path().join(LOCAL_AGENTS_MD_FILENAME), " \n\t").expect("write override"); + fs::write( + home.path().join(DEFAULT_AGENTS_MD_FILENAME), + "\n default instructions \n", + ) + .expect("write default"); + + assert_eq!( + provider(&home).load_user_instructions().await, + expected( + &home, + DEFAULT_AGENTS_MD_FILENAME, + "default instructions", + Vec::new() + ) + ); +} + +#[tokio::test] +async fn directory_override_falls_back_to_default() { + let home = TempDir::new().expect("temp dir"); + fs::create_dir(home.path().join(LOCAL_AGENTS_MD_FILENAME)).expect("create override directory"); + fs::write(home.path().join(DEFAULT_AGENTS_MD_FILENAME), "default").expect("write default"); + + assert_eq!( + provider(&home).load_user_instructions().await, + expected(&home, DEFAULT_AGENTS_MD_FILENAME, "default", Vec::new()) + ); +} + +#[tokio::test] +async fn recoverable_override_read_error_warns_and_falls_back_to_default() { + let home = TempDir::new().expect("temp dir"); + let override_path = home.path().join(LOCAL_AGENTS_MD_FILENAME); + create_symlink_loop(&override_path); + fs::write(home.path().join(DEFAULT_AGENTS_MD_FILENAME), "default").expect("write default"); + let read_error = fs::read(&override_path).expect_err("symlink loop should not be readable"); + let warning = format!( + "Failed to read global AGENTS.md instructions from `{}`: {read_error}", + override_path.display() + ); + + assert_eq!( + provider(&home).load_user_instructions().await, + expected(&home, DEFAULT_AGENTS_MD_FILENAME, "default", vec![warning]) + ); +} + +#[tokio::test] +async fn invalid_utf8_is_lossy_and_warned() { + let home = TempDir::new().expect("temp dir"); + let path = home.path().join(DEFAULT_AGENTS_MD_FILENAME); + let mut invalid_utf8 = b"global".to_vec(); + invalid_utf8.push(0xff); + invalid_utf8.extend_from_slice(b" doc"); + fs::write(&path, &invalid_utf8).expect("write invalid utf-8"); + + let outcome = provider(&home).load_user_instructions().await; + let utf8_error = std::str::from_utf8(&invalid_utf8).expect_err("invalid utf-8"); + let warning = format!( + "Global AGENTS.md instructions from `{}` contain invalid UTF-8: {utf8_error}. Invalid byte sequences were replaced.", + path.display(), + ); + assert_eq!( + outcome, + expected( + &home, + DEFAULT_AGENTS_MD_FILENAME, + "global\u{fffd} doc", + vec![warning] + ) + ); +} diff --git a/codex-rs/codex-home/src/lib.rs b/codex-rs/codex-home/src/lib.rs new file mode 100644 index 00000000000..7ca5e580725 --- /dev/null +++ b/codex-rs/codex-home/src/lib.rs @@ -0,0 +1,3 @@ +mod instructions; + +pub use instructions::CodexHomeUserInstructionsProvider; diff --git a/codex-rs/codex-mcp/Cargo.toml b/codex-rs/codex-mcp/Cargo.toml index d7634f0aaed..433cbde8b81 100644 --- a/codex-rs/codex-mcp/Cargo.toml +++ b/codex-rs/codex-mcp/Cargo.toml @@ -14,6 +14,7 @@ workspace = true [dependencies] anyhow = { workspace = true } +arc-swap = { workspace = true } async-channel = { workspace = true } codex-async-utils = { workspace = true } codex-api = { workspace = true } diff --git a/codex-rs/codex-mcp/src/catalog.rs b/codex-rs/codex-mcp/src/catalog.rs new file mode 100644 index 00000000000..68f0a1b5ad3 --- /dev/null +++ b/codex-rs/codex-mcp/src/catalog.rs @@ -0,0 +1,333 @@ +use std::cmp::Reverse; +use std::collections::BTreeMap; +use std::collections::BTreeSet; +use std::collections::HashMap; + +use codex_config::McpServerConfig; + +/// The component that declared an MCP server registration. +#[derive(Clone, Debug, PartialEq, Eq)] +pub enum McpServerSource { + Plugin { plugin_id: String }, + Config, + Compatibility { id: String }, + Extension { id: String }, +} + +#[derive(Clone, Copy, Debug, PartialEq, Eq, PartialOrd, Ord)] +enum RegistrationPrecedence { + Plugin(Reverse), + Config, + Compatibility, + Extension(usize), +} + +impl RegistrationPrecedence { + fn tier(self) -> u8 { + match self { + Self::Plugin(_) => 0, + Self::Config => 1, + Self::Compatibility => 2, + Self::Extension(_) => 3, + } + } +} + +/// One named MCP server declaration before source resolution. +#[derive(Clone, Debug, PartialEq)] +pub struct McpServerRegistration { + name: String, + source: McpServerSource, + config: McpServerConfig, + precedence: RegistrationPrecedence, +} + +impl McpServerRegistration { + pub fn from_config(name: String, config: McpServerConfig) -> Self { + Self::new( + name, + McpServerSource::Config, + config, + RegistrationPrecedence::Config, + ) + } + + pub fn from_plugin( + name: String, + plugin_id: String, + plugin_order: usize, + config: McpServerConfig, + ) -> Self { + Self::new( + name, + McpServerSource::Plugin { plugin_id }, + config, + RegistrationPrecedence::Plugin(Reverse(plugin_order)), + ) + } + + pub fn from_compatibility( + name: String, + id: impl Into, + config: McpServerConfig, + ) -> Self { + Self::new( + name, + McpServerSource::Compatibility { id: id.into() }, + config, + RegistrationPrecedence::Compatibility, + ) + } + + pub fn from_extension( + name: String, + id: impl Into, + contribution_order: usize, + config: McpServerConfig, + ) -> Self { + Self::new( + name, + McpServerSource::Extension { id: id.into() }, + config, + RegistrationPrecedence::Extension(contribution_order), + ) + } + + fn new( + name: String, + source: McpServerSource, + config: McpServerConfig, + precedence: RegistrationPrecedence, + ) -> Self { + Self { + name, + source, + config, + precedence, + } + } +} + +/// One side of an MCP server conflict, including whether it registers or +/// removes the server. +#[derive(Clone, Debug, PartialEq, Eq)] +pub enum McpServerConflictAction { + Register(McpServerSource), + Remove(McpServerSource), +} + +/// A same-tier name collision and the final outcome after all precedence is applied. +#[derive(Clone, Debug, PartialEq, Eq)] +pub struct McpServerConflict { + pub name: String, + pub outcome: McpServerConflictAction, + pub contenders: Vec, +} + +#[derive(Clone, Debug)] +enum CatalogAction { + Register(Box), + Remove { + name: String, + source: McpServerSource, + precedence: RegistrationPrecedence, + }, +} + +impl CatalogAction { + fn name(&self) -> &str { + match self { + Self::Register(registration) => ®istration.name, + Self::Remove { name, .. } => name, + } + } + + fn precedence(&self) -> RegistrationPrecedence { + match self { + Self::Register(registration) => registration.precedence, + Self::Remove { precedence, .. } => *precedence, + } + } + + fn conflict_action(&self) -> McpServerConflictAction { + match self { + Self::Register(registration) => { + McpServerConflictAction::Register(registration.source.clone()) + } + Self::Remove { source, .. } => McpServerConflictAction::Remove(source.clone()), + } + } +} + +/// Mutable inputs used to produce an immutable resolved catalog. +#[derive(Clone, Debug, Default)] +pub struct McpCatalogBuilder { + actions: Vec, + disabled_server_names: BTreeSet, +} + +impl McpCatalogBuilder { + pub fn register(&mut self, registration: McpServerRegistration) { + self.actions + .push(CatalogAction::Register(Box::new(registration))); + } + + /// Applies the legacy name-scoped disabled veto after source resolution. + pub fn disable(&mut self, name: String) { + self.disabled_server_names.insert(name); + } + + pub fn remove_compatibility(&mut self, name: String, id: impl Into) { + self.actions.push(CatalogAction::Remove { + name, + source: McpServerSource::Compatibility { id: id.into() }, + precedence: RegistrationPrecedence::Compatibility, + }); + } + + pub fn remove_extension( + &mut self, + name: String, + id: impl Into, + contribution_order: usize, + ) { + self.actions.push(CatalogAction::Remove { + name, + source: McpServerSource::Extension { id: id.into() }, + precedence: RegistrationPrecedence::Extension(contribution_order), + }); + } + + pub fn build(mut self) -> ResolvedMcpCatalog { + // Stable sorting makes action order the tie-breaker when precedence is equal. + self.actions.sort_by_key(CatalogAction::precedence); + + let mut winners = BTreeMap::::new(); + let mut actions_by_name_and_tier = BTreeMap::<(String, u8), Vec<&CatalogAction>>::new(); + for action in &self.actions { + winners.insert(action.name().to_string(), action.clone()); + actions_by_name_and_tier + .entry((action.name().to_string(), action.precedence().tier())) + .or_default() + .push(action); + } + + let mut conflicts = Vec::new(); + for ((name, _), actions) in actions_by_name_and_tier { + if actions.len() < 2 { + continue; + } + let Some(outcome) = winners.get(&name).map(CatalogAction::conflict_action) else { + continue; + }; + conflicts.push(McpServerConflict { + name, + outcome, + contenders: actions + .into_iter() + .map(CatalogAction::conflict_action) + .collect(), + }); + } + + let mut disabled_server_names = self.disabled_server_names; + let servers = winners + .into_iter() + .filter_map(|(name, action)| match action { + CatalogAction::Register(registration) => { + let mut registration = *registration; + // Effective disabled winners remain name-scoped vetoes for later overlays. + if !registration.config.enabled || disabled_server_names.contains(&name) { + registration.config.enabled = false; + disabled_server_names.insert(name.clone()); + } + Some(( + name, + ResolvedMcpServer { + source: registration.source, + config: registration.config, + }, + )) + } + CatalogAction::Remove { .. } => None, + }) + .collect(); + + ResolvedMcpCatalog { + actions: self.actions, + disabled_server_names, + servers, + conflicts, + } + } +} + +/// A single winning MCP registration. +#[derive(Clone, Debug, PartialEq)] +pub struct ResolvedMcpServer { + source: McpServerSource, + config: McpServerConfig, +} + +impl ResolvedMcpServer { + pub fn source(&self) -> &McpServerSource { + &self.source + } + + pub fn config(&self) -> &McpServerConfig { + &self.config + } +} + +/// Immutable result of MCP registration resolution. +#[derive(Clone, Debug, Default)] +pub struct ResolvedMcpCatalog { + actions: Vec, + disabled_server_names: BTreeSet, + servers: BTreeMap, + conflicts: Vec, +} + +impl ResolvedMcpCatalog { + pub fn builder() -> McpCatalogBuilder { + McpCatalogBuilder::default() + } + + pub fn to_builder(&self) -> McpCatalogBuilder { + McpCatalogBuilder { + actions: self.actions.clone(), + disabled_server_names: self.disabled_server_names.clone(), + } + } + + pub fn server(&self, name: &str) -> Option<&ResolvedMcpServer> { + self.servers.get(name) + } + + pub fn configured_servers(&self) -> HashMap { + self.servers + .iter() + .map(|(name, server)| (name.clone(), server.config.clone())) + .collect() + } + + pub fn plugin_ids_by_server_name(&self) -> HashMap { + self.servers + .iter() + .filter_map(|(name, server)| match server.source() { + McpServerSource::Plugin { plugin_id } => Some((name.clone(), plugin_id.clone())), + McpServerSource::Config + | McpServerSource::Compatibility { .. } + | McpServerSource::Extension { .. } => None, + }) + .collect() + } + + pub fn conflicts(&self) -> &[McpServerConflict] { + &self.conflicts + } +} + +#[cfg(test)] +#[path = "catalog_tests.rs"] +mod tests; diff --git a/codex-rs/codex-mcp/src/catalog_tests.rs b/codex-rs/codex-mcp/src/catalog_tests.rs new file mode 100644 index 00000000000..6909959a54f --- /dev/null +++ b/codex-rs/codex-mcp/src/catalog_tests.rs @@ -0,0 +1,257 @@ +use std::collections::HashMap; +use std::time::Duration; + +use codex_config::AppToolApproval; +use codex_config::DEFAULT_MCP_SERVER_ENVIRONMENT_ID; +use codex_config::McpServerConfig; +use codex_config::McpServerToolConfig; +use codex_config::McpServerTransportConfig; +use pretty_assertions::assert_eq; + +use super::McpServerConflict; +use super::McpServerConflictAction; +use super::McpServerRegistration; +use super::McpServerSource; +use super::ResolvedMcpCatalog; + +fn server(url: &str) -> McpServerConfig { + McpServerConfig { + transport: McpServerTransportConfig::StreamableHttp { + url: url.to_string(), + bearer_token_env_var: None, + http_headers: None, + env_http_headers: None, + }, + environment_id: DEFAULT_MCP_SERVER_ENVIRONMENT_ID.to_string(), + enabled: true, + required: true, + supports_parallel_tool_calls: true, + disabled_reason: None, + startup_timeout_sec: Some(Duration::from_secs(7)), + tool_timeout_sec: Some(Duration::from_secs(11)), + default_tools_approval_mode: Some(AppToolApproval::Prompt), + enabled_tools: Some(vec!["read".to_string()]), + disabled_tools: Some(vec!["write".to_string()]), + scopes: None, + oauth: None, + oauth_resource: None, + tools: HashMap::from([( + "read".to_string(), + McpServerToolConfig { + approval_mode: Some(AppToolApproval::Approve), + }, + )]), + } +} + +fn plugin_source(plugin_id: &str) -> McpServerSource { + McpServerSource::Plugin { + plugin_id: plugin_id.to_string(), + } +} + +fn compatibility_source(id: &str) -> McpServerSource { + McpServerSource::Compatibility { id: id.to_string() } +} + +fn extension_source(id: &str) -> McpServerSource { + McpServerSource::Extension { id: id.to_string() } +} + +fn register(source: McpServerSource) -> McpServerConflictAction { + McpServerConflictAction::Register(source) +} + +fn remove(source: McpServerSource) -> McpServerConflictAction { + McpServerConflictAction::Remove(source) +} + +#[test] +fn source_precedence_preserves_the_winning_registration() { + let extension = server("https://extension.example/mcp"); + let mut plugin = server("https://plugin.example/mcp"); + plugin.enabled = false; + let mut builder = ResolvedMcpCatalog::builder(); + builder.register(McpServerRegistration::from_extension( + "docs".to_string(), + "hosted", + /*contribution_order*/ 0, + extension.clone(), + )); + builder.register(McpServerRegistration::from_plugin( + "docs".to_string(), + "plugin@test".to_string(), + /*plugin_order*/ 0, + plugin, + )); + builder.register(McpServerRegistration::from_plugin( + "docs".to_string(), + "other-plugin@test".to_string(), + /*plugin_order*/ 1, + server("https://other-plugin.example/mcp"), + )); + builder.register(McpServerRegistration::from_compatibility( + "docs".to_string(), + "legacy", + server("https://compatibility.example/mcp"), + )); + builder.register(McpServerRegistration::from_config( + "docs".to_string(), + server("https://config.example/mcp"), + )); + + let catalog = builder.build(); + let resolved = catalog.server("docs").expect("resolved server"); + + assert_eq!( + resolved.source(), + &McpServerSource::Extension { + id: "hosted".to_string(), + } + ); + assert_eq!(resolved.config(), &extension); + assert!(catalog.plugin_ids_by_server_name().is_empty()); + assert_eq!( + catalog.conflicts(), + &[McpServerConflict { + name: "docs".to_string(), + outcome: register(extension_source("hosted")), + contenders: vec![ + register(plugin_source("other-plugin@test")), + register(plugin_source("plugin@test")), + ], + }] + ); +} + +#[test] +fn disabled_veto_only_disables_the_winning_registration() { + let extension = server("https://extension.example/mcp"); + let mut expected = extension.clone(); + expected.enabled = false; + let mut builder = ResolvedMcpCatalog::builder(); + builder.register(McpServerRegistration::from_extension( + "docs".to_string(), + "hosted", + /*contribution_order*/ 0, + extension, + )); + builder.disable("docs".to_string()); + + let actual = builder + .build() + .server("docs") + .expect("resolved server") + .config() + .clone(); + + assert_eq!(actual, expected); +} + +#[test] +fn disabled_winner_remains_a_veto_when_the_catalog_is_extended() { + let mut disabled = server("https://config.example/mcp"); + disabled.enabled = false; + let mut expected = server("https://extension.example/mcp"); + expected.enabled = false; + let mut builder = ResolvedMcpCatalog::builder(); + builder.register(McpServerRegistration::from_config( + "docs".to_string(), + disabled, + )); + let mut builder = builder.build().to_builder(); + builder.register(McpServerRegistration::from_extension( + "docs".to_string(), + "hosted", + /*contribution_order*/ 0, + server("https://extension.example/mcp"), + )); + + let resolved = builder.build(); + + assert_eq!( + resolved.server("docs"), + Some(&super::ResolvedMcpServer { + source: extension_source("hosted"), + config: expected, + }) + ); +} + +#[test] +fn earlier_plugin_wins_with_an_explicit_conflict() { + let mut builder = ResolvedMcpCatalog::builder(); + builder.register(McpServerRegistration::from_plugin( + "docs".to_string(), + "alpha@test".to_string(), + /*plugin_order*/ 0, + server("https://alpha.example/mcp"), + )); + builder.register(McpServerRegistration::from_plugin( + "docs".to_string(), + "beta@test".to_string(), + /*plugin_order*/ 1, + server("https://beta.example/mcp"), + )); + + let catalog = builder.build(); + + assert_eq!( + catalog.plugin_ids_by_server_name(), + HashMap::from([("docs".to_string(), "alpha@test".to_string())]) + ); + assert_eq!( + catalog.conflicts(), + &[McpServerConflict { + name: "docs".to_string(), + outcome: register(plugin_source("alpha@test")), + contenders: vec![ + register(plugin_source("beta@test")), + register(plugin_source("alpha@test")), + ], + }] + ); +} + +#[test] +fn equal_precedence_uses_insertion_order_not_source_identity() { + let mut builder = ResolvedMcpCatalog::builder(); + builder.register(McpServerRegistration::from_compatibility( + "docs".to_string(), + "z-first", + server("https://first.example/mcp"), + )); + builder.register(McpServerRegistration::from_compatibility( + "docs".to_string(), + "a-second", + server("https://second.example/mcp"), + )); + + let catalog = builder.build(); + + assert_eq!( + catalog.server("docs"), + Some(&super::ResolvedMcpServer { + source: compatibility_source("a-second"), + config: server("https://second.example/mcp"), + }) + ); + let mut builder = catalog.to_builder(); + builder.remove_compatibility("docs".to_string(), "remove-last"); + + let catalog = builder.build(); + + assert_eq!(catalog.server("docs"), None); + assert_eq!( + catalog.conflicts(), + &[McpServerConflict { + name: "docs".to_string(), + outcome: remove(compatibility_source("remove-last")), + contenders: vec![ + register(compatibility_source("z-first")), + register(compatibility_source("a-second")), + remove(compatibility_source("remove-last")), + ], + }] + ); +} diff --git a/codex-rs/codex-mcp/src/connection_manager.rs b/codex-rs/codex-mcp/src/connection_manager.rs index d15a2e15004..9d1be43d426 100644 --- a/codex-rs/codex-mcp/src/connection_manager.rs +++ b/codex-rs/codex-mcp/src/connection_manager.rs @@ -68,6 +68,7 @@ use serde_json::Value as JsonValue; use tokio::task::JoinSet; use tokio_util::sync::CancellationToken; use tracing::Instrument; +use tracing::info_span; use tracing::instrument; use tracing::trace; use tracing::trace_span; @@ -105,6 +106,7 @@ pub fn tool_is_model_visible(tool: &ToolInfo) -> bool { pub struct McpConnectionManager { clients: HashMap, server_metadata: HashMap, + required_servers: Vec, tool_plugin_provenance: Arc, host_owned_codex_apps_enabled: bool, prefix_mcp_tool_names: bool, @@ -113,103 +115,7 @@ pub struct McpConnectionManager { } impl McpConnectionManager { - pub fn new_uninitialized( - approval_policy: &Constrained, - permission_profile: &Constrained, - prefix_mcp_tool_names: bool, - ) -> Self { - Self::new_uninitialized_with_permission_profile( - approval_policy, - permission_profile.get(), - prefix_mcp_tool_names, - ) - } - - pub fn new_uninitialized_with_permission_profile( - approval_policy: &Constrained, - permission_profile: &PermissionProfile, - prefix_mcp_tool_names: bool, - ) -> Self { - Self { - clients: HashMap::new(), - server_metadata: HashMap::new(), - tool_plugin_provenance: Arc::new(ToolPluginProvenance::default()), - host_owned_codex_apps_enabled: false, - prefix_mcp_tool_names, - elicitation_requests: ElicitationRequestManager::new( - approval_policy.value(), - permission_profile.clone(), - /*reviewer*/ None, - ), - startup_cancellation_token: CancellationToken::new(), - } - } - - pub fn has_servers(&self) -> bool { - !self.clients.is_empty() - } - - /// Drain all MCP clients from this manager and return a future that stops - /// them and terminates their stdio server processes. - pub fn begin_shutdown(&mut self) -> impl std::future::Future + Send + 'static { - self.startup_cancellation_token.cancel(); - let clients = std::mem::take(&mut self.clients); - self.server_metadata.clear(); - async move { - for client in clients.into_values() { - client.shutdown().await; - } - } - } - - /// Stop all MCP clients owned by this manager and terminate stdio server processes. - pub async fn shutdown(&mut self) { - self.begin_shutdown().await; - } - - pub fn server_origin(&self, server_name: &str) -> Option<&str> { - self.server_metadata - .get(server_name) - .and_then(|metadata| metadata.origin.as_ref()) - .map(super::server::McpServerOrigin::as_str) - } - - pub fn server_pollutes_memory(&self, server_name: &str) -> bool { - self.server_metadata - .get(server_name) - .is_none_or(|metadata| metadata.pollutes_memory) - } - - pub fn plugin_id_for_mcp_server_name(&self, server_name: &str) -> Option<&str> { - self.tool_plugin_provenance - .plugin_id_for_mcp_server_name(server_name) - } - - pub fn is_host_owned_codex_apps_server(&self, server_name: &str) -> bool { - self.host_owned_codex_apps_enabled && server_name == CODEX_APPS_MCP_SERVER_NAME - } - - pub fn set_approval_policy(&self, approval_policy: &Constrained) { - if let Ok(mut policy) = self.elicitation_requests.approval_policy.lock() { - *policy = approval_policy.value(); - } - } - - pub fn set_permission_profile(&self, permission_profile: PermissionProfile) { - if let Ok(mut profile) = self.elicitation_requests.permission_profile.lock() { - *profile = permission_profile; - } - } - - pub fn elicitations_auto_deny(&self) -> bool { - self.elicitation_requests.auto_deny() - } - - pub fn set_elicitations_auto_deny(&self, auto_deny: bool) { - self.elicitation_requests.set_auto_deny(auto_deny); - } - - #[allow(clippy::new_ret_no_self, clippy::too_many_arguments)] + #[allow(clippy::too_many_arguments)] pub async fn new( mcp_servers: &HashMap, store_mode: OAuthCredentialsStoreMode, @@ -217,6 +123,7 @@ impl McpConnectionManager { approval_policy: &Constrained, submit_id: String, tx_event: Sender, + startup_cancellation_token: CancellationToken, initial_permission_profile: PermissionProfile, runtime_context: McpRuntimeContext, codex_home: PathBuf, @@ -227,8 +134,13 @@ impl McpConnectionManager { tool_plugin_provenance: ToolPluginProvenance, auth: Option<&CodexAuth>, elicitation_reviewer: Option, - ) -> (Self, CancellationToken) { - let cancel_token = CancellationToken::new(); + ) -> Self { + let mut required_servers = mcp_servers + .iter() + .filter(|(_, server)| server.enabled() && server.required()) + .map(|(name, _)| name.clone()) + .collect::>(); + required_servers.sort(); let mut clients = HashMap::new(); let mut server_metadata = HashMap::new(); let mut join_set = JoinSet::new(); @@ -248,7 +160,7 @@ impl McpConnectionManager { .filter(|(_, server)| server.enabled()) { server_metadata.insert(server_name.clone(), McpServerMetadata::from(&server)); - let cancel_token = cancel_token.child_token(); + let cancel_token = startup_cancellation_token.child_token(); let _ = emit_update( startup_submit_id.as_str(), &tx_event, @@ -333,11 +245,12 @@ impl McpConnectionManager { let manager = Self { clients, server_metadata, + required_servers, tool_plugin_provenance, host_owned_codex_apps_enabled, prefix_mcp_tool_names, elicitation_requests: elicitation_requests.clone(), - startup_cancellation_token: cancel_token.clone(), + startup_cancellation_token: startup_cancellation_token.clone(), }; tokio::spawn(async move { let outcomes = join_set.join_all().await; @@ -361,7 +274,132 @@ impl McpConnectionManager { }) .await; }); - (manager, cancel_token) + manager + } + + /// Waits for every required server and reports their startup failures together. + /// + /// Callers must make the manager reachable to request handlers before awaiting this method, + /// because server initialization may require client elicitation. + pub async fn validate_required_servers(&self) -> Result<()> { + let failures = async { + let mut failures = Vec::new(); + for server_name in &self.required_servers { + let Some(async_managed_client) = self.clients.get(server_name).cloned() else { + failures.push(McpStartupFailure { + server: server_name.clone(), + error: format!("required MCP server `{server_name}` was not initialized"), + }); + continue; + }; + + match async_managed_client.client().await { + Ok(_) => {} + Err(error) => failures.push(McpStartupFailure { + server: server_name.clone(), + error: startup_outcome_error_message(error), + }), + } + } + failures + } + .instrument(info_span!( + "session_init.required_mcp_wait", + otel.name = "session_init.required_mcp_wait", + session_init.required_mcp_server_count = self.required_servers.len(), + )) + .await; + if failures.is_empty() { + return Ok(()); + } + + let details = failures + .iter() + .map(|failure| format!("{}: {}", failure.server, failure.error)) + .collect::>() + .join("; "); + Err(anyhow!( + "required MCP servers failed to initialize: {details}" + )) + } + + pub fn new_uninitialized_with_permission_profile( + approval_policy: &Constrained, + permission_profile: &PermissionProfile, + prefix_mcp_tool_names: bool, + ) -> Self { + Self { + clients: HashMap::new(), + server_metadata: HashMap::new(), + required_servers: Vec::new(), + tool_plugin_provenance: Arc::new(ToolPluginProvenance::default()), + host_owned_codex_apps_enabled: false, + prefix_mcp_tool_names, + elicitation_requests: ElicitationRequestManager::new( + approval_policy.value(), + permission_profile.clone(), + /*reviewer*/ None, + ), + startup_cancellation_token: CancellationToken::new(), + } + } + + pub fn has_servers(&self) -> bool { + !self.clients.is_empty() + } + + pub(crate) fn contains_server(&self, server_name: &str) -> bool { + self.clients.contains_key(server_name) + } + + /// Stop all MCP clients owned by this manager and terminate stdio server processes. + pub async fn shutdown(&self) { + self.startup_cancellation_token.cancel(); + for client in self.clients.values() { + client.shutdown().await; + } + } + + pub fn server_origin(&self, server_name: &str) -> Option<&str> { + self.server_metadata + .get(server_name) + .and_then(|metadata| metadata.origin.as_ref()) + .map(super::server::McpServerOrigin::as_str) + } + + pub fn server_pollutes_memory(&self, server_name: &str) -> bool { + self.server_metadata + .get(server_name) + .is_none_or(|metadata| metadata.pollutes_memory) + } + + pub fn plugin_id_for_mcp_server_name(&self, server_name: &str) -> Option<&str> { + self.tool_plugin_provenance + .plugin_id_for_mcp_server_name(server_name) + } + + pub fn is_host_owned_codex_apps_server(&self, server_name: &str) -> bool { + self.host_owned_codex_apps_enabled && server_name == CODEX_APPS_MCP_SERVER_NAME + } + + pub fn set_approval_policy(&self, approval_policy: &Constrained) { + if let Ok(mut policy) = self.elicitation_requests.approval_policy.lock() { + *policy = approval_policy.value(); + } + } + + pub fn set_permission_profile(&self, permission_profile: PermissionProfile) { + if let Ok(mut profile) = self.elicitation_requests.permission_profile.lock() { + *profile = permission_profile; + } + } + + pub fn elicitations_auto_deny(&self) -> bool { + self.elicitation_requests.auto_deny() + } + + pub fn set_elicitations_auto_deny(&self, auto_deny: bool) { + self.elicitation_requests.set_auto_deny(auto_deny); } pub async fn resolve_elicitation( @@ -386,31 +424,6 @@ impl McpConnectionManager { } } - pub async fn required_startup_failures( - &self, - required_servers: &[String], - ) -> Vec { - let mut failures = Vec::new(); - for server_name in required_servers { - let Some(async_managed_client) = self.clients.get(server_name).cloned() else { - failures.push(McpStartupFailure { - server: server_name.clone(), - error: format!("required MCP server `{server_name}` was not initialized"), - }); - continue; - }; - - match async_managed_client.client().await { - Ok(_) => {} - Err(error) => failures.push(McpStartupFailure { - server: server_name.clone(), - error: startup_outcome_error_message(error), - }), - } - } - failures - } - /// Returns all tools with model-visible names normalized. #[instrument(level = "trace", skip_all, fields(mcp_server_count = self.clients.len()))] pub async fn list_all_tools(&self) -> Vec { @@ -452,31 +465,6 @@ impl McpConnectionManager { normalize_tools_for_model_with_prefix(tools, self.prefix_mcp_tool_names) } - /// Returns presentation metadata without waiting for uncached clients still initializing. - /// Cached values will be used if available and the server is still starting up. - pub async fn list_available_server_infos(&self) -> HashMap { - let mut server_infos = HashMap::new(); - for (server_name, client) in &self.clients { - if !client.startup_complete.load(Ordering::Acquire) { - if let Some(server_info) = client.cached_server_info.clone() { - server_infos.insert(server_name.clone(), server_info); - } - continue; - } - match client.client().await { - Ok(managed_client) => { - server_infos.insert(server_name.clone(), managed_client.server_info); - } - Err(_) => { - if let Some(server_info) = client.cached_server_info.clone() { - server_infos.insert(server_name.clone(), server_info); - } - } - } - } - server_infos - } - /// Force-refresh codex apps tools by bypassing the in-process cache. /// /// On success, the refreshed tools replace the cache contents and the @@ -532,21 +520,6 @@ impl McpConnectionManager { )) } - fn with_server_metadata(&self, mut tool: ToolInfo) -> ToolInfo { - let Some(metadata) = self.server_metadata.get(&tool.server_name) else { - tool.supports_parallel_tool_calls = false; - tool.server_origin = None; - return tool; - }; - - tool.supports_parallel_tool_calls = metadata.supports_parallel_tool_calls; - tool.server_origin = metadata - .origin - .as_ref() - .map(|origin| origin.as_str().to_string()); - tool - } - /// Returns a single map that contains all resources. Each key is the /// server name and the value is a vector of resources. pub async fn list_all_resources(&self) -> HashMap> { @@ -778,6 +751,46 @@ impl McpConnectionManager { .with_context(|| format!("resources/read failed for `{server}` ({uri})")) } + /// Returns presentation metadata without waiting for uncached clients still initializing. + /// Cached values will be used if available and the server is still starting up. + pub(crate) async fn list_available_server_infos(&self) -> HashMap { + let mut server_infos = HashMap::new(); + for (server_name, client) in &self.clients { + if !client.startup_complete.load(Ordering::Acquire) { + if let Some(server_info) = client.cached_server_info.clone() { + server_infos.insert(server_name.clone(), server_info); + } + continue; + } + match client.client().await { + Ok(managed_client) => { + server_infos.insert(server_name.clone(), managed_client.server_info); + } + Err(_) => { + if let Some(server_info) = client.cached_server_info.clone() { + server_infos.insert(server_name.clone(), server_info); + } + } + } + } + server_infos + } + + fn with_server_metadata(&self, mut tool: ToolInfo) -> ToolInfo { + let Some(metadata) = self.server_metadata.get(&tool.server_name) else { + tool.supports_parallel_tool_calls = false; + tool.server_origin = None; + return tool; + }; + + tool.supports_parallel_tool_calls = metadata.supports_parallel_tool_calls; + tool.server_origin = metadata + .origin + .as_ref() + .map(|origin| origin.as_str().to_string()); + tool + } + async fn client_by_name(&self, name: &str) -> Result { self.clients .get(name) @@ -786,6 +799,19 @@ impl McpConnectionManager { .await .context("failed to get client") } + + #[cfg(test)] + fn new_uninitialized( + approval_policy: &Constrained, + permission_profile: &Constrained, + prefix_mcp_tool_names: bool, + ) -> Self { + Self::new_uninitialized_with_permission_profile( + approval_policy, + permission_profile.get(), + prefix_mcp_tool_names, + ) + } } impl Drop for McpConnectionManager { diff --git a/codex-rs/codex-mcp/src/connection_manager_tests.rs b/codex-rs/codex-mcp/src/connection_manager_tests.rs index 60a0026eeb2..ea405ced9ae 100644 --- a/codex-rs/codex-mcp/src/connection_manager_tests.rs +++ b/codex-rs/codex-mcp/src/connection_manager_tests.rs @@ -980,6 +980,48 @@ async fn list_all_tools_blocks_while_client_is_pending_without_cached_tool_info_ assert!(timeout_result.is_err()); } +#[tokio::test] +async fn shutdown_cancels_pending_tool_listing() { + let cancel_token = CancellationToken::new(); + let cancel_token_for_startup = cancel_token.clone(); + let (started_tx, started_rx) = tokio::sync::oneshot::channel(); + let pending_client = async move { + let _ = started_tx.send(()); + cancel_token_for_startup.cancelled().await; + Err(StartupOutcomeError::Cancelled) + } + .boxed() + .shared(); + let approval_policy = Constrained::allow_any(AskForApproval::OnFailure); + let permission_profile = Constrained::allow_any(PermissionProfile::default()); + let mut manager = McpConnectionManager::new_uninitialized( + &approval_policy, + &permission_profile, + /*prefix_mcp_tool_names*/ true, + ); + manager.clients.insert( + CODEX_APPS_MCP_SERVER_NAME.to_string(), + AsyncManagedClient { + client: pending_client, + cached_tool_info_snapshot: None, + cached_server_info: None, + startup_complete: Arc::new(std::sync::atomic::AtomicBool::new(false)), + tool_plugin_provenance: Arc::new(ToolPluginProvenance::default()), + cancel_token, + }, + ); + let manager = Arc::new(manager); + let manager_for_list = Arc::clone(&manager); + let list_task = tokio::spawn(async move { manager_for_list.list_all_tools().await }); + + started_rx.await.expect("tool listing should start"); + tokio::time::timeout(Duration::from_secs(1), manager.shutdown()) + .await + .expect("shutdown should cancel speculative tool listing"); + let tools = list_task.await.expect("tool listing task should not panic"); + assert!(tools.is_empty()); +} + #[tokio::test] async fn list_all_tools_does_not_block_when_cached_tool_info_snapshot_is_empty() { let pending_client = futures::future::pending::>() @@ -1167,13 +1209,15 @@ async fn no_local_runtime_fails_local_stdio_but_keeps_local_http_server() { ), ]); - let (manager, cancel_token) = McpConnectionManager::new( + let cancel_token = CancellationToken::new(); + let manager = McpConnectionManager::new( &mcp_servers, OAuthCredentialsStoreMode::default(), HashMap::new(), &approval_policy, String::new(), tx_event, + cancel_token.clone(), PermissionProfile::default(), McpRuntimeContext::new( Arc::new(EnvironmentManager::without_environments()), @@ -1201,13 +1245,18 @@ async fn no_local_runtime_fails_local_stdio_but_keeps_local_http_server() { .wait_for_server_ready("stdio", Duration::from_millis(10)) .await ); - let failures = manager - .required_startup_failures(&["stdio".to_string()]) - .await; - assert_eq!(failures.len(), 1); - assert_eq!(failures[0].server, "stdio"); + let error = match manager + .clients + .get("stdio") + .expect("stdio client") + .client() + .await + { + Ok(_) => panic!("local stdio MCP startup should fail"), + Err(error) => error, + }; assert_eq!( - failures[0].error, + startup_outcome_error_message(error), "local stdio MCP server `stdio` requires a local environment" ); cancel_token.cancel(); diff --git a/codex-rs/codex-mcp/src/lib.rs b/codex-rs/codex-mcp/src/lib.rs index 83419175d45..a270eb4e7ec 100644 --- a/codex-rs/codex-mcp/src/lib.rs +++ b/codex-rs/codex-mcp/src/lib.rs @@ -3,11 +3,22 @@ pub use connection_manager::tool_is_model_visible; pub use elicitation::ElicitationReviewRequest; pub use elicitation::ElicitationReviewer; pub use elicitation::ElicitationReviewerHandle; +pub use resource_client::McpResourceClient; +pub use resource_client::McpResourcePage; +pub use resource_client::McpResourceReadResult; pub use rmcp_client::MCP_SANDBOX_STATE_META_CAPABILITY; pub use runtime::McpRuntimeContext; pub use runtime::SandboxState; pub use tools::ToolInfo; +pub use catalog::McpCatalogBuilder; +pub use catalog::McpServerConflict; +pub use catalog::McpServerConflictAction; +pub use catalog::McpServerRegistration; +pub use catalog::McpServerSource; +pub use catalog::ResolvedMcpCatalog; +pub use catalog::ResolvedMcpServer; + pub use mcp::CODEX_APPS_MCP_SERVER_NAME; pub use mcp::McpConfig; pub use mcp::ToolPluginProvenance; @@ -24,12 +35,13 @@ pub use auth_elicitation::build_auth_elicitation_plan; pub use auth_elicitation::connector_auth_failure_from_tool_result; pub use codex_apps::CodexAppsToolsCacheKey; pub use codex_apps::codex_apps_tools_cache_key; +pub use mcp::codex_apps_mcp_server_config; pub use mcp::configured_mcp_servers; pub use mcp::effective_mcp_servers; pub use mcp::effective_mcp_servers_from_configured; pub use mcp::host_owned_codex_apps_enabled; +pub use mcp::hosted_plugin_runtime_mcp_server_config; pub use mcp::tool_plugin_provenance; -pub use mcp::with_codex_apps_mcp; pub use mcp::McpServerStatusSnapshot; pub use mcp::McpSnapshotDetail; @@ -53,10 +65,12 @@ pub use mcp::qualified_mcp_tool_name_prefix; pub use tools::declared_openai_file_input_param_names; pub(crate) mod auth_elicitation; +mod catalog; pub(crate) mod codex_apps; pub(crate) mod connection_manager; pub(crate) mod elicitation; pub(crate) mod mcp; +mod resource_client; pub(crate) mod rmcp_client; pub(crate) mod runtime; pub(crate) mod server; diff --git a/codex-rs/codex-mcp/src/mcp/mod.rs b/codex-rs/codex-mcp/src/mcp/mod.rs index 96336558467..eca8a28c57c 100644 --- a/codex-rs/codex-mcp/src/mcp/mod.rs +++ b/codex-rs/codex-mcp/src/mcp/mod.rs @@ -35,7 +35,9 @@ use rmcp::model::ElicitationCapability; use rmcp::model::ReadResourceRequestParams; use rmcp::model::ReadResourceResult; use serde_json::Value; +use tokio_util::sync::CancellationToken; +use crate::ResolvedMcpCatalog; use crate::codex_apps::codex_apps_tools_cache_key; use crate::connection_manager::McpConnectionManager; use crate::runtime::McpRuntimeContext; @@ -106,8 +108,6 @@ pub struct McpPermissionPromptAutoApproveContext { pub struct McpConfig { /// Base URL for ChatGPT-hosted app MCP servers, copied from the root config. pub chatgpt_base_url: String, - /// Optional path override for the host-owned apps MCP server. - pub apps_mcp_path_override: Option, /// Optional product SKU forwarded to the host-owned apps MCP server. pub apps_mcp_product_sku: Option, /// Codex home directory used for MCP OAuth state and app-tool cache files. @@ -128,20 +128,16 @@ pub struct McpConfig { pub use_legacy_landlock: bool, /// Whether the app MCP integration is enabled by config. /// - /// ChatGPT auth is checked separately at runtime before the host-owned apps - /// MCP server is added. + /// ChatGPT auth is checked separately before a materialized host-owned Apps + /// server can be used. pub apps_enabled: bool, /// Whether model-visible MCP tool namespaces should keep the legacy /// `mcp__` prefix. pub prefix_mcp_tool_names: bool, /// Client-side elicitation capabilities advertised during MCP initialization. pub client_elicitation_capability: ElicitationCapability, - /// Config-backed MCP servers keyed by server name. - /// - /// Runtime-only additions are merged later by [`effective_mcp_servers`]. - pub configured_mcp_servers: HashMap, - /// Winning plugin owner for plugin-provided MCP servers, keyed by server name. - pub plugin_ids_by_mcp_server_name: HashMap, + /// Resolved MCP registrations keyed by logical server name. + pub mcp_server_catalog: ResolvedMcpCatalog, /// Plugin metadata used to attribute MCP tools/connectors to plugin display names. pub plugin_capability_summaries: Vec, } @@ -176,6 +172,7 @@ impl ToolPluginProvenance { fn from_config(config: &McpConfig) -> Self { let mut tool_plugin_provenance = Self::default(); + let plugin_ids_by_mcp_server_name = config.mcp_server_catalog.plugin_ids_by_server_name(); for plugin in &config.plugin_capability_summaries { for connector_id in &plugin.app_connector_ids { tool_plugin_provenance @@ -185,7 +182,9 @@ impl ToolPluginProvenance { .push(plugin.display_name.clone()); } - for server_name in &plugin.mcp_server_names { + for server_name in plugin.mcp_server_names.iter().filter(|server_name| { + plugin_ids_by_mcp_server_name.get(*server_name) == Some(&plugin.config_name) + }) { tool_plugin_provenance .plugin_display_names_by_mcp_server_name .entry(server_name.clone()) @@ -206,35 +205,18 @@ impl ToolPluginProvenance { plugin_names.sort_unstable(); plugin_names.dedup(); } - tool_plugin_provenance.plugin_ids_by_mcp_server_name = - config.plugin_ids_by_mcp_server_name.clone(); + tool_plugin_provenance.plugin_ids_by_mcp_server_name = plugin_ids_by_mcp_server_name; tool_plugin_provenance } } -pub fn with_codex_apps_mcp( - mut servers: HashMap, - auth: Option<&CodexAuth>, - config: &McpConfig, -) -> HashMap { - if host_owned_codex_apps_enabled(config, auth) { - servers.insert( - CODEX_APPS_MCP_SERVER_NAME.to_string(), - EffectiveMcpServer::configured(codex_apps_mcp_server_config(config)), - ); - } else { - servers.remove(CODEX_APPS_MCP_SERVER_NAME); - } - servers -} - pub fn host_owned_codex_apps_enabled(config: &McpConfig, auth: Option<&CodexAuth>) -> bool { config.apps_enabled && auth.is_some_and(CodexAuth::uses_codex_backend) } pub fn configured_mcp_servers(config: &McpConfig) -> HashMap { - config.configured_mcp_servers.clone() + config.mcp_server_catalog.configured_servers() } pub fn effective_mcp_servers( @@ -244,16 +226,23 @@ pub fn effective_mcp_servers( effective_mcp_servers_from_configured(configured_mcp_servers(config), config, auth) } +/// Converts a materialized server map to its auth-gated runtime view. +/// +/// Compatibility built-ins and extension overlays must already be reflected in +/// `configured_servers`; this function does not synthesize missing servers. pub fn effective_mcp_servers_from_configured( configured_servers: HashMap, config: &McpConfig, auth: Option<&CodexAuth>, ) -> HashMap { - let servers = configured_servers + let mut servers = configured_servers .into_iter() .map(|(name, server)| (name, EffectiveMcpServer::configured(server))) .collect::>(); - with_codex_apps_mcp(servers, auth, config) + if !host_owned_codex_apps_enabled(config, auth) { + servers.remove(CODEX_APPS_MCP_SERVER_NAME); + } + servers } pub fn tool_plugin_provenance(config: &McpConfig) -> ToolPluginProvenance { @@ -278,13 +267,15 @@ pub async fn read_mcp_resource( .await; let (tx_event, rx_event) = unbounded(); drop(rx_event); - let (manager, cancel_token) = McpConnectionManager::new( + let cancel_token = CancellationToken::new(); + let manager = McpConnectionManager::new( &mcp_servers, config.mcp_oauth_credentials_store_mode, auth_statuses, &config.approval_policy, String::new(), tx_event, + cancel_token.clone(), PermissionProfile::default(), runtime_context, config.codex_home.clone(), @@ -348,13 +339,15 @@ pub async fn collect_mcp_server_status_snapshot_with_detail( let (tx_event, rx_event) = unbounded(); drop(rx_event); - let (mcp_connection_manager, cancel_token) = McpConnectionManager::new( + let cancel_token = CancellationToken::new(); + let mcp_connection_manager = McpConnectionManager::new( &mcp_servers, config.mcp_oauth_credentials_store_mode, auth_status_entries.clone(), &config.approval_policy, submit_id, tx_event, + cancel_token.clone(), PermissionProfile::default(), runtime_context, config.codex_home.clone(), @@ -381,13 +374,6 @@ pub async fn collect_mcp_server_status_snapshot_with_detail( snapshot } -pub(crate) fn codex_apps_mcp_url(config: &McpConfig) -> String { - codex_apps_mcp_url_for_base_url( - &config.chatgpt_base_url, - config.apps_mcp_path_override.as_deref(), - ) -} - /// The Responses API requires tool names to match `^[a-zA-Z0-9_-]+$`. /// MCP server/tool names are user-controlled, so sanitize the fully-qualified /// name we expose to the model by replacing any disallowed character with `_`. @@ -428,7 +414,7 @@ fn normalize_codex_apps_base_url(base_url: &str) -> String { base_url } -fn codex_apps_mcp_url_for_base_url(base_url: &str, apps_mcp_path_override: Option<&str>) -> String { +fn codex_apps_mcp_url_for_base_url(base_url: &str) -> String { let base_url = normalize_codex_apps_base_url(base_url); let (base_url, default_path) = if base_url.contains("/backend-api") { (base_url, "wham/apps") @@ -437,16 +423,36 @@ fn codex_apps_mcp_url_for_base_url(base_url: &str, apps_mcp_path_override: Optio } else { (format!("{base_url}/api/codex"), "apps") }; - let path = apps_mcp_path_override - .unwrap_or(default_path) - .trim_start_matches('/'); - format!("{base_url}/{path}") + format!("{base_url}/{default_path}") +} + +pub fn codex_apps_mcp_server_config( + chatgpt_base_url: &str, + apps_mcp_product_sku: Option<&str>, +) -> McpServerConfig { + mcp_server_config_for_url( + codex_apps_mcp_url_for_base_url(chatgpt_base_url), + apps_mcp_product_sku, + ) +} + +/// Builds the ChatGPT-hosted plugin runtime served by plugin-service. +pub fn hosted_plugin_runtime_mcp_server_config( + chatgpt_base_url: &str, + apps_mcp_product_sku: Option<&str>, +) -> McpServerConfig { + let base_url = normalize_codex_apps_base_url(chatgpt_base_url); + let base_url = if base_url.contains("/backend-api") || base_url.contains("/api/codex") { + base_url + } else { + format!("{base_url}/api/codex") + }; + mcp_server_config_for_url(format!("{base_url}/ps/mcp"), apps_mcp_product_sku) } -fn codex_apps_mcp_server_config(config: &McpConfig) -> McpServerConfig { - let url = codex_apps_mcp_url(config); - let http_headers = config.apps_mcp_product_sku.as_ref().map(|product_sku| { - HashMap::from([("X-OpenAI-Product-Sku".to_string(), product_sku.clone())]) +fn mcp_server_config_for_url(url: String, apps_mcp_product_sku: Option<&str>) -> McpServerConfig { + let http_headers = apps_mcp_product_sku.map(|product_sku| { + HashMap::from([("X-OpenAI-Product-Sku".to_string(), product_sku.to_string())]) }); McpServerConfig { diff --git a/codex-rs/codex-mcp/src/mcp/mod_tests.rs b/codex-rs/codex-mcp/src/mcp/mod_tests.rs index b29f7a9e588..111c810a191 100644 --- a/codex-rs/codex-mcp/src/mcp/mod_tests.rs +++ b/codex-rs/codex-mcp/src/mcp/mod_tests.rs @@ -1,4 +1,5 @@ use super::*; +use crate::McpServerRegistration; use codex_config::Constrained; use codex_config::types::AppToolApproval; use codex_login::CodexAuth; @@ -16,7 +17,6 @@ use std::path::PathBuf; fn test_mcp_config(codex_home: PathBuf) -> McpConfig { McpConfig { chatgpt_base_url: "https://chatgpt.com".to_string(), - apps_mcp_path_override: None, apps_mcp_product_sku: None, codex_home, mcp_oauth_credentials_store_mode: OAuthCredentialsStoreMode::default(), @@ -29,8 +29,7 @@ fn test_mcp_config(codex_home: PathBuf) -> McpConfig { apps_enabled: false, prefix_mcp_tool_names: true, client_elicitation_capability: ElicitationCapability::default(), - configured_mcp_servers: HashMap::new(), - plugin_ids_by_mcp_server_name: HashMap::new(), + mcp_server_catalog: ResolvedMcpCatalog::default(), plugin_capability_summaries: Vec::new(), } } @@ -123,16 +122,24 @@ fn mcp_prompt_auto_approval_rejects_auto_mode_in_default_permission_mode() { #[test] fn tool_plugin_provenance_collects_app_and_mcp_sources() { let mut config = test_mcp_config(PathBuf::new()); - config.plugin_ids_by_mcp_server_name = - HashMap::from([("alpha".to_string(), "alpha@test".to_string())]); + let mut catalog = ResolvedMcpCatalog::builder(); + catalog.register(McpServerRegistration::from_plugin( + "alpha".to_string(), + "alpha@test".to_string(), + /*plugin_order*/ 0, + codex_apps_mcp_server_config("https://alpha.example", /*apps_mcp_product_sku*/ None), + )); + config.mcp_server_catalog = catalog.build(); config.plugin_capability_summaries = vec![ PluginCapabilitySummary { + config_name: "alpha@test".to_string(), display_name: "alpha-plugin".to_string(), app_connector_ids: vec![AppConnectorId("connector_example".to_string())], mcp_server_names: vec!["alpha".to_string()], ..PluginCapabilitySummary::default() }, PluginCapabilitySummary { + config_name: "beta@test".to_string(), display_name: "beta-plugin".to_string(), app_connector_ids: vec![ AppConnectorId("connector_example".to_string()), @@ -157,10 +164,10 @@ fn tool_plugin_provenance_collects_app_and_mcp_sources() { vec!["beta-plugin".to_string()], ), ]), - plugin_display_names_by_mcp_server_name: HashMap::from([ - ("alpha".to_string(), vec!["alpha-plugin".to_string()]), - ("beta".to_string(), vec!["beta-plugin".to_string()]), - ]), + plugin_display_names_by_mcp_server_name: HashMap::from([( + "alpha".to_string(), + vec!["alpha-plugin".to_string()], + )]), plugin_ids_by_mcp_server_name: HashMap::from([( "alpha".to_string(), "alpha@test".to_string(), @@ -177,62 +184,27 @@ fn tool_plugin_provenance_collects_app_and_mcp_sources() { #[test] fn codex_apps_mcp_url_for_base_url_keeps_existing_paths() { assert_eq!( - codex_apps_mcp_url_for_base_url( - "https://chatgpt.com/backend-api", - /*apps_mcp_path_override*/ None, - ), + codex_apps_mcp_url_for_base_url("https://chatgpt.com/backend-api"), "https://chatgpt.com/backend-api/wham/apps" ); assert_eq!( - codex_apps_mcp_url_for_base_url( - "https://chat.openai.com", - /*apps_mcp_path_override*/ None, - ), + codex_apps_mcp_url_for_base_url("https://chat.openai.com"), "https://chat.openai.com/backend-api/wham/apps" ); assert_eq!( - codex_apps_mcp_url_for_base_url( - "http://localhost:8080/api/codex", - /*apps_mcp_path_override*/ None, - ), + codex_apps_mcp_url_for_base_url("http://localhost:8080/api/codex"), "http://localhost:8080/api/codex/apps" ); assert_eq!( - codex_apps_mcp_url_for_base_url( - "http://localhost:8080", - /*apps_mcp_path_override*/ None, - ), + codex_apps_mcp_url_for_base_url("http://localhost:8080"), "http://localhost:8080/api/codex/apps" ); } -#[test] -fn codex_apps_mcp_url_uses_legacy_codex_apps_path() { - let config = test_mcp_config(PathBuf::from("/tmp")); - - assert_eq!( - codex_apps_mcp_url(&config), - "https://chatgpt.com/backend-api/wham/apps" - ); -} - #[test] fn codex_apps_server_config_uses_legacy_codex_apps_path() { - let mut config = test_mcp_config(PathBuf::from("/tmp")); - let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); - - let mut servers = with_codex_apps_mcp(HashMap::new(), /*auth*/ None, &config); - assert!(!servers.contains_key(CODEX_APPS_MCP_SERVER_NAME)); - - config.apps_enabled = true; - - servers = with_codex_apps_mcp(servers, Some(&auth), &config); - let server = servers - .get(CODEX_APPS_MCP_SERVER_NAME) - .expect("codex apps should be present when apps is enabled"); - let config = server - .configured_config() - .expect("codex apps should use configured transport"); + let config = + codex_apps_mcp_server_config("https://chatgpt.com", /*apps_mcp_product_sku*/ None); let url = match &config.transport { McpServerTransportConfig::StreamableHttp { url, .. } => url, _ => panic!("expected streamable http transport for codex apps"), @@ -241,42 +213,9 @@ fn codex_apps_server_config_uses_legacy_codex_apps_path() { assert_eq!(url, "https://chatgpt.com/backend-api/wham/apps"); } -#[test] -fn codex_apps_server_config_uses_configured_apps_mcp_path_override() { - let mut config = test_mcp_config(PathBuf::from("/tmp")); - config.apps_mcp_path_override = Some("/custom/mcp".to_string()); - config.apps_enabled = true; - let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); - - let servers = with_codex_apps_mcp(HashMap::new(), Some(&auth), &config); - let server = servers - .get(CODEX_APPS_MCP_SERVER_NAME) - .expect("codex apps should be present when apps is enabled"); - let config = server - .configured_config() - .expect("codex apps should use configured transport"); - let url = match &config.transport { - McpServerTransportConfig::StreamableHttp { url, .. } => url, - _ => panic!("expected streamable http transport for codex apps"), - }; - - assert_eq!(url, "https://chatgpt.com/backend-api/custom/mcp"); -} - #[test] fn codex_apps_server_config_forwards_configured_product_sku_header() { - let mut config = test_mcp_config(PathBuf::from("/tmp")); - config.apps_mcp_product_sku = Some("tpp".to_string()); - config.apps_enabled = true; - let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); - - let servers = with_codex_apps_mcp(HashMap::new(), Some(&auth), &config); - let server = servers - .get(CODEX_APPS_MCP_SERVER_NAME) - .expect("codex apps should be present when apps is enabled"); - let config = server - .configured_config() - .expect("codex apps should use configured transport"); + let config = codex_apps_mcp_server_config("https://chatgpt.com", Some("tpp")); match &config.transport { McpServerTransportConfig::StreamableHttp { @@ -298,13 +237,14 @@ fn codex_apps_server_config_forwards_configured_product_sku_header() { } #[tokio::test] -async fn effective_mcp_servers_preserve_user_servers_and_add_codex_apps() { +async fn effective_mcp_servers_preserve_runtime_servers() { let codex_home = tempfile::tempdir().expect("tempdir"); let mut config = test_mcp_config(codex_home.path().to_path_buf()); config.apps_enabled = true; let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); - config.configured_mcp_servers.insert( + let mut catalog = ResolvedMcpCatalog::builder(); + catalog.register(McpServerRegistration::from_config( "sample".to_string(), McpServerConfig { transport: McpServerTransportConfig::StreamableHttp { @@ -328,8 +268,8 @@ async fn effective_mcp_servers_preserve_user_servers_and_add_codex_apps() { oauth_resource: None, tools: HashMap::new(), }, - ); - config.configured_mcp_servers.insert( + )); + catalog.register(McpServerRegistration::from_config( "docs".to_string(), McpServerConfig { transport: McpServerTransportConfig::StreamableHttp { @@ -353,7 +293,15 @@ async fn effective_mcp_servers_preserve_user_servers_and_add_codex_apps() { oauth_resource: None, tools: HashMap::new(), }, - ); + )); + catalog.register(McpServerRegistration::from_config( + CODEX_APPS_MCP_SERVER_NAME.to_string(), + codex_apps_mcp_server_config( + &config.chatgpt_base_url, + config.apps_mcp_product_sku.as_deref(), + ), + )); + config.mcp_server_catalog = catalog.build(); let effective = effective_mcp_servers(&config, Some(&auth)); diff --git a/codex-rs/codex-mcp/src/resource_client.rs b/codex-rs/codex-mcp/src/resource_client.rs new file mode 100644 index 00000000000..85dc974f20c --- /dev/null +++ b/codex-rs/codex-mcp/src/resource_client.rs @@ -0,0 +1,108 @@ +use std::sync::Arc; + +use anyhow::Context; +use anyhow::Result; +use arc_swap::ArcSwap; +use codex_protocol::mcp::Resource; +use codex_protocol::mcp::ResourceContent; +use rmcp::model::PaginatedRequestParams; +use rmcp::model::ReadResourceRequestParams; + +use crate::McpConnectionManager; + +/// One page of resources returned by an MCP server. +#[derive(Clone, Debug, PartialEq)] +pub struct McpResourcePage { + /// Resources advertised on this page. + pub resources: Vec, + /// Opaque cursor to supply when requesting the next page. + pub next_cursor: Option, +} + +/// Contents returned after reading one MCP resource. +#[derive(Clone, Debug, PartialEq)] +pub struct McpResourceReadResult { + /// Text or blob content returned for the requested resource. + pub contents: Vec, +} + +/// Session-scoped access to MCP resources through the currently installed manager. +/// +/// The client retains the manager's shared publication handle rather than a manager +/// snapshot, so calls automatically use replacements installed during startup and refresh. +#[derive(Clone)] +pub struct McpResourceClient { + manager: Arc>, +} + +impl std::fmt::Debug for McpResourceClient { + fn fmt(&self, formatter: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + formatter + .debug_struct("McpResourceClient") + .finish_non_exhaustive() + } +} + +impl McpResourceClient { + /// Creates a resource client backed by the session's replaceable MCP manager. + pub fn new(manager: Arc>) -> Self { + Self { manager } + } + + /// Returns whether the current manager contains the named server. + /// + /// This does not wait for server startup or imply that startup succeeded. + pub async fn has_server(&self, server: &str) -> bool { + self.manager.load_full().contains_server(server) + } + + /// Lists one resource page from the named server. + pub async fn list_resources( + &self, + server: &str, + cursor: Option, + ) -> Result { + let params = + cursor.map(|cursor| PaginatedRequestParams::default().with_cursor(Some(cursor))); + let result = self + .manager + .load_full() + .list_resources(server, params) + .await?; + let resources = result + .resources + .into_iter() + .map(resource_from_rmcp) + .collect::>>()?; + Ok(McpResourcePage { + resources, + next_cursor: result.next_cursor, + }) + } + + /// Reads one resource from the named server. + pub async fn read_resource(&self, server: &str, uri: &str) -> Result { + let result = self + .manager + .load_full() + .read_resource(server, ReadResourceRequestParams::new(uri.to_string())) + .await?; + let contents = result + .contents + .into_iter() + .map(resource_content_from_rmcp) + .collect::>>()?; + Ok(McpResourceReadResult { contents }) + } +} + +fn resource_from_rmcp(resource: rmcp::model::Resource) -> Result { + let value = serde_json::to_value(resource).context("failed to serialize MCP resource")?; + Resource::from_mcp_value(value).context("failed to convert MCP resource") +} + +fn resource_content_from_rmcp(content: rmcp::model::ResourceContents) -> Result { + let value = + serde_json::to_value(content).context("failed to serialize MCP resource content")?; + serde_json::from_value(value).context("failed to convert MCP resource content") +} diff --git a/codex-rs/config/Cargo.toml b/codex-rs/config/Cargo.toml index f77a76b764c..54ad61f94d3 100644 --- a/codex-rs/config/Cargo.toml +++ b/codex-rs/config/Cargo.toml @@ -13,7 +13,6 @@ workspace = true [dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } base64 = { workspace = true } codex-app-server-protocol = { workspace = true } codex-execpolicy = { workspace = true } @@ -25,6 +24,7 @@ codex-network-proxy = { workspace = true } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } codex-utils-path = { workspace = true } +codex-utils-path-uri = { workspace = true } dunce = { workspace = true } futures = { workspace = true, features = ["alloc", "std"] } gethostname = { workspace = true } diff --git a/codex-rs/config/src/config_requirements.rs b/codex-rs/config/src/config_requirements.rs index dcaefb8dbea..1fbdebbd0a3 100644 --- a/codex-rs/config/src/config_requirements.rs +++ b/codex-rs/config/src/config_requirements.rs @@ -822,7 +822,8 @@ pub struct ConfigRequirementsToml { pub allowed_approval_policies: Option>, pub allowed_approvals_reviewers: Option>, pub allowed_sandbox_modes: Option>, - pub allowed_permissions: Option>, + pub allowed_permission_profiles: Option>, + pub default_permissions: Option, pub remote_sandbox_config: Option>, pub allowed_web_search_modes: Option>, pub allow_managed_hooks_only: Option, @@ -876,7 +877,8 @@ pub struct ConfigRequirementsWithSources { pub allowed_approval_policies: Option>>, pub allowed_approvals_reviewers: Option>>, pub allowed_sandbox_modes: Option>>, - pub allowed_permissions: Option>>, + pub allowed_permission_profiles: Option>>, + pub default_permissions: Option>, pub allowed_web_search_modes: Option>>, pub allow_managed_hooks_only: Option>, pub allow_appshots: Option>, @@ -916,7 +918,8 @@ impl ConfigRequirementsWithSources { allowed_approval_policies: _, allowed_approvals_reviewers: _, allowed_sandbox_modes: _, - allowed_permissions: _, + allowed_permission_profiles: _, + default_permissions: _, remote_sandbox_config: _, allowed_web_search_modes: _, allow_managed_hooks_only: _, @@ -951,7 +954,8 @@ impl ConfigRequirementsWithSources { allowed_approval_policies, allowed_approvals_reviewers, allowed_sandbox_modes, - allowed_permissions, + allowed_permission_profiles, + default_permissions, allowed_web_search_modes, allow_managed_hooks_only, allow_appshots, @@ -983,7 +987,8 @@ impl ConfigRequirementsWithSources { allowed_approval_policies, allowed_approvals_reviewers, allowed_sandbox_modes, - allowed_permissions, + allowed_permission_profiles, + default_permissions, allowed_web_search_modes, allow_managed_hooks_only, allow_appshots, @@ -1004,7 +1009,8 @@ impl ConfigRequirementsWithSources { allowed_approval_policies: allowed_approval_policies.map(|sourced| sourced.value), allowed_approvals_reviewers: allowed_approvals_reviewers.map(|sourced| sourced.value), allowed_sandbox_modes: allowed_sandbox_modes.map(|sourced| sourced.value), - allowed_permissions: allowed_permissions.map(|sourced| sourced.value), + allowed_permission_profiles: allowed_permission_profiles.map(|sourced| sourced.value), + default_permissions: default_permissions.map(|sourced| sourced.value), remote_sandbox_config: None, allowed_web_search_modes: allowed_web_search_modes.map(|sourced| sourced.value), allow_managed_hooks_only: allow_managed_hooks_only.map(|sourced| sourced.value), @@ -1092,7 +1098,8 @@ impl ConfigRequirementsToml { self.allowed_approval_policies.is_none() && self.allowed_approvals_reviewers.is_none() && self.allowed_sandbox_modes.is_none() - && self.allowed_permissions.is_none() + && self.allowed_permission_profiles.is_none() + && self.default_permissions.is_none() && self.remote_sandbox_config.is_none() && self.allowed_web_search_modes.is_none() && self.allow_managed_hooks_only.is_none() @@ -1144,7 +1151,8 @@ impl TryFrom for ConfigRequirements { allowed_approval_policies, allowed_approvals_reviewers, allowed_sandbox_modes, - allowed_permissions: _, + allowed_permission_profiles: _, + default_permissions: _, allowed_web_search_modes, allow_managed_hooks_only, allow_appshots, @@ -1511,7 +1519,8 @@ mod tests { allowed_approval_policies, allowed_approvals_reviewers, allowed_sandbox_modes, - allowed_permissions, + allowed_permission_profiles, + default_permissions, remote_sandbox_config: _, allowed_web_search_modes, allow_managed_hooks_only, @@ -1536,7 +1545,9 @@ mod tests { .map(|value| Sourced::new(value, RequirementSource::Unknown)), allowed_sandbox_modes: allowed_sandbox_modes .map(|value| Sourced::new(value, RequirementSource::Unknown)), - allowed_permissions: allowed_permissions + allowed_permission_profiles: allowed_permission_profiles + .map(|value| Sourced::new(value, RequirementSource::Unknown)), + default_permissions: default_permissions .map(|value| Sourced::new(value, RequirementSource::Unknown)), allowed_web_search_modes: allowed_web_search_modes .map(|value| Sourced::new(value, RequirementSource::Unknown)), @@ -1592,7 +1603,11 @@ mod tests { fn deserialize_managed_permission_profiles() -> Result<()> { let requirements: ConfigRequirementsToml = from_str( r#" - allowed_permissions = ["managed-standard", "managed-build"] + default_permissions = "managed-standard" + + [allowed_permission_profiles] + managed-standard = true + managed-build = true [permissions.managed-standard] extends = ":workspace" @@ -1603,11 +1618,15 @@ mod tests { )?; assert_eq!( - requirements.allowed_permissions, - Some(vec![ - "managed-standard".to_string(), - "managed-build".to_string(), - ]) + requirements.allowed_permission_profiles, + Some(BTreeMap::from([ + ("managed-build".to_string(), true), + ("managed-standard".to_string(), true), + ])) + ); + assert_eq!( + requirements.default_permissions, + Some("managed-standard".to_string()) ); let permissions = requirements .permissions @@ -1720,7 +1739,8 @@ mod tests { allowed_approval_policies: Some(allowed_approval_policies.clone()), allowed_approvals_reviewers: Some(allowed_approvals_reviewers.clone()), allowed_sandbox_modes: Some(allowed_sandbox_modes.clone()), - allowed_permissions: Some(vec!["managed".to_string()]), + allowed_permission_profiles: Some(BTreeMap::from([("managed".to_string(), true)])), + default_permissions: Some("managed".to_string()), remote_sandbox_config: None, allowed_web_search_modes: Some(allowed_web_search_modes.clone()), allow_managed_hooks_only: Some(true), @@ -1753,10 +1773,11 @@ mod tests { source.clone(), )), allowed_sandbox_modes: Some(Sourced::new(allowed_sandbox_modes, source.clone(),)), - allowed_permissions: Some(Sourced::new( - vec!["managed".to_string()], + allowed_permission_profiles: Some(Sourced::new( + BTreeMap::from([("managed".to_string(), true)]), source.clone(), )), + default_permissions: Some(Sourced::new("managed".to_string(), source.clone(),)), allowed_web_search_modes: Some(Sourced::new( allowed_web_search_modes, enforce_source.clone(), @@ -1809,7 +1830,8 @@ mod tests { )), allowed_approvals_reviewers: None, allowed_sandbox_modes: None, - allowed_permissions: None, + allowed_permission_profiles: None, + default_permissions: None, allowed_web_search_modes: None, allow_managed_hooks_only: None, allow_appshots: None, @@ -1861,7 +1883,8 @@ mod tests { )), allowed_approvals_reviewers: None, allowed_sandbox_modes: None, - allowed_permissions: None, + allowed_permission_profiles: None, + default_permissions: None, allowed_web_search_modes: None, allow_managed_hooks_only: None, allow_appshots: None, diff --git a/codex-rs/config/src/hook_config.rs b/codex-rs/config/src/hook_config.rs index eee66896aff..a7ee820e60e 100644 --- a/codex-rs/config/src/hook_config.rs +++ b/codex-rs/config/src/hook_config.rs @@ -8,6 +8,7 @@ use serde::Deserialize; use serde::Serialize; #[derive(Debug, Default, Clone, PartialEq, Eq, Serialize, Deserialize, JsonSchema)] +#[serde(deny_unknown_fields)] pub struct HooksFile { #[serde(default)] pub hooks: HookEventsToml, diff --git a/codex-rs/config/src/hooks_tests.rs b/codex-rs/config/src/hooks_tests.rs index 915bec7d0c8..a2eb2d2322e 100644 --- a/codex-rs/config/src/hooks_tests.rs +++ b/codex-rs/config/src/hooks_tests.rs @@ -52,6 +52,30 @@ fn hooks_file_deserializes_existing_json_shape() { ); } +#[test] +fn hooks_file_rejects_events_outside_hooks_object() { + let error = serde_json::from_str::( + r#"{ + "SessionStart": [ + { + "hooks": [ + { + "type": "command", + "command": "python3 /tmp/session_start.py" + } + ] + } + ] +}"#, + ) + .expect_err("root-level hook events should be rejected"); + + assert!( + error.to_string().contains("unknown field `SessionStart`"), + "unexpected parse error: {error}" + ); +} + #[test] fn hook_events_deserialize_from_toml_arrays_of_tables() { let parsed: HookEventsToml = toml::from_str( diff --git a/codex-rs/config/src/lib.rs b/codex-rs/config/src/lib.rs index 0c79ffacffc..ed26757715f 100644 --- a/codex-rs/config/src/lib.rs +++ b/codex-rs/config/src/lib.rs @@ -150,6 +150,7 @@ pub use thread_config::ThreadConfigContext; pub use thread_config::ThreadConfigLoadError; pub use thread_config::ThreadConfigLoadErrorCode; pub use thread_config::ThreadConfigLoader; +pub use thread_config::ThreadConfigLoaderFuture; pub use thread_config::ThreadConfigSource; pub use thread_config::UserThreadConfig; pub use toml::Value as TomlValue; diff --git a/codex-rs/config/src/loader/layer_io.rs b/codex-rs/config/src/loader/layer_io.rs index 415d82e405d..7cdb4f5359d 100644 --- a/codex-rs/config/src/loader/layer_io.rs +++ b/codex-rs/config/src/loader/layer_io.rs @@ -10,6 +10,7 @@ use crate::strict_config::config_error_from_ignored_toml_value_fields; use codex_file_system::ExecutorFileSystem; use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_absolute_path::AbsolutePathBufGuard; +use codex_utils_path_uri::PathUri; use std::io; use std::path::Path; use std::path::PathBuf; @@ -106,7 +107,8 @@ pub(super) async fn read_config_from_path( log_missing_as_info: bool, strict_config: bool, ) -> io::Result> { - match fs.read_file_text(path, /*sandbox*/ None).await { + let path_uri = PathUri::from_abs_path(path)?; + match fs.read_file_text(&path_uri, /*sandbox*/ None).await { Ok(contents) => match toml::from_str::(&contents) { Ok(value) => { if strict_config { diff --git a/codex-rs/config/src/loader/mod.rs b/codex-rs/config/src/loader/mod.rs index bc0fb482e4b..d47ad50b26b 100644 --- a/codex-rs/config/src/loader/mod.rs +++ b/codex-rs/config/src/loader/mod.rs @@ -40,6 +40,7 @@ use codex_protocol::config_types::TrustLevel; use codex_protocol::protocol::AskForApproval; use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_absolute_path::AbsolutePathBufGuard; +use codex_utils_path_uri::PathUri; use dunce::canonicalize as normalize_path; use serde::Deserialize; use std::io; @@ -471,7 +472,8 @@ async fn load_config_toml_for_required_layer( strict_config: bool, create_entry: impl FnOnce(TomlValue) -> ConfigLayerEntry, ) -> io::Result { - let toml_value = match fs.read_file_text(toml_file, /*sandbox*/ None).await { + let toml_file_uri = PathUri::from_abs_path(toml_file)?; + let toml_value = match fs.read_file_text(&toml_file_uri, /*sandbox*/ None).await { Ok(contents) => { let config_parent = toml_file.as_path().parent().ok_or_else(|| { io::Error::new( @@ -566,8 +568,9 @@ pub async fn load_requirements_toml( fs: &dyn ExecutorFileSystem, requirements_toml_file: &AbsolutePathBuf, ) -> io::Result> { + let requirements_toml_file_uri = PathUri::from_abs_path(requirements_toml_file)?; match fs - .read_file_text(requirements_toml_file, /*sandbox*/ None) + .read_file_text(&requirements_toml_file_uri, /*sandbox*/ None) .await { Ok(contents) => { @@ -1135,8 +1138,9 @@ async fn find_project_root( for ancestor in cwd.ancestors() { for marker in project_root_markers { let marker_path = ancestor.join(marker); + let marker_path_uri = PathUri::from_abs_path(&marker_path)?; if fs - .get_metadata(&marker_path, /*sandbox*/ None) + .get_metadata(&marker_path_uri, /*sandbox*/ None) .await .is_ok() { @@ -1151,14 +1155,20 @@ async fn find_git_checkout_root( fs: &dyn ExecutorFileSystem, cwd: &AbsolutePathBuf, ) -> Option { - let base = match fs.get_metadata(cwd, /*sandbox*/ None).await { + let cwd_uri = PathUri::from_abs_path(cwd).ok()?; + let base = match fs.get_metadata(&cwd_uri, /*sandbox*/ None).await { Ok(metadata) if metadata.is_directory => cwd.clone(), _ => cwd.parent()?, }; for dir in base.ancestors() { let dot_git = dir.join(".git"); - if fs.get_metadata(&dot_git, /*sandbox*/ None).await.is_ok() { + let dot_git_uri = PathUri::from_abs_path(&dot_git).ok()?; + if fs + .get_metadata(&dot_git_uri, /*sandbox*/ None) + .await + .is_ok() + { return Some(dir); } } @@ -1206,8 +1216,9 @@ async fn load_project_layers( let mut startup_warnings = Vec::new(); for dir in dirs { let dot_codex_abs = dir.join(".codex"); + let dot_codex_uri = PathUri::from_abs_path(&dot_codex_abs)?; if !fs - .get_metadata(&dot_codex_abs, /*sandbox*/ None) + .get_metadata(&dot_codex_uri, /*sandbox*/ None) .await .map(|metadata| metadata.is_directory) .unwrap_or(false) @@ -1224,7 +1235,8 @@ async fn load_project_layers( continue; } let config_file = dot_codex_abs.join(CONFIG_TOML_FILE); - match fs.read_file_text(&config_file, /*sandbox*/ None).await { + let config_file_uri = PathUri::from_abs_path(&config_file)?; + match fs.read_file_text(&config_file_uri, /*sandbox*/ None).await { Ok(contents) => { let config: TomlValue = match toml::from_str(&contents) { Ok(config) => config, @@ -1327,8 +1339,9 @@ async fn merge_root_checkout_project_hooks( return Ok(config); }; let hooks_config_file = hooks_config_folder.join(CONFIG_TOML_FILE); + let hooks_config_file_uri = PathUri::from_abs_path(&hooks_config_file)?; let root_config = match fs - .read_file_text(&hooks_config_file, /*sandbox*/ None) + .read_file_text(&hooks_config_file_uri, /*sandbox*/ None) .await { Ok(contents) => { @@ -1467,7 +1480,7 @@ foo = "xyzzy" TomlValue::Table(toml::map::Map::from_iter([( "allowed_approvals_reviewers".to_string(), TomlValue::Array(vec![ - TomlValue::String("guardian_subagent".to_string()), + TomlValue::String("auto_review".to_string()), TomlValue::String("user".to_string()), ]), )])) diff --git a/codex-rs/config/src/loader/tests.rs b/codex-rs/config/src/loader/tests.rs index 6492f9a0c08..88c5b16522d 100644 --- a/codex-rs/config/src/loader/tests.rs +++ b/codex-rs/config/src/loader/tests.rs @@ -1,99 +1,92 @@ use super::*; -use async_trait::async_trait; use codex_file_system::CopyOptions; use codex_file_system::CreateDirectoryOptions; +use codex_file_system::ExecutorFileSystemFuture; use codex_file_system::FileMetadata; -use codex_file_system::FileSystemResult; use codex_file_system::FileSystemSandboxContext; use codex_file_system::ReadDirectoryEntry; use codex_file_system::RemoveOptions; +use codex_utils_path_uri::PathUri; use pretty_assertions::assert_eq; -use std::path::Path; use tempfile::tempdir; struct TestFileSystem; -#[async_trait] impl ExecutorFileSystem for TestFileSystem { - async fn canonicalize( - &self, - path: &AbsolutePathBuf, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { - path.canonicalize() + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(async move { + let path = path.to_abs_path()?; + let canonicalized = path.canonicalize()?; + PathUri::from_abs_path(&canonicalized) + }) } - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult { - Ok(base_path.join(path)) + fn read_file<'a>( + &'a self, + path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(async move { + let path = path.to_abs_path()?; + tokio::fs::read(path.as_path()).await + }) } - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult> { - Ok(path.parent()) - } - - async fn read_file( - &self, - path: &AbsolutePathBuf, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult> { - tokio::fs::read(path.as_path()).await - } - - async fn write_file( - &self, - _path: &AbsolutePathBuf, + fn write_file<'a>( + &'a self, + _path: &'a PathUri, _contents: Vec, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()> { - unimplemented!("test filesystem only supports reads") + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { unimplemented!("test filesystem only supports reads") }) } - async fn create_directory( - &self, - _path: &AbsolutePathBuf, + fn create_directory<'a>( + &'a self, + _path: &'a PathUri, _create_directory_options: CreateDirectoryOptions, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()> { - unimplemented!("test filesystem only supports reads") + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { unimplemented!("test filesystem only supports reads") }) } - async fn get_metadata( - &self, - _path: &AbsolutePathBuf, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { - unimplemented!("test filesystem only supports reads") + fn get_metadata<'a>( + &'a self, + _path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(async move { unimplemented!("test filesystem only supports reads") }) } - async fn read_directory( - &self, - _path: &AbsolutePathBuf, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult> { - unimplemented!("test filesystem only supports reads") + fn read_directory<'a>( + &'a self, + _path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(async move { unimplemented!("test filesystem only supports reads") }) } - async fn remove( - &self, - _path: &AbsolutePathBuf, + fn remove<'a>( + &'a self, + _path: &'a PathUri, _remove_options: RemoveOptions, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()> { - unimplemented!("test filesystem only supports reads") + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { unimplemented!("test filesystem only supports reads") }) } - async fn copy( - &self, - _source_path: &AbsolutePathBuf, - _destination_path: &AbsolutePathBuf, + fn copy<'a>( + &'a self, + _source_path: &'a PathUri, + _destination_path: &'a PathUri, _copy_options: CopyOptions, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()> { - unimplemented!("test filesystem only supports reads") + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { unimplemented!("test filesystem only supports reads") }) } } diff --git a/codex-rs/config/src/requirements_layers/stack.rs b/codex-rs/config/src/requirements_layers/stack.rs index e93dd1c1da4..0396cda237a 100644 --- a/codex-rs/config/src/requirements_layers/stack.rs +++ b/codex-rs/config/src/requirements_layers/stack.rs @@ -176,7 +176,8 @@ fn populate_merged_regular_fields_with_sources( allowed_approval_policies, allowed_approvals_reviewers, allowed_sandbox_modes, - allowed_permissions, + allowed_permission_profiles, + default_permissions, remote_sandbox_config: _, allowed_web_search_modes, allow_managed_hooks_only, @@ -201,7 +202,11 @@ fn populate_merged_regular_fields_with_sources( &["allowed_approvals_reviewers"] ); set_sourced!(allowed_sandbox_modes, &["allowed_sandbox_modes"]); - set_sourced!(allowed_permissions, &["allowed_permissions"]); + set_sourced!( + allowed_permission_profiles, + &["allowed_permission_profiles"] + ); + set_sourced!(default_permissions, &["default_permissions"]); set_sourced!(allowed_web_search_modes, &["allowed_web_search_modes"]); set_sourced!(allow_managed_hooks_only, &["allow_managed_hooks_only"]); set_sourced!(allow_appshots, &["allow_appshots"]); diff --git a/codex-rs/config/src/requirements_layers/stack_tests.rs b/codex-rs/config/src/requirements_layers/stack_tests.rs index 8acfd5f0d5b..82a99a7f0ac 100644 --- a/codex-rs/config/src/requirements_layers/stack_tests.rs +++ b/codex-rs/config/src/requirements_layers/stack_tests.rs @@ -62,6 +62,11 @@ fn top_level_values_use_toml_priority() { r#" allowed_approval_policies = ["on-request"] allowed_sandbox_modes = ["workspace-write"] +default_permissions = ":workspace" + +[allowed_permission_profiles] +":read-only" = true +":workspace" = true "#, ), layer( @@ -70,6 +75,11 @@ allowed_sandbox_modes = ["workspace-write"] r#" allowed_approval_policies = ["never"] allowed_sandbox_modes = ["read-only"] +default_permissions = ":read-only" + +[allowed_permission_profiles] +":danger-full-access" = false +":workspace" = false "#, ), ]) @@ -82,6 +92,12 @@ allowed_sandbox_modes = ["read-only"] r#" allowed_approval_policies = ["never"] allowed_sandbox_modes = ["read-only"] +default_permissions = ":read-only" + +[allowed_permission_profiles] +":danger-full-access" = false +":read-only" = true +":workspace" = false "# ) ); diff --git a/codex-rs/config/src/schema.rs b/codex-rs/config/src/schema.rs index e0d2c706718..c641f1703da 100644 --- a/codex-rs/config/src/schema.rs +++ b/codex-rs/config/src/schema.rs @@ -9,6 +9,7 @@ use schemars::schema::ObjectValidation; use schemars::schema::RootSchema; use schemars::schema::Schema; use schemars::schema::SchemaObject; +use schemars::schema::SubschemaValidation; use serde_json::Map; use serde_json::Value; use std::path::Path; @@ -25,6 +26,15 @@ pub fn features_schema(schema_gen: &mut SchemaGenerator) -> Schema { if feature.id == codex_features::Feature::Artifact { continue; } + if feature.id == codex_features::Feature::CodeMode { + validation.properties.insert( + feature.key.to_string(), + schema_gen.subschema_for::>(), + ); + continue; + } if feature.id == codex_features::Feature::MultiAgentV2 { validation.properties.insert( feature.key.to_string(), @@ -37,9 +47,7 @@ pub fn features_schema(schema_gen: &mut SchemaGenerator) -> Schema { if feature.id == codex_features::Feature::AppsMcpPathOverride { validation.properties.insert( feature.key.to_string(), - schema_gen.subschema_for::>(), + removed_apps_mcp_path_override_schema(schema_gen), ); continue; } @@ -67,6 +75,30 @@ pub fn features_schema(schema_gen: &mut SchemaGenerator) -> Schema { Schema::Object(object) } +fn removed_apps_mcp_path_override_schema(schema_gen: &mut SchemaGenerator) -> Schema { + let mut config_validation = ObjectValidation::default(); + config_validation + .properties + .insert("enabled".to_string(), schema_gen.subschema_for::()); + config_validation + .properties + .insert("path".to_string(), schema_gen.subschema_for::()); + config_validation.additional_properties = Some(Box::new(Schema::Bool(false))); + + let config = Schema::Object(SchemaObject { + instance_type: Some(InstanceType::Object.into()), + object: Some(Box::new(config_validation)), + ..Default::default() + }); + Schema::Object(SchemaObject { + subschemas: Some(Box::new(SubschemaValidation { + any_of: Some(vec![schema_gen.subschema_for::(), config]), + ..Default::default() + })), + ..Default::default() + }) +} + /// Schema for the `[mcp_servers]` map using the raw input shape. pub fn mcp_servers_schema(schema_gen: &mut SchemaGenerator) -> Schema { let mut object = SchemaObject { diff --git a/codex-rs/config/src/thread_config.rs b/codex-rs/config/src/thread_config.rs index 1b3ea8fe871..273680d5ec6 100644 --- a/codex-rs/config/src/thread_config.rs +++ b/codex-rs/config/src/thread_config.rs @@ -1,7 +1,8 @@ use std::collections::BTreeMap; use std::collections::HashMap; +use std::future::Future; +use std::pin::Pin; -use async_trait::async_trait; use codex_app_server_protocol::ConfigLayerSource; use codex_model_provider_info::ModelProviderInfo; use codex_utils_absolute_path::AbsolutePathBuf; @@ -86,7 +87,6 @@ impl ThreadConfigLoadError { /// return typed payloads without applying precedence or merge rules. Callers /// are responsible for resolving the returned sources into the effective /// runtime config. -#[async_trait] pub trait ThreadConfigLoader: Send + Sync { /// Load source-specific typed config. /// @@ -94,24 +94,29 @@ pub trait ThreadConfigLoader: Send + Sync { /// their owned sources. Most callers should use [`Self::load_config_layers`] /// so precedence and merging continue through the ordinary config layer /// stack. - async fn load( + fn load( &self, context: ThreadConfigContext, - ) -> Result, ThreadConfigLoadError>; + ) -> ThreadConfigLoaderFuture<'_, Vec>; - async fn load_config_layers( + fn load_config_layers( &self, context: ThreadConfigContext, - ) -> Result, ThreadConfigLoadError> { - let sources = self.load(context).await?; - sources - .into_iter() - .map(thread_config_source_to_layer) - .collect::, _>>() - .map(|layers| layers.into_iter().flatten().collect()) + ) -> ThreadConfigLoaderFuture<'_, Vec> { + Box::pin(async move { + let sources = self.load(context).await?; + sources + .into_iter() + .map(thread_config_source_to_layer) + .collect::, _>>() + .map(|layers| layers.into_iter().flatten().collect()) + }) } } +pub type ThreadConfigLoaderFuture<'a, T> = + Pin> + Send + 'a>>; + /// Loader backed by a static set of typed thread config sources. #[derive(Clone, Debug, Default, PartialEq)] pub struct StaticThreadConfigLoader { @@ -124,13 +129,12 @@ impl StaticThreadConfigLoader { } } -#[async_trait] impl ThreadConfigLoader for StaticThreadConfigLoader { - async fn load( + fn load( &self, _context: ThreadConfigContext, - ) -> Result, ThreadConfigLoadError> { - Ok(self.sources.clone()) + ) -> ThreadConfigLoaderFuture<'_, Vec> { + Box::pin(async { Ok(self.sources.clone()) }) } } @@ -138,13 +142,12 @@ impl ThreadConfigLoader for StaticThreadConfigLoader { #[derive(Clone, Debug, Default)] pub struct NoopThreadConfigLoader; -#[async_trait] impl ThreadConfigLoader for NoopThreadConfigLoader { - async fn load( + fn load( &self, _context: ThreadConfigContext, - ) -> Result, ThreadConfigLoadError> { - Ok(Vec::new()) + ) -> ThreadConfigLoaderFuture<'_, Vec> { + Box::pin(async { Ok(Vec::new()) }) } } diff --git a/codex-rs/config/src/thread_config/remote.rs b/codex-rs/config/src/thread_config/remote.rs index 7b7feacec5e..7a8e4ce88fa 100644 --- a/codex-rs/config/src/thread_config/remote.rs +++ b/codex-rs/config/src/thread_config/remote.rs @@ -3,7 +3,6 @@ use std::collections::HashMap; use std::num::NonZeroU64; use std::time::Duration; -use async_trait::async_trait; use codex_model_provider_info::ModelProviderInfo; use codex_model_provider_info::WireApi; use codex_protocol::config_types::ModelProviderAuthInfo; @@ -14,6 +13,7 @@ use super::ThreadConfigContext; use super::ThreadConfigLoadError; use super::ThreadConfigLoadErrorCode; use super::ThreadConfigLoader; +use super::ThreadConfigLoaderFuture; use super::ThreadConfigSource; use super::UserThreadConfig; use proto::thread_config_loader_client::ThreadConfigLoaderClient; @@ -49,10 +49,7 @@ impl RemoteThreadConfigLoader { ) }) } -} -#[async_trait] -impl ThreadConfigLoader for RemoteThreadConfigLoader { async fn load( &self, context: ThreadConfigContext, @@ -73,6 +70,15 @@ impl ThreadConfigLoader for RemoteThreadConfigLoader { } } +impl ThreadConfigLoader for RemoteThreadConfigLoader { + fn load( + &self, + context: ThreadConfigContext, + ) -> ThreadConfigLoaderFuture<'_, Vec> { + Box::pin(RemoteThreadConfigLoader::load(self, context)) + } +} + fn load_thread_config_request( context: ThreadConfigContext, ) -> tonic::Request { @@ -321,8 +327,7 @@ mod tests { expected_cwd: String, } - #[tonic::async_trait] - impl thread_config_loader_server::ThreadConfigLoader for TestServer { + impl TestServer { async fn load( &self, request: Request, @@ -341,6 +346,26 @@ mod tests { } } + impl thread_config_loader_server::ThreadConfigLoader for TestServer { + fn load<'a, 'async_trait>( + &'a self, + request: Request, + ) -> std::pin::Pin< + Box< + dyn std::future::Future< + Output = Result, Status>, + > + Send + + 'async_trait, + >, + > + where + 'a: 'async_trait, + Self: 'async_trait, + { + Box::pin(TestServer::load(self, request)) + } + } + #[tokio::test] async fn load_thread_config_calls_remote_service() { let cwd = workspace_dir().join("project"); diff --git a/codex-rs/core-api/Cargo.toml b/codex-rs/core-api/Cargo.toml index 998da39ce7b..f4c89e5640c 100644 --- a/codex-rs/core-api/Cargo.toml +++ b/codex-rs/core-api/Cargo.toml @@ -20,6 +20,7 @@ codex-analytics = { workspace = true } codex-config = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } +codex-home = { workspace = true } codex-exec-server = { workspace = true } codex-features = { workspace = true } codex-login = { workspace = true } diff --git a/codex-rs/core-api/src/lib.rs b/codex-rs/core-api/src/lib.rs index e87ee82f309..74fe9d5a0cd 100644 --- a/codex-rs/core-api/src/lib.rs +++ b/codex-rs/core-api/src/lib.rs @@ -26,6 +26,7 @@ pub use codex_config::types::TuiPetAnchor; pub use codex_config::types::UriBasedFileOpener; pub use codex_core::CodexThread; pub use codex_core::ForkSnapshot; +pub use codex_core::LoadedAgentsMd; pub use codex_core::McpManager; pub use codex_core::NewThread; pub use codex_core::StartThreadOptions; @@ -34,6 +35,7 @@ pub use codex_core::ThreadManager; pub use codex_core::ThreadShutdownReport; pub use codex_core::config::Config; pub use codex_core::config::Constrained; +pub use codex_core::config::ExtraConfig; pub use codex_core::config::GhostSnapshotConfig; pub use codex_core::config::MultiAgentV2Config; pub use codex_core::config::Permissions; @@ -46,9 +48,14 @@ pub use codex_core::skills::SkillsManager; pub use codex_core::thread_store_from_config; pub use codex_exec_server::EnvironmentManager; pub use codex_exec_server::ExecServerRuntimePaths; +pub use codex_extension_api::LoadUserInstructionsFuture; +pub use codex_extension_api::LoadedUserInstructions; +pub use codex_extension_api::UserInstructions; +pub use codex_extension_api::UserInstructionsProvider; pub use codex_extension_api::empty_extension_registry; pub use codex_features::Feature; pub use codex_features::Features; +pub use codex_home::CodexHomeUserInstructionsProvider; pub use codex_login::AuthManager; pub use codex_login::default_client::set_default_originator; pub use codex_model_provider_info::OPENAI_PROVIDER_ID; diff --git a/codex-rs/core-plugins/src/discoverable.rs b/codex-rs/core-plugins/src/discoverable.rs index ccf093d8166..a630877f551 100644 --- a/codex-rs/core-plugins/src/discoverable.rs +++ b/codex-rs/core-plugins/src/discoverable.rs @@ -4,6 +4,8 @@ use codex_app_server_protocol::PluginInstallPolicy; use codex_login::CodexAuth; use codex_plugin::PluginCapabilitySummary; use std::collections::HashSet; +use std::path::Component; +use std::path::Path; use tracing::warn; use crate::OPENAI_BUNDLED_MARKETPLACE_NAME; @@ -12,7 +14,6 @@ use crate::PluginsConfigInput; use crate::PluginsManager; use crate::marketplace::MarketplacePluginInstallPolicy; use crate::remote::REMOTE_GLOBAL_MARKETPLACE_NAME; -use crate::remote::RemotePluginScope; const TOOL_SUGGEST_DISCOVERABLE_PLUGIN_ALLOWLIST: &[&str] = &[ "github@openai-curated", @@ -53,6 +54,9 @@ const TOOL_SUGGEST_DISCOVERABLE_MARKETPLACE_ALLOWLIST: &[&str] = &[ REMOTE_GLOBAL_MARKETPLACE_NAME, ]; +const OPENAI_CURATED_MARKETPLACE_PATH_SUFFIX: &str = + ".tmp/plugins/.agents/plugins/marketplace.json"; + #[derive(Debug, Clone)] pub struct ToolSuggestPluginDiscoveryInput { pub plugins: PluginsConfigInput, @@ -64,6 +68,7 @@ pub struct ToolSuggestPluginDiscoveryInput { #[derive(Clone, Debug, PartialEq, Eq)] pub struct ToolSuggestDiscoverablePlugin { pub id: String, + pub remote_plugin_id: Option, pub name: String, pub description: Option, pub has_skills: bool, @@ -82,7 +87,11 @@ impl PluginsManager { } let marketplaces = self - .list_marketplaces_for_config(&input.plugins, &[]) + .list_marketplaces_for_config( + &input.plugins, + &[], + /*include_openai_curated*/ !input.plugins.remote_plugin_enabled, + ) .context("failed to list plugin marketplaces for tool suggestions")? .marketplaces; let mut installed_app_connector_ids = self @@ -95,7 +104,9 @@ impl PluginsManager { .collect::>(); installed_app_connector_ids.extend(input.loaded_plugin_app_connector_ids.iter().cloned()); let remote_installed_marketplaces = if input.plugins.remote_plugin_enabled { - self.build_remote_installed_plugin_marketplaces_from_cache(&[RemotePluginScope::Global]) + self.build_remote_installed_plugin_marketplaces_from_cache(&[ + REMOTE_GLOBAL_MARKETPLACE_NAME, + ]) } else { None }; @@ -103,11 +114,10 @@ impl PluginsManager { let mut discoverable_plugins = Vec::::new(); for marketplace in marketplaces { let marketplace_name = marketplace.name; - if input.plugins.remote_plugin_enabled - && marketplace_name == OPENAI_CURATED_MARKETPLACE_NAME - { - continue; - } + let use_legacy_local_curated_filter = should_use_legacy_local_curated_discovery_filter( + &marketplace_name, + marketplace.path.as_path(), + ); let is_allowlisted_marketplace = TOOL_SUGGEST_DISCOVERABLE_MARKETPLACE_ALLOWLIST .contains(&marketplace_name.as_str()); @@ -123,6 +133,13 @@ impl PluginsManager { continue; } + // On Windows-backed WSL mounts, keep local curated discovery bounded to the + // legacy fallback/configured set instead of reading every plugin detail for app + // ids. Remote curated has cached app ids and still expands by installed apps. + if use_legacy_local_curated_filter && !is_configured_plugin && !is_fallback_plugin { + continue; + } + let plugin_id = plugin.id.clone(); match self @@ -145,6 +162,7 @@ impl PluginsManager { discoverable_plugins.push(ToolSuggestDiscoverablePlugin { id: plugin.config_name, + remote_plugin_id: None, name: plugin.display_name, description: plugin.description, has_skills: plugin.has_skills, @@ -200,6 +218,7 @@ impl PluginsManager { discoverable_plugins.push(ToolSuggestDiscoverablePlugin { id: plugin.config_id, + remote_plugin_id: Some(plugin.remote_plugin_id), name: plugin.name, description: plugin.description, has_skills: plugin.has_skills, @@ -216,3 +235,30 @@ impl PluginsManager { Ok(discoverable_plugins) } } + +fn should_use_legacy_local_curated_discovery_filter( + marketplace_name: &str, + marketplace_path: &Path, +) -> bool { + marketplace_name == OPENAI_CURATED_MARKETPLACE_NAME + && is_wsl_windows_drive_path(marketplace_path) + && marketplace_path.ends_with(Path::new(OPENAI_CURATED_MARKETPLACE_PATH_SUFFIX)) +} + +fn is_wsl_windows_drive_path(path: &Path) -> bool { + let mut components = path.components(); + if components.next() != Some(Component::RootDir) { + return false; + } + if components.next().and_then(|part| part.as_os_str().to_str()) != Some("mnt") { + return false; + } + let Some(drive) = components.next().and_then(|part| part.as_os_str().to_str()) else { + return false; + }; + drive.len() == 1 && drive.as_bytes()[0].is_ascii_alphabetic() +} + +#[cfg(test)] +#[path = "discoverable_tests.rs"] +mod tests; diff --git a/codex-rs/core-plugins/src/discoverable_tests.rs b/codex-rs/core-plugins/src/discoverable_tests.rs new file mode 100644 index 00000000000..240fd86f174 --- /dev/null +++ b/codex-rs/core-plugins/src/discoverable_tests.rs @@ -0,0 +1,61 @@ +use std::path::Path; + +use super::is_wsl_windows_drive_path; +use super::should_use_legacy_local_curated_discovery_filter; +use crate::OPENAI_BUNDLED_MARKETPLACE_NAME; +use crate::OPENAI_CURATED_MARKETPLACE_NAME; + +#[test] +fn legacy_local_curated_filter_matches_wsl_windows_backed_curated_checkout() { + let marketplace_path = + Path::new("/mnt/c/Users/user/.codex/.tmp/plugins/.agents/plugins/marketplace.json"); + + assert!(should_use_legacy_local_curated_discovery_filter( + OPENAI_CURATED_MARKETPLACE_NAME, + marketplace_path, + )); +} + +#[test] +fn legacy_local_curated_filter_does_not_match_native_wsl_curated_checkout() { + let marketplace_path = + Path::new("/home/user/.codex/.tmp/plugins/.agents/plugins/marketplace.json"); + + assert!(!should_use_legacy_local_curated_discovery_filter( + OPENAI_CURATED_MARKETPLACE_NAME, + marketplace_path, + )); +} + +#[test] +fn legacy_local_curated_filter_does_not_match_other_wsl_marketplaces() { + let other_marketplace_path = Path::new( + "/mnt/c/Users/user/.codex/.tmp/marketplaces/other/.agents/plugins/marketplace.json", + ); + let local_curated_marketplace_path = + Path::new("/mnt/c/Users/user/.codex/.tmp/plugins/.agents/plugins/marketplace.json"); + + assert!(!should_use_legacy_local_curated_discovery_filter( + OPENAI_CURATED_MARKETPLACE_NAME, + other_marketplace_path, + )); + assert!(!should_use_legacy_local_curated_discovery_filter( + OPENAI_BUNDLED_MARKETPLACE_NAME, + local_curated_marketplace_path, + )); +} + +#[test] +fn wsl_windows_drive_path_matches_only_mnt_drive_paths() { + assert!(is_wsl_windows_drive_path(Path::new( + "/mnt/c/Users/user/.codex/.tmp/plugins", + ))); + assert!(is_wsl_windows_drive_path(Path::new("/mnt/Z/tmp"))); + assert!(!is_wsl_windows_drive_path(Path::new("/home/user/.codex"))); + assert!(!is_wsl_windows_drive_path(Path::new( + "/mnt/codex/Users/user/.codex", + ))); + assert!(!is_wsl_windows_drive_path(Path::new( + "/media/c/Users/user/.codex", + ))); +} diff --git a/codex-rs/core-plugins/src/lib.rs b/codex-rs/core-plugins/src/lib.rs index 98cb73e1276..84eeea5dc9a 100644 --- a/codex-rs/core-plugins/src/lib.rs +++ b/codex-rs/core-plugins/src/lib.rs @@ -11,7 +11,6 @@ mod plugin_bundle_archive; pub mod remote; pub mod remote_bundle; pub mod remote_legacy; -pub(crate) mod startup_remote_sync; pub mod startup_sync; pub mod store; #[cfg(test)] @@ -35,12 +34,11 @@ pub use manager::PluginDetailsUnavailableReason; pub use manager::PluginInstallError; pub use manager::PluginInstallOutcome; pub use manager::PluginInstallRequest; +pub use manager::PluginListBackgroundTaskOptions; pub use manager::PluginReadOutcome; pub use manager::PluginReadRequest; -pub use manager::PluginRemoteSyncError; pub use manager::PluginUninstallError; pub use manager::PluginsConfigInput; pub use manager::PluginsManager; -pub use manager::RemotePluginSyncResult; pub use marketplace_upgrade::ConfiguredMarketplaceUpgradeError as PluginMarketplaceUpgradeError; pub use marketplace_upgrade::ConfiguredMarketplaceUpgradeOutcome as PluginMarketplaceUpgradeOutcome; diff --git a/codex-rs/core-plugins/src/loader.rs b/codex-rs/core-plugins/src/loader.rs index d6414be6ffc..1cc94301725 100644 --- a/codex-rs/core-plugins/src/loader.rs +++ b/codex-rs/core-plugins/src/loader.rs @@ -5,6 +5,7 @@ use crate::manifest::load_plugin_manifest; use crate::marketplace::MarketplacePluginSource; use crate::marketplace::list_marketplaces; use crate::marketplace::load_marketplace; +use crate::marketplace::load_raw_marketplace_plugin_names; use crate::remote::REMOTE_GLOBAL_MARKETPLACE_NAME; use crate::remote::RemoteInstalledPlugin; use crate::store::PluginStore; @@ -60,6 +61,12 @@ pub struct PluginHookLoadOutcome { pub hook_load_warnings: Vec, } +#[derive(Debug, Clone, PartialEq, Eq)] +pub struct PluginAppMetadata { + pub id: AppConnectorId, + pub category: Option, +} + enum PluginLoadScope<'a> { AllCapabilities { restriction_product: Option, @@ -122,6 +129,7 @@ struct PluginAppFile { #[derive(Debug, Default, Deserialize)] struct PluginAppConfig { id: String, + category: Option, } pub async fn load_plugins_from_layer_stack( @@ -307,6 +315,10 @@ pub fn refresh_curated_plugin_cache( .join(".agents/plugins/marketplace.json"), ) .map_err(|_| "local curated marketplace is not available".to_string())?; + let marketplace_plugin_names = load_raw_marketplace_plugin_names(&curated_marketplace_path) + .map_err(|err| { + format!("failed to load curated marketplace plugin names for cache refresh: {err}") + })?; let curated_marketplace = load_marketplace(&curated_marketplace_path) .map_err(|err| format!("failed to load curated marketplace for cache refresh: {err}"))?; @@ -321,36 +333,40 @@ pub fn refresh_curated_plugin_cache( ); continue; } - let source_path = match plugin.source { - MarketplacePluginSource::Local { path } => path, - MarketplacePluginSource::Git { .. } => { - warn!( - plugin = plugin_name, - marketplace = OPENAI_CURATED_MARKETPLACE_NAME, - "skipping remote curated plugin source during cache refresh" - ); - continue; - } - }; - plugin_sources.insert(plugin_name, source_path); + if let MarketplacePluginSource::Local { path } = plugin.source { + plugin_sources.insert(plugin_name, path); + } } let mut cache_refreshed = false; for plugin_id in configured_curated_plugin_ids { - if store.active_plugin_version(plugin_id).as_deref() == Some(cache_plugin_version.as_str()) - { - continue; - } - - let Some(source_path) = plugin_sources.get(&plugin_id.plugin_name).cloned() else { + if !marketplace_plugin_names.contains(&plugin_id.plugin_name) { warn!( plugin = plugin_id.plugin_name, marketplace = OPENAI_CURATED_MARKETPLACE_NAME, "configured curated plugin no longer exists in curated marketplace during cache refresh" ); + if store.plugin_base_root(plugin_id).as_path().exists() { + store.uninstall(plugin_id).map_err(|err| { + format!( + "failed to remove stale curated plugin cache for {}: {err}", + plugin_id.as_key() + ) + })?; + cache_refreshed = true; + } + continue; + } + + let Some(source_path) = plugin_sources.get(&plugin_id.plugin_name).cloned() else { continue; }; + if store.active_plugin_version(plugin_id).as_deref() == Some(cache_plugin_version.as_str()) + { + continue; + } + store .install_with_version(source_path, plugin_id.clone(), cache_plugin_version.clone()) .map_err(|err| { @@ -839,6 +855,14 @@ fn default_mcp_config_paths(plugin_root: &Path) -> Vec { } pub async fn load_plugin_apps(plugin_root: &Path) -> Vec { + load_plugin_app_metadata(plugin_root) + .await + .into_iter() + .map(|app| app.id) + .collect() +} + +pub async fn load_plugin_app_metadata(plugin_root: &Path) -> Vec { if let Some(manifest) = load_plugin_manifest(plugin_root) { return load_apps_from_paths( plugin_root, @@ -849,6 +873,16 @@ pub async fn load_plugin_apps(plugin_root: &Path) -> Vec { load_apps_from_paths(plugin_root, default_app_config_paths(plugin_root)).await } +pub fn plugin_app_metadata_from_value(value: &JsonValue) -> Vec { + let Ok(parsed) = serde_json::from_value::(value.clone()) else { + return Vec::new(); + }; + let mut apps = plugin_app_metadata_from_file(parsed, /*plugin_root*/ None); + let mut seen_connector_ids = HashSet::new(); + apps.retain(|app| seen_connector_ids.insert(app.id.0.clone())); + apps +} + fn plugin_app_config_paths( plugin_root: &Path, manifest_paths: &PluginManifestPaths, @@ -985,8 +1019,8 @@ fn append_plugin_hook_file( async fn load_apps_from_paths( plugin_root: &Path, app_config_paths: Vec, -) -> Vec { - let mut connector_ids = Vec::new(); +) -> Vec { + let mut apps = Vec::new(); for app_config_path in app_config_paths { let Ok(contents) = tokio::fs::read_to_string(app_config_path.as_path()).await else { continue; @@ -1002,21 +1036,40 @@ async fn load_apps_from_paths( } }; - connector_ids.extend(parsed.apps.into_values().filter_map(|app| { + apps.extend(plugin_app_metadata_from_file(parsed, Some(plugin_root))); + } + let mut seen_connector_ids = HashSet::new(); + apps.retain(|app| seen_connector_ids.insert(app.id.0.clone())); + apps +} + +fn plugin_app_metadata_from_file( + parsed: PluginAppFile, + plugin_root: Option<&Path>, +) -> Vec { + parsed + .apps + .into_values() + .filter_map(|app| { if app.id.trim().is_empty() { - warn!( - plugin = %plugin_root.display(), - "plugin app config is missing an app id" - ); + if let Some(plugin_root) = plugin_root { + warn!( + plugin = %plugin_root.display(), + "plugin app config is missing an app id" + ); + } None } else { - Some(AppConnectorId(app.id)) + Some(PluginAppMetadata { + id: AppConnectorId(app.id), + category: app + .category + .map(|category| category.trim().to_string()) + .filter(|category| !category.is_empty()), + }) } - })); - } - let mut seen_connector_ids = HashSet::new(); - connector_ids.retain(|connector_id| seen_connector_ids.insert(connector_id.0.clone())); - connector_ids + }) + .collect() } pub async fn plugin_telemetry_metadata_from_root( @@ -1054,7 +1107,10 @@ pub async fn plugin_telemetry_metadata_from_root( plugin_root.as_path(), plugin_app_config_paths(plugin_root.as_path(), manifest_paths), ) - .await, + .await + .into_iter() + .map(|app| app.id) + .collect(), }), } } diff --git a/codex-rs/core-plugins/src/manager.rs b/codex-rs/core-plugins/src/manager.rs index 08f668d1307..59bf365487b 100644 --- a/codex-rs/core-plugins/src/manager.rs +++ b/codex-rs/core-plugins/src/manager.rs @@ -1,12 +1,11 @@ use super::PluginLoadOutcome; -use super::startup_remote_sync::start_startup_remote_plugin_sync_once; use crate::OPENAI_CURATED_MARKETPLACE_NAME; use crate::installed_marketplaces::installed_marketplace_roots_from_layer_stack; use crate::loader::PluginHookLoadOutcome; use crate::loader::configured_curated_plugin_ids_from_codex_home; use crate::loader::curated_plugin_cache_version; use crate::loader::installed_plugin_telemetry_metadata; -use crate::loader::load_plugin_apps; +use crate::loader::load_plugin_app_metadata; use crate::loader::load_plugin_hooks; use crate::loader::load_plugin_hooks_from_layer_stack; use crate::loader::load_plugin_mcp_servers; @@ -32,7 +31,6 @@ use crate::marketplace::ResolvedMarketplacePlugin; use crate::marketplace::find_installable_marketplace_plugin; use crate::marketplace::find_marketplace_plugin; use crate::marketplace::list_marketplaces; -use crate::marketplace::load_marketplace; use crate::marketplace::plugin_interface_with_marketplace_category; use crate::marketplace_upgrade::ConfiguredMarketplaceUpgradeError; use crate::marketplace_upgrade::ConfiguredMarketplaceUpgradeOutcome; @@ -40,7 +38,6 @@ use crate::marketplace_upgrade::configured_git_marketplace_names; use crate::marketplace_upgrade::upgrade_configured_git_marketplaces; use crate::remote::RemoteInstalledPlugin; use crate::remote::RemotePluginCatalogError; -use crate::remote::RemotePluginScope; use crate::remote::RemotePluginServiceConfig; use crate::remote_legacy::RemotePluginFetchError; use crate::remote_legacy::RemotePluginMutationError; @@ -51,14 +48,14 @@ use crate::store::PluginInstallResult as StorePluginInstallResult; use crate::store::PluginStore; use crate::store::PluginStoreError; use codex_analytics::AnalyticsEventsClient; +use codex_app_server_protocol::AuthMode; use codex_config::ConfigLayerStack; -use codex_config::PluginConfigEdit; -use codex_config::apply_user_plugin_config_edits; use codex_config::clear_user_plugin; use codex_config::set_user_plugin_enabled; use codex_config::types::PluginConfig; -use codex_config::version_for_toml; use codex_core_skills::SkillMetadata; +use codex_core_skills::config_rules::SkillConfigRules; +use codex_core_skills::config_rules::skill_config_rules_from_stack; use codex_hooks::plugin_hook_declarations; use codex_login::AuthManager; use codex_login::CodexAuth; @@ -80,7 +77,6 @@ use std::sync::atomic::AtomicBool; use std::sync::atomic::Ordering; use std::time::Instant; use tokio::sync::Semaphore; -use tracing::info; use tracing::warn; static CURATED_REPO_SYNC_STARTED: AtomicBool = AtomicBool::new(false); @@ -150,6 +146,22 @@ struct RemoteInstalledPluginsCacheRefreshState { in_flight: bool, } +struct GlobalRemoteCatalogCacheRefreshRequest { + service_config: RemotePluginServiceConfig, + auth: Option, +} + +#[derive(Default)] +struct GlobalRemoteCatalogCacheRefreshState { + requested: Option, + in_flight: bool, +} + +#[derive(Clone, Copy, Debug, Default, PartialEq, Eq)] +pub struct PluginListBackgroundTaskOptions { + pub refresh_global_remote_catalog_cache: bool, +} + #[derive(Clone, PartialEq, Eq)] struct NonCuratedCacheRefreshRequest { roots: Vec, @@ -192,6 +204,13 @@ fn featured_plugin_ids_cache_key( } } +fn project_plugin_load_outcome_for_auth( + outcome: PluginLoadOutcome, + _auth_mode: Option, +) -> PluginLoadOutcome { + outcome +} + #[derive(Debug, Clone, PartialEq, Eq)] pub struct PluginInstallRequest { pub plugin_name: String, @@ -235,6 +254,7 @@ pub struct PluginDetail { pub disabled_skill_paths: HashSet, pub hooks: Vec, pub apps: Vec, + pub app_category_by_id: HashMap, pub mcp_server_names: Vec, pub details_unavailable_reason: Option, } @@ -296,127 +316,41 @@ impl From for PluginCapabilitySummary { } } -#[derive(Debug, Clone, Default, PartialEq, Eq)] -pub struct RemotePluginSyncResult { - /// Plugin ids newly installed into the local plugin cache. - pub installed_plugin_ids: Vec, - /// Plugin ids whose local config was changed to enabled. - pub enabled_plugin_ids: Vec, - /// Plugin ids whose local config was changed to disabled. - /// This is not populated by `sync_plugins_from_remote`. - pub disabled_plugin_ids: Vec, - /// Plugin ids removed from local cache or plugin config. - pub uninstalled_plugin_ids: Vec, -} - -#[derive(Debug, thiserror::Error)] -pub enum PluginRemoteSyncError { - #[error("chatgpt authentication required to sync remote plugins")] - AuthRequired, - - #[error( - "chatgpt authentication required to sync remote plugins; api key auth is not supported" - )] - UnsupportedAuthMode, - - #[error("failed to read auth token for remote plugin sync: {0}")] - AuthToken(#[source] std::io::Error), - - #[error("failed to send remote plugin sync request to {url}: {source}")] - Request { - url: String, - #[source] - source: reqwest::Error, - }, - - #[error("remote plugin sync request to {url} failed with status {status}: {body}")] - UnexpectedStatus { - url: String, - status: reqwest::StatusCode, - body: String, - }, - - #[error("failed to parse remote plugin sync response from {url}: {source}")] - Decode { - url: String, - #[source] - source: serde_json::Error, - }, - - #[error("local curated marketplace is not available")] - LocalMarketplaceNotFound, - - #[error("remote marketplace `{marketplace_name}` is not available locally")] - UnknownRemoteMarketplace { marketplace_name: String }, - - #[error("duplicate remote plugin `{plugin_name}` in sync response")] - DuplicateRemotePlugin { plugin_name: String }, - - #[error( - "remote plugin `{plugin_name}` was not found in local marketplace `{marketplace_name}`" - )] - UnknownRemotePlugin { - plugin_name: String, - marketplace_name: String, - }, - - #[error("{0}")] - InvalidPluginId(#[from] PluginIdError), - - #[error("{0}")] - Marketplace(#[from] MarketplaceError), - - #[error("{0}")] - Store(#[from] PluginStoreError), - - #[error("{0}")] - Config(#[from] anyhow::Error), - - #[error("failed to join remote plugin sync task: {0}")] - Join(#[from] tokio::task::JoinError), -} - -impl PluginRemoteSyncError { - fn join(source: tokio::task::JoinError) -> Self { - Self::Join(source) - } -} - -impl From for PluginRemoteSyncError { - fn from(value: RemotePluginFetchError) -> Self { - match value { - RemotePluginFetchError::AuthRequired => Self::AuthRequired, - RemotePluginFetchError::UnsupportedAuthMode => Self::UnsupportedAuthMode, - RemotePluginFetchError::AuthToken(source) => Self::AuthToken(source), - RemotePluginFetchError::Request { url, source } => Self::Request { url, source }, - RemotePluginFetchError::UnexpectedStatus { url, status, body } => { - Self::UnexpectedStatus { url, status, body } - } - RemotePluginFetchError::Decode { url, source } => Self::Decode { url, source }, - } - } -} - pub struct PluginsManager { codex_home: PathBuf, store: PluginStore, featured_plugin_ids_cache: RwLock>, configured_marketplace_upgrade_state: RwLock, non_curated_cache_refresh_state: RwLock, - cached_enabled_outcome: RwLock>, + enabled_outcome_cache: RwLock, + enabled_outcome_load_semaphore: Semaphore, remote_installed_plugins_cache: RwLock>>, remote_installed_plugins_cache_refresh_state: RwLock, - remote_sync_lock: Semaphore, + global_remote_catalog_cache_refresh_state: RwLock, restriction_product: Option, + auth_mode: RwLock>, analytics_events_client: RwLock>, } #[derive(Clone)] struct CachedPluginLoadOutcome { - config_version: String, + key: PluginLoadCacheKey, outcome: PluginLoadOutcome, } +#[derive(Default)] +struct EnabledOutcomeCache { + generation: u64, + outcome: Option, +} + +#[derive(Clone, PartialEq, Eq)] +struct PluginLoadCacheKey { + configured_plugins: HashMap, + skill_config_rules: SkillConfigRules, + remote_plugin_enabled: bool, +} + impl PluginsManager { pub fn new(codex_home: PathBuf) -> Self { Self::new_with_restriction_product(codex_home, Some(Product::Codex)) @@ -441,17 +375,40 @@ impl PluginsManager { ConfiguredMarketplaceUpgradeState::default(), ), non_curated_cache_refresh_state: RwLock::new(NonCuratedCacheRefreshState::default()), - cached_enabled_outcome: RwLock::new(None), + enabled_outcome_cache: RwLock::new(EnabledOutcomeCache::default()), + enabled_outcome_load_semaphore: Semaphore::new(/*permits*/ 1), remote_installed_plugins_cache: RwLock::new(None), remote_installed_plugins_cache_refresh_state: RwLock::new( RemoteInstalledPluginsCacheRefreshState::default(), ), - remote_sync_lock: Semaphore::new(/*permits*/ 1), + global_remote_catalog_cache_refresh_state: RwLock::new( + GlobalRemoteCatalogCacheRefreshState::default(), + ), restriction_product, + auth_mode: RwLock::new(None), analytics_events_client: RwLock::new(None), } } + pub fn set_auth_mode(&self, auth_mode: Option) -> bool { + let mut stored_auth_mode = match self.auth_mode.write() { + Ok(auth_mode_guard) => auth_mode_guard, + Err(err) => err.into_inner(), + }; + if *stored_auth_mode == auth_mode { + return false; + } + *stored_auth_mode = auth_mode; + true + } + + pub fn auth_mode(&self) -> Option { + match self.auth_mode.read() { + Ok(auth_mode_guard) => *auth_mode_guard, + Err(err) => *err.into_inner(), + } + } + pub fn set_analytics_events_client(&self, analytics_events_client: AnalyticsEventsClient) { let mut stored_client = match self.analytics_events_client.write() { Ok(client_guard) => client_guard, @@ -484,11 +441,23 @@ impl PluginsManager { return PluginLoadOutcome::default(); } - let config_version = version_for_toml(&config.config_layer_stack.effective_config()); - if !force_reload && let Some(outcome) = self.cached_enabled_outcome(&config_version) { - return outcome; + let cache_key = PluginLoadCacheKey { + configured_plugins: configured_plugins_from_stack(&config.config_layer_stack), + skill_config_rules: skill_config_rules_from_stack(&config.config_layer_stack), + remote_plugin_enabled: config.remote_plugin_enabled, + }; + if !force_reload && let Some(outcome) = self.cached_enabled_outcome(&cache_key) { + return self.project_plugins_for_auth(outcome); } + let Ok(_load_permit) = self.enabled_outcome_load_semaphore.acquire().await else { + warn!("plugin load semaphore closed"); + return PluginLoadOutcome::default(); + }; + if !force_reload && let Some(outcome) = self.cached_enabled_outcome(&cache_key) { + return self.project_plugins_for_auth(outcome); + } + let cache_generation = self.enabled_outcome_cache_generation(); let outcome = load_plugins_from_layer_stack( &config.config_layer_stack, self.remote_installed_plugin_configs(), @@ -498,15 +467,12 @@ impl PluginsManager { ) .await; log_plugin_load_errors(&outcome); - let mut cache = match self.cached_enabled_outcome.write() { - Ok(cache) => cache, - Err(err) => err.into_inner(), - }; - *cache = Some(CachedPluginLoadOutcome { - config_version, - outcome: outcome.clone(), - }); - outcome + self.cache_enabled_outcome_if_current(cache_generation, cache_key, outcome.clone()); + self.project_plugins_for_auth(outcome) + } + + fn project_plugins_for_auth(&self, outcome: PluginLoadOutcome) -> PluginLoadOutcome { + project_plugin_load_outcome_for_auth(outcome, self.auth_mode()) } pub fn clear_cache(&self) { @@ -519,11 +485,12 @@ impl PluginsManager { } fn clear_enabled_outcome_cache(&self) { - let mut cached_enabled_outcome = match self.cached_enabled_outcome.write() { + let mut cache = match self.enabled_outcome_cache.write() { Ok(cache) => cache, Err(err) => err.into_inner(), }; - *cached_enabled_outcome = None; + cache.generation = cache.generation.wrapping_add(1); + cache.outcome = None; } /// Load plugins for a config layer stack without touching the plugins cache. @@ -535,14 +502,15 @@ impl PluginsManager { if !config.plugins_enabled { return PluginLoadOutcome::default(); } - load_plugins_from_layer_stack( + let outcome = load_plugins_from_layer_stack( config_layer_stack, self.remote_installed_plugin_configs(), &self.store, self.restriction_product, config.remote_plugin_enabled, ) - .await + .await; + self.project_plugins_for_auth(outcome) } /// Resolve plugin hooks for a config layer stack without loading other plugin capabilities. @@ -574,20 +542,44 @@ impl PluginsManager { .effective_plugin_skill_roots() } - fn cached_enabled_outcome(&self, config_version: &str) -> Option { - match self.cached_enabled_outcome.read() { + fn cached_enabled_outcome(&self, key: &PluginLoadCacheKey) -> Option { + match self.enabled_outcome_cache.read() { Ok(cache) => cache + .outcome .as_ref() - .filter(|cached| cached.config_version == config_version) + .filter(|cached| cached.key == *key) .map(|cached| cached.outcome.clone()), Err(err) => err .into_inner() + .outcome .as_ref() - .filter(|cached| cached.config_version == config_version) + .filter(|cached| cached.key == *key) .map(|cached| cached.outcome.clone()), } } + fn enabled_outcome_cache_generation(&self) -> u64 { + match self.enabled_outcome_cache.read() { + Ok(cache) => cache.generation, + Err(err) => err.into_inner().generation, + } + } + + fn cache_enabled_outcome_if_current( + &self, + generation: u64, + key: PluginLoadCacheKey, + outcome: PluginLoadOutcome, + ) { + let mut cache = match self.enabled_outcome_cache.write() { + Ok(cache) => cache, + Err(err) => err.into_inner(), + }; + if cache.generation == generation { + cache.outcome = Some(CachedPluginLoadOutcome { key, outcome }); + } + } + fn remote_installed_plugin_configs(&self) -> HashMap { let cache = match self.remote_installed_plugins_cache.read() { Ok(cache) => cache, @@ -602,14 +594,19 @@ impl PluginsManager { pub fn build_remote_installed_plugin_marketplaces_from_cache( &self, - visible_scopes: &[RemotePluginScope], + visible_marketplaces: &[&str], ) -> Option> { let cache = match self.remote_installed_plugins_cache.read() { Ok(cache) => cache, Err(err) => err.into_inner(), }; let plugins = cache.as_ref()?; - Some(crate::remote::group_remote_installed_plugins_by_marketplaces(plugins, visible_scopes)) + Some( + crate::remote::group_remote_installed_plugins_by_marketplaces( + plugins, + visible_marketplaces, + ), + ) } pub fn cached_global_remote_discoverable_plugins_for_config( @@ -641,7 +638,7 @@ impl PluginsManager { &self, config: &PluginsConfigInput, auth: Option<&CodexAuth>, - visible_scopes: &[RemotePluginScope], + visible_marketplaces: &[&str], on_effective_plugins_changed: Option>, ) -> Result, RemotePluginCatalogError> { let plugins = crate::remote::fetch_remote_installed_plugins( @@ -649,8 +646,10 @@ impl PluginsManager { auth, ) .await?; - let marketplaces = - crate::remote::group_remote_installed_plugins_by_marketplaces(&plugins, visible_scopes); + let marketplaces = crate::remote::group_remote_installed_plugins_by_marketplaces( + &plugins, + visible_marketplaces, + ); let changed = self.write_remote_installed_plugins_cache(plugins); if changed && let Some(on_effective_plugins_changed) = on_effective_plugins_changed { on_effective_plugins_changed(); @@ -764,14 +763,33 @@ impl PluginsManager { ); } + fn maybe_start_global_remote_catalog_cache_refresh( + self: &Arc, + config: &PluginsConfigInput, + auth: Option, + ) { + if !config.plugins_enabled || !config.remote_plugin_enabled { + return; + } + + self.schedule_global_remote_catalog_cache_refresh(GlobalRemoteCatalogCacheRefreshRequest { + service_config: remote_plugin_service_config(config), + auth, + }); + } + pub fn maybe_start_plugin_list_background_tasks_for_config( self: &Arc, config: &PluginsConfigInput, auth: Option, roots: &[AbsolutePathBuf], + options: PluginListBackgroundTaskOptions, on_effective_plugins_changed: Option>, ) { self.maybe_start_non_curated_plugin_cache_refresh(roots); + if options.refresh_global_remote_catalog_cache { + self.maybe_start_global_remote_catalog_cache_refresh(config, auth.clone()); + } self.maybe_start_remote_installed_plugins_cache_refresh( config, auth.clone(), @@ -1005,236 +1023,23 @@ impl PluginsManager { Ok(()) } - pub async fn sync_plugins_from_remote( - &self, - config: &PluginsConfigInput, - auth: Option<&CodexAuth>, - additive_only: bool, - ) -> Result { - let _remote_sync_guard = self.remote_sync_lock.acquire().await.map_err(|_| { - PluginRemoteSyncError::Config(anyhow::anyhow!("remote plugin sync semaphore closed")) - })?; - - if !config.plugins_enabled { - return Ok(RemotePluginSyncResult::default()); - } - - info!("starting remote plugin sync"); - let remote_plugins = crate::remote_legacy::fetch_remote_plugin_status( - &remote_plugin_service_config(config), - auth, - ) - .await - .map_err(PluginRemoteSyncError::from)?; - let configured_plugins = configured_plugins_from_stack(&config.config_layer_stack); - let curated_marketplace_root = curated_plugins_repo_path(self.codex_home.as_path()); - let curated_marketplace_path = AbsolutePathBuf::try_from( - curated_marketplace_root.join(".agents/plugins/marketplace.json"), - ) - .map_err(|_| PluginRemoteSyncError::LocalMarketplaceNotFound)?; - let curated_marketplace = match load_marketplace(&curated_marketplace_path) { - Ok(marketplace) => marketplace, - Err(MarketplaceError::MarketplaceNotFound { .. }) => { - return Err(PluginRemoteSyncError::LocalMarketplaceNotFound); - } - Err(err) => return Err(err.into()), - }; - - let marketplace_name = curated_marketplace.name.clone(); - let curated_plugin_version = read_curated_plugins_sha(self.codex_home.as_path()) - .ok_or_else(|| { - PluginStoreError::Invalid( - "local curated marketplace sha is not available".to_string(), - ) - })?; - let cache_plugin_version = curated_plugin_cache_version(&curated_plugin_version); - let mut local_plugins = Vec::<( - String, - PluginId, - AbsolutePathBuf, - Option, - Option, - bool, - )>::new(); - let mut local_plugin_names = HashSet::new(); - for plugin in curated_marketplace.plugins { - let plugin_name = plugin.name; - if !local_plugin_names.insert(plugin_name.clone()) { - warn!( - plugin = plugin_name, - marketplace = %marketplace_name, - "ignoring duplicate local plugin entry during remote sync" - ); - continue; - } - - let plugin_id = PluginId::new(plugin_name.clone(), marketplace_name.clone())?; - let plugin_key = plugin_id.as_key(); - let source_path = match plugin.source { - MarketplacePluginSource::Local { path } => path, - MarketplacePluginSource::Git { .. } => { - warn!( - plugin = plugin_name, - marketplace = %marketplace_name, - "skipping remote plugin source during remote sync" - ); - continue; - } - }; - let current_enabled = configured_plugins - .get(&plugin_key) - .map(|plugin| plugin.enabled); - let installed_version = self.store.active_plugin_version(&plugin_id); - let product_allowed = - self.restriction_product_matches(plugin.policy.products.as_deref()); - local_plugins.push(( - plugin_name, - plugin_id, - source_path, - current_enabled, - installed_version, - product_allowed, - )); - } - - let mut missing_remote_plugins = Vec::::new(); - let mut remote_installed_plugin_names = HashSet::::new(); - for plugin in remote_plugins { - if plugin.marketplace_name != marketplace_name { - return Err(PluginRemoteSyncError::UnknownRemoteMarketplace { - marketplace_name: plugin.marketplace_name, - }); - } - if !local_plugin_names.contains(&plugin.name) { - missing_remote_plugins.push(plugin.name); - continue; - } - // For now, sync treats remote `enabled = false` as uninstall rather than a distinct - // disabled state. - // TODO: Switch sync to `plugins/installed` so install and enable states stay distinct. - if !plugin.enabled { - continue; - } - if !remote_installed_plugin_names.insert(plugin.name.clone()) { - return Err(PluginRemoteSyncError::DuplicateRemotePlugin { - plugin_name: plugin.name, - }); - } - } - - let mut config_edits = Vec::new(); - let mut installs = Vec::new(); - let mut uninstalls = Vec::new(); - let mut result = RemotePluginSyncResult::default(); - let remote_plugin_count = remote_installed_plugin_names.len(); - let local_plugin_count = local_plugins.len(); - if !missing_remote_plugins.is_empty() { - let sample_missing_plugins = missing_remote_plugins - .iter() - .take(10) - .cloned() - .collect::>(); - warn!( - marketplace = %marketplace_name, - missing_remote_plugin_count = missing_remote_plugins.len(), - missing_remote_plugin_examples = ?sample_missing_plugins, - "ignoring remote plugins missing from local marketplace during sync" - ); - } - - for ( - plugin_name, - plugin_id, - source_path, - current_enabled, - installed_version, - product_allowed, - ) in local_plugins - { - let plugin_key = plugin_id.as_key(); - let is_installed = installed_version.is_some(); - if !product_allowed { - continue; - } - if remote_installed_plugin_names.contains(&plugin_name) { - if !is_installed { - installs.push((source_path, plugin_id.clone(), cache_plugin_version.clone())); - } - if !is_installed { - result.installed_plugin_ids.push(plugin_key.clone()); - } - - if current_enabled != Some(true) { - result.enabled_plugin_ids.push(plugin_key.clone()); - config_edits.push(PluginConfigEdit::SetEnabled { - plugin_key, - enabled: true, - }); - } - } else if !additive_only { - if is_installed { - uninstalls.push(plugin_id); - } - if is_installed || current_enabled.is_some() { - result.uninstalled_plugin_ids.push(plugin_key.clone()); - } - if current_enabled.is_some() { - config_edits.push(PluginConfigEdit::Clear { plugin_key }); - } - } - } - - let store = self.store.clone(); - let store_result = tokio::task::spawn_blocking(move || { - for (source_path, plugin_id, plugin_version) in installs { - store.install_with_version(source_path, plugin_id, plugin_version)?; - } - for plugin_id in uninstalls { - store.uninstall(&plugin_id)?; - } - Ok::<(), PluginStoreError>(()) - }) - .await - .map_err(PluginRemoteSyncError::join)?; - if let Err(err) = store_result { - self.clear_cache(); - return Err(err.into()); - } - - let config_result = if config_edits.is_empty() { - Ok(()) - } else { - apply_user_plugin_config_edits(&self.codex_home, config_edits).await - }; - self.clear_cache(); - config_result.map_err(anyhow::Error::from)?; - - info!( - marketplace = %marketplace_name, - remote_plugin_count, - local_plugin_count, - installed_plugin_ids = ?result.installed_plugin_ids, - enabled_plugin_ids = ?result.enabled_plugin_ids, - disabled_plugin_ids = ?result.disabled_plugin_ids, - uninstalled_plugin_ids = ?result.uninstalled_plugin_ids, - "completed remote plugin sync" - ); - - Ok(result) - } - pub fn list_marketplaces_for_config( &self, config: &PluginsConfigInput, additional_roots: &[AbsolutePathBuf], + include_openai_curated: bool, ) -> Result { if !config.plugins_enabled { return Ok(ConfiguredMarketplaceListOutcome::default()); } let (installed_plugins, enabled_plugins) = self.configured_plugin_states(config); - let marketplace_outcome = - self.discover_marketplaces_for_config(config, additional_roots)?; + let mut marketplace_roots = self.marketplace_roots(config, additional_roots); + if !include_openai_curated { + let curated_repo_root = curated_plugins_repo_path(self.codex_home.as_path()); + marketplace_roots.retain(|root| root.as_path() != curated_repo_root.as_path()); + } + let marketplace_outcome = list_marketplaces(&marketplace_roots)?; let mut seen_plugin_keys = HashSet::new(); let marketplaces = marketplace_outcome .marketplaces @@ -1420,6 +1225,7 @@ impl PluginsManager { disabled_skill_paths: HashSet::new(), hooks: Vec::new(), apps: Vec::new(), + app_category_by_id: HashMap::new(), mcp_server_names: Vec::new(), details_unavailable_reason: Some( PluginDetailsUnavailableReason::InstallRequiredForRemoteSource, @@ -1486,7 +1292,12 @@ impl PluginsManager { event_name: hook.event_name, }) .collect(); - let apps = load_plugin_apps(source_path.as_path()).await; + let app_metadata = load_plugin_app_metadata(source_path.as_path()).await; + let apps = app_metadata.iter().map(|app| app.id.clone()).collect(); + let app_category_by_id = app_metadata + .into_iter() + .filter_map(|app| app.category.map(|category| (app.id.0, category))) + .collect(); let mut mcp_server_names = load_plugin_mcp_servers(source_path.as_path()) .await .into_keys() @@ -1509,6 +1320,7 @@ impl PluginsManager { disabled_skill_paths: resolved_skills.disabled_skill_paths, hooks, apps, + app_category_by_id, mcp_server_names, details_unavailable_reason: None, }) @@ -1573,13 +1385,6 @@ impl PluginsManager { warn!("failed to start configured marketplace auto-upgrade task: {err}"); } } - start_startup_remote_plugin_sync_once( - Arc::clone(self), - self.codex_home.clone(), - config.clone(), - auth_manager.clone(), - ); - let config_for_remote_sync = config.clone(); let manager = Arc::clone(self); let auth_manager_for_remote_sync = auth_manager.clone(); @@ -1734,6 +1539,33 @@ impl PluginsManager { }); } + fn schedule_global_remote_catalog_cache_refresh( + self: &Arc, + request: GlobalRemoteCatalogCacheRefreshRequest, + ) { + let should_spawn = { + let mut state = match self.global_remote_catalog_cache_refresh_state.write() { + Ok(state) => state, + Err(err) => err.into_inner(), + }; + state.requested = Some(request); + if state.in_flight { + false + } else { + state.in_flight = true; + true + } + }; + if !should_spawn { + return; + } + + let manager = Arc::clone(self); + tokio::spawn(async move { + manager.run_global_remote_catalog_cache_refresh_loop().await; + }); + } + fn schedule_non_curated_plugin_cache_refresh( self: &Arc, roots: &[AbsolutePathBuf], @@ -1900,6 +1732,44 @@ impl PluginsManager { } } + async fn run_global_remote_catalog_cache_refresh_loop(self: Arc) { + loop { + let request = { + let mut state = match self.global_remote_catalog_cache_refresh_state.write() { + Ok(state) => state, + Err(err) => err.into_inner(), + }; + match state.requested.take() { + Some(request) => request, + None => { + state.in_flight = false; + return; + } + } + }; + + match crate::remote::fetch_and_cache_global_remote_plugin_catalog( + self.codex_home.as_path(), + &request.service_config, + request.auth.as_ref(), + ) + .await + { + Ok(()) => {} + Err( + RemotePluginCatalogError::AuthRequired + | RemotePluginCatalogError::UnsupportedAuthMode, + ) => {} + Err(err) => { + warn!( + error = %err, + "failed to refresh cached global remote plugin catalog" + ); + } + } + } + } + fn run_non_curated_plugin_cache_refresh_loop(self: Arc) { loop { let request = { diff --git a/codex-rs/core-plugins/src/manager_tests.rs b/codex-rs/core-plugins/src/manager_tests.rs index d6c13b1fe0b..1a268a4888a 100644 --- a/codex-rs/core-plugins/src/manager_tests.rs +++ b/codex-rs/core-plugins/src/manager_tests.rs @@ -6,8 +6,10 @@ use crate::loader::load_plugins_from_layer_stack; use crate::loader::refresh_non_curated_plugin_cache; use crate::loader::refresh_non_curated_plugin_cache_force_reinstall; use crate::marketplace::MarketplacePluginInstallPolicy; +use crate::remote::REMOTE_GLOBAL_MARKETPLACE_NAME; +use crate::remote::REMOTE_WORKSPACE_MARKETPLACE_NAME; +use crate::remote::REMOTE_WORKSPACE_SHARED_WITH_ME_MARKETPLACE_NAME; use crate::remote::RemoteInstalledPlugin; -use crate::remote::RemotePluginScope; use crate::startup_sync::curated_plugins_repo_path; use crate::test_support::TEST_CURATED_PLUGIN_CACHE_VERSION; use crate::test_support::TEST_CURATED_PLUGIN_SHA; @@ -15,6 +17,7 @@ use crate::test_support::load_plugins_config as load_plugins_config_input; use crate::test_support::write_curated_plugin_sha_with as write_curated_plugin_sha; use crate::test_support::write_file; use crate::test_support::write_openai_curated_marketplace; +use codex_app_server_protocol::AuthMode; use codex_app_server_protocol::ConfigLayerSource; use codex_config::AppToolApproval; use codex_config::CONFIG_TOML_FILE; @@ -45,6 +48,21 @@ use wiremock::matchers::query_param; const MAX_CAPABILITY_SUMMARY_DESCRIPTION_LEN: usize = 1024; +#[test] +fn plugins_manager_tracks_auth_mode() { + let tmp = TempDir::new().unwrap(); + let manager = PluginsManager::new(tmp.path().to_path_buf()); + + assert_eq!(manager.auth_mode(), None); + assert!(manager.set_auth_mode(Some(AuthMode::ApiKey))); + assert_eq!(manager.auth_mode(), Some(AuthMode::ApiKey)); + assert!(!manager.set_auth_mode(Some(AuthMode::ApiKey))); + assert!(manager.set_auth_mode(Some(AuthMode::ChatgptAuthTokens))); + assert_eq!(manager.auth_mode(), Some(AuthMode::ChatgptAuthTokens)); + assert!(manager.set_auth_mode(/*auth_mode*/ None)); + assert_eq!(manager.auth_mode(), None); +} + fn write_plugin_with_version( root: &Path, dir_name: &str, @@ -137,8 +155,15 @@ fn remote_installed_linear_plugin() -> RemoteInstalledPlugin { } fn remote_installed_plugin(name: &str) -> RemoteInstalledPlugin { + remote_installed_plugin_in_marketplace(name, REMOTE_GLOBAL_MARKETPLACE_NAME) +} + +fn remote_installed_plugin_in_marketplace( + name: &str, + marketplace_name: &str, +) -> RemoteInstalledPlugin { RemoteInstalledPlugin { - marketplace_name: "openai-curated-remote".to_string(), + marketplace_name: marketplace_name.to_string(), id: format!("plugins~Plugin_{name}"), name: name.to_string(), enabled: true, @@ -484,7 +509,7 @@ async fn build_remote_installed_plugin_marketplaces_from_cache_uses_remote_metad manager.write_remote_installed_plugins_cache(vec![plugin]); let marketplaces = manager - .build_remote_installed_plugin_marketplaces_from_cache(&[RemotePluginScope::Global]) + .build_remote_installed_plugin_marketplaces_from_cache(&[REMOTE_GLOBAL_MARKETPLACE_NAME]) .expect("remote installed cache should be present"); assert_eq!(marketplaces.len(), 1); assert_eq!(marketplaces[0].name, "openai-curated-remote"); @@ -521,12 +546,45 @@ async fn build_remote_installed_plugin_marketplaces_from_cache_uses_remote_metad ); assert_eq!( manager - .build_remote_installed_plugin_marketplaces_from_cache(&[RemotePluginScope::Workspace]) + .build_remote_installed_plugin_marketplaces_from_cache(&[ + REMOTE_WORKSPACE_MARKETPLACE_NAME + ]) .expect("remote installed cache should be present"), Vec::new() ); } +#[tokio::test] +async fn build_remote_installed_plugin_marketplaces_from_cache_filters_by_marketplace_name() { + let codex_home = TempDir::new().unwrap(); + let manager = PluginsManager::new(codex_home.path().to_path_buf()); + manager.write_remote_installed_plugins_cache(vec![ + remote_installed_plugin_in_marketplace( + "workspace-linear", + REMOTE_WORKSPACE_MARKETPLACE_NAME, + ), + remote_installed_plugin_in_marketplace( + "shared-linear", + REMOTE_WORKSPACE_SHARED_WITH_ME_MARKETPLACE_NAME, + ), + ]); + + let marketplaces = manager + .build_remote_installed_plugin_marketplaces_from_cache(&[REMOTE_WORKSPACE_MARKETPLACE_NAME]) + .expect("remote installed cache should be present"); + + assert_eq!(marketplaces.len(), 1); + assert_eq!(marketplaces[0].name, REMOTE_WORKSPACE_MARKETPLACE_NAME); + assert_eq!( + marketplaces[0] + .plugins + .iter() + .map(|plugin| plugin.id.as_str()) + .collect::>(), + vec!["workspace-linear@workspace-directory"] + ); +} + #[tokio::test] async fn load_plugins_resolves_disabled_skill_names_against_loaded_plugin_skills() { let codex_home = TempDir::new().unwrap(); @@ -1300,6 +1358,97 @@ async fn load_plugins_returns_empty_when_feature_disabled() { assert_eq!(outcome, PluginLoadOutcome::default()); } +#[tokio::test] +async fn plugin_cache_ignores_unrelated_session_overrides() { + let codex_home = TempDir::new().unwrap(); + let plugin_root = codex_home + .path() + .join("plugins/cache") + .join("test/sample/local"); + write_plugin( + codex_home.path().join("plugins/cache/test").as_path(), + "sample/local", + "sample", + ); + write_file( + &plugin_root.join(".mcp.json"), + r#"{ + "mcpServers": { + "sample": { + "url": "https://sample.example/mcp" + } + } +}"#, + ); + + let user_file = codex_home.path().join(CONFIG_TOML_FILE).abs(); + let user_config: toml::Value = toml::from_str(&plugin_config_toml( + /*enabled*/ true, /*plugins_feature_enabled*/ true, + )) + .expect("user config should parse"); + let stack = |session_config: &str| { + ConfigLayerStack::new( + vec![ + ConfigLayerEntry::new( + ConfigLayerSource::User { + file: user_file.clone(), + profile: None, + }, + user_config.clone(), + ), + ConfigLayerEntry::new( + ConfigLayerSource::SessionFlags, + toml::from_str(session_config).expect("session config should parse"), + ), + ], + ConfigRequirements::default(), + ConfigRequirementsToml::default(), + ) + .expect("config layer stack should build") + }; + let config = |session_config| { + PluginsConfigInput::new( + stack(session_config), + /*plugins_enabled*/ true, + /*remote_plugin_enabled*/ false, + "https://chatgpt.com".to_string(), + ) + }; + let manager = PluginsManager::new(codex_home.path().to_path_buf()); + + let first = manager + .plugins_for_config(&config(r#"model = "first""#)) + .await; + std::fs::remove_file(plugin_root.join(".mcp.json")).unwrap(); + let second = manager + .plugins_for_config(&config(r#"model = "second""#)) + .await; + + assert_eq!(second, first); + assert_eq!(second.plugins()[0].mcp_servers.len(), 1); +} + +#[test] +fn plugin_cache_invalidation_rejects_stale_load_completion() { + let codex_home = TempDir::new().unwrap(); + let manager = PluginsManager::new(codex_home.path().to_path_buf()); + let cache_key = PluginLoadCacheKey { + configured_plugins: HashMap::new(), + skill_config_rules: SkillConfigRules::default(), + remote_plugin_enabled: false, + }; + let stale_generation = manager.enabled_outcome_cache_generation(); + + manager.clear_enabled_outcome_cache(); + manager.cache_enabled_outcome_if_current( + stale_generation, + cache_key.clone(), + PluginLoadOutcome::default(), + ); + + assert_eq!(manager.cached_enabled_outcome(&cache_key), None); +} + #[tokio::test] async fn load_plugins_rejects_invalid_plugin_keys() { let codex_home = TempDir::new().unwrap(); @@ -1682,7 +1831,11 @@ enabled = false let config = load_config(tmp.path(), &repo_root).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[AbsolutePathBuf::try_from(repo_root).unwrap()]) + .list_marketplaces_for_config( + &config, + &[AbsolutePathBuf::try_from(repo_root).unwrap()], + /*include_openai_curated*/ true, + ) .unwrap() .marketplaces; @@ -1784,7 +1937,11 @@ enabled = true let config = load_config(tmp.path(), &repo_root).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[AbsolutePathBuf::try_from(repo_root).unwrap()]) + .list_marketplaces_for_config( + &config, + &[AbsolutePathBuf::try_from(repo_root).unwrap()], + /*include_openai_curated*/ true, + ) .unwrap() .marketplaces; @@ -1832,7 +1989,11 @@ plugins = true let config = load_config(tmp.path(), &repo_root).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[AbsolutePathBuf::try_from(repo_root).unwrap()]) + .list_marketplaces_for_config( + &config, + &[AbsolutePathBuf::try_from(repo_root).unwrap()], + /*include_openai_curated*/ true, + ) .unwrap() .marketplaces; @@ -2269,7 +2430,11 @@ enabled = true let config = load_config(tmp.path(), &repo_root).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[AbsolutePathBuf::try_from(repo_root).unwrap()]) + .list_marketplaces_for_config( + &config, + &[AbsolutePathBuf::try_from(repo_root).unwrap()], + /*include_openai_curated*/ true, + ) .unwrap() .marketplaces; @@ -2325,25 +2490,6 @@ enabled = true ); } -#[tokio::test] -async fn sync_plugins_from_remote_returns_default_when_feature_disabled() { - let tmp = tempfile::tempdir().unwrap(); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = false -"#, - ); - - let config = load_config(tmp.path(), tmp.path()).await; - let outcome = PluginsManager::new(tmp.path().to_path_buf()) - .sync_plugins_from_remote(&config, /*auth*/ None, /*additive_only*/ false) - .await - .unwrap(); - - assert_eq!(outcome, RemotePluginSyncResult::default()); -} - #[tokio::test] async fn list_marketplaces_includes_curated_repo_marketplace() { let tmp = tempfile::tempdir().unwrap(); @@ -2382,7 +2528,7 @@ plugins = true let config = load_config(tmp.path(), tmp.path()).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[]) + .list_marketplaces_for_config(&config, &[], /*include_openai_curated*/ true) .unwrap() .marketplaces; @@ -2420,6 +2566,37 @@ plugins = true ); } +#[tokio::test] +async fn list_marketplaces_can_skip_openai_curated_before_loading() { + let tmp = tempfile::tempdir().unwrap(); + let curated_root = curated_plugins_repo_path(tmp.path()); + + write_file( + &tmp.path().join(CONFIG_TOML_FILE), + r#"[features] +plugins = true +"#, + ); + write_file( + &curated_root.join(".agents/plugins/marketplace.json"), + "{not valid json", + ); + + let config = load_config(tmp.path(), tmp.path()).await; + let outcome = PluginsManager::new(tmp.path().to_path_buf()) + .list_marketplaces_for_config(&config, &[], /*include_openai_curated*/ false) + .unwrap(); + + assert_eq!(outcome.errors, Vec::new()); + assert_eq!( + outcome + .marketplaces + .iter() + .any(|marketplace| marketplace.name == OPENAI_CURATED_MARKETPLACE_NAME), + false + ); +} + #[tokio::test] async fn list_marketplaces_includes_installed_marketplace_roots() { let tmp = tempfile::tempdir().unwrap(); @@ -2462,7 +2639,7 @@ source = "/tmp/debug" .unwrap(); let config = load_config(tmp.path(), tmp.path()).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[]) + .list_marketplaces_for_config(&config, &[], /*include_openai_curated*/ true) .unwrap() .marketplaces; @@ -2538,7 +2715,7 @@ source = "/tmp/debug" let config = load_config(tmp.path(), tmp.path()).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[]) + .list_marketplaces_for_config(&config, &[], /*include_openai_curated*/ true) .unwrap() .marketplaces; @@ -2593,7 +2770,7 @@ plugins = true .unwrap(); let config = load_config(tmp.path(), tmp.path()).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[]) + .list_marketplaces_for_config(&config, &[], /*include_openai_curated*/ true) .unwrap() .marketplaces; @@ -2678,6 +2855,7 @@ enabled = false AbsolutePathBuf::try_from(repo_a_root).unwrap(), AbsolutePathBuf::try_from(repo_b_root).unwrap(), ], + /*include_openai_curated*/ true, ) .unwrap() .marketplaces; @@ -2788,7 +2966,11 @@ enabled = true let config = load_config(tmp.path(), &repo_root).await; let marketplaces = PluginsManager::new(tmp.path().to_path_buf()) - .list_marketplaces_for_config(&config, &[AbsolutePathBuf::try_from(repo_root).unwrap()]) + .list_marketplaces_for_config( + &config, + &[AbsolutePathBuf::try_from(repo_root).unwrap()], + /*include_openai_curated*/ true, + ) .unwrap() .marketplaces; @@ -2834,431 +3016,6 @@ enabled = true ); } -#[tokio::test] -async fn sync_plugins_from_remote_reconciles_cache_and_config() { - let tmp = tempfile::tempdir().unwrap(); - let curated_root = curated_plugins_repo_path(tmp.path()); - write_openai_curated_marketplace(&curated_root, &["linear", "gmail", "calendar"]); - write_curated_plugin_sha(tmp.path(), TEST_CURATED_PLUGIN_SHA); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "linear/local", - "linear", - ); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "gmail/local", - "gmail", - ); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "calendar/local", - "calendar", - ); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = true - -[plugins."linear@openai-curated"] -enabled = false - -[plugins."gmail@openai-curated"] -enabled = false - -[plugins."calendar@openai-curated"] -enabled = true -"#, - ); - - let server = MockServer::start().await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .and(header("authorization", "Bearer Access Token")) - .and(header("chatgpt-account-id", "account_id")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"linear","marketplace_name":"openai-curated","version":"1.0.0","enabled":true}, - {"id":"2","name":"gmail","marketplace_name":"openai-curated","version":"1.0.0","enabled":false} -]"#, - )) - .mount(&server) - .await; - - let mut config = load_config(tmp.path(), tmp.path()).await; - config.chatgpt_base_url = format!("{}/backend-api/", server.uri()); - let manager = PluginsManager::new(tmp.path().to_path_buf()); - let result = manager - .sync_plugins_from_remote( - &config, - Some(&CodexAuth::create_dummy_chatgpt_auth_for_testing()), - /*additive_only*/ false, - ) - .await - .unwrap(); - - assert_eq!( - result, - RemotePluginSyncResult { - installed_plugin_ids: Vec::new(), - enabled_plugin_ids: vec!["linear@openai-curated".to_string()], - disabled_plugin_ids: Vec::new(), - uninstalled_plugin_ids: vec![ - "gmail@openai-curated".to_string(), - "calendar@openai-curated".to_string(), - ], - } - ); - - assert!( - tmp.path() - .join("plugins/cache/openai-curated/linear/local") - .is_dir() - ); - assert!( - !tmp.path() - .join("plugins/cache/openai-curated/gmail") - .exists() - ); - assert!( - !tmp.path() - .join("plugins/cache/openai-curated/calendar") - .exists() - ); - - let config = fs::read_to_string(tmp.path().join(CONFIG_TOML_FILE)).unwrap(); - assert!(config.contains(r#"[plugins."linear@openai-curated"]"#)); - assert!(config.contains("enabled = true")); - assert!(!config.contains(r#"[plugins."gmail@openai-curated"]"#)); - assert!(!config.contains(r#"[plugins."calendar@openai-curated"]"#)); - - let synced_config = load_config(tmp.path(), tmp.path()).await; - let curated_marketplace = manager - .list_marketplaces_for_config(&synced_config, &[]) - .unwrap() - .marketplaces - .into_iter() - .find(|marketplace| marketplace.name == OPENAI_CURATED_MARKETPLACE_NAME) - .unwrap(); - assert_eq!( - curated_marketplace - .plugins - .into_iter() - .map(|plugin| (plugin.id, plugin.installed, plugin.enabled)) - .collect::>(), - vec![ - ("linear@openai-curated".to_string(), true, true), - ("gmail@openai-curated".to_string(), false, false), - ("calendar@openai-curated".to_string(), false, false), - ] - ); -} - -#[tokio::test] -async fn sync_plugins_from_remote_additive_only_keeps_existing_plugins() { - let tmp = tempfile::tempdir().unwrap(); - let curated_root = curated_plugins_repo_path(tmp.path()); - write_openai_curated_marketplace(&curated_root, &["linear", "gmail", "calendar"]); - write_curated_plugin_sha(tmp.path(), TEST_CURATED_PLUGIN_SHA); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "linear/local", - "linear", - ); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "gmail/local", - "gmail", - ); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "calendar/local", - "calendar", - ); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = true - -[plugins."linear@openai-curated"] -enabled = false - -[plugins."gmail@openai-curated"] -enabled = false - -[plugins."calendar@openai-curated"] -enabled = true -"#, - ); - - let server = MockServer::start().await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .and(header("authorization", "Bearer Access Token")) - .and(header("chatgpt-account-id", "account_id")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"linear","marketplace_name":"openai-curated","version":"1.0.0","enabled":true}, - {"id":"2","name":"gmail","marketplace_name":"openai-curated","version":"1.0.0","enabled":false} -]"#, - )) - .mount(&server) - .await; - - let mut config = load_config(tmp.path(), tmp.path()).await; - config.chatgpt_base_url = format!("{}/backend-api/", server.uri()); - let manager = PluginsManager::new(tmp.path().to_path_buf()); - let result = manager - .sync_plugins_from_remote( - &config, - Some(&CodexAuth::create_dummy_chatgpt_auth_for_testing()), - /*additive_only*/ true, - ) - .await - .unwrap(); - - assert_eq!( - result, - RemotePluginSyncResult { - installed_plugin_ids: Vec::new(), - enabled_plugin_ids: vec!["linear@openai-curated".to_string()], - disabled_plugin_ids: Vec::new(), - uninstalled_plugin_ids: Vec::new(), - } - ); - - assert!( - tmp.path() - .join("plugins/cache/openai-curated/linear/local") - .is_dir() - ); - assert!( - tmp.path() - .join("plugins/cache/openai-curated/gmail/local") - .is_dir() - ); - assert!( - tmp.path() - .join("plugins/cache/openai-curated/calendar/local") - .is_dir() - ); - - let config = fs::read_to_string(tmp.path().join(CONFIG_TOML_FILE)).unwrap(); - assert!(config.contains(r#"[plugins."linear@openai-curated"]"#)); - assert!(config.contains(r#"[plugins."gmail@openai-curated"]"#)); - assert!(config.contains(r#"[plugins."calendar@openai-curated"]"#)); - assert!(config.contains("enabled = true")); -} - -#[tokio::test] -async fn sync_plugins_from_remote_ignores_unknown_remote_plugins() { - let tmp = tempfile::tempdir().unwrap(); - let curated_root = curated_plugins_repo_path(tmp.path()); - write_openai_curated_marketplace(&curated_root, &["linear"]); - write_curated_plugin_sha(tmp.path(), TEST_CURATED_PLUGIN_SHA); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = true - -[plugins."linear@openai-curated"] -enabled = false -"#, - ); - - let server = MockServer::start().await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"plugin-one","marketplace_name":"openai-curated","version":"1.0.0","enabled":true} -]"#, - )) - .mount(&server) - .await; - - let mut config = load_config(tmp.path(), tmp.path()).await; - config.chatgpt_base_url = format!("{}/backend-api/", server.uri()); - let manager = PluginsManager::new(tmp.path().to_path_buf()); - let result = manager - .sync_plugins_from_remote( - &config, - Some(&CodexAuth::create_dummy_chatgpt_auth_for_testing()), - /*additive_only*/ false, - ) - .await - .unwrap(); - - assert_eq!( - result, - RemotePluginSyncResult { - installed_plugin_ids: Vec::new(), - enabled_plugin_ids: Vec::new(), - disabled_plugin_ids: Vec::new(), - uninstalled_plugin_ids: vec!["linear@openai-curated".to_string()], - } - ); - let config = fs::read_to_string(tmp.path().join(CONFIG_TOML_FILE)).unwrap(); - assert!(!config.contains(r#"[plugins."linear@openai-curated"]"#)); - assert!( - !tmp.path() - .join("plugins/cache/openai-curated/linear") - .exists() - ); -} - -#[tokio::test] -async fn sync_plugins_from_remote_keeps_existing_plugins_when_install_fails() { - let tmp = tempfile::tempdir().unwrap(); - let curated_root = curated_plugins_repo_path(tmp.path()); - write_openai_curated_marketplace(&curated_root, &["linear", "gmail"]); - write_curated_plugin_sha(tmp.path(), TEST_CURATED_PLUGIN_SHA); - fs::remove_dir_all(curated_root.join("plugins/gmail")).unwrap(); - write_plugin( - &tmp.path().join("plugins/cache/openai-curated"), - "linear/local", - "linear", - ); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = true - -[plugins."linear@openai-curated"] -enabled = false -"#, - ); - - let server = MockServer::start().await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"gmail","marketplace_name":"openai-curated","version":"1.0.0","enabled":true} -]"#, - )) - .mount(&server) - .await; - - let mut config = load_config(tmp.path(), tmp.path()).await; - config.chatgpt_base_url = format!("{}/backend-api/", server.uri()); - let manager = PluginsManager::new(tmp.path().to_path_buf()); - let err = manager - .sync_plugins_from_remote( - &config, - Some(&CodexAuth::create_dummy_chatgpt_auth_for_testing()), - /*additive_only*/ false, - ) - .await - .unwrap_err(); - - assert!(matches!( - err, - PluginRemoteSyncError::Store(PluginStoreError::Invalid(ref message)) - if message.contains("plugin source path is not a directory") - )); - assert!( - tmp.path() - .join("plugins/cache/openai-curated/linear/local") - .is_dir() - ); - assert!( - !tmp.path() - .join("plugins/cache/openai-curated/gmail") - .exists() - ); - - let config = fs::read_to_string(tmp.path().join(CONFIG_TOML_FILE)).unwrap(); - assert!(config.contains(r#"[plugins."linear@openai-curated"]"#)); - assert!(!config.contains(r#"[plugins."gmail@openai-curated"]"#)); - assert!(config.contains("enabled = false")); -} - -#[tokio::test] -async fn sync_plugins_from_remote_uses_first_duplicate_local_plugin_entry() { - let tmp = tempfile::tempdir().unwrap(); - let curated_root = curated_plugins_repo_path(tmp.path()); - write_curated_plugin_sha(tmp.path(), TEST_CURATED_PLUGIN_SHA); - fs::create_dir_all(curated_root.join(".agents/plugins")).unwrap(); - fs::write( - curated_root.join(".agents/plugins/marketplace.json"), - r#"{ - "name": "openai-curated", - "plugins": [ - { - "name": "gmail", - "source": { - "source": "local", - "path": "./plugins/gmail-first" - } - }, - { - "name": "gmail", - "source": { - "source": "local", - "path": "./plugins/gmail-second" - } - } - ] -}"#, - ) - .unwrap(); - write_plugin(&curated_root, "plugins/gmail-first", "gmail"); - write_plugin(&curated_root, "plugins/gmail-second", "gmail"); - fs::write(curated_root.join("plugins/gmail-first/marker.txt"), "first").unwrap(); - fs::write( - curated_root.join("plugins/gmail-second/marker.txt"), - "second", - ) - .unwrap(); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = true -"#, - ); - - let server = MockServer::start().await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"gmail","marketplace_name":"openai-curated","version":"1.0.0","enabled":true} -]"#, - )) - .mount(&server) - .await; - - let mut config = load_config(tmp.path(), tmp.path()).await; - config.chatgpt_base_url = format!("{}/backend-api/", server.uri()); - let manager = PluginsManager::new(tmp.path().to_path_buf()); - let result = manager - .sync_plugins_from_remote( - &config, - Some(&CodexAuth::create_dummy_chatgpt_auth_for_testing()), - /*additive_only*/ false, - ) - .await - .unwrap(); - - assert_eq!( - result, - RemotePluginSyncResult { - installed_plugin_ids: vec!["gmail@openai-curated".to_string()], - enabled_plugin_ids: vec!["gmail@openai-curated".to_string()], - disabled_plugin_ids: Vec::new(), - uninstalled_plugin_ids: Vec::new(), - } - ); - assert_eq!( - fs::read_to_string(tmp.path().join(format!( - "plugins/cache/openai-curated/gmail/{TEST_CURATED_PLUGIN_CACHE_VERSION}/marker.txt" - ))) - .unwrap(), - "first" - ); -} - #[tokio::test] async fn featured_plugin_ids_for_config_uses_restriction_product_query_param() { let tmp = tempfile::tempdir().unwrap(); @@ -3392,6 +3149,33 @@ fn refresh_curated_plugin_cache_reinstalls_missing_configured_plugin_with_curren ); } +#[test] +fn refresh_curated_plugin_cache_removes_cache_for_plugin_removed_from_marketplace() { + let tmp = tempfile::tempdir().unwrap(); + let curated_root = curated_plugins_repo_path(tmp.path()); + write_openai_curated_marketplace(&curated_root, &[]); + let plugin_id = PluginId::new( + "google-sheets".to_string(), + OPENAI_CURATED_MARKETPLACE_NAME.to_string(), + ) + .unwrap(); + let plugin_cache_root = tmp + .path() + .join("plugins/cache/openai-curated/google-sheets"); + write_plugin( + &tmp.path().join("plugins/cache/openai-curated"), + &format!("google-sheets/{TEST_CURATED_PLUGIN_CACHE_VERSION}"), + "google-sheets", + ); + + assert!( + refresh_curated_plugin_cache(tmp.path(), TEST_CURATED_PLUGIN_SHA, &[plugin_id]) + .expect("cache refresh should remove stale configured plugin") + ); + + assert!(!plugin_cache_root.exists()); +} + #[test] fn curated_plugin_ids_from_config_keys_reads_latest_codex_home_user_config() { let tmp = tempfile::tempdir().unwrap(); diff --git a/codex-rs/core-plugins/src/marketplace.rs b/codex-rs/core-plugins/src/marketplace.rs index 49925a673f9..049d8827513 100644 --- a/codex-rs/core-plugins/src/marketplace.rs +++ b/codex-rs/core-plugins/src/marketplace.rs @@ -9,6 +9,7 @@ use codex_protocol::protocol::Product; use codex_utils_absolute_path::AbsolutePathBuf; use serde::Deserialize; use serde_json::Value as JsonValue; +use std::collections::HashSet; use std::fs; use std::io; use std::path::Component; @@ -326,6 +327,16 @@ pub fn load_marketplace(path: &AbsolutePathBuf) -> Result Result, MarketplaceError> { + Ok(load_raw_marketplace_manifest(path)? + .plugins + .into_iter() + .map(|plugin| plugin.name) + .collect()) +} + #[doc(hidden)] pub fn list_marketplaces_with_home( additional_roots: &[AbsolutePathBuf], diff --git a/codex-rs/core-plugins/src/remote.rs b/codex-rs/core-plugins/src/remote.rs index 045ad8e1842..b948c517330 100644 --- a/codex-rs/core-plugins/src/remote.rs +++ b/codex-rs/core-plugins/src/remote.rs @@ -64,6 +64,8 @@ pub const REMOTE_WORKSPACE_SHARED_WITH_ME_UNLISTED_MARKETPLACE_DISPLAY_NAME: &st "Shared with me (unlisted)"; const OPENAI_CURATED_REMOTE_COLLECTION_KEY: &str = "vertical"; +const OAI_PRODUCT_SKU_HEADER: &str = "OAI-Product-Sku"; +const CODEX_PRODUCT_SKU: &str = "codex"; const REMOTE_PLUGIN_CATALOG_TIMEOUT: Duration = Duration::from_secs(30); const REMOTE_PLUGIN_LIST_PAGE_LIMIT: u32 = 200; const MAX_REMOTE_DEFAULT_PROMPT_COUNT: usize = 3; @@ -167,6 +169,28 @@ pub struct RemotePluginDetail { pub app_manifest: Option, pub skills: Vec, pub app_ids: Vec, + pub app_templates: Vec, + pub mcp_servers: Vec, +} + +#[derive(Debug, Clone, PartialEq, Eq)] +pub struct RemoteAppTemplate { + pub template_id: String, + pub name: String, + pub description: Option, + pub category: Option, + pub canonical_connector_id: Option, + pub logo_url: Option, + pub logo_url_dark: Option, + pub materialized_app_ids: Vec, + pub reason: Option, +} + +#[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)] +#[serde(rename_all = "SCREAMING_SNAKE_CASE")] +pub enum RemoteAppTemplateUnavailableReason { + NotConfiguredForWorkspace, + NoActiveWorkspace, } #[derive(Debug, Clone, PartialEq)] @@ -412,11 +436,40 @@ struct RemotePluginReleaseResponse { app_ids: Vec, #[serde(default)] app_manifest: Option, + #[serde(default, alias = "unavailable_app_templates")] + app_templates: Vec, #[serde(default)] keywords: Vec, interface: RemotePluginReleaseInterfaceResponse, #[serde(default)] skills: Vec, + #[serde(default, skip_serializing_if = "Vec::is_empty")] + mcp_servers: Vec, +} + +#[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)] +struct RemotePluginMcpServerResponse { + key: String, +} + +#[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)] +struct RemoteAppTemplateResponse { + template_id: String, + name: String, + #[serde(default)] + description: Option, + #[serde(default)] + category: Option, + #[serde(default)] + canonical_connector_id: Option, + #[serde(default)] + logo_url: Option, + #[serde(default)] + logo_url_dark: Option, + #[serde(default)] + materialized_app_ids: Vec, + #[serde(default)] + reason: Option, } #[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)] @@ -500,6 +553,12 @@ struct RemotePluginInstalledResponse { struct RemotePluginMutationResponse { id: String, enabled: bool, + app_ids_needing_auth: Option>, +} + +#[derive(Debug, Clone, PartialEq, Eq)] +pub struct RemotePluginInstallResult { + pub app_ids_needing_auth: Option>, } pub async fn fetch_remote_marketplaces( @@ -526,6 +585,25 @@ pub async fn fetch_remote_marketplaces( match source { RemoteMarketplaceSource::Global => { let scope = RemotePluginScope::Global; + if let Some(codex_home) = global_catalog_cache_path + && let Some(directory_plugins) = + catalog_cache::load_cached_global_directory_plugins( + codex_home, config, auth, + ) + { + let installed_plugins = + fetch_installed_plugins_for_scope(config, auth, scope).await?; + if let Some(marketplace) = build_remote_marketplace( + scope.marketplace_name(), + scope.marketplace_display_name(), + directory_plugins, + installed_plugins, + /*include_installed_only*/ true, + )? { + marketplaces.push(marketplace); + } + continue; + } let (directory_plugins, installed_plugins) = tokio::try_join!( fetch_directory_plugins_for_scope(config, auth, scope), fetch_installed_plugins_for_scope(config, auth, scope), @@ -642,6 +720,17 @@ pub async fn fetch_and_cache_global_remote_plugin_catalog( Ok(()) } +pub fn has_cached_global_remote_plugin_catalog( + codex_home: &Path, + config: &RemotePluginServiceConfig, + auth: Option<&CodexAuth>, +) -> bool { + let Ok(auth) = ensure_chatgpt_auth(auth) else { + return false; + }; + catalog_cache::load_cached_global_directory_plugins(codex_home, config, auth).is_some() +} + pub fn cached_global_remote_discoverable_plugins( codex_home: &Path, config: &RemotePluginServiceConfig, @@ -765,14 +854,12 @@ pub(crate) async fn fetch_remote_installed_plugins( pub fn group_remote_installed_plugins_by_marketplaces( plugins: &[RemoteInstalledPlugin], - visible_scopes: &[RemotePluginScope], + visible_marketplaces: &[&str], ) -> Vec { let mut plugins_by_marketplace = BTreeMap::>::new(); for plugin in plugins { - if !RemotePluginScope::from_marketplace_name(&plugin.marketplace_name) - .is_some_and(|scope| visible_scopes.contains(&scope)) - { + if !visible_marketplaces.contains(&plugin.marketplace_name.as_str()) { continue; } let Ok(plugin_id) = PluginId::new(plugin.name.clone(), plugin.marketplace_name.clone()) @@ -948,6 +1035,14 @@ async fn build_remote_plugin_detail( enabled: !disabled_skill_names.contains(&skill.name), }) .collect(); + let mut mcp_servers = plugin + .release + .mcp_servers + .iter() + .map(|server| server.key.clone()) + .collect::>(); + mcp_servers.sort_unstable(); + mcp_servers.dedup(); Ok(RemotePluginDetail { marketplace_name, @@ -959,6 +1054,23 @@ async fn build_remote_plugin_detail( app_manifest: plugin.release.app_manifest, skills, app_ids: plugin.release.app_ids, + app_templates: plugin + .release + .app_templates + .into_iter() + .map(|template| RemoteAppTemplate { + template_id: template.template_id, + name: template.name, + description: template.description, + category: template.category, + canonical_connector_id: template.canonical_connector_id, + logo_url: template.logo_url, + logo_url_dark: template.logo_url_dark, + materialized_app_ids: template.materialized_app_ids, + reason: template.reason, + }) + .collect(), + mcp_servers, }) } @@ -967,7 +1079,7 @@ pub async fn install_remote_plugin( auth: Option<&CodexAuth>, _marketplace_name: &str, plugin_id: &str, -) -> Result<(), RemotePluginCatalogError> { +) -> Result { let auth = ensure_chatgpt_auth(auth)?; // Remote plugin IDs uniquely identify remote plugins, so the caller-provided // marketplace name is not validated before sending the install mutation. @@ -975,7 +1087,12 @@ pub async fn install_remote_plugin( let base_url = config.chatgpt_base_url.trim_end_matches('/'); let url = format!("{base_url}/ps/plugins/{plugin_id}/install"); let client = build_reqwest_client(); - let request = authenticated_request(client.post(&url), auth)?; + let request = authenticated_request( + client + .post(&url) + .query(&[("includeAppsNeedingAuth", "true")]), + auth, + )?; let response: RemotePluginMutationResponse = send_and_decode(request, &url).await?; if response.id != plugin_id { return Err(RemotePluginCatalogError::UnexpectedPluginId { @@ -991,7 +1108,9 @@ pub async fn install_remote_plugin( }); } - Ok(()) + Ok(RemotePluginInstallResult { + app_ids_needing_auth: response.app_ids_needing_auth, + }) } pub async fn uninstall_remote_plugin( @@ -1009,7 +1128,7 @@ pub async fn uninstall_remote_plugin( let plugin_name = plugin.name; let base_url = config.chatgpt_base_url.trim_end_matches('/'); - let url = format!("{base_url}/plugins/{plugin_id}/uninstall"); + let url = format!("{base_url}/ps/plugins/{plugin_id}/uninstall"); let client = build_reqwest_client(); let request = authenticated_request(client.post(&url), auth)?; let response: RemotePluginMutationResponse = send_and_decode(request, &url).await?; @@ -1519,7 +1638,8 @@ fn authenticated_request( ) -> Result { Ok(request .timeout(REMOTE_PLUGIN_CATALOG_TIMEOUT) - .headers(codex_model_provider::auth_provider_from_auth(auth).to_auth_headers())) + .headers(codex_model_provider::auth_provider_from_auth(auth).to_auth_headers()) + .header(OAI_PRODUCT_SKU_HEADER, CODEX_PRODUCT_SKU)) } async fn send_and_decode Deserialize<'de>>( diff --git a/codex-rs/core-plugins/src/remote_legacy.rs b/codex-rs/core-plugins/src/remote_legacy.rs index dcf9f79eb85..137c33753b7 100644 --- a/codex-rs/core-plugins/src/remote_legacy.rs +++ b/codex-rs/core-plugins/src/remote_legacy.rs @@ -6,19 +6,9 @@ use serde::Deserialize; use std::time::Duration; use url::Url; -const DEFAULT_REMOTE_MARKETPLACE_NAME: &str = "openai-curated"; -const REMOTE_PLUGIN_FETCH_TIMEOUT: Duration = Duration::from_secs(30); const REMOTE_FEATURED_PLUGIN_FETCH_TIMEOUT: Duration = Duration::from_secs(10); const REMOTE_PLUGIN_MUTATION_TIMEOUT: Duration = Duration::from_secs(30); -#[derive(Debug, Clone, PartialEq, Eq, Deserialize)] -pub struct RemotePluginStatusSummary { - pub name: String, - #[serde(default = "default_remote_marketplace_name")] - pub marketplace_name: String, - pub enabled: bool, -} - #[derive(Debug, Clone, PartialEq, Eq, Deserialize)] #[serde(rename_all = "camelCase")] struct RemotePluginMutationResponse { @@ -83,32 +73,21 @@ pub enum RemotePluginMutationError { #[derive(Debug, thiserror::Error)] pub enum RemotePluginFetchError { - #[error("chatgpt authentication required to sync remote plugins")] - AuthRequired, - - #[error( - "chatgpt authentication required to sync remote plugins; api key auth is not supported" - )] - UnsupportedAuthMode, - - #[error("failed to read auth token for remote plugin sync: {0}")] - AuthToken(#[source] std::io::Error), - - #[error("failed to send remote plugin sync request to {url}: {source}")] + #[error("failed to send remote featured plugin request to {url}: {source}")] Request { url: String, #[source] source: reqwest::Error, }, - #[error("remote plugin sync request to {url} failed with status {status}: {body}")] + #[error("remote featured plugin request to {url} failed with status {status}: {body}")] UnexpectedStatus { url: String, status: reqwest::StatusCode, body: String, }, - #[error("failed to parse remote plugin sync response from {url}: {source}")] + #[error("failed to parse remote featured plugin response from {url}: {source}")] Decode { url: String, #[source] @@ -116,44 +95,6 @@ pub enum RemotePluginFetchError { }, } -pub async fn fetch_remote_plugin_status( - config: &RemotePluginServiceConfig, - auth: Option<&CodexAuth>, -) -> Result, RemotePluginFetchError> { - let Some(auth) = auth else { - return Err(RemotePluginFetchError::AuthRequired); - }; - if !auth.uses_codex_backend() { - return Err(RemotePluginFetchError::UnsupportedAuthMode); - } - - let base_url = config.chatgpt_base_url.trim_end_matches('/'); - let url = format!("{base_url}/plugins/list"); - let client = build_reqwest_client(); - let request = client - .get(&url) - .timeout(REMOTE_PLUGIN_FETCH_TIMEOUT) - .headers(codex_model_provider::auth_provider_from_auth(auth).to_auth_headers()); - - let response = request - .send() - .await - .map_err(|source| RemotePluginFetchError::Request { - url: url.clone(), - source, - })?; - let status = response.status(); - let body = response.text().await.unwrap_or_default(); - if !status.is_success() { - return Err(RemotePluginFetchError::UnexpectedStatus { url, status, body }); - } - - serde_json::from_str(&body).map_err(|source| RemotePluginFetchError::Decode { - url: url.clone(), - source, - }) -} - pub async fn fetch_remote_featured_plugin_ids( config: &RemotePluginServiceConfig, auth: Option<&CodexAuth>, @@ -224,10 +165,6 @@ fn ensure_codex_backend_auth( Ok(auth) } -fn default_remote_marketplace_name() -> String { - DEFAULT_REMOTE_MARKETPLACE_NAME.to_string() -} - async fn post_remote_plugin_mutation( config: &RemotePluginServiceConfig, auth: Option<&CodexAuth>, diff --git a/codex-rs/core-plugins/src/startup_remote_sync.rs b/codex-rs/core-plugins/src/startup_remote_sync.rs deleted file mode 100644 index 90c0e119c0c..00000000000 --- a/codex-rs/core-plugins/src/startup_remote_sync.rs +++ /dev/null @@ -1,100 +0,0 @@ -use std::path::Path; -use std::path::PathBuf; -use std::sync::Arc; -use std::time::Duration; - -use crate::manager::PluginsConfigInput; -use crate::manager::PluginsManager; -use crate::startup_sync::has_local_curated_plugins_snapshot; -use codex_login::AuthManager; -use tracing::info; -use tracing::warn; - -const STARTUP_REMOTE_PLUGIN_SYNC_MARKER_FILE: &str = ".tmp/app-server-remote-plugin-sync-v1"; -const STARTUP_REMOTE_PLUGIN_SYNC_PREREQUISITE_TIMEOUT: Duration = Duration::from_secs(10); - -pub(crate) fn start_startup_remote_plugin_sync_once( - manager: Arc, - codex_home: PathBuf, - config: PluginsConfigInput, - auth_manager: Arc, -) { - let marker_path = startup_remote_plugin_sync_marker_path(codex_home.as_path()); - if marker_path.is_file() { - return; - } - - tokio::spawn(async move { - if marker_path.is_file() { - return; - } - - if !wait_for_startup_remote_plugin_sync_prerequisites(codex_home.as_path()).await { - warn!( - codex_home = %codex_home.display(), - "skipping startup remote plugin sync because curated marketplace is not ready" - ); - return; - } - - let auth = auth_manager.auth().await; - match manager - .sync_plugins_from_remote(&config, auth.as_ref(), /*additive_only*/ true) - .await - { - Ok(sync_result) => { - info!( - installed_plugin_ids = ?sync_result.installed_plugin_ids, - enabled_plugin_ids = ?sync_result.enabled_plugin_ids, - disabled_plugin_ids = ?sync_result.disabled_plugin_ids, - uninstalled_plugin_ids = ?sync_result.uninstalled_plugin_ids, - "completed startup remote plugin sync" - ); - if let Err(err) = - write_startup_remote_plugin_sync_marker(codex_home.as_path()).await - { - warn!( - error = %err, - path = %marker_path.display(), - "failed to persist startup remote plugin sync marker" - ); - } - } - Err(err) => { - warn!( - error = %err, - "startup remote plugin sync failed; will retry on next app-server start" - ); - } - } - }); -} - -fn startup_remote_plugin_sync_marker_path(codex_home: &Path) -> PathBuf { - codex_home.join(STARTUP_REMOTE_PLUGIN_SYNC_MARKER_FILE) -} - -async fn wait_for_startup_remote_plugin_sync_prerequisites(codex_home: &Path) -> bool { - let deadline = tokio::time::Instant::now() + STARTUP_REMOTE_PLUGIN_SYNC_PREREQUISITE_TIMEOUT; - loop { - if has_local_curated_plugins_snapshot(codex_home) { - return true; - } - if tokio::time::Instant::now() >= deadline { - return false; - } - tokio::time::sleep(Duration::from_millis(50)).await; - } -} - -async fn write_startup_remote_plugin_sync_marker(codex_home: &Path) -> std::io::Result<()> { - let marker_path = startup_remote_plugin_sync_marker_path(codex_home); - if let Some(parent) = marker_path.parent() { - tokio::fs::create_dir_all(parent).await?; - } - tokio::fs::write(marker_path, b"ok\n").await -} - -#[cfg(test)] -#[path = "startup_remote_sync_tests.rs"] -mod tests; diff --git a/codex-rs/core-plugins/src/startup_remote_sync_tests.rs b/codex-rs/core-plugins/src/startup_remote_sync_tests.rs deleted file mode 100644 index bdbc5e1a7a1..00000000000 --- a/codex-rs/core-plugins/src/startup_remote_sync_tests.rs +++ /dev/null @@ -1,91 +0,0 @@ -use super::*; -use crate::PluginsManager; -use crate::startup_sync::curated_plugins_repo_path; -use crate::test_support::TEST_CURATED_PLUGIN_CACHE_VERSION; -use crate::test_support::load_plugins_config; -use crate::test_support::write_curated_plugin_sha; -use crate::test_support::write_file; -use crate::test_support::write_openai_curated_marketplace; -use codex_config::CONFIG_TOML_FILE; -use codex_login::AuthManager; -use codex_login::CodexAuth; -use pretty_assertions::assert_eq; -use std::sync::Arc; -use std::time::Duration; -use tempfile::tempdir; -use wiremock::Mock; -use wiremock::MockServer; -use wiremock::ResponseTemplate; -use wiremock::matchers::header; -use wiremock::matchers::method; -use wiremock::matchers::path; - -#[tokio::test] -async fn startup_remote_plugin_sync_writes_marker_and_reconciles_state() { - let tmp = tempdir().expect("tempdir"); - let curated_root = curated_plugins_repo_path(tmp.path()); - write_openai_curated_marketplace(&curated_root, &["linear"]); - write_curated_plugin_sha(tmp.path()); - write_file( - &tmp.path().join(CONFIG_TOML_FILE), - r#"[features] -plugins = true - -[plugins."linear@openai-curated"] -enabled = false -"#, - ); - - let server = MockServer::start().await; - Mock::given(method("GET")) - .and(path("/backend-api/plugins/list")) - .and(header("authorization", "Bearer Access Token")) - .and(header("chatgpt-account-id", "account_id")) - .respond_with(ResponseTemplate::new(200).set_body_string( - r#"[ - {"id":"1","name":"linear","marketplace_name":"openai-curated","version":"1.0.0","enabled":true} -]"#, - )) - .mount(&server) - .await; - - let mut config = load_plugins_config(tmp.path(), tmp.path()).await; - config.chatgpt_base_url = format!("{}/backend-api/", server.uri()); - let manager = Arc::new(PluginsManager::new(tmp.path().to_path_buf())); - let auth_manager = - AuthManager::from_auth_for_testing(CodexAuth::create_dummy_chatgpt_auth_for_testing()); - - start_startup_remote_plugin_sync_once( - Arc::clone(&manager), - tmp.path().to_path_buf(), - config, - auth_manager, - ); - - let marker_path = tmp.path().join(STARTUP_REMOTE_PLUGIN_SYNC_MARKER_FILE); - tokio::time::timeout(Duration::from_secs(5), async { - loop { - if marker_path.is_file() { - break; - } - tokio::time::sleep(Duration::from_millis(10)).await; - } - }) - .await - .expect("marker should be written"); - - assert!( - tmp.path() - .join(format!( - "plugins/cache/openai-curated/linear/{TEST_CURATED_PLUGIN_CACHE_VERSION}" - )) - .is_dir() - ); - let config = - std::fs::read_to_string(tmp.path().join(CONFIG_TOML_FILE)).expect("config should exist"); - assert!(config.contains(r#"[plugins."linear@openai-curated"]"#)); - assert!(config.contains("enabled = true")); - - let marker_contents = std::fs::read_to_string(marker_path).expect("marker should be readable"); - assert_eq!(marker_contents, "ok\n"); -} diff --git a/codex-rs/core-plugins/src/startup_sync.rs b/codex-rs/core-plugins/src/startup_sync.rs index f03aff93f63..c5965f2212e 100644 --- a/codex-rs/core-plugins/src/startup_sync.rs +++ b/codex-rs/core-plugins/src/startup_sync.rs @@ -1,3 +1,4 @@ +use std::fs::File; use std::path::Path; use std::path::PathBuf; use std::process::Command; @@ -22,8 +23,11 @@ const CURATED_PLUGINS_BACKUP_ARCHIVE_API_URL: &str = "https://chatgpt.com/backend-api/plugins/export/curated"; const OPENAI_PLUGINS_OWNER: &str = "openai"; const OPENAI_PLUGINS_REPO: &str = "plugins"; +const OPENAI_PLUGINS_GIT_URL: &str = "https://github.com/openai/plugins.git"; +const CURATED_PLUGINS_FETCH_REF: &str = "refs/codex/curated-sync"; const CURATED_PLUGINS_RELATIVE_DIR: &str = ".tmp/plugins"; const CURATED_PLUGINS_SHA_FILE: &str = ".tmp/plugins.sha"; +const CURATED_PLUGINS_SYNC_LOCK_FILE: &str = ".tmp/plugins.sync.lock"; const CURATED_PLUGINS_BACKUP_ARCHIVE_FALLBACK_VERSION: &str = "export-backup"; const CURATED_PLUGINS_GIT_TIMEOUT: Duration = Duration::from_secs(30); const CURATED_PLUGINS_HTTP_TIMEOUT: Duration = Duration::from_secs(30); @@ -78,6 +82,8 @@ fn sync_openai_plugins_repo_with_transport_overrides( api_base_url: &str, backup_archive_api_url: &str, ) -> Result { + let _file_guard = lock_curated_plugins_startup_sync(codex_home)?; + match sync_openai_plugins_repo_via_git(codex_home, git_binary) { Ok(remote_sha) => { emit_curated_plugins_startup_sync_metric("git", "success"); @@ -135,6 +141,22 @@ fn sync_openai_plugins_repo_with_transport_overrides( } } +fn lock_curated_plugins_startup_sync(codex_home: &Path) -> Result { + let lock_path = codex_home.join(CURATED_PLUGINS_SYNC_LOCK_FILE); + std::fs::create_dir_all(codex_home.join(".tmp")) + .map_err(|err| format!("failed to create curated plugins sync directory: {err}"))?; + let lock_file = File::options() + .write(true) + .create(true) + .truncate(false) + .open(&lock_path) + .map_err(|err| format!("failed to open curated plugins sync lock: {err}"))?; + lock_file + .lock() + .map_err(|err| format!("failed to lock curated plugins sync: {err}"))?; + Ok(lock_file) +} + fn sync_openai_plugins_repo_via_git(codex_home: &Path, git_binary: &str) -> Result { let repo_path = curated_plugins_repo_path(codex_home); let sha_path = codex_home.join(CURATED_PLUGINS_SHA_FILE); @@ -146,23 +168,30 @@ fn sync_openai_plugins_repo_via_git(codex_home: &Path, git_binary: &str) -> Resu } let staged_repo_dir = prepare_curated_repo_parent_and_temp_dir(&repo_path)?; - let clone_output = run_git_command_with_timeout( - Command::new(git_binary) - .env("GIT_OPTIONAL_LOCKS", "0") - .arg("clone") - .arg("--depth") - .arg("1") - .arg("https://github.com/openai/plugins.git") - .arg(staged_repo_dir.path()), - "git clone curated plugins repo", - CURATED_PLUGINS_GIT_TIMEOUT, + run_git_in_repo( + staged_repo_dir.path(), + git_binary, + &["init"], + "git init curated plugins repo", )?; - ensure_git_success(&clone_output, "git clone curated plugins repo")?; - let cloned_sha = git_head_sha(staged_repo_dir.path(), git_binary)?; - if cloned_sha != remote_sha { + if repo_path.join(".git").is_dir() { + fetch_curated_plugins_commit(&repo_path, &remote_sha, git_binary)?; + fetch_curated_plugins_commit_from_source( + staged_repo_dir.path(), + &repo_path, + CURATED_PLUGINS_FETCH_REF, + git_binary, + )?; + } else { + fetch_curated_plugins_commit(staged_repo_dir.path(), &remote_sha, git_binary)?; + } + + reset_curated_plugins_checkout(staged_repo_dir.path(), git_binary)?; + let fetched_sha = git_head_sha(staged_repo_dir.path(), git_binary)?; + if fetched_sha != remote_sha { return Err(format!( - "curated plugins clone HEAD mismatch: expected {remote_sha}, got {cloned_sha}" + "curated plugins fetch HEAD mismatch: expected {remote_sha}, got {fetched_sha}" )); } @@ -172,6 +201,90 @@ fn sync_openai_plugins_repo_via_git(codex_home: &Path, git_binary: &str) -> Resu Ok(remote_sha) } +fn fetch_curated_plugins_commit( + repo_path: &Path, + remote_sha: &str, + git_binary: &str, +) -> Result<(), String> { + fetch_curated_plugins_commit_from( + repo_path, + OPENAI_PLUGINS_GIT_URL.as_ref(), + remote_sha, + git_binary, + "git fetch curated plugins repo", + ) +} + +fn fetch_curated_plugins_commit_from_source( + repo_path: &Path, + source_repo_path: &Path, + remote_sha: &str, + git_binary: &str, +) -> Result<(), String> { + fetch_curated_plugins_commit_from( + repo_path, + source_repo_path, + remote_sha, + git_binary, + "git copy fetched curated plugins commit", + ) +} + +fn fetch_curated_plugins_commit_from( + repo_path: &Path, + source: &Path, + source_revision: &str, + git_binary: &str, + context: &str, +) -> Result<(), String> { + let fetch_refspec = format!("+{source_revision}:{CURATED_PLUGINS_FETCH_REF}"); + let output = run_git_command_with_timeout( + Command::new(git_binary) + .env("GIT_OPTIONAL_LOCKS", "0") + .arg("-C") + .arg(repo_path) + .args(["fetch", "--depth", "1", "--no-tags"]) + .arg(source) + .arg(fetch_refspec), + context, + CURATED_PLUGINS_GIT_TIMEOUT, + )?; + ensure_git_success(&output, context) +} + +fn reset_curated_plugins_checkout(repo_path: &Path, git_binary: &str) -> Result<(), String> { + run_git_in_repo( + repo_path, + git_binary, + &["reset", "--hard", CURATED_PLUGINS_FETCH_REF], + "git reset curated plugins repo", + )?; + run_git_in_repo( + repo_path, + git_binary, + &["clean", "-fdx"], + "git clean curated plugins repo", + ) +} + +fn run_git_in_repo( + repo_path: &Path, + git_binary: &str, + args: &[&str], + context: &str, +) -> Result<(), String> { + let output = run_git_command_with_timeout( + Command::new(git_binary) + .env("GIT_OPTIONAL_LOCKS", "0") + .arg("-C") + .arg(repo_path) + .args(args), + context, + CURATED_PLUGINS_GIT_TIMEOUT, + )?; + ensure_git_success(&output, context) +} + fn sync_openai_plugins_repo_via_http( codex_home: &Path, api_base_url: &str, diff --git a/codex-rs/core-plugins/src/startup_sync_tests.rs b/codex-rs/core-plugins/src/startup_sync_tests.rs index a9388e3fce8..f73e4ad9d12 100644 --- a/codex-rs/core-plugins/src/startup_sync_tests.rs +++ b/codex-rs/core-plugins/src/startup_sync_tests.rs @@ -3,6 +3,8 @@ use pretty_assertions::assert_eq; use std::io::Write; use std::path::Path; use std::path::PathBuf; +#[cfg(unix)] +use std::sync::Barrier; use tempfile::tempdir; use wiremock::Mock; use wiremock::MockServer; @@ -95,6 +97,22 @@ fn write_executable_script(path: &Path, contents: &str) { } } +#[cfg(unix)] +fn run_git(repo: &Path, args: &[&str]) -> std::process::Output { + let output = Command::new("git") + .arg("-C") + .arg(repo) + .args(args) + .output() + .expect("run git"); + assert!( + output.status.success(), + "git {args:?} failed: {}", + String::from_utf8_lossy(&output.stderr) + ); + output +} + async fn mount_github_repo_and_ref(server: &MockServer, sha: &str) { Mock::given(method("GET")) .and(path("/repos/openai/plugins")) @@ -253,30 +271,42 @@ fn remove_stale_curated_repo_temp_dirs_removes_only_matching_directories() { #[cfg(unix)] #[test] -fn sync_openai_plugins_repo_prefers_git_when_available() { +fn concurrent_syncs_serialize_fetches_without_skipping_remote_checks() { let tmp = tempdir().expect("tempdir"); let bin_dir = tempfile::Builder::new() .prefix("fake-git-") .tempdir() .expect("tempdir"); let git_path = bin_dir.path().join("git"); + let invocation_log = bin_dir.path().join("invocations.log"); let sha = "0123456789abcdef0123456789abcdef01234567"; write_executable_script( &git_path, &format!( r#"#!/bin/sh +printf '%s\n' "$*" >> '{}' if [ "$1" = "ls-remote" ]; then + sleep 1 printf '%s\tHEAD\n' "{sha}" exit 0 fi -if [ "$1" = "clone" ]; then - dest="$5" - mkdir -p "$dest/.git" "$dest/.agents/plugins" "$dest/plugins/gmail/.codex-plugin" - cat > "$dest/.agents/plugins/marketplace.json" <<'EOF' +if [ "$1" = "-C" ] && [ "$3" = "init" ]; then + mkdir -p "$2/.git" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "fetch" ]; then + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "reset" ]; then + mkdir -p "$2/.agents/plugins" "$2/plugins/gmail/.codex-plugin" + cat > "$2/.agents/plugins/marketplace.json" <<'EOF' {{"name":"openai-curated","plugins":[{{"name":"gmail","source":{{"source":"local","path":"./plugins/gmail"}}}}]}} EOF - printf '%s\n' '{{"name":"gmail"}}' > "$dest/plugins/gmail/.codex-plugin/plugin.json" + printf '%s\n' '{{"name":"gmail"}}' > "$2/plugins/gmail/.codex-plugin/plugin.json" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "clean" ]; then exit 0 fi if [ "$1" = "-C" ] && [ "$3" = "rev-parse" ] && [ "$4" = "HEAD" ]; then @@ -285,23 +315,55 @@ if [ "$1" = "-C" ] && [ "$3" = "rev-parse" ] && [ "$4" = "HEAD" ]; then fi echo "unexpected git invocation: $@" >&2 exit 1 -"# +"#, + invocation_log.display() ), ); - let synced_sha = sync_openai_plugins_repo_with_transport_overrides( - tmp.path(), - git_path.to_str().expect("utf8 path"), - "http://127.0.0.1:9", - "http://127.0.0.1:9/backend-api/plugins/export/curated", - ) - .expect("git sync should succeed"); - - assert_eq!(synced_sha, sha); + let barrier = Barrier::new(2); + let results = std::thread::scope(|scope| { + let run_sync = || { + barrier.wait(); + sync_openai_plugins_repo_with_transport_overrides( + tmp.path(), + git_path.to_str().expect("utf8 path"), + "http://127.0.0.1:9", + "http://127.0.0.1:9/backend-api/plugins/export/curated", + ) + }; + let first = scope.spawn(run_sync); + let second = scope.spawn(run_sync); + [ + first.join().expect("first sync thread"), + second.join().expect("second sync thread"), + ] + }); + + assert_eq!(results, [Ok(sha.to_string()), Ok(sha.to_string())]); let repo_path = curated_plugins_repo_path(tmp.path()); assert!(repo_path.join(".git").is_dir()); assert_curated_gmail_repo(&repo_path); assert_eq!(read_curated_plugins_sha(tmp.path()).as_deref(), Some(sha)); + let invocations = std::fs::read_to_string(invocation_log).expect("read invocation log"); + assert_eq!( + invocations + .lines() + .filter(|invocation| invocation.starts_with("ls-remote ")) + .count(), + 2 + ); + assert_eq!( + invocations + .lines() + .filter(|invocation| invocation.contains(" fetch --depth 1 --no-tags ")) + .count(), + 1 + ); + assert!( + !invocations + .lines() + .any(|invocation| invocation.split_whitespace().any(|arg| arg == "clone")) + ); } #[cfg(unix)] @@ -328,36 +390,20 @@ fn sync_openai_plugins_repo_via_git_succeeds_with_local_rewritten_remote() { ) .expect("write plugin manifest"); - let init_status = Command::new("git") - .arg("-C") - .arg(&work_repo) - .arg("init") - .status() - .expect("run git init"); - assert!(init_status.success()); - - let add_status = Command::new("git") - .arg("-C") - .arg(&work_repo) - .arg("add") - .arg(".") - .status() - .expect("run git add"); - assert!(add_status.success()); - - let commit_status = Command::new("git") - .arg("-C") - .arg(&work_repo) - .arg("-c") - .arg("user.name=Codex Test") - .arg("-c") - .arg("user.email=codex@example.com") - .arg("commit") - .arg("-m") - .arg("init") - .status() - .expect("run git commit"); - assert!(commit_status.success()); + run_git(&work_repo, &["init"]); + run_git(&work_repo, &["add", "."]); + run_git( + &work_repo, + &[ + "-c", + "user.name=Codex Test", + "-c", + "user.email=codex@example.com", + "commit", + "-m", + "init", + ], + ); std::fs::create_dir_all(remote_repo.parent().expect("remote parent")) .expect("create remote parent"); @@ -370,14 +416,7 @@ fn sync_openai_plugins_repo_via_git_succeeds_with_local_rewritten_remote() { .expect("run git clone --bare"); assert!(clone_status.success()); - let sha_output = Command::new("git") - .arg("-C") - .arg(&work_repo) - .arg("rev-parse") - .arg("HEAD") - .output() - .expect("run git rev-parse"); - assert!(sha_output.status.success()); + let sha_output = run_git(&work_repo, &["rev-parse", "HEAD"]); let sha = String::from_utf8_lossy(&sha_output.stdout) .trim() .to_string(); @@ -397,10 +436,12 @@ fn sync_openai_plugins_repo_via_git_succeeds_with_local_rewritten_remote() { .tempdir() .expect("tempdir"); let git_wrapper = bin_dir.path().join("git"); + let invocation_log = bin_dir.path().join("invocations.log"); write_executable_script( &git_wrapper, &format!( - "#!/bin/sh\nGIT_CONFIG_GLOBAL='{}' exec git \"$@\"\n", + "#!/bin/sh\nprintf '%s\\n' \"$*\" >> '{}'\nGIT_CONFIG_GLOBAL='{}' exec git \"$@\"\n", + invocation_log.display(), git_config_path.display() ), ); @@ -416,6 +457,125 @@ fn sync_openai_plugins_repo_via_git_succeeds_with_local_rewritten_remote() { Some(sha.as_str()) ); assert!(!has_plugins_clone_dirs(tmp.path())); + + let first_sync_invocation_count = std::fs::read_to_string(&invocation_log) + .expect("read first sync invocations") + .lines() + .count(); + let first_sync_invocations = + std::fs::read_to_string(&invocation_log).expect("read first sync invocations"); + assert!( + first_sync_invocations + .lines() + .any(|invocation| invocation.contains(" fetch --depth 1 --no-tags ")) + ); + assert!( + !first_sync_invocations + .lines() + .any(|invocation| invocation.split_whitespace().any(|arg| arg == "clone")) + ); + write_openai_curated_marketplace(&work_repo, &["gmail", "linear"]); + run_git(&work_repo, &["add", "."]); + run_git( + &work_repo, + &[ + "-c", + "user.name=Codex Test", + "-c", + "user.email=codex@example.com", + "commit", + "-m", + "update", + ], + ); + let branch_output = run_git(&work_repo, &["symbolic-ref", "--short", "HEAD"]); + let branch = String::from_utf8_lossy(&branch_output.stdout) + .trim() + .to_string(); + let remote_repo = remote_repo.to_str().expect("utf8 remote repo"); + let push_ref = format!("HEAD:refs/heads/{branch}"); + run_git(&work_repo, &["push", remote_repo, &push_ref]); + let updated_sha_output = run_git(&work_repo, &["rev-parse", "HEAD"]); + let updated_sha = String::from_utf8_lossy(&updated_sha_output.stdout) + .trim() + .to_string(); + + let synced_sha = + sync_openai_plugins_repo_via_git(tmp.path(), git_wrapper.to_str().expect("utf8 path")) + .expect("incremental git sync should succeed"); + + assert_eq!(synced_sha, updated_sha); + assert!( + curated_plugins_repo_path(tmp.path()) + .join("plugins/linear/.codex-plugin/plugin.json") + .is_file() + ); + assert_eq!( + read_curated_plugins_sha(tmp.path()).as_deref(), + Some(updated_sha.as_str()) + ); + assert!( + !curated_plugins_repo_path(tmp.path()) + .join(".git/objects/info/alternates") + .exists() + ); + let invocation_log_contents = + std::fs::read_to_string(&invocation_log).expect("read sync invocations"); + let incremental_sync_invocations = invocation_log_contents + .lines() + .skip(first_sync_invocation_count) + .collect::>(); + let curated_repo_path = curated_plugins_repo_path(tmp.path()); + assert!(incremental_sync_invocations.iter().any(|invocation| { + invocation.starts_with(&format!("-C {} fetch ", curated_repo_path.display())) + && invocation.contains(" https://github.com/openai/plugins.git ") + && invocation.contains(updated_sha.as_str()) + && invocation.ends_with(CURATED_PLUGINS_FETCH_REF) + })); + assert!(incremental_sync_invocations.iter().any(|invocation| { + invocation.contains(" fetch --depth 1 --no-tags ") + && invocation.contains(&format!(" {} ", curated_repo_path.display())) + && invocation.ends_with(&format!( + "{CURATED_PLUGINS_FETCH_REF}:{CURATED_PLUGINS_FETCH_REF}" + )) + })); + assert!( + incremental_sync_invocations + .iter() + .any(|invocation| invocation.ends_with(" init")) + ); + assert!( + !incremental_sync_invocations + .iter() + .any(|invocation| invocation.split_whitespace().any(|arg| arg == "clone")) + ); + assert!(!incremental_sync_invocations.iter().any(|invocation| { + invocation.starts_with(&format!("-C {} reset ", curated_repo_path.display())) + || invocation.starts_with(&format!("-C {} clean ", curated_repo_path.display())) + })); + assert!(!has_plugins_clone_dirs(tmp.path())); + + let unchanged_sync_invocation_count = invocation_log_contents.lines().count(); + let synced_sha = + sync_openai_plugins_repo_via_git(tmp.path(), git_wrapper.to_str().expect("utf8 path")) + .expect("unchanged git sync should succeed"); + + assert_eq!(synced_sha, updated_sha); + let invocation_log = std::fs::read_to_string(&invocation_log).expect("read sync invocations"); + let unchanged_sync_invocations = invocation_log + .lines() + .skip(unchanged_sync_invocation_count) + .collect::>(); + assert!( + unchanged_sync_invocations + .iter() + .any(|invocation| invocation.starts_with("ls-remote ")) + ); + assert!( + !unchanged_sync_invocations + .iter() + .any(|invocation| invocation.contains(" fetch ")) + ); } #[tokio::test] @@ -482,7 +642,7 @@ exit 1 #[cfg(unix)] #[test] -fn sync_openai_plugins_repo_via_git_cleans_up_staged_dir_on_clone_failure() { +fn sync_openai_plugins_repo_via_git_cleans_up_staged_dir_on_fetch_failure() { let tmp = tempdir().expect("tempdir"); let bin_dir = tempfile::Builder::new() .prefix("fake-git-partial-fail-") @@ -499,9 +659,11 @@ if [ "$1" = "ls-remote" ]; then printf '%s\tHEAD\n' "{sha}" exit 0 fi -if [ "$1" = "clone" ]; then - dest="$5" - mkdir -p "$dest/.git" +if [ "$1" = "-C" ] && [ "$3" = "init" ]; then + mkdir -p "$2/.git" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "fetch" ]; then echo "fatal: early EOF" >&2 exit 128 fi @@ -518,6 +680,77 @@ exit 1 assert!(!has_plugins_clone_dirs(tmp.path())); } +#[cfg(unix)] +#[test] +fn sync_openai_plugins_repo_via_git_preserves_existing_snapshot_on_validation_failure() { + let tmp = tempdir().expect("tempdir"); + let repo_path = curated_plugins_repo_path(tmp.path()); + write_openai_curated_marketplace(&repo_path, &["gmail"]); + std::fs::create_dir_all(repo_path.join(".git")).expect("create git dir"); + write_curated_plugin_sha(tmp.path()); + + let bin_dir = tempfile::Builder::new() + .prefix("fake-git-invalid-update-") + .tempdir() + .expect("tempdir"); + let git_path = bin_dir.path().join("git"); + let remote_sha = "fedcba9876543210fedcba9876543210fedcba98"; + + write_executable_script( + &git_path, + &format!( + r#"#!/bin/sh +if [ "$1" = "ls-remote" ]; then + printf '%s\tHEAD\n' "{remote_sha}" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$2" = "{}" ] && [ "$3" = "rev-parse" ]; then + printf '%s\n' "{TEST_CURATED_PLUGIN_SHA}" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$2" = "{}" ] && [ "$3" = "fetch" ]; then + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "init" ]; then + mkdir -p "$2/.git" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "fetch" ]; then + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "reset" ]; then + mkdir -p "$2/plugins/linear/.codex-plugin" + printf '%s\n' '{{"name":"linear"}}' > "$2/plugins/linear/.codex-plugin/plugin.json" + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "clean" ]; then + exit 0 +fi +if [ "$1" = "-C" ] && [ "$3" = "rev-parse" ]; then + printf '%s\n' "{remote_sha}" + exit 0 +fi +echo "unexpected git invocation: $@" >&2 +exit 1 +"#, + repo_path.display(), + repo_path.display(), + ), + ); + + let err = sync_openai_plugins_repo_via_git(tmp.path(), git_path.to_str().expect("utf8 path")) + .expect_err("invalid staged checkout should fail"); + + assert!(err.contains("curated plugins archive missing marketplace manifest")); + assert_curated_gmail_repo(&repo_path); + assert!(!repo_path.join("plugins/linear").exists()); + assert_eq!( + read_curated_plugins_sha(tmp.path()).as_deref(), + Some(TEST_CURATED_PLUGIN_SHA) + ); + assert!(!has_plugins_clone_dirs(tmp.path())); +} + #[tokio::test] async fn sync_openai_plugins_repo_via_http_cleans_up_staged_dir_on_extract_failure() { let tmp = tempdir().expect("tempdir"); diff --git a/codex-rs/core-plugins/src/test_support.rs b/codex-rs/core-plugins/src/test_support.rs index 07f1fd4f26f..2da64f96748 100644 --- a/codex-rs/core-plugins/src/test_support.rs +++ b/codex-rs/core-plugins/src/test_support.rs @@ -88,10 +88,6 @@ pub(crate) fn write_openai_curated_marketplace(root: &Path, plugin_names: &[&str } } -pub(crate) fn write_curated_plugin_sha(codex_home: &Path) { - write_curated_plugin_sha_with(codex_home, TEST_CURATED_PLUGIN_SHA); -} - pub(crate) fn write_curated_plugin_sha_with(codex_home: &Path, sha: &str) { write_file(&codex_home.join(".tmp/plugins.sha"), &format!("{sha}\n")); } diff --git a/codex-rs/core-skills/Cargo.toml b/codex-rs/core-skills/Cargo.toml index 3c18bee6036..9473fa8e46c 100644 --- a/codex-rs/core-skills/Cargo.toml +++ b/codex-rs/core-skills/Cargo.toml @@ -26,6 +26,7 @@ codex-protocol = { workspace = true } codex-skills = { workspace = true } codex-utils-absolute-path = { workspace = true } codex-utils-output-truncation = { workspace = true } +codex-utils-path-uri = { workspace = true } codex-utils-plugins = { workspace = true } dirs = { workspace = true } dunce = { workspace = true } diff --git a/codex-rs/core-skills/src/injection.rs b/codex-rs/core-skills/src/injection.rs index a358ddc6376..03bb0a6dddd 100644 --- a/codex-rs/core-skills/src/injection.rs +++ b/codex-rs/core-skills/src/injection.rs @@ -13,6 +13,7 @@ use codex_exec_server::LOCAL_FS; use codex_otel::SessionTelemetry; use codex_protocol::user_input::UserInput; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use codex_utils_plugins::mention_syntax::TOOL_MENTION_SIGIL; #[derive(Debug, Default)] @@ -75,10 +76,21 @@ pub async fn build_skill_injections( let fs = loaded_skills .and_then(|outcome| outcome.file_system_for_skill(skill)) .unwrap_or_else(|| Arc::clone(&LOCAL_FS)); - match fs - .read_file_text(&skill.path_to_skills_md, /*sandbox*/ None) - .await - { + // Skill metadata may point at a file that is absent, but a path the host + // cannot represent means the configured skill cannot be loaded correctly. + let path = match PathUri::from_abs_path(&skill.path_to_skills_md) { + Ok(path) => path, + Err(err) => { + emit_skill_injected_metric(otel, skill, "error"); + result.warnings.push(format!( + "Failed to load skill {name} at {path}: {err:#}", + name = skill.name, + path = skill.path_to_skills_md.display() + )); + continue; + } + }; + match fs.read_file_text(&path, /*sandbox*/ None).await { Ok(contents) => { emit_skill_injected_metric(otel, skill, "ok"); invocations.push(SkillInvocation { diff --git a/codex-rs/core-skills/src/loader.rs b/codex-rs/core-skills/src/loader.rs index 7dac2560104..813f13018d6 100644 --- a/codex-rs/core-skills/src/loader.rs +++ b/codex-rs/core-skills/src/loader.rs @@ -19,6 +19,7 @@ use codex_protocol::protocol::Product; use codex_protocol::protocol::SkillScope; use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_absolute_path::AbsolutePathBufGuard; +use codex_utils_path_uri::PathUri; use codex_utils_plugins::PluginSkillRoot; use codex_utils_plugins::plugin_namespace_for_skill_path; use dirs::home_dir; @@ -169,8 +170,8 @@ where let mut file_systems_by_skill_path: HashMap> = HashMap::new(); for root in roots { - let root_path = canonicalize_for_skill_identity(&root.path); let fs = root.file_system; + let root_path = canonicalize_for_skill_identity(fs.as_ref(), &root.path).await; let skills_before_root = outcome.skills.len(); discover_skills_under_root( fs.as_ref(), @@ -374,7 +375,17 @@ async fn repo_agents_skill_roots( let mut roots = Vec::new(); for dir in dirs { let agents_skills = dir.join(AGENTS_DIR_NAME).join(SKILLS_DIR_NAME); - match fs.get_metadata(&agents_skills, /*sandbox*/ None).await { + let agents_skills_uri = match PathUri::from_abs_path(&agents_skills) { + Ok(path) => path, + Err(err) => { + tracing::warn!( + "failed to convert repo skills root {} to URI: {err:#}", + agents_skills.display() + ); + continue; + } + }; + match fs.get_metadata(&agents_skills_uri, /*sandbox*/ None).await { Ok(metadata) if metadata.is_directory => roots.push(SkillRoot { path: agents_skills, scope: SkillScope::Repo, @@ -429,7 +440,17 @@ async fn find_project_root( for ancestor in cwd.ancestors() { for marker in project_root_markers { let marker_path = ancestor.join(marker); - match fs.get_metadata(&marker_path, /*sandbox*/ None).await { + let marker_path_uri = match PathUri::from_abs_path(&marker_path) { + Ok(path) => path, + Err(err) => { + tracing::warn!( + "failed to convert project root marker {} to URI: {err:#}", + marker_path.display() + ); + continue; + } + }; + match fs.get_metadata(&marker_path_uri, /*sandbox*/ None).await { Ok(_) => return ancestor, Err(err) if err.kind() == io::ErrorKind::NotFound => {} Err(err) => { @@ -471,8 +492,17 @@ fn dedupe_skill_roots_by_path(roots: &mut Vec) { roots.retain(|root| seen.insert(root.path.clone())); } -fn canonicalize_for_skill_identity(path: &AbsolutePathBuf) -> AbsolutePathBuf { - path.canonicalize().unwrap_or_else(|_| path.clone()) +async fn canonicalize_for_skill_identity( + fs: &dyn ExecutorFileSystem, + path: &AbsolutePathBuf, +) -> AbsolutePathBuf { + let Ok(path_uri) = PathUri::from_abs_path(path) else { + return path.clone(); + }; + fs.canonicalize(&path_uri, /*sandbox*/ None) + .await + .and_then(|path| path.to_abs_path()) + .unwrap_or_else(|_| path.clone()) } async fn discover_skills_under_root( @@ -483,10 +513,23 @@ async fn discover_skills_under_root( plugin_root: Option<&AbsolutePathBuf>, outcome: &mut SkillLoadOutcome, ) { - let root = canonicalize_for_skill_identity(root); - let plugin_root = plugin_root.map(canonicalize_for_skill_identity); + let root = root.clone(); + let plugin_root = match plugin_root { + Some(plugin_root) => Some(canonicalize_for_skill_identity(fs, plugin_root).await), + None => None, + }; - match fs.get_metadata(&root, /*sandbox*/ None).await { + let root_uri = match PathUri::from_abs_path(&root) { + Ok(path) => path, + Err(err) => { + tracing::warn!( + "failed to convert skills root {} to URI: {err:#}", + root.display() + ); + return; + } + }; + match fs.get_metadata(&root_uri, /*sandbox*/ None).await { Ok(metadata) if metadata.is_directory => {} Ok(_) => return, Err(err) if err.kind() == io::ErrorKind::NotFound => return, @@ -528,7 +571,17 @@ async fn discover_skills_under_root( let mut truncated_by_dir_limit = false; while let Some((dir, depth)) = queue.pop_front() { - let entries = match fs.read_directory(&dir, /*sandbox*/ None).await { + let dir_uri = match PathUri::from_abs_path(&dir) { + Ok(path) => path, + Err(e) => { + tracing::warn!( + "failed to convert skills dir {} to URI: {e:#}", + dir.display() + ); + continue; + } + }; + let entries = match fs.read_directory(&dir_uri, /*sandbox*/ None).await { Ok(entries) => entries, Err(e) => { error!("failed to read skills dir {}: {e:#}", dir.display()); @@ -543,7 +596,17 @@ async fn discover_skills_under_root( } let path = dir.join(&file_name); - let metadata = match fs.get_metadata(&path, /*sandbox*/ None).await { + let path_uri = match PathUri::from_abs_path(&path) { + Ok(path) => path, + Err(e) => { + tracing::warn!( + "failed to convert skills path {} to URI: {e:#}", + path.display() + ); + continue; + } + }; + let metadata = match fs.get_metadata(&path_uri, /*sandbox*/ None).await { Ok(metadata) => metadata, Err(e) => { error!("failed to stat skills path {}: {e:#}", path.display()); @@ -555,9 +618,9 @@ async fn discover_skills_under_root( if !follow_symlinks { continue; } - match fs.read_directory(&path, /*sandbox*/ None).await { + match fs.read_directory(&path_uri, /*sandbox*/ None).await { Ok(_) => { - let resolved_dir = canonicalize_for_skill_identity(&path); + let resolved_dir = canonicalize_for_skill_identity(fs, &path).await; enqueue_dir( &mut queue, &mut visited_dirs, @@ -582,7 +645,7 @@ async fn discover_skills_under_root( } if metadata.is_directory { - let resolved_dir = canonicalize_for_skill_identity(&path); + let resolved_dir = canonicalize_for_skill_identity(fs, &path).await; enqueue_dir( &mut queue, &mut visited_dirs, @@ -627,8 +690,9 @@ async fn parse_skill_file( plugin_id: Option<&str>, plugin_root: Option<&AbsolutePathBuf>, ) -> Result { + let path_uri = PathUri::from_abs_path(path).map_err(SkillParseError::Read)?; let contents = fs - .read_file_text(path, /*sandbox*/ None) + .read_file_text(&path_uri, /*sandbox*/ None) .await .map_err(SkillParseError::Read)?; @@ -672,7 +736,7 @@ async fn parse_skill_file( )?; } - let resolved_path = canonicalize_for_skill_identity(path); + let resolved_path = canonicalize_for_skill_identity(fs, path).await; Ok(SkillMetadata { name, @@ -722,7 +786,18 @@ async fn load_skill_metadata( let metadata_path = skill_dir .join(SKILLS_METADATA_DIR) .join(SKILLS_METADATA_FILENAME); - match fs.get_metadata(&metadata_path, /*sandbox*/ None).await { + let metadata_path_uri = match PathUri::from_abs_path(&metadata_path) { + Ok(path) => path, + Err(error) => { + tracing::warn!( + "ignoring {path}: failed to convert {label} path to URI: {error}", + path = metadata_path.display(), + label = SKILLS_METADATA_FILENAME + ); + return LoadedSkillMetadata::default(); + } + }; + match fs.get_metadata(&metadata_path_uri, /*sandbox*/ None).await { Ok(metadata) if metadata.is_file => {} Ok(_) => return LoadedSkillMetadata::default(), Err(error) if error.kind() == io::ErrorKind::NotFound => { @@ -738,7 +813,10 @@ async fn load_skill_metadata( } } - let contents = match fs.read_file_text(&metadata_path, /*sandbox*/ None).await { + let contents = match fs + .read_file_text(&metadata_path_uri, /*sandbox*/ None) + .await + { Ok(contents) => contents, Err(error) => { tracing::warn!( diff --git a/codex-rs/core-skills/src/model.rs b/codex-rs/core-skills/src/model.rs index a9cc24306aa..5569655adf7 100644 --- a/codex-rs/core-skills/src/model.rs +++ b/codex-rs/core-skills/src/model.rs @@ -9,6 +9,7 @@ use codex_exec_server::LOCAL_FS; use codex_protocol::protocol::Product; use codex_protocol::protocol::SkillScope; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; #[derive(Debug, Clone, PartialEq)] pub struct SkillMetadata { @@ -152,8 +153,8 @@ impl HostLoadedSkills { .outcome .file_system_for_skill(skill) .unwrap_or_else(|| Arc::clone(&LOCAL_FS)); - fs.read_file_text(&skill.path_to_skills_md, /*sandbox*/ None) - .await + let path = PathUri::from_abs_path(&skill.path_to_skills_md)?; + fs.read_file_text(&path, /*sandbox*/ None).await } } diff --git a/codex-rs/core-skills/src/render.rs b/codex-rs/core-skills/src/render.rs index 28617fb6c42..1477a299b6a 100644 --- a/codex-rs/core-skills/src/render.rs +++ b/codex-rs/core-skills/src/render.rs @@ -22,22 +22,22 @@ pub const SKILL_DESCRIPTION_TRUNCATED_WARNING: &str = "Skill descriptions were s pub const SKILL_DESCRIPTION_TRUNCATED_WARNING_WITH_PERCENT: &str = "Skill descriptions were shortened to fit the 2% skills context budget. Codex can still see every skill, but some descriptions are shorter. Disable unused skills or plugins to leave more room for the rest."; pub const SKILL_DESCRIPTIONS_REMOVED_WARNING_PREFIX: &str = "Exceeded skills context budget. All skill descriptions were removed and"; -pub const SKILLS_INTRO_WITH_ABSOLUTE_PATHS: &str = "A skill is a set of local instructions to follow that is stored in a `SKILL.md` file. Below is the list of skills that can be used. Each entry includes a name, description, and file path so you can open the source for full instructions when using a specific skill."; +pub const SKILLS_INTRO_WITH_ABSOLUTE_PATHS: &str = "A skill is a set of instructions provided through a `SKILL.md` source. Below is the list of skills that can be used. Each entry includes a name, description, and source locator. `file` locators are on the host filesystem, `environment resource` locators are owned by an execution environment, `orchestrator resource` locators are opaque non-filesystem resources, and `custom resource` locators use their provider's access mechanism."; pub const SKILLS_INTRO_WITH_ALIASES: &str = "A skill is a set of local instructions to follow that is stored in a `SKILL.md` file. Below is the list of skills that can be used. Each entry includes a name, description, and a short path that can be expanded into an absolute path using the skill roots table."; -pub const SKILLS_HOW_TO_USE_WITH_ABSOLUTE_PATHS: &str = r###"- Discovery: The list above is the skills available in this session (name + description + file path). Skill bodies live on disk at the listed paths. +pub const SKILLS_HOW_TO_USE_WITH_ABSOLUTE_PATHS: &str = r###"- Discovery: The list above is the skills available in this session (name + description + source locator). `file` entries live on the host filesystem, `environment resource` entries are owned by their execution environment, `orchestrator resource` entries must be accessed through `skills.list` and `skills.read`, and `custom resource` entries use their provider's access mechanism. - Trigger rules: If the user names a skill (with `$SkillName` or plain text) OR the task clearly matches a skill's description shown above, you must use that skill for that turn. Multiple mentions mean use them all. Do not carry skills across turns unless re-mentioned. -- Missing/blocked: If a named skill isn't in the list or the path can't be read, say so briefly and continue with the best fallback. +- Missing/blocked: If a named skill isn't in the list or its source can't be read, say so briefly and continue with the best fallback. - How to use a skill (progressive disclosure): - 1) After deciding to use a skill, open its `SKILL.md`. Read only enough to follow the workflow. - 2) When `SKILL.md` references relative paths (e.g., `scripts/foo.py`), resolve them relative to the skill directory listed above first, and only consider other paths if needed. - 3) If `SKILL.md` points to extra folders such as `references/`, load only the specific files needed for the request; don't bulk-load everything. - 4) If `scripts/` exist, prefer running or patching them instead of retyping large code blocks. - 5) If `assets/` or templates exist, reuse them instead of recreating from scratch. + 1) After deciding to use a skill, the main agent must read its `SKILL.md` completely before taking task actions. For a `file` entry, open the listed path. For an `environment resource`, use the filesystem of the owning environment. For an `orchestrator resource`, call `skills.list` with `{"authority":{"kind":"orchestrator"}}`, select the matching package, and pass its `main_resource` to `skills.read`. If a read is truncated or paginated, continue until EOF. + 2) When `SKILL.md` references another resource, use the same access mechanism. Resolve relative paths against a filesystem-backed skill directory. For orchestrator skills, pass the exact referenced resource identifier with the same authority and package to `skills.read`; do not treat `skill://` identifiers as filesystem paths. + 3) If `SKILL.md` points to extra folders such as `references/`, use its routing instructions to identify the resources required for the task. The main agent must read each required instruction or reference file itself before acting on it. Do not delegate reading, summarizing, or interpreting skill instructions to a subagent. Subagents may still perform task work when the selected skill allows it. + 4) For filesystem-backed skills, prefer running or patching provided scripts instead of retyping large code blocks. For orchestrator skills, use `skills.read` and the available tools; do not invent a local path. + 5) Reuse provided assets or templates through the same source access mechanism instead of recreating them. - Coordination and sequencing: - If multiple skills apply, choose the minimal set that covers the request and state the order you'll use them. - Announce which skill(s) you're using and why (one short line). If you skip an obvious skill, say why. - Context hygiene: - - Keep context small: summarize long sections instead of pasting them; only load extra files when needed. + - Progressive disclosure applies to selecting relevant files, not partially reading a selected instruction file. Do not load unrelated references, scripts, or assets. - Avoid deep reference-chasing: prefer opening only files directly linked from `SKILL.md` unless you're blocked. - When variants exist (frameworks, providers, domains), pick only the relevant reference file(s) and note that choice. - Safety and fallback: If a skill can't be applied cleanly (missing files, unclear instructions), state the issue, pick the next-best approach, and continue."###; @@ -45,16 +45,16 @@ pub const SKILLS_HOW_TO_USE_WITH_ALIASES: &str = r###"- Discovery: The list abov - Trigger rules: If the user names a skill (with `$SkillName` or plain text) OR the task clearly matches a skill's description shown above, you must use that skill for that turn. Multiple mentions mean use them all. Do not carry skills across turns unless re-mentioned. - Missing/blocked: If a named skill isn't in the list or the path can't be read, say so briefly and continue with the best fallback. - How to use a skill (progressive disclosure): - 1) After deciding to use a skill, expand the listed short `path` with the matching alias from `### Skill roots`, then open its `SKILL.md`. Read only enough to follow the workflow. + 1) After deciding to use a skill, the main agent must expand the listed short `path` with the matching alias from `### Skill roots`, then open and read its `SKILL.md` completely before taking task actions. If a read is truncated or paginated, continue until EOF. 2) When `SKILL.md` references relative paths (e.g., `scripts/foo.py`), resolve them relative to the directory containing that expanded `SKILL.md` first, and only consider other paths if needed. - 3) If `SKILL.md` points to extra folders such as `references/`, load only the specific files needed for the request; don't bulk-load everything. + 3) If `SKILL.md` points to extra folders such as `references/`, use its routing instructions to identify the files required for the task. The main agent must read each required instruction or reference file itself before acting on it. Do not delegate reading, summarizing, or interpreting skill instructions to a subagent. Subagents may still perform task work when the selected skill allows it. 4) If `scripts/` exist, prefer running or patching them instead of retyping large code blocks. 5) If `assets/` or templates exist, reuse them instead of recreating from scratch. - Coordination and sequencing: - If multiple skills apply, choose the minimal set that covers the request and state the order you'll use them. - Announce which skill(s) you're using and why (one short line). If you skip an obvious skill, say why. - Context hygiene: - - Keep context small: summarize long sections instead of pasting them; only load extra files when needed. + - Progressive disclosure applies to selecting relevant files, not partially reading a selected instruction file. Do not load unrelated references, scripts, or assets. - Avoid deep reference-chasing: prefer opening only files directly linked from `SKILL.md` unless you're blocked. - When variants exist (frameworks, providers, domains), pick only the relevant reference file(s) and note that choice. - Safety and fallback: If a skill can't be applied cleanly (missing files, unclear instructions), state the issue, pick the next-best approach, and continue."###; @@ -982,6 +982,30 @@ mod tests { ) } + #[test] + fn skill_usage_instructions_require_complete_main_agent_reads() { + for instructions in [ + SKILLS_HOW_TO_USE_WITH_ABSOLUTE_PATHS, + SKILLS_HOW_TO_USE_WITH_ALIASES, + ] { + assert!(instructions.contains("read its `SKILL.md` completely")); + assert!(instructions.contains("continue until EOF")); + assert!(instructions.contains( + "The main agent must read each required instruction or reference file itself" + )); + assert!(instructions.contains( + "Do not delegate reading, summarizing, or interpreting skill instructions" + )); + assert!(instructions.contains( + "Subagents may still perform task work when the selected skill allows it" + )); + assert!(instructions.contains( + "Progressive disclosure applies to selecting relevant files, not partially reading a selected instruction file" + )); + assert!(!instructions.contains("Read only enough to follow the workflow")); + } + } + #[test] fn default_budget_uses_two_percent_of_full_context_window() { assert_eq!( diff --git a/codex-rs/core/Cargo.toml b/codex-rs/core/Cargo.toml index 97e104464fa..b7173666e34 100644 --- a/codex-rs/core/Cargo.toml +++ b/codex-rs/core/Cargo.toml @@ -19,7 +19,6 @@ workspace = true anyhow = { workspace = true } arc-swap = { workspace = true } async-channel = { workspace = true } -async-trait = { workspace = true } base64 = { workspace = true } bm25 = { workspace = true } chrono = { workspace = true, features = ["serde"] } @@ -66,10 +65,12 @@ codex-thread-store = { workspace = true } codex-tools = { workspace = true } codex-utils-absolute-path = { workspace = true } codex-utils-cache = { workspace = true } +codex-utils-file-lock = { workspace = true } codex-utils-image = { workspace = true } codex-utils-home-dir = { workspace = true } codex-utils-output-truncation = { workspace = true } codex-utils-path = { workspace = true } +codex-utils-path-uri = { workspace = true } codex-utils-plugins = { workspace = true } codex-utils-pty = { workspace = true } codex-utils-string = { workspace = true } @@ -127,15 +128,22 @@ openssl-sys = { workspace = true, features = ["vendored"] } [target.aarch64-unknown-linux-musl.dependencies] openssl-sys = { workspace = true, features = ["vendored"] } +# Build OpenSSL from source for Android builds. +[target.aarch64-linux-android.dependencies] +openssl-sys = { workspace = true, features = ["vendored"] } + [target.'cfg(unix)'.dependencies] codex-shell-escalation = { workspace = true } [dev-dependencies] assert_cmd = { workspace = true } assert_matches = { workspace = true } +codex-image-generation-extension = { workspace = true } +codex-home = { workspace = true } codex-otel = { workspace = true } codex-test-binary-support = { workspace = true } codex-utils-cargo-bin = { workspace = true } +codex-web-search-extension = { workspace = true } core_test_support = { workspace = true } ctor = { workspace = true } insta = { workspace = true } diff --git a/codex-rs/core/config.schema.json b/codex-rs/core/config.schema.json index b281b44bb78..5fcd8eb0705 100644 --- a/codex-rs/core/config.schema.json +++ b/codex-rs/core/config.schema.json @@ -226,18 +226,6 @@ }, "type": "object" }, - "AppsMcpPathOverrideConfigToml": { - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "path": { - "type": "string" - } - }, - "type": "object" - }, "AskForApproval": { "description": "Determines the conditions under which the user is consulted to approve running the command proposed by Codex.", "oneOf": [ @@ -355,6 +343,22 @@ }, "type": "object" }, + "CodeModeConfigToml": { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "excluded_tool_namespaces": { + "description": "Exact tool namespaces to omit from the code-mode nested tool surface.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "ConfigProfile": { "additionalProperties": false, "description": "Collection of common configuration options that a user can define as a unit in `config.toml`.", @@ -392,7 +396,23 @@ "type": "boolean" }, "apps_mcp_path_override": { - "$ref": "#/definitions/FeatureToml_for_AppsMcpPathOverrideConfigToml" + "anyOf": [ + { + "type": "boolean" + }, + { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "path": { + "type": "string" + } + }, + "type": "object" + } + ] }, "auth_elicitation": { "type": "boolean" @@ -410,7 +430,7 @@ "type": "boolean" }, "code_mode": { - "type": "boolean" + "$ref": "#/definitions/FeatureToml_for_CodeModeConfigToml" }, "code_mode_only": { "type": "boolean" @@ -556,7 +576,7 @@ "request_rule": { "type": "boolean" }, - "responses_websocket_response_processed": { + "resize_all_images": { "type": "boolean" }, "responses_websockets": { @@ -601,6 +621,12 @@ "terminal_resize_reflow": { "type": "boolean" }, + "terminal_visualization_instructions": { + "type": "boolean" + }, + "token_budget": { + "type": "boolean" + }, "tool_call_mcp_elicitation": { "type": "boolean" }, @@ -820,13 +846,13 @@ }, "type": "object" }, - "FeatureToml_for_AppsMcpPathOverrideConfigToml": { + "FeatureToml_for_CodeModeConfigToml": { "anyOf": [ { "type": "boolean" }, { - "$ref": "#/definitions/AppsMcpPathOverrideConfigToml" + "$ref": "#/definitions/CodeModeConfigToml" } ] }, @@ -2480,15 +2506,8 @@ "type": "string" }, "ReasoningEffort": { - "description": "See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning", - "enum": [ - "none", - "minimal", - "low", - "medium", - "high", - "xhigh" - ], + "description": "A non-empty reasoning effort value advertised by the model.", + "minLength": 1, "type": "string" }, "ReasoningSummary": { @@ -4515,7 +4534,23 @@ "type": "boolean" }, "apps_mcp_path_override": { - "$ref": "#/definitions/FeatureToml_for_AppsMcpPathOverrideConfigToml" + "anyOf": [ + { + "type": "boolean" + }, + { + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean" + }, + "path": { + "type": "string" + } + }, + "type": "object" + } + ] }, "auth_elicitation": { "type": "boolean" @@ -4533,7 +4568,7 @@ "type": "boolean" }, "code_mode": { - "type": "boolean" + "$ref": "#/definitions/FeatureToml_for_CodeModeConfigToml" }, "code_mode_only": { "type": "boolean" @@ -4679,7 +4714,7 @@ "request_rule": { "type": "boolean" }, - "responses_websocket_response_processed": { + "resize_all_images": { "type": "boolean" }, "responses_websockets": { @@ -4724,6 +4759,12 @@ "terminal_resize_reflow": { "type": "boolean" }, + "terminal_visualization_instructions": { + "type": "boolean" + }, + "token_budget": { + "type": "boolean" + }, "tool_call_mcp_elicitation": { "type": "boolean" }, diff --git a/codex-rs/core/src/agent/control.rs b/codex-rs/core/src/agent/control.rs index 549852e3602..53a50e8e1f0 100644 --- a/codex-rs/core/src/agent/control.rs +++ b/codex-rs/core/src/agent/control.rs @@ -42,9 +42,17 @@ use std::sync::Weak; use tokio::sync::watch; use tracing::warn; -const AGENT_NAMES: &str = include_str!("agent_names.txt"); +pub(crate) use self::execution::AgentExecutionGuard; +use self::execution::AgentExecutionLimiter; +use self::residency::V2Residency; + const ROOT_LAST_TASK_MESSAGE: &str = "Main thread"; +mod execution; +mod legacy; +mod residency; +mod spawn; + #[derive(Clone, Debug, PartialEq, Eq)] pub(crate) enum SpawnAgentForkMode { FullHistory, @@ -59,11 +67,6 @@ pub(crate) struct SpawnAgentOptions { pub(crate) environments: Option>, } -struct SpawnAgentThreadInheritance { - shell_snapshot: Option>, - exec_policy: Option>, -} - #[derive(Clone, Debug)] pub(crate) struct LiveAgent { pub(crate) thread_id: ThreadId, @@ -78,76 +81,6 @@ pub(crate) struct ListedAgent { pub(crate) last_task_message: Option, } -fn default_agent_nickname_list() -> Vec<&'static str> { - AGENT_NAMES - .lines() - .map(str::trim) - .filter(|name| !name.is_empty()) - .collect() -} - -fn agent_nickname_candidates(config: &Config, role_name: Option<&str>) -> Vec { - let role_name = role_name.unwrap_or(DEFAULT_ROLE_NAME); - if let Some(candidates) = - resolve_role_config(config, role_name).and_then(|role| role.nickname_candidates.clone()) - { - return candidates; - } - - default_agent_nickname_list() - .into_iter() - .map(ToOwned::to_owned) - .collect() -} - -fn keep_forked_rollout_item(item: &RolloutItem, preserve_reference_context_item: bool) -> bool { - match item { - RolloutItem::ResponseItem(ResponseItem::Message { role, phase, .. }) => match role.as_str() - { - "system" | "developer" | "user" => true, - "assistant" => *phase == Some(MessagePhase::FinalAnswer), - _ => false, - }, - RolloutItem::ResponseItem( - ResponseItem::Reasoning { .. } - | ResponseItem::LocalShellCall { .. } - | ResponseItem::FunctionCall { .. } - | ResponseItem::ToolSearchCall { .. } - | ResponseItem::FunctionCallOutput { .. } - | ResponseItem::CustomToolCall { .. } - | ResponseItem::CustomToolCallOutput { .. } - | ResponseItem::ToolSearchOutput { .. } - | ResponseItem::WebSearchCall { .. } - | ResponseItem::ImageGenerationCall { .. } - | ResponseItem::Compaction { .. } - | ResponseItem::CompactionTrigger - | ResponseItem::ContextCompaction { .. } - | ResponseItem::Other, - ) => false, - // Full-history forks preserve the cached prompt prefix and can keep diffing - // from the parent's durable baseline. Truncated forks drop part of that prompt, - // so they must rebuild context on their first child turn. - RolloutItem::TurnContext(_) => preserve_reference_context_item, - RolloutItem::Compacted(_) | RolloutItem::EventMsg(_) | RolloutItem::SessionMeta(_) => true, - } -} - -fn is_multi_agent_v2_usage_hint_message(item: &ResponseItem, usage_hint_texts: &[String]) -> bool { - let ResponseItem::Message { role, content, .. } = item else { - return false; - }; - if role != "developer" { - return false; - } - let [ContentItem::InputText { text }] = content.as_slice() else { - return false; - }; - - usage_hint_texts - .iter() - .any(|usage_hint_text| usage_hint_text == text) -} - /// Control-plane handle for multi-agent operations. /// `AgentControl` is held by each session (via `SessionServices`). It provides capability to /// spawn new agents and the inter-agent communication layer. @@ -164,6 +97,8 @@ pub(crate) struct AgentControl { /// `ThreadManagerState -> CodexThread -> Session -> SessionServices -> ThreadManagerState`. manager: Weak, state: Arc, + v2_residency: Arc, + agent_execution_limiter: Arc, } impl AgentControl { @@ -175,8 +110,9 @@ impl AgentControl { } } - pub(crate) fn with_session_id(mut self, session_id: SessionId) -> Self { + pub(crate) fn with_session_id(mut self, session_id: SessionId, max_threads: usize) -> Self { self.session_id = session_id; + self.agent_execution_limiter.initialize(max_threads); self } @@ -184,549 +120,45 @@ impl AgentControl { self.session_id } - /// Spawn a new agent thread and submit the initial prompt. - #[cfg(test)] - pub(crate) async fn spawn_agent( - &self, - config: Config, - initial_operation: Op, - session_source: Option, - ) -> CodexResult { - let spawned_agent = Box::pin(self.spawn_agent_internal( - config, - initial_operation, - session_source, - SpawnAgentOptions::default(), - )) - .await?; - Ok(spawned_agent.thread_id) - } - - /// Spawn an agent thread with some metadata. - pub(crate) async fn spawn_agent_with_metadata( - &self, - config: Config, - initial_operation: Op, - session_source: Option, - options: SpawnAgentOptions, // TODO(jif) drop with new fork. - ) -> CodexResult { - Box::pin(self.spawn_agent_internal(config, initial_operation, session_source, options)) - .await - } - - async fn spawn_agent_internal( + /// Send rich user input items to an existing agent thread. + pub(crate) async fn send_input( &self, - config: Config, + agent_id: ThreadId, initial_operation: Op, - session_source: Option, - options: SpawnAgentOptions, - ) -> CodexResult { + ) -> CodexResult { let state = self.upgrade()?; - let multi_agent_version = state - .effective_multi_agent_version_for_spawn( - &InitialHistory::New, - session_source.as_ref(), - options.parent_thread_id, - /*forked_from_thread_id*/ None, - &config, - ) - .await; - let agent_max_threads = config.effective_agent_max_threads(multi_agent_version); - let mut reservation = self.state.reserve_spawn_slot(agent_max_threads)?; - let inheritance = SpawnAgentThreadInheritance { - shell_snapshot: self - .inherited_shell_snapshot_for_source(&state, session_source.as_ref()) - .await, - exec_policy: self - .inherited_exec_policy_for_source(&state, session_source.as_ref(), &config) - .await, - }; - let (session_source, mut agent_metadata) = match session_source { - Some(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { - parent_thread_id, - depth, - agent_path, - agent_role, - .. - })) => { - let (session_source, agent_metadata) = self.prepare_thread_spawn( - &mut reservation, - &config, - parent_thread_id, - depth, - agent_path, - agent_role, - /*preferred_agent_nickname*/ None, - )?; - (Some(session_source), agent_metadata) - } - other => (other, AgentMetadata::default()), - }; - let notification_source = session_source.clone(); - - // The same `AgentControl` is sent to spawn the thread. - let new_thread = match (session_source, options.fork_mode.as_ref(), inheritance) { - (Some(session_source), Some(_), inheritance) => { - Box::pin(self.spawn_forked_thread( - &state, - config, - session_source, - &options, - inheritance, - multi_agent_version, - )) - .await? - } - (Some(session_source), None, inheritance) => { - Box::pin(state.spawn_new_thread_with_source( - config.clone(), - self.clone(), - session_source, - options.parent_thread_id, - /*forked_from_thread_id*/ None, - /*thread_source*/ Some(ThreadSource::Subagent), - /*metrics_service_name*/ None, - inheritance.shell_snapshot, - inheritance.exec_policy, - options.environments.clone(), - )) - .await? - } - (None, _, _) => Box::pin(state.spawn_new_thread(config.clone(), self.clone())).await?, - }; - agent_metadata.agent_id = Some(new_thread.thread_id); - reservation.commit(agent_metadata.clone()); - - if let Some(SessionSource::SubAgent( - subagent_source @ SubAgentSource::ThreadSpawn { - parent_thread_id, .. - }, - )) = notification_source.as_ref() - { - let client_metadata = match state.get_thread(*parent_thread_id).await { - Ok(parent_thread) => { - parent_thread - .codex - .session - .app_server_client_metadata() - .await - } - Err(error) => { - tracing::warn!( - error = %error, - parent_thread_id = %parent_thread_id, - "skipping subagent thread analytics: failed to load parent thread metadata" - ); - crate::session::session::AppServerClientMetadata { - client_name: None, - client_version: None, - } - } - }; - let thread_config = new_thread.thread.codex.thread_config_snapshot().await; - let parent_thread_id = thread_config.parent_thread_id; - emit_subagent_session_started( - &new_thread - .thread - .codex - .session - .services - .analytics_events_client, - client_metadata, - new_thread.thread.codex.session.session_id(), - new_thread.thread_id, - parent_thread_id, - thread_config, - subagent_source.clone(), - ); - } - - // Notify a new thread has been created. This notification will be processed by clients - // to subscribe or drain this newly created thread. - // TODO(jif) add helper for drain - state.notify_thread_created(new_thread.thread_id); - - self.persist_thread_spawn_edge_for_source( - new_thread.thread.as_ref(), - new_thread.thread_id, - notification_source.as_ref(), - ) - .await; - - self.send_input(new_thread.thread_id, initial_operation) + self.ensure_execution_capacity_for_op(agent_id, &initial_operation) .await?; - if multi_agent_version != MultiAgentVersion::V2 { - let child_reference = agent_metadata - .agent_path - .as_ref() - .map(ToString::to_string) - .unwrap_or_else(|| new_thread.thread_id.to_string()); - self.maybe_start_completion_watcher( - new_thread.thread_id, - notification_source, - child_reference, - agent_metadata.agent_path.clone(), - ); - } - - Ok(LiveAgent { - thread_id: new_thread.thread_id, - metadata: agent_metadata, - status: self.get_status(new_thread.thread_id).await, - }) - } - - async fn spawn_forked_thread( - &self, - state: &Arc, - config: Config, - session_source: SessionSource, - options: &SpawnAgentOptions, - inheritance: SpawnAgentThreadInheritance, - multi_agent_version: MultiAgentVersion, - ) -> CodexResult { - let SpawnAgentThreadInheritance { - shell_snapshot: inherited_shell_snapshot, - exec_policy: inherited_exec_policy, - } = inheritance; - if options.fork_parent_spawn_call_id.is_none() { - return Err(CodexErr::Fatal( - "spawn_agent fork requires a parent spawn call id".to_string(), - )); - } - let Some(fork_mode) = options.fork_mode.as_ref() else { - return Err(CodexErr::Fatal( - "spawn_agent fork requires a fork mode".to_string(), - )); - }; - let SessionSource::SubAgent(SubAgentSource::ThreadSpawn { - parent_thread_id, .. - }) = &session_source - else { - return Err(CodexErr::Fatal( - "spawn_agent fork requires a thread-spawn session source".to_string(), - )); - }; - - let parent_thread_id = *parent_thread_id; - let parent_thread = state.get_thread(parent_thread_id).await.ok(); - if let Some(parent_thread) = parent_thread.as_ref() { - // `record_conversation_items` only queues persistence writes asynchronously. - // Flush before snapshotting store history for a fork. - parent_thread.ensure_rollout_materialized().await; - parent_thread.flush_rollout().await?; - } - - let parent_history = state - .read_stored_thread(ReadThreadParams { - thread_id: parent_thread_id, - include_archived: true, - include_history: true, - }) - .await? - .history - .ok_or_else(|| { - CodexErr::Fatal(format!( - "parent thread history unavailable for fork: {parent_thread_id}" - )) - })?; - - let mut forked_rollout_items = parent_history.items; - if let SpawnAgentForkMode::LastNTurns(last_n_turns) = fork_mode { - forked_rollout_items = - truncate_rollout_to_last_n_fork_turns(&forked_rollout_items, *last_n_turns); - } - let multi_agent_v2_usage_hint_texts_to_filter: Vec = - if let Some(parent_thread) = parent_thread.as_ref() { - if multi_agent_version == MultiAgentVersion::V2 { - let parent_config = parent_thread.codex.session.get_config().await; - [ - parent_config - .multi_agent_v2 - .root_agent_usage_hint_text - .clone(), - parent_config - .multi_agent_v2 - .subagent_usage_hint_text - .clone(), - ] - .into_iter() - .flatten() - .collect() - } else { - Vec::new() - } - } else if multi_agent_version == MultiAgentVersion::V2 { - [ - config.multi_agent_v2.root_agent_usage_hint_text.clone(), - config.multi_agent_v2.subagent_usage_hint_text.clone(), - ] - .into_iter() - .flatten() - .collect() - } else { - Vec::new() - }; - let preserve_reference_context_item = matches!(fork_mode, SpawnAgentForkMode::FullHistory); - forked_rollout_items.retain(|item| { - keep_forked_rollout_item(item, preserve_reference_context_item) - && !matches!( - item, - RolloutItem::ResponseItem(response_item) - if is_multi_agent_v2_usage_hint_message( - response_item, - &multi_agent_v2_usage_hint_texts_to_filter, - ) - ) - }); - for item in &mut forked_rollout_items { - if let RolloutItem::Compacted(compacted) = item - && let Some(replacement_history) = compacted.replacement_history.as_mut() - { - replacement_history.retain(|response_item| { - !is_multi_agent_v2_usage_hint_message( - response_item, - &multi_agent_v2_usage_hint_texts_to_filter, - ) - }); - } - } - if preserve_reference_context_item - && multi_agent_version == MultiAgentVersion::V2 - && config.multi_agent_v2.usage_hint_enabled - && let Some(subagent_usage_hint_text) = - config.multi_agent_v2.subagent_usage_hint_text.clone() - && let Some(subagent_usage_hint_message) = - crate::context_manager::updates::build_developer_update_item(vec![ - subagent_usage_hint_text, - ]) - { - forked_rollout_items.push(RolloutItem::ResponseItem(subagent_usage_hint_message)); - } - - state - .fork_thread_with_source( - config.clone(), - InitialHistory::Forked(forked_rollout_items), - self.clone(), - session_source, - /*thread_source*/ Some(ThreadSource::Subagent), - /*parent_thread_id*/ Some(parent_thread_id), - /*forked_from_thread_id*/ Some(parent_thread_id), - inherited_shell_snapshot, - inherited_exec_policy, - options.environments.clone(), - ) + self.send_input_after_capacity_check(agent_id, &state, initial_operation) .await } - /// Resume an existing agent thread from a recorded rollout file. - pub(crate) async fn resume_agent_from_rollout( - &self, - config: Config, - thread_id: ThreadId, - session_source: SessionSource, - ) -> CodexResult { - let root_depth = thread_spawn_depth(&session_source).unwrap_or(0); - let resumed_thread_id = Box::pin(self.resume_single_agent_from_rollout( - config.clone(), - thread_id, - session_source, - )) - .await?; - let state = self.upgrade()?; - let Ok(resumed_thread) = state.get_thread(resumed_thread_id).await else { - return Ok(resumed_thread_id); - }; - let Some(state_db_ctx) = resumed_thread.state_db() else { - return Ok(resumed_thread_id); - }; - - let mut resume_queue = VecDeque::from([(thread_id, root_depth)]); - while let Some((parent_thread_id, parent_depth)) = resume_queue.pop_front() { - let child_ids = match state_db_ctx - .list_thread_spawn_children_with_status( - parent_thread_id, - DirectionalThreadSpawnEdgeStatus::Open, - ) - .await - { - Ok(child_ids) => child_ids, - Err(err) => { - warn!( - "failed to load persisted thread-spawn children for {parent_thread_id}: {err}" - ); - continue; - } - }; - - for child_thread_id in child_ids { - let child_depth = parent_depth + 1; - let child_resumed = if state.get_thread(child_thread_id).await.is_ok() { - true - } else { - let child_session_source = - SessionSource::SubAgent(SubAgentSource::ThreadSpawn { - parent_thread_id, - depth: child_depth, - agent_path: None, - agent_nickname: None, - agent_role: None, - }); - match Box::pin(self.resume_single_agent_from_rollout( - config.clone(), - child_thread_id, - child_session_source, - )) - .await - { - Ok(_) => true, - Err(err) => { - warn!("failed to resume descendant thread {child_thread_id}: {err}"); - false - } - } - }; - if child_resumed { - resume_queue.push_back((child_thread_id, child_depth)); - } - } - } - - Ok(resumed_thread_id) - } - - async fn resume_single_agent_from_rollout( - &self, - config: Config, - thread_id: ThreadId, - session_source: SessionSource, - ) -> CodexResult { - let state = self.upgrade()?; - let state_db_ctx = state.state_db(); - let stored_thread = state - .read_stored_thread(ReadThreadParams { - thread_id, - include_archived: true, - include_history: true, - }) - .await?; - let history = stored_thread - .history - .ok_or_else(|| CodexErr::ThreadNotFound(thread_id))? - .items; - let initial_history = InitialHistory::Resumed(ResumedHistory { - conversation_id: thread_id, - history, - rollout_path: stored_thread.rollout_path, - }); - let parent_thread_id = stored_thread.parent_thread_id; - let multi_agent_version = state - .effective_multi_agent_version_for_spawn( - &initial_history, - Some(&session_source), - parent_thread_id, - /*forked_from_thread_id*/ None, - &config, - ) - .await; - let agent_max_threads = config.effective_agent_max_threads(multi_agent_version); - let mut reservation = self.state.reserve_spawn_slot(agent_max_threads)?; - let (session_source, agent_metadata) = match session_source { - SessionSource::SubAgent(SubAgentSource::ThreadSpawn { - parent_thread_id, - depth, - agent_path, - agent_role: _, - agent_nickname: _, - }) => { - let (resumed_agent_nickname, resumed_agent_role) = - if let Some(state_db_ctx) = state_db_ctx.as_ref() { - match state_db_ctx.get_thread(thread_id).await { - Ok(Some(metadata)) => (metadata.agent_nickname, metadata.agent_role), - Ok(None) | Err(_) => (None, None), - } - } else { - (None, None) - }; - self.prepare_thread_spawn( - &mut reservation, - &config, - parent_thread_id, - depth, - agent_path, - resumed_agent_role, - resumed_agent_nickname, - )? - } - other => (other, AgentMetadata::default()), - }; - let notification_source = session_source.clone(); - let inherited_shell_snapshot = self - .inherited_shell_snapshot_for_source(&state, Some(&session_source)) - .await; - let inherited_exec_policy = self - .inherited_exec_policy_for_source(&state, Some(&session_source), &config) - .await; - - let resumed_thread = state - .resume_thread_with_history_with_source(ResumeThreadWithHistoryOptions { - config: config.clone(), - initial_history, - agent_control: self.clone(), - session_source, - parent_thread_id, - inherited_shell_snapshot, - inherited_exec_policy, - }) - .await?; - let mut agent_metadata = agent_metadata; - agent_metadata.agent_id = Some(resumed_thread.thread_id); - reservation.commit(agent_metadata.clone()); - // Resumed threads are re-registered in-memory and need the same listener - // attachment path as freshly spawned threads. - state.notify_thread_created(resumed_thread.thread_id); - if multi_agent_version != MultiAgentVersion::V2 { - let child_reference = agent_metadata - .agent_path - .as_ref() - .map(ToString::to_string) - .unwrap_or_else(|| resumed_thread.thread_id.to_string()); - self.maybe_start_completion_watcher( - resumed_thread.thread_id, - Some(notification_source.clone()), - child_reference, - agent_metadata.agent_path.clone(), - ); - } - self.persist_thread_spawn_edge_for_source( - resumed_thread.thread.as_ref(), - resumed_thread.thread_id, - Some(¬ification_source), - ) - .await; - - Ok(resumed_thread.thread_id) - } - - /// Send rich user input items to an existing agent thread. - pub(crate) async fn send_input( + async fn send_input_after_capacity_check( &self, agent_id: ThreadId, + state: &Arc, initial_operation: Op, ) -> CodexResult { - let last_task_message = render_input_preview(&initial_operation); - let state = self.upgrade()?; + let last_task_message = match &initial_operation { + Op::InterAgentCommunication { communication } => { + last_task_message_from_communication(communication) + } + _ => non_empty_task_message(render_input_preview(&initial_operation)), + }; let result = self .handle_thread_request_result( agent_id, - &state, + state, state.send_op(agent_id, initial_operation).await, ) .await; if result.is_ok() { - self.state - .update_last_task_message(agent_id, last_task_message); + match last_task_message { + Some(last_task_message) => self + .state + .update_last_task_message(agent_id, last_task_message), + None => self.state.clear_last_task_message(agent_id), + } } result } @@ -736,20 +168,20 @@ impl AgentControl { agent_id: ThreadId, communication: InterAgentCommunication, ) -> CodexResult { - let last_task_message = communication.content.clone(); + let last_task_message = last_task_message_from_communication(&communication); let state = self.upgrade()?; + let op = Op::InterAgentCommunication { communication }; + self.ensure_execution_capacity_for_op(agent_id, &op).await?; let result = self - .handle_thread_request_result( - agent_id, - &state, - state - .send_op(agent_id, Op::InterAgentCommunication { communication }) - .await, - ) + .handle_thread_request_result(agent_id, &state, state.send_op(agent_id, op).await) .await; if result.is_ok() { - self.state - .update_last_task_message(agent_id, last_task_message); + match last_task_message { + Some(last_task_message) => self + .state + .update_last_task_message(agent_id, last_task_message), + None => self.state.clear_last_task_message(agent_id), + } } result } @@ -757,7 +189,12 @@ impl AgentControl { /// Interrupt the current task for an existing agent thread. pub(crate) async fn interrupt_agent(&self, agent_id: ThreadId) -> CodexResult { let state = self.upgrade()?; - state.send_op(agent_id, Op::Interrupt).await + self.handle_thread_request_result( + agent_id, + &state, + state.send_op(agent_id, Op::Interrupt).await, + ) + .await } async fn handle_thread_request_result( @@ -768,91 +205,12 @@ impl AgentControl { ) -> CodexResult { if matches!(result, Err(CodexErr::InternalAgentDied)) { let _ = state.remove_thread(&agent_id).await; + self.forget_v2_residency(agent_id); self.state.release_spawned_thread(agent_id); } result } - /// Submit a shutdown request for a live agent without marking it explicitly closed in - /// persisted spawn-edge state. - pub(crate) async fn shutdown_live_agent(&self, agent_id: ThreadId) -> CodexResult { - let state = self.upgrade()?; - let result = if let Ok(thread) = state.get_thread(agent_id).await { - thread.codex.session.ensure_rollout_materialized().await; - thread.codex.session.flush_rollout().await?; - let result = if matches!(thread.agent_status().await, AgentStatus::Shutdown) { - Ok(String::new()) - } else { - state.send_op(agent_id, Op::Shutdown {}).await - }; - thread.wait_until_terminated().await; - result - } else { - state.send_op(agent_id, Op::Shutdown {}).await - }; - let _ = state.remove_thread(&agent_id).await; - self.state.release_spawned_thread(agent_id); - result - } - - /// Mark `agent_id` as explicitly closed in persisted spawn-edge state, then shut down the - /// agent and any live descendants reached from the in-memory tree. - pub(crate) async fn close_agent(&self, agent_id: ThreadId) -> CodexResult { - let state = self.upgrade()?; - let known_agent = self.state.agent_metadata_for_thread(agent_id).is_some(); - match state.get_thread(agent_id).await { - Ok(thread) => { - if let Some(state_db_ctx) = thread.state_db() - && let Err(err) = state_db_ctx - .set_thread_spawn_edge_status( - agent_id, - DirectionalThreadSpawnEdgeStatus::Closed, - ) - .await - { - warn!("failed to persist thread-spawn edge status for {agent_id}: {err}"); - } - } - Err(CodexErr::ThreadNotFound(_)) if known_agent => { - if let Some(state_db_ctx) = state.state_db() - && let Err(err) = state_db_ctx - .set_thread_spawn_edge_status( - agent_id, - DirectionalThreadSpawnEdgeStatus::Closed, - ) - .await - { - return Err(CodexErr::Fatal(format!( - "failed to persist stale thread-spawn edge status for {agent_id}: {err}" - ))); - } - } - Err(CodexErr::ThreadNotFound(_)) => {} - Err(err) => { - warn!("failed to inspect agent before close {agent_id}: {err}"); - } - } - match Box::pin(self.shutdown_agent_tree(agent_id)).await { - Err(CodexErr::ThreadNotFound(_)) | Err(CodexErr::InternalAgentDied) if known_agent => { - Ok(String::new()) - } - result => result, - } - } - - /// Shut down `agent_id` and any live descendants reachable from the in-memory spawn tree. - async fn shutdown_agent_tree(&self, agent_id: ThreadId) -> CodexResult { - let descendant_ids = self.live_thread_spawn_descendants(agent_id).await?; - let result = self.shutdown_live_agent(agent_id).await; - for descendant_id in descendant_ids { - match self.shutdown_live_agent(descendant_id).await { - Ok(_) | Err(CodexErr::ThreadNotFound(_)) | Err(CodexErr::InternalAgentDied) => {} - Err(err) => return Err(err), - } - } - result - } - /// Fetch the last known status for `agent_id`, returning `NotFound` when unavailable. pub(crate) async fn get_status(&self, agent_id: ThreadId) -> AgentStatus { let Ok(state) = self.upgrade() else { @@ -879,6 +237,12 @@ impl AgentControl { self.state.agent_metadata_for_thread(agent_id) } + pub(crate) fn ensure_agent_known(&self, agent_id: ThreadId) -> CodexResult { + self.state + .agent_metadata_for_thread(agent_id) + .ok_or(CodexErr::ThreadNotFound(agent_id)) + } + pub(crate) async fn list_live_agent_subtree_thread_ids( &self, agent_id: ThreadId, @@ -1126,7 +490,7 @@ impl AgentControl { if let Some(agent_path) = agent_path.as_ref() { reservation.reserve_agent_path(agent_path)?; } - let candidate_names = agent_nickname_candidates(config, agent_role.as_deref()); + let candidate_names = spawn::agent_nickname_candidates(config, agent_role.as_deref()); let candidate_name_refs: Vec<&str> = candidate_names.iter().map(String::as_str).collect(); let agent_nickname = Some(reservation.reserve_agent_nickname_with_preference( &candidate_name_refs, @@ -1329,6 +693,17 @@ pub(crate) fn render_input_preview(initial_operation: &Op) -> String { } } +fn last_task_message_from_communication(communication: &InterAgentCommunication) -> Option { + if communication.encrypted_content.is_some() { + return None; + } + non_empty_task_message(communication.content.clone()) +} + +fn non_empty_task_message(message: String) -> Option { + (!message.is_empty()).then_some(message) +} + fn thread_spawn_depth(session_source: &SessionSource) -> Option { match session_source { SessionSource::SubAgent(SubAgentSource::ThreadSpawn { depth, .. }) => Some(*depth), diff --git a/codex-rs/core/src/agent/control/execution.rs b/codex-rs/core/src/agent/control/execution.rs new file mode 100644 index 00000000000..42aaa50e029 --- /dev/null +++ b/codex-rs/core/src/agent/control/execution.rs @@ -0,0 +1,110 @@ +use super::AgentControl; +use codex_protocol::ThreadId; +use codex_protocol::error::CodexErr; +use codex_protocol::error::Result as CodexResult; +use codex_protocol::protocol::MultiAgentVersion; +use codex_protocol::protocol::Op; +use codex_protocol::protocol::SessionSource; +use std::sync::Arc; +use std::sync::OnceLock; +use std::sync::atomic::AtomicUsize; +use std::sync::atomic::Ordering; + +#[derive(Default)] +pub(super) struct AgentExecutionLimiter { + active: AtomicUsize, + max_threads: OnceLock, +} + +pub(crate) struct AgentExecutionGuard { + limiter: Arc, +} + +impl Drop for AgentExecutionGuard { + fn drop(&mut self) { + self.limiter.active.fetch_sub(1, Ordering::AcqRel); + } +} + +impl AgentControl { + pub(crate) async fn ensure_execution_capacity_for_op( + &self, + thread_id: ThreadId, + op: &Op, + ) -> CodexResult<()> { + if !op_starts_turn(op) { + return Ok(()); + } + let state = self.upgrade()?; + let thread = state.get_thread(thread_id).await?; + if thread.codex.session.active_turn.lock().await.is_some() { + return Ok(()); + } + let config = thread.codex.session.get_config().await; + let multi_agent_version = thread + .multi_agent_version() + .unwrap_or_else(|| config.multi_agent_version_from_features()); + self.ensure_execution_capacity(multi_agent_version, &thread.session_source) + } + + pub(crate) fn ensure_execution_capacity( + &self, + multi_agent_version: MultiAgentVersion, + session_source: &SessionSource, + ) -> CodexResult<()> { + if !is_execution_limited(multi_agent_version, session_source) { + return Ok(()); + } + let max_threads = self.agent_execution_limiter.max_threads(); + if self.agent_execution_limiter.has_capacity() { + Ok(()) + } else { + Err(CodexErr::AgentLimitReached { max_threads }) + } + } + + pub(crate) fn execution_guard( + &self, + multi_agent_version: MultiAgentVersion, + session_source: &SessionSource, + ) -> Option { + is_execution_limited(multi_agent_version, session_source) + .then(|| Arc::clone(&self.agent_execution_limiter).guard()) + } +} + +impl AgentExecutionLimiter { + pub(super) fn initialize(&self, max_threads: usize) { + self.max_threads.get_or_init(|| max_threads); + } + + fn max_threads(&self) -> usize { + self.max_threads.get().copied().unwrap_or(usize::MAX) + } + + fn has_capacity(&self) -> bool { + self.active.load(Ordering::Acquire) < self.max_threads() + } + + fn guard(self: Arc) -> AgentExecutionGuard { + self.active.fetch_add(1, Ordering::AcqRel); + AgentExecutionGuard { limiter: self } + } +} + +fn op_starts_turn(op: &Op) -> bool { + matches!(op, Op::UserInput { .. }) + || matches!(op, Op::InterAgentCommunication { communication } if communication.trigger_turn) +} + +fn is_execution_limited( + multi_agent_version: MultiAgentVersion, + session_source: &SessionSource, +) -> bool { + multi_agent_version == MultiAgentVersion::V2 + && matches!(session_source, SessionSource::SubAgent(_)) +} + +#[cfg(test)] +#[path = "execution_tests.rs"] +mod tests; diff --git a/codex-rs/core/src/agent/control/execution_tests.rs b/codex-rs/core/src/agent/control/execution_tests.rs new file mode 100644 index 00000000000..9cad08f9512 --- /dev/null +++ b/codex-rs/core/src/agent/control/execution_tests.rs @@ -0,0 +1,60 @@ +use crate::agent::AgentControl; +use codex_protocol::error::CodexErr; +use codex_protocol::protocol::MultiAgentVersion; +use codex_protocol::protocol::SessionSource; +use codex_protocol::protocol::SubAgentSource; +use pretty_assertions::assert_eq; + +fn control_with_limit(max_threads: usize) -> AgentControl { + let control = AgentControl::default(); + control.agent_execution_limiter.initialize(max_threads); + control +} + +#[test] +fn execution_guards_count_active_v2_subagent_turns() { + let control = control_with_limit(/*max_threads*/ 1); + // Child role configs cannot replace the root-derived session limit. + control + .agent_execution_limiter + .initialize(/*max_threads*/ 2); + let source = SessionSource::SubAgent(SubAgentSource::Other("worker".to_string())); + + control + .ensure_execution_capacity(MultiAgentVersion::V2, &source) + .expect("first active turn should fit"); + let first = control + .execution_guard(MultiAgentVersion::V2, &source) + .expect("v2 subagent execution should be counted"); + let Err(err) = control.ensure_execution_capacity(MultiAgentVersion::V2, &source) else { + panic!("second active turn should exceed the derived non-root cap"); + }; + let CodexErr::AgentLimitReached { max_threads } = err else { + panic!("expected AgentLimitReached"); + }; + assert_eq!(max_threads, 1); + + drop(first); + control + .ensure_execution_capacity(MultiAgentVersion::V2, &source) + .expect("capacity should be released when the running task drops"); +} + +#[test] +fn execution_guards_ignore_root_and_v1_turns() { + let control = control_with_limit(/*max_threads*/ 0); + + assert!( + control + .execution_guard(MultiAgentVersion::V2, &SessionSource::Cli) + .is_none() + ); + assert!( + control + .execution_guard( + MultiAgentVersion::V1, + &SessionSource::SubAgent(SubAgentSource::Other("worker".to_string())), + ) + .is_none() + ); +} diff --git a/codex-rs/core/src/agent/control/legacy.rs b/codex-rs/core/src/agent/control/legacy.rs new file mode 100644 index 00000000000..aa414726877 --- /dev/null +++ b/codex-rs/core/src/agent/control/legacy.rs @@ -0,0 +1,84 @@ +use super::*; + +impl AgentControl { + /// Submit a shutdown request for a live agent without marking it explicitly closed in + /// persisted spawn-edge state. + pub(crate) async fn shutdown_live_agent(&self, agent_id: ThreadId) -> CodexResult { + let state = self.upgrade()?; + let result = if let Ok(thread) = state.get_thread(agent_id).await { + thread.codex.session.ensure_rollout_materialized().await; + thread.codex.session.flush_rollout().await?; + let result = if matches!(thread.agent_status().await, AgentStatus::Shutdown) { + Ok(String::new()) + } else { + state.send_op(agent_id, Op::Shutdown {}).await + }; + thread.wait_until_terminated().await; + result + } else { + state.send_op(agent_id, Op::Shutdown {}).await + }; + let _ = state.remove_thread(&agent_id).await; + self.forget_v2_residency(agent_id); + self.state.release_spawned_thread(agent_id); + result + } + + /// Mark `agent_id` as explicitly closed in persisted spawn-edge state, then shut down the + /// agent and any live descendants reached from the in-memory tree. + pub(crate) async fn close_agent(&self, agent_id: ThreadId) -> CodexResult { + let state = self.upgrade()?; + let known_agent = self.state.agent_metadata_for_thread(agent_id).is_some(); + match state.get_thread(agent_id).await { + Ok(thread) => { + if let Some(state_db_ctx) = thread.state_db() + && let Err(err) = state_db_ctx + .set_thread_spawn_edge_status( + agent_id, + DirectionalThreadSpawnEdgeStatus::Closed, + ) + .await + { + warn!("failed to persist thread-spawn edge status for {agent_id}: {err}"); + } + } + Err(CodexErr::ThreadNotFound(_)) if known_agent => { + if let Some(state_db_ctx) = state.state_db() + && let Err(err) = state_db_ctx + .set_thread_spawn_edge_status( + agent_id, + DirectionalThreadSpawnEdgeStatus::Closed, + ) + .await + { + return Err(CodexErr::Fatal(format!( + "failed to persist stale thread-spawn edge status for {agent_id}: {err}" + ))); + } + } + Err(CodexErr::ThreadNotFound(_)) => {} + Err(err) => { + warn!("failed to inspect agent before close {agent_id}: {err}"); + } + } + match Box::pin(self.shutdown_agent_tree(agent_id)).await { + Err(CodexErr::ThreadNotFound(_)) | Err(CodexErr::InternalAgentDied) if known_agent => { + Ok(String::new()) + } + result => result, + } + } + + /// Shut down `agent_id` and any live descendants reachable from the in-memory spawn tree. + pub(crate) async fn shutdown_agent_tree(&self, agent_id: ThreadId) -> CodexResult { + let descendant_ids = self.live_thread_spawn_descendants(agent_id).await?; + let result = self.shutdown_live_agent(agent_id).await; + for descendant_id in descendant_ids { + match self.shutdown_live_agent(descendant_id).await { + Ok(_) | Err(CodexErr::ThreadNotFound(_)) | Err(CodexErr::InternalAgentDied) => {} + Err(err) => return Err(err), + } + } + result + } +} diff --git a/codex-rs/core/src/agent/control/residency.rs b/codex-rs/core/src/agent/control/residency.rs new file mode 100644 index 00000000000..901f2c93bd3 --- /dev/null +++ b/codex-rs/core/src/agent/control/residency.rs @@ -0,0 +1,240 @@ +use super::AgentControl; +use crate::agent::AgentStatus; +use crate::codex_thread::CodexThread; +use crate::config::Config; +use crate::thread_manager::ThreadManagerState; +use codex_protocol::ThreadId; +use codex_protocol::error::CodexErr; +use codex_protocol::error::Result as CodexResult; +use codex_protocol::protocol::MultiAgentVersion; +use codex_protocol::protocol::SessionSource; +use std::collections::VecDeque; +use std::sync::Arc; +use std::sync::Mutex; +use tracing::warn; + +#[derive(Default)] +pub(super) struct V2Residency { + state: Mutex, +} + +#[derive(Default)] +struct V2ResidencyState { + residents: VecDeque, + pending_slots: usize, +} + +pub(super) struct V2ResidencySlot { + residency: Arc, + active: bool, +} + +impl V2ResidencySlot { + pub(super) fn commit(mut self, thread_id: ThreadId) { + self.residency.commit_slot(thread_id); + self.active = false; + } +} + +impl Drop for V2ResidencySlot { + fn drop(&mut self) { + if self.active { + self.residency.release_pending_slot(); + } + } +} + +impl AgentControl { + pub(super) async fn reserve_v2_residency_slot( + &self, + state: &Arc, + config: &Config, + protected_thread_id: Option, + ) -> CodexResult { + let capacity = config + .effective_agent_max_threads(MultiAgentVersion::V2) + .unwrap_or(usize::MAX); + Arc::clone(&self.v2_residency) + .reserve_slot(state, capacity, protected_thread_id) + .await + } + + pub(super) async fn touch_loaded_v2_residency( + &self, + state: &Arc, + thread_id: ThreadId, + ) { + if let Ok(thread) = state.get_thread(thread_id).await + && is_resident_candidate(thread.as_ref()) + { + self.v2_residency.touch(thread_id); + } + } + + pub(super) fn forget_v2_residency(&self, thread_id: ThreadId) { + self.v2_residency.remove(thread_id); + } +} + +impl V2Residency { + async fn reserve_slot( + self: Arc, + manager: &Arc, + capacity: usize, + protected_thread_id: Option, + ) -> CodexResult { + loop { + if self.try_reserve_pending_slot(capacity) { + return Ok(V2ResidencySlot { + residency: self, + active: true, + }); + } + if !self + .try_unload_one_resident(manager, protected_thread_id) + .await + { + return Err(CodexErr::AgentLimitReached { + max_threads: capacity, + }); + } + } + } + + fn try_reserve_pending_slot(&self, capacity: usize) -> bool { + let mut state = self + .state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + if state.residents.len().saturating_add(state.pending_slots) >= capacity { + return false; + } + state.pending_slots += 1; + true + } + + async fn try_unload_one_resident( + &self, + manager: &Arc, + protected_thread_id: Option, + ) -> bool { + let candidates_to_scan = self.resident_count(); + for _ in 0..candidates_to_scan { + let Some(candidate_thread_id) = self.pop_lru_candidate(protected_thread_id) else { + return false; + }; + let Some(candidate_thread) = manager + .get_thread(candidate_thread_id) + .await + .ok() + .filter(|thread| is_resident_candidate(thread)) + else { + continue; + }; + if !is_unloadable(candidate_thread.as_ref()).await { + self.touch(candidate_thread_id); + continue; + } + candidate_thread.ensure_rollout_materialized().await; + if let Err(err) = candidate_thread.shutdown_and_wait().await { + warn!( + "failed to shut down v2 resident thread before unloading {candidate_thread_id}: {err}" + ); + self.touch(candidate_thread_id); + continue; + } + let _ = manager.remove_thread(&candidate_thread_id).await; + return true; + } + false + } + + fn resident_count(&self) -> usize { + self.state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .residents + .len() + } + + fn pop_lru_candidate(&self, protected_thread_id: Option) -> Option { + let mut state = self + .state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + let candidates_to_scan = state.residents.len(); + for _ in 0..candidates_to_scan { + let candidate_thread_id = state.residents.pop_front()?; + if Some(candidate_thread_id) == protected_thread_id { + state.residents.push_back(candidate_thread_id); + continue; + } + return Some(candidate_thread_id); + } + None + } + + fn touch(&self, thread_id: ThreadId) { + let mut state = self + .state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + touch_resident(&mut state.residents, thread_id); + } + + fn remove(&self, thread_id: ThreadId) { + self.state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .residents + .retain(|resident_thread_id| *resident_thread_id != thread_id); + } + + fn commit_slot(&self, thread_id: ThreadId) { + let mut state = self + .state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + state.pending_slots = state.pending_slots.saturating_sub(1); + touch_resident(&mut state.residents, thread_id); + } + + fn release_pending_slot(&self) { + let mut state = self + .state + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + state.pending_slots = state.pending_slots.saturating_sub(1); + } +} + +fn touch_resident(residents: &mut VecDeque, thread_id: ThreadId) { + residents.retain(|resident_thread_id| *resident_thread_id != thread_id); + residents.push_back(thread_id); +} + +fn is_resident_candidate(thread: &CodexThread) -> bool { + thread.multi_agent_version() == Some(MultiAgentVersion::V2) + && is_v2_resident_session_source(&thread.session_source) +} + +pub(super) fn is_v2_resident_session_source(session_source: &SessionSource) -> bool { + matches!(session_source, SessionSource::SubAgent(_)) +} + +async fn is_unloadable(thread: &CodexThread) -> bool { + matches!( + thread.agent_status().await, + AgentStatus::Completed(_) | AgentStatus::Errored(_) | AgentStatus::Interrupted + ) && thread.codex.session.active_turn.lock().await.is_none() + && !thread + .codex + .session + .input_queue + .has_pending_mailbox_items() + .await +} + +#[cfg(test)] +#[path = "residency_tests.rs"] +mod tests; diff --git a/codex-rs/core/src/agent/control/residency_tests.rs b/codex-rs/core/src/agent/control/residency_tests.rs new file mode 100644 index 00000000000..88d4b004d33 --- /dev/null +++ b/codex-rs/core/src/agent/control/residency_tests.rs @@ -0,0 +1,193 @@ +use crate::ThreadManager; +use crate::agent::AgentControl; +use crate::codex_thread::CodexThread; +use crate::config::Config; +use crate::config::test_config; +use crate::thread_manager::ThreadManagerState; +use codex_features::Feature; +use codex_login::CodexAuth; +use codex_protocol::ThreadId; +use codex_protocol::error::CodexErr; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::SessionSource; +use codex_protocol::protocol::SubAgentSource; +use codex_protocol::protocol::ThreadSource; +use codex_protocol::protocol::TurnAbortReason; +use codex_protocol::protocol::TurnAbortedEvent; +use codex_protocol::protocol::TurnCompleteEvent; +use pretty_assertions::assert_eq; +use std::sync::Arc; + +#[tokio::test] +async fn residency_slot_reservation_unloads_oldest_idle_v2_agent() { + let mut config = test_config().await; + let _ = config.features.enable(Feature::MultiAgentV2); + config.multi_agent_v2.max_concurrent_threads_per_session = 2; + let temp_home = tempfile::tempdir().expect("create temp home"); + config.codex_home = temp_home.path().to_path_buf().try_into().unwrap(); + config.cwd = temp_home.path().to_path_buf().try_into().unwrap(); + let manager = ThreadManager::with_models_provider_and_home_for_tests( + CodexAuth::from_api_key("dummy"), + config.model_provider.clone(), + config.codex_home.to_path_buf(), + Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), + ); + let root = manager + .start_thread(config.clone()) + .await + .expect("start root thread"); + let control = manager.agent_control(); + let state = control.upgrade().expect("thread manager should be live"); + + let first_slot = control + .reserve_v2_residency_slot(&state, &config, /*protected_thread_id*/ None) + .await + .expect("first resident slot"); + let first = + spawn_v2_subagent(&control, &state, config.clone(), root.thread_id, "worker-1").await; + first_slot.commit(first.thread_id); + mark_thread_completed(first.thread.as_ref()).await; + + let second_slot = control + .reserve_v2_residency_slot(&state, &config, /*protected_thread_id*/ None) + .await + .expect("second resident slot should evict the first idle agent"); + match manager.get_thread(first.thread_id).await { + Err(CodexErr::ThreadNotFound(thread_id)) => assert_eq!(thread_id, first.thread_id), + Err(err) => panic!("expected evicted thread to be missing, got {err:?}"), + Ok(_) => panic!("expected evicted thread to be missing"), + } + let second = spawn_v2_subagent(&control, &state, config, root.thread_id, "worker-2").await; + second_slot.commit(second.thread_id); + + assert!(manager.get_thread(root.thread_id).await.is_ok()); + assert!(manager.get_thread(second.thread_id).await.is_ok()); +} + +#[tokio::test] +async fn interrupted_v2_agent_is_lost_after_residency_eviction() { + let mut config = test_config().await; + let _ = config.features.enable(Feature::MultiAgentV2); + config.multi_agent_v2.max_concurrent_threads_per_session = 2; + let temp_home = tempfile::tempdir().expect("create temp home"); + config.codex_home = temp_home.path().to_path_buf().try_into().unwrap(); + config.cwd = temp_home.path().to_path_buf().try_into().unwrap(); + let manager = ThreadManager::with_models_provider_and_home_for_tests( + CodexAuth::from_api_key("dummy"), + config.model_provider.clone(), + config.codex_home.to_path_buf(), + Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), + ); + let root = manager + .start_thread(config.clone()) + .await + .expect("start root thread"); + let control = manager.agent_control(); + let state = control.upgrade().expect("thread manager should be live"); + + let first_slot = control + .reserve_v2_residency_slot(&state, &config, /*protected_thread_id*/ None) + .await + .expect("first resident slot"); + let first = + spawn_v2_subagent(&control, &state, config.clone(), root.thread_id, "worker-1").await; + first_slot.commit(first.thread_id); + mark_thread_interrupted(first.thread.as_ref()).await; + + let second_slot = control + .reserve_v2_residency_slot(&state, &config, /*protected_thread_id*/ None) + .await + .expect("second resident slot should evict the first interrupted idle agent"); + match manager.get_thread(first.thread_id).await { + Err(CodexErr::ThreadNotFound(thread_id)) => assert_eq!(thread_id, first.thread_id), + Err(err) => panic!("expected evicted thread to be missing, got {err:?}"), + Ok(_) => panic!("expected evicted thread to be missing"), + } + let second = + spawn_v2_subagent(&control, &state, config.clone(), root.thread_id, "worker-2").await; + second_slot.commit(second.thread_id); + mark_thread_completed(second.thread.as_ref()).await; + + let err = control + .ensure_v2_agent_loaded(config, first.thread_id) + .await + .expect_err("evicted interrupted agent should stay lost"); + match err { + CodexErr::ThreadNotFound(thread_id) => assert_eq!(thread_id, first.thread_id), + err => panic!("expected ThreadNotFound, got {err:?}"), + } + + assert!(manager.get_thread(root.thread_id).await.is_ok()); + assert!(manager.get_thread(second.thread_id).await.is_ok()); + match manager.get_thread(first.thread_id).await { + Err(CodexErr::ThreadNotFound(thread_id)) => assert_eq!(thread_id, first.thread_id), + Err(err) => panic!("expected evicted thread to be missing, got {err:?}"), + Ok(_) => panic!("expected evicted thread to be missing"), + } +} + +async fn spawn_v2_subagent( + control: &AgentControl, + state: &Arc, + config: Config, + parent_thread_id: ThreadId, + label: &str, +) -> crate::thread_manager::NewThread { + state + .spawn_new_thread_with_source( + config, + control.clone(), + SessionSource::SubAgent(SubAgentSource::Other(label.to_string())), + Some(parent_thread_id), + /*forked_from_thread_id*/ None, + Some(ThreadSource::Subagent), + /*metrics_service_name*/ None, + /*inherited_shell_snapshot*/ None, + /*inherited_exec_policy*/ None, + /*environments*/ None, + ) + .await + .expect("spawn v2 subagent") +} + +async fn mark_thread_completed(thread: &CodexThread) { + let turn = thread.codex.session.new_default_turn().await; + thread + .codex + .session + .send_event( + turn.as_ref(), + EventMsg::TurnComplete(TurnCompleteEvent { + turn_id: turn.sub_id.clone(), + last_agent_message: Some("done".to_string()), + completed_at: None, + duration_ms: None, + time_to_first_token_ms: None, + }), + ) + .await; + clear_active_turn(thread).await; +} + +async fn mark_thread_interrupted(thread: &CodexThread) { + let turn = thread.codex.session.new_default_turn().await; + thread + .codex + .session + .send_event( + turn.as_ref(), + EventMsg::TurnAborted(TurnAbortedEvent { + turn_id: Some(turn.sub_id.clone()), + reason: TurnAbortReason::Interrupted, + completed_at: None, + duration_ms: None, + }), + ) + .await; + clear_active_turn(thread).await; +} + +async fn clear_active_turn(thread: &CodexThread) { + // The fixture has no task runner to clear the turn after the terminal event. + *thread.codex.session.active_turn.lock().await = None; +} diff --git a/codex-rs/core/src/agent/control/spawn.rs b/codex-rs/core/src/agent/control/spawn.rs new file mode 100644 index 00000000000..a0d52ea4d63 --- /dev/null +++ b/codex-rs/core/src/agent/control/spawn.rs @@ -0,0 +1,713 @@ +use super::residency::is_v2_resident_session_source; +use super::*; + +const AGENT_NAMES: &str = include_str!("../agent_names.txt"); + +struct SpawnAgentThreadInheritance { + shell_snapshot: Option>, + exec_policy: Option>, +} + +fn default_agent_nickname_list() -> Vec<&'static str> { + AGENT_NAMES + .lines() + .map(str::trim) + .filter(|name| !name.is_empty()) + .collect() +} + +pub(super) fn agent_nickname_candidates(config: &Config, role_name: Option<&str>) -> Vec { + let role_name = role_name.unwrap_or(DEFAULT_ROLE_NAME); + if let Some(candidates) = + resolve_role_config(config, role_name).and_then(|role| role.nickname_candidates.clone()) + { + return candidates; + } + + default_agent_nickname_list() + .into_iter() + .map(ToOwned::to_owned) + .collect() +} + +fn keep_forked_rollout_item(item: &RolloutItem, preserve_reference_context_item: bool) -> bool { + match item { + RolloutItem::ResponseItem(ResponseItem::Message { role, phase, .. }) => match role.as_str() + { + "system" | "developer" | "user" => true, + "assistant" => *phase == Some(MessagePhase::FinalAnswer), + _ => false, + }, + RolloutItem::ResponseItem( + ResponseItem::AgentMessage { .. } + | ResponseItem::Reasoning { .. } + | ResponseItem::LocalShellCall { .. } + | ResponseItem::FunctionCall { .. } + | ResponseItem::ToolSearchCall { .. } + | ResponseItem::FunctionCallOutput { .. } + | ResponseItem::CustomToolCall { .. } + | ResponseItem::CustomToolCallOutput { .. } + | ResponseItem::ToolSearchOutput { .. } + | ResponseItem::WebSearchCall { .. } + | ResponseItem::ImageGenerationCall { .. } + | ResponseItem::Compaction { .. } + | ResponseItem::CompactionTrigger + | ResponseItem::ContextCompaction { .. } + | ResponseItem::Other, + ) => false, + // Full-history forks preserve the cached prompt prefix and can keep diffing + // from the parent's durable baseline. Truncated forks drop part of that prompt, + // so they must rebuild context on their first child turn. + RolloutItem::TurnContext(_) => preserve_reference_context_item, + RolloutItem::Compacted(_) | RolloutItem::EventMsg(_) | RolloutItem::SessionMeta(_) => true, + } +} + +fn is_multi_agent_v2_usage_hint_message(item: &ResponseItem, usage_hint_texts: &[String]) -> bool { + let ResponseItem::Message { role, content, .. } = item else { + return false; + }; + if role != "developer" { + return false; + } + let [ContentItem::InputText { text }] = content.as_slice() else { + return false; + }; + + usage_hint_texts + .iter() + .any(|usage_hint_text| usage_hint_text == text) +} + +impl AgentControl { + /// Spawn a new agent thread and submit the initial prompt. + #[cfg(test)] + pub(crate) async fn spawn_agent( + &self, + config: Config, + initial_operation: Op, + session_source: Option, + ) -> CodexResult { + let spawned_agent = Box::pin(self.spawn_agent_internal( + config, + initial_operation, + session_source, + SpawnAgentOptions::default(), + )) + .await?; + Ok(spawned_agent.thread_id) + } + + /// Spawn an agent thread with some metadata. + pub(crate) async fn spawn_agent_with_metadata( + &self, + config: Config, + initial_operation: Op, + session_source: Option, + options: SpawnAgentOptions, // TODO(jif) drop with new fork. + ) -> CodexResult { + Box::pin(self.spawn_agent_internal(config, initial_operation, session_source, options)) + .await + } + + pub(crate) async fn ensure_v2_agent_loaded( + &self, + config: Config, + thread_id: ThreadId, + ) -> CodexResult<()> { + let state = self.upgrade()?; + if state.get_thread(thread_id).await.is_ok() { + self.touch_loaded_v2_residency(&state, thread_id).await; + return Ok(()); + } + if self.state.agent_metadata_for_thread(thread_id).is_none() { + return Err(CodexErr::ThreadNotFound(thread_id)); + } + + let stored_thread = state + .read_stored_thread(ReadThreadParams { + thread_id, + include_archived: true, + include_history: true, + }) + .await?; + let stored_source = stored_thread.source.clone(); + let stored_parent_thread_id = stored_thread.parent_thread_id; + let history = stored_thread + .history + .ok_or(CodexErr::ThreadNotFound(thread_id))? + .items; + let initial_history = InitialHistory::Resumed(ResumedHistory { + conversation_id: thread_id, + history, + rollout_path: stored_thread.rollout_path, + }); + if initial_history.get_multi_agent_version() != Some(MultiAgentVersion::V2) { + return Err(CodexErr::ThreadNotFound(thread_id)); + } + let residency_slot = self + .reserve_v2_residency_slot(&state, &config, Some(thread_id)) + .await?; + + let (session_source, _) = initial_history + .get_resumed_session_sources() + .unwrap_or((stored_source, None)); + let parent_thread_id = initial_history + .get_resumed_parent_thread_id() + .or(stored_parent_thread_id); + let inherited_shell_snapshot = self + .inherited_shell_snapshot_for_source(&state, Some(&session_source)) + .await; + let inherited_exec_policy = self + .inherited_exec_policy_for_source(&state, Some(&session_source), &config) + .await; + + match state + .resume_thread_with_history_with_source(ResumeThreadWithHistoryOptions { + config, + initial_history, + agent_control: self.clone(), + session_source, + parent_thread_id, + inherited_shell_snapshot, + inherited_exec_policy, + }) + .await + { + Ok(reloaded_thread) => { + residency_slot.commit(reloaded_thread.thread_id); + state.notify_thread_created(reloaded_thread.thread_id); + Ok(()) + } + Err(err) => { + if state.get_thread(thread_id).await.is_ok() { + drop(residency_slot); + self.touch_loaded_v2_residency(&state, thread_id).await; + return Ok(()); + } + Err(err) + } + } + } + + async fn spawn_agent_internal( + &self, + config: Config, + initial_operation: Op, + session_source: Option, + options: SpawnAgentOptions, + ) -> CodexResult { + let state = self.upgrade()?; + let multi_agent_version = state + .effective_multi_agent_version_for_spawn( + &InitialHistory::New, + session_source.as_ref(), + options.parent_thread_id, + /*forked_from_thread_id*/ None, + &config, + ) + .await; + if let Some(session_source) = session_source.as_ref() { + self.ensure_execution_capacity(multi_agent_version, session_source)?; + } + let agent_max_threads = config.effective_agent_max_threads(multi_agent_version); + let spawn_uses_v2_residency = multi_agent_version == MultiAgentVersion::V2 + && session_source + .as_ref() + .is_some_and(is_v2_resident_session_source); + let residency_slot = if spawn_uses_v2_residency { + Some( + self.reserve_v2_residency_slot(&state, &config, /*protected_thread_id*/ None) + .await?, + ) + } else { + None + }; + let reservation_max_threads = if spawn_uses_v2_residency { + None + } else { + agent_max_threads + }; + let mut reservation = self.state.reserve_spawn_slot(reservation_max_threads)?; + let inheritance = SpawnAgentThreadInheritance { + shell_snapshot: self + .inherited_shell_snapshot_for_source(&state, session_source.as_ref()) + .await, + exec_policy: self + .inherited_exec_policy_for_source(&state, session_source.as_ref(), &config) + .await, + }; + let (session_source, mut agent_metadata) = match session_source { + Some(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth, + agent_path, + agent_role, + .. + })) => { + let (session_source, agent_metadata) = self.prepare_thread_spawn( + &mut reservation, + &config, + parent_thread_id, + depth, + agent_path, + agent_role, + /*preferred_agent_nickname*/ None, + )?; + (Some(session_source), agent_metadata) + } + other => (other, AgentMetadata::default()), + }; + let notification_source = session_source.clone(); + + // The same `AgentControl` is sent to spawn the thread. + let new_thread = match (session_source, options.fork_mode.as_ref(), inheritance) { + (Some(session_source), Some(_), inheritance) => { + Box::pin(self.spawn_forked_thread( + &state, + config, + session_source, + &options, + inheritance, + multi_agent_version, + )) + .await? + } + (Some(session_source), None, inheritance) => { + Box::pin(state.spawn_new_thread_with_source( + config.clone(), + self.clone(), + session_source, + options.parent_thread_id, + /*forked_from_thread_id*/ None, + /*thread_source*/ Some(ThreadSource::Subagent), + /*metrics_service_name*/ None, + inheritance.shell_snapshot, + inheritance.exec_policy, + options.environments.clone(), + )) + .await? + } + (None, _, _) => Box::pin(state.spawn_new_thread(config.clone(), self.clone())).await?, + }; + agent_metadata.agent_id = Some(new_thread.thread_id); + reservation.commit(agent_metadata.clone()); + if let Some(residency_slot) = residency_slot { + residency_slot.commit(new_thread.thread_id); + } + + if let Some(SessionSource::SubAgent( + subagent_source @ SubAgentSource::ThreadSpawn { + parent_thread_id, .. + }, + )) = notification_source.as_ref() + { + let client_metadata = match state.get_thread(*parent_thread_id).await { + Ok(parent_thread) => { + parent_thread + .codex + .session + .app_server_client_metadata() + .await + } + Err(error) => { + tracing::warn!( + error = %error, + parent_thread_id = %parent_thread_id, + "skipping subagent thread analytics: failed to load parent thread metadata" + ); + crate::session::session::AppServerClientMetadata { + client_name: None, + client_version: None, + } + } + }; + let thread_config = new_thread.thread.codex.thread_config_snapshot().await; + let parent_thread_id = thread_config.parent_thread_id; + emit_subagent_session_started( + &new_thread + .thread + .codex + .session + .services + .analytics_events_client, + client_metadata, + new_thread.thread.codex.session.session_id(), + new_thread.thread_id, + parent_thread_id, + thread_config, + subagent_source.clone(), + ); + } + + // Notify a new thread has been created. This notification will be processed by clients + // to subscribe or drain this newly created thread. + // TODO(jif) add helper for drain + state.notify_thread_created(new_thread.thread_id); + + self.persist_thread_spawn_edge_for_source( + new_thread.thread.as_ref(), + new_thread.thread_id, + notification_source.as_ref(), + ) + .await; + + self.send_input_after_capacity_check(new_thread.thread_id, &state, initial_operation) + .await?; + if multi_agent_version != MultiAgentVersion::V2 { + let child_reference = agent_metadata + .agent_path + .as_ref() + .map(ToString::to_string) + .unwrap_or_else(|| new_thread.thread_id.to_string()); + self.maybe_start_completion_watcher( + new_thread.thread_id, + notification_source, + child_reference, + agent_metadata.agent_path.clone(), + ); + } + + Ok(LiveAgent { + thread_id: new_thread.thread_id, + metadata: agent_metadata, + status: self.get_status(new_thread.thread_id).await, + }) + } + + async fn spawn_forked_thread( + &self, + state: &Arc, + config: Config, + session_source: SessionSource, + options: &SpawnAgentOptions, + inheritance: SpawnAgentThreadInheritance, + multi_agent_version: MultiAgentVersion, + ) -> CodexResult { + let SpawnAgentThreadInheritance { + shell_snapshot: inherited_shell_snapshot, + exec_policy: inherited_exec_policy, + } = inheritance; + if options.fork_parent_spawn_call_id.is_none() { + return Err(CodexErr::Fatal( + "spawn_agent fork requires a parent spawn call id".to_string(), + )); + } + let Some(fork_mode) = options.fork_mode.as_ref() else { + return Err(CodexErr::Fatal( + "spawn_agent fork requires a fork mode".to_string(), + )); + }; + let SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, .. + }) = &session_source + else { + return Err(CodexErr::Fatal( + "spawn_agent fork requires a thread-spawn session source".to_string(), + )); + }; + + let parent_thread_id = *parent_thread_id; + let parent_thread = state.get_thread(parent_thread_id).await.ok(); + if let Some(parent_thread) = parent_thread.as_ref() { + // `record_conversation_items` only queues persistence writes asynchronously. + // Flush before snapshotting store history for a fork. + parent_thread.ensure_rollout_materialized().await; + parent_thread.flush_rollout().await?; + } + + let parent_history = state + .read_stored_thread(ReadThreadParams { + thread_id: parent_thread_id, + include_archived: true, + include_history: true, + }) + .await? + .history + .ok_or_else(|| { + CodexErr::Fatal(format!( + "parent thread history unavailable for fork: {parent_thread_id}" + )) + })?; + + let mut forked_rollout_items = parent_history.items; + if let SpawnAgentForkMode::LastNTurns(last_n_turns) = fork_mode { + forked_rollout_items = + truncate_rollout_to_last_n_fork_turns(&forked_rollout_items, *last_n_turns); + } + let multi_agent_v2_usage_hint_texts_to_filter: Vec = + if let Some(parent_thread) = parent_thread.as_ref() { + if multi_agent_version == MultiAgentVersion::V2 { + let parent_config = parent_thread.codex.session.get_config().await; + [ + parent_config + .multi_agent_v2 + .root_agent_usage_hint_text + .clone(), + parent_config + .multi_agent_v2 + .subagent_usage_hint_text + .clone(), + ] + .into_iter() + .flatten() + .collect() + } else { + Vec::new() + } + } else if multi_agent_version == MultiAgentVersion::V2 { + [ + config.multi_agent_v2.root_agent_usage_hint_text.clone(), + config.multi_agent_v2.subagent_usage_hint_text.clone(), + ] + .into_iter() + .flatten() + .collect() + } else { + Vec::new() + }; + let preserve_reference_context_item = matches!(fork_mode, SpawnAgentForkMode::FullHistory); + forked_rollout_items.retain(|item| { + keep_forked_rollout_item(item, preserve_reference_context_item) + && !matches!( + item, + RolloutItem::ResponseItem(response_item) + if is_multi_agent_v2_usage_hint_message( + response_item, + &multi_agent_v2_usage_hint_texts_to_filter, + ) + ) + }); + for item in &mut forked_rollout_items { + if let RolloutItem::Compacted(compacted) = item + && let Some(replacement_history) = compacted.replacement_history.as_mut() + { + replacement_history.retain(|response_item| { + !is_multi_agent_v2_usage_hint_message( + response_item, + &multi_agent_v2_usage_hint_texts_to_filter, + ) + }); + } + } + if preserve_reference_context_item + && multi_agent_version == MultiAgentVersion::V2 + && config.multi_agent_v2.usage_hint_enabled + && let Some(subagent_usage_hint_text) = + config.multi_agent_v2.subagent_usage_hint_text.clone() + && let Some(subagent_usage_hint_message) = + crate::context_manager::updates::build_developer_update_item(vec![ + subagent_usage_hint_text, + ]) + { + forked_rollout_items.push(RolloutItem::ResponseItem(subagent_usage_hint_message)); + } + + state + .fork_thread_with_source( + config.clone(), + InitialHistory::Forked(forked_rollout_items), + self.clone(), + session_source, + /*thread_source*/ Some(ThreadSource::Subagent), + /*parent_thread_id*/ Some(parent_thread_id), + /*forked_from_thread_id*/ Some(parent_thread_id), + inherited_shell_snapshot, + inherited_exec_policy, + options.environments.clone(), + ) + .await + } + + /// Resume an existing agent thread from a recorded rollout file. + pub(crate) async fn resume_agent_from_rollout( + &self, + config: Config, + thread_id: ThreadId, + session_source: SessionSource, + ) -> CodexResult { + let root_depth = thread_spawn_depth(&session_source).unwrap_or(0); + let (resumed_thread_id, resumed_multi_agent_version) = Box::pin( + self.resume_single_agent_from_rollout(config.clone(), thread_id, session_source), + ) + .await?; + let state = self.upgrade()?; + if config.multi_agent_version_from_features() == MultiAgentVersion::V2 + || resumed_multi_agent_version == MultiAgentVersion::V2 + { + return Ok(resumed_thread_id); + } + let Ok(resumed_thread) = state.get_thread(resumed_thread_id).await else { + return Ok(resumed_thread_id); + }; + let Some(state_db_ctx) = resumed_thread.state_db() else { + return Ok(resumed_thread_id); + }; + + let mut resume_queue = VecDeque::from([(thread_id, root_depth)]); + while let Some((parent_thread_id, parent_depth)) = resume_queue.pop_front() { + let child_ids = match state_db_ctx + .list_thread_spawn_children_with_status( + parent_thread_id, + DirectionalThreadSpawnEdgeStatus::Open, + ) + .await + { + Ok(child_ids) => child_ids, + Err(err) => { + warn!( + "failed to load persisted thread-spawn children for {parent_thread_id}: {err}" + ); + continue; + } + }; + + for child_thread_id in child_ids { + let child_depth = parent_depth + 1; + let child_resumed = if state.get_thread(child_thread_id).await.is_ok() { + true + } else { + let child_session_source = + SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth: child_depth, + agent_path: None, + agent_nickname: None, + agent_role: None, + }); + match Box::pin(self.resume_single_agent_from_rollout( + config.clone(), + child_thread_id, + child_session_source, + )) + .await + { + Ok((_, _)) => true, + Err(err) => { + warn!("failed to resume descendant thread {child_thread_id}: {err}"); + false + } + } + }; + if child_resumed { + resume_queue.push_back((child_thread_id, child_depth)); + } + } + } + + Ok(resumed_thread_id) + } + + async fn resume_single_agent_from_rollout( + &self, + config: Config, + thread_id: ThreadId, + session_source: SessionSource, + ) -> CodexResult<(ThreadId, MultiAgentVersion)> { + let state = self.upgrade()?; + let state_db_ctx = state.state_db(); + let stored_thread = state + .read_stored_thread(ReadThreadParams { + thread_id, + include_archived: true, + include_history: true, + }) + .await?; + let history = stored_thread + .history + .ok_or_else(|| CodexErr::ThreadNotFound(thread_id))? + .items; + let initial_history = InitialHistory::Resumed(ResumedHistory { + conversation_id: thread_id, + history, + rollout_path: stored_thread.rollout_path, + }); + let parent_thread_id = stored_thread.parent_thread_id; + let multi_agent_version = state + .effective_multi_agent_version_for_spawn( + &initial_history, + Some(&session_source), + parent_thread_id, + /*forked_from_thread_id*/ None, + &config, + ) + .await; + let agent_max_threads = config.effective_agent_max_threads(multi_agent_version); + let mut reservation = self.state.reserve_spawn_slot(agent_max_threads)?; + let (session_source, agent_metadata) = match session_source { + SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth, + agent_path, + agent_role: _, + agent_nickname: _, + }) => { + let (resumed_agent_nickname, resumed_agent_role) = + if let Some(state_db_ctx) = state_db_ctx.as_ref() { + match state_db_ctx.get_thread(thread_id).await { + Ok(Some(metadata)) => (metadata.agent_nickname, metadata.agent_role), + Ok(None) | Err(_) => (None, None), + } + } else { + (None, None) + }; + self.prepare_thread_spawn( + &mut reservation, + &config, + parent_thread_id, + depth, + agent_path, + resumed_agent_role, + resumed_agent_nickname, + )? + } + other => (other, AgentMetadata::default()), + }; + let notification_source = session_source.clone(); + let inherited_shell_snapshot = self + .inherited_shell_snapshot_for_source(&state, Some(&session_source)) + .await; + let inherited_exec_policy = self + .inherited_exec_policy_for_source(&state, Some(&session_source), &config) + .await; + + let resumed_thread = state + .resume_thread_with_history_with_source(ResumeThreadWithHistoryOptions { + config: config.clone(), + initial_history, + agent_control: self.clone(), + session_source, + parent_thread_id, + inherited_shell_snapshot, + inherited_exec_policy, + }) + .await?; + let mut agent_metadata = agent_metadata; + agent_metadata.agent_id = Some(resumed_thread.thread_id); + reservation.commit(agent_metadata.clone()); + // Resumed threads are re-registered in-memory and need the same listener + // attachment path as freshly spawned threads. + state.notify_thread_created(resumed_thread.thread_id); + if multi_agent_version != MultiAgentVersion::V2 { + let child_reference = agent_metadata + .agent_path + .as_ref() + .map(ToString::to_string) + .unwrap_or_else(|| resumed_thread.thread_id.to_string()); + self.maybe_start_completion_watcher( + resumed_thread.thread_id, + Some(notification_source.clone()), + child_reference, + agent_metadata.agent_path.clone(), + ); + } + self.persist_thread_spawn_edge_for_source( + resumed_thread.thread.as_ref(), + resumed_thread.thread_id, + Some(¬ification_source), + ) + .await; + + Ok((resumed_thread.thread_id, multi_agent_version)) + } +} diff --git a/codex-rs/core/src/agent/control_tests.rs b/codex-rs/core/src/agent/control_tests.rs index f9462e94f65..ac42984b585 100644 --- a/codex-rs/core/src/agent/control_tests.rs +++ b/codex-rs/core/src/agent/control_tests.rs @@ -104,6 +104,10 @@ struct AgentControlHarness { impl AgentControlHarness { async fn new() -> Self { let (home, config) = test_config().await; + Self::new_with_config(home, config).await + } + + async fn new_with_config(home: TempDir, config: Config) -> Self { let state_db = init_state_db(&config).await; let manager = ThreadManager::with_models_provider_home_and_state_for_tests( CodexAuth::from_api_key("dummy"), @@ -249,6 +253,14 @@ async fn wait_for_live_thread_spawn_children( .expect("expected persisted child tree"); } +async fn assert_thread_not_loaded(manager: &ThreadManager, thread_id: ThreadId) { + match manager.get_thread(thread_id).await { + Err(CodexErr::ThreadNotFound(id)) => assert_eq!(id, thread_id), + Err(err) => panic!("expected ThreadNotFound, got {err:?}"), + Ok(_) => panic!("expected thread not to be loaded"), + } +} + #[tokio::test] async fn send_input_errors_when_manager_dropped() { let control = AgentControl::default(); @@ -446,7 +458,6 @@ async fn send_input_submits_user_message() { let expected = ( thread_id, Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello from tests".to_string(), text_elements: Vec::new(), @@ -527,6 +538,244 @@ async fn send_inter_agent_communication_without_turn_queues_message_without_trig )); } +#[tokio::test] +async fn ensure_v2_agent_loaded_reloads_registered_unloaded_agent() { + let (home, mut config) = test_config().await; + let _ = config.features.enable(Feature::MultiAgentV2); + let _ = config.features.enable(Feature::Sqlite); + let harness = AgentControlHarness::new_with_config(home, config).await; + let (parent_thread_id, _parent_thread) = harness.start_thread().await; + let agent_path = AgentPath::try_from("/root/worker").expect("agent path"); + let spawned_agent = harness + .control + .spawn_agent_with_metadata( + harness.config.clone(), + text_input("hello child"), + Some(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth: 1, + agent_path: Some(agent_path.clone()), + agent_nickname: None, + agent_role: None, + })), + SpawnAgentOptions { + parent_thread_id: Some(parent_thread_id), + ..Default::default() + }, + ) + .await + .expect("spawn_agent should succeed"); + let child_thread = harness + .manager + .get_thread(spawned_agent.thread_id) + .await + .expect("child thread should exist"); + child_thread + .inject_response_items(vec![assistant_message( + "child persisted", + Some(MessagePhase::FinalAnswer), + )]) + .await + .expect("child rollout should persist with v2 metadata"); + child_thread + .shutdown_and_wait() + .await + .expect("child thread should shut down"); + + assert!( + harness + .manager + .remove_thread(&spawned_agent.thread_id) + .await + .is_some() + ); + match harness.manager.get_thread(spawned_agent.thread_id).await { + Err(CodexErr::ThreadNotFound(id)) => assert_eq!(id, spawned_agent.thread_id), + Err(err) => panic!("expected ThreadNotFound, got {err:?}"), + Ok(_) => panic!("expected thread to be removed"), + } + + harness + .control + .ensure_v2_agent_loaded(harness.config.clone(), spawned_agent.thread_id) + .await + .expect("known v2 agent should reload"); + let _ = harness + .manager + .get_thread(spawned_agent.thread_id) + .await + .expect("reloaded child thread should exist"); + + let communication = InterAgentCommunication::new( + AgentPath::root(), + agent_path, + Vec::new(), + "hello after reload".to_string(), + /*trigger_turn*/ false, + ); + harness + .control + .send_inter_agent_communication(spawned_agent.thread_id, communication.clone()) + .await + .expect("send_inter_agent_communication should succeed after reload"); + let expected = ( + spawned_agent.thread_id, + Op::InterAgentCommunication { communication }, + ); + let captured = harness + .manager + .captured_ops() + .into_iter() + .find(|entry| *entry == expected); + assert_eq!(captured, Some(expected)); +} + +#[tokio::test] +async fn resume_agent_from_rollout_does_not_reopen_v2_descendants() { + let (home, mut config) = test_config().await; + let _ = config.features.enable(Feature::MultiAgentV2); + let _ = config.features.enable(Feature::Sqlite); + let harness = AgentControlHarness::new_with_config(home, config).await; + let (parent_thread_id, parent_thread) = harness.start_thread().await; + let worker_path = AgentPath::root().join("worker").expect("worker path"); + let worker_thread_id = harness + .control + .spawn_agent( + harness.config.clone(), + text_input("hello worker"), + Some(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth: 1, + agent_path: Some(worker_path.clone()), + agent_nickname: None, + agent_role: Some("worker".to_string()), + })), + ) + .await + .expect("worker spawn should succeed"); + let reviewer_path = worker_path.join("reviewer").expect("reviewer path"); + let reviewer_thread_id = harness + .control + .spawn_agent( + harness.config.clone(), + text_input("hello reviewer"), + Some(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id: worker_thread_id, + depth: 2, + agent_path: Some(reviewer_path.clone()), + agent_nickname: None, + agent_role: Some("reviewer".to_string()), + })), + ) + .await + .expect("reviewer spawn should succeed"); + + let worker_thread = harness + .manager + .get_thread(worker_thread_id) + .await + .expect("worker thread should exist"); + let reviewer_thread = harness + .manager + .get_thread(reviewer_thread_id) + .await + .expect("reviewer thread should exist"); + persist_thread_for_tree_resume(&parent_thread, "parent persisted").await; + persist_thread_for_tree_resume(&worker_thread, "worker persisted").await; + persist_thread_for_tree_resume(&reviewer_thread, "reviewer persisted").await; + wait_for_live_thread_spawn_children(&harness.control, parent_thread_id, &[worker_thread_id]) + .await; + wait_for_live_thread_spawn_children(&harness.control, worker_thread_id, &[reviewer_thread_id]) + .await; + + let report = harness + .manager + .shutdown_all_threads_bounded(Duration::from_secs(5)) + .await; + assert_eq!(report.submit_failed, Vec::::new()); + assert_eq!(report.timed_out, Vec::::new()); + + let resumed_manager = ThreadManager::with_models_provider_home_and_state_for_tests( + CodexAuth::from_api_key("dummy"), + harness.config.model_provider.clone(), + harness.config.codex_home.to_path_buf(), + std::sync::Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), + harness.state_db.clone(), + ); + let resumed_control = resumed_manager.agent_control(); + let resumed_parent_thread_id = resumed_control + .resume_agent_from_rollout( + harness.config.clone(), + parent_thread_id, + SessionSource::Exec, + ) + .await + .expect("v2 root resume should succeed"); + assert_eq!(resumed_parent_thread_id, parent_thread_id); + assert_ne!( + resumed_control.get_status(parent_thread_id).await, + AgentStatus::NotFound + ); + assert_thread_not_loaded(&resumed_manager, worker_thread_id).await; + assert_thread_not_loaded(&resumed_manager, reviewer_thread_id).await; +} + +#[tokio::test] +async fn encrypted_inter_agent_communication_clears_existing_last_task_message() { + let harness = AgentControlHarness::new().await; + let (parent_thread_id, _) = harness.start_thread().await; + let agent_path = AgentPath::try_from("/root/worker").expect("agent path"); + let spawned_agent = harness + .control + .spawn_agent_with_metadata( + harness.config.clone(), + text_input("old plaintext task"), + Some(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth: 1, + agent_path: Some(agent_path.clone()), + agent_nickname: None, + agent_role: None, + })), + SpawnAgentOptions { + parent_thread_id: Some(parent_thread_id), + ..Default::default() + }, + ) + .await + .expect("spawn_agent should succeed"); + assert_eq!( + harness + .control + .state + .agent_metadata_for_thread(spawned_agent.thread_id) + .and_then(|metadata| metadata.last_task_message), + Some("old plaintext task".to_string()) + ); + + let communication = InterAgentCommunication::new_encrypted( + AgentPath::root(), + agent_path, + Vec::new(), + "encrypted-task".to_string(), + /*trigger_turn*/ true, + ); + harness + .control + .send_inter_agent_communication(spawned_agent.thread_id, communication) + .await + .expect("send_inter_agent_communication should succeed"); + + assert_eq!( + harness + .control + .state + .agent_metadata_for_thread(spawned_agent.thread_id) + .and_then(|metadata| metadata.last_task_message), + None + ); +} + #[tokio::test] async fn spawn_agent_creates_thread_and_sends_prompt() { let harness = AgentControlHarness::new().await; @@ -547,7 +796,6 @@ async fn spawn_agent_creates_thread_and_sends_prompt() { let expected = ( thread_id, Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "spawned".to_string(), text_elements: Vec::new(), @@ -767,7 +1015,6 @@ async fn spawn_agent_can_fork_parent_thread_history_with_sanitized_items() { let expected = ( child_thread_id, Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "child task".to_string(), text_elements: Vec::new(), @@ -850,6 +1097,7 @@ async fn spawn_agent_fork_strips_parent_usage_hints_from_compacted_history() { RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(replacement_history), + window_id: None, }), RolloutItem::TurnContext(turn_context.to_turn_context_item()), RolloutItem::ResponseItem(spawn_agent_call(&parent_spawn_call_id)), @@ -2243,7 +2491,7 @@ async fn list_agent_subtree_thread_ids_includes_anonymous_and_closed_descendants } #[tokio::test] -async fn list_agent_subtree_thread_ids_includes_live_descendants_without_state_db() { +async fn list_agent_subtree_thread_ids_finds_live_descendants_of_unloaded_root() { let (_home, config) = test_config().await; let manager = ThreadManager::with_models_provider_home_and_state_for_tests( CodexAuth::from_api_key("dummy"), @@ -2288,6 +2536,8 @@ async fn list_agent_subtree_thread_ids_includes_live_descendants_without_state_d .await .expect("grandchild spawn should succeed"); + manager.remove_thread(&parent_thread_id).await; + let mut subtree_thread_ids = manager .list_agent_subtree_thread_ids(parent_thread_id) .await diff --git a/codex-rs/core/src/agent/registry.rs b/codex-rs/core/src/agent/registry.rs index 1acd73085f4..43aca201bfa 100644 --- a/codex-rs/core/src/agent/registry.rs +++ b/codex-rs/core/src/agent/registry.rs @@ -180,6 +180,20 @@ impl AgentRegistry { } } + pub(crate) fn clear_last_task_message(&self, thread_id: ThreadId) { + let mut active_agents = self + .active_agents + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + if let Some(metadata) = active_agents + .agent_tree + .values_mut() + .find(|metadata| metadata.agent_id == Some(thread_id)) + { + metadata.last_task_message = None; + } + } + fn register_spawned_thread(&self, agent_metadata: AgentMetadata) { let Some(thread_id) = agent_metadata.agent_id else { return; diff --git a/codex-rs/core/src/agents_md.rs b/codex-rs/core/src/agents_md.rs index 8048552480f..95ff98f5158 100644 --- a/codex-rs/core/src/agents_md.rs +++ b/codex-rs/core/src/agents_md.rs @@ -21,13 +21,12 @@ use codex_config::ConfigLayerStackOrdering; use codex_config::default_project_root_markers; use codex_config::merge_toml_values; use codex_config::project_root_markers_from_config; -use codex_exec_server::Environment; use codex_exec_server::ExecutorFileSystem; -use codex_exec_server::LOCAL_FS; +use codex_extension_api::UserInstructions; use codex_features::Feature; use codex_prompts::HIERARCHICAL_AGENTS_MESSAGE; use codex_utils_absolute_path::AbsolutePathBuf; -use dunce::canonicalize as normalize_path; +use codex_utils_path_uri::PathUri; use std::io; use toml::Value as TomlValue; use tracing::error; @@ -37,314 +36,349 @@ pub const DEFAULT_AGENTS_MD_FILENAME: &str = "AGENTS.md"; /// Preferred local override for AGENTS.md instructions. pub const LOCAL_AGENTS_MD_FILENAME: &str = "AGENTS.override.md"; -/// When both `Config::instructions` and AGENTS.md docs are present, they will -/// be concatenated with the following separator. +/// When both user and project AGENTS.md docs are present, they will be +/// concatenated with the following separator. const AGENTS_MD_SEPARATOR: &str = "\n\n--- project-doc ---\n\n"; -/// Resolves AGENTS.md files into model-visible user instructions and source -/// paths. -pub struct AgentsMdManager<'a> { - config: &'a Config, -} - -pub(crate) struct LoadedAgentsMd { - pub(crate) contents: String, - pub(crate) path: AbsolutePathBuf, -} +/// Loads project AGENTS.md content and combines it with host-provided user +/// instructions. +pub(crate) async fn load_project_instructions( + config: &mut Config, + user_instructions: Option, + fs: Option<&dyn ExecutorFileSystem>, +) -> Option { + let mut loaded = LoadedAgentsMd::from_user_instructions(user_instructions); + if let Some(fs) = fs { + match read_agents_md(config, fs).await { + Ok(Some(docs)) => loaded.entries.extend(docs.entries), + Ok(None) => {} + Err(e) => { + error!("error trying to find AGENTS.md docs: {e:#}"); + } + } + } -impl<'a> AgentsMdManager<'a> { - pub fn new(config: &'a Config) -> Self { - Self { config } + if config.features.enabled(Feature::ChildAgentsMd) { + loaded.entries.push(InstructionEntry { + contents: HIERARCHICAL_AGENTS_MESSAGE.to_string(), + provenance: InstructionProvenance::Internal, + }); } - pub(crate) async fn load_global_instructions( - fs: &dyn ExecutorFileSystem, - codex_dir: Option<&AbsolutePathBuf>, - startup_warnings: &mut Vec, - ) -> Option { - let base = codex_dir?; - for candidate in [LOCAL_AGENTS_MD_FILENAME, DEFAULT_AGENTS_MD_FILENAME] { - let path = base.join(candidate); - let data = match fs.read_file(&path, /*sandbox*/ None).await { - Ok(data) => data, - Err(err) if err.kind() == io::ErrorKind::NotFound => continue, - Err(err) if err.kind() == io::ErrorKind::IsADirectory => continue, - Err(err) => { - startup_warnings.push(format!( - "Failed to read global AGENTS.md instructions from `{}`: {err}", - path.display() - )); - continue; - } - }; - warn_invalid_utf8(&path, &data, "Global", startup_warnings); - let contents = String::from_utf8_lossy(&data); - let trimmed = contents.trim(); - if !trimmed.is_empty() { - return Some(LoadedAgentsMd { - contents: trimmed.to_string(), - path, - }); - } - } - None + (!loaded.is_empty()).then_some(loaded) +} + +/// Attempt to locate and load AGENTS.md documentation. +/// +/// On success returns `Ok(Some(loaded))` where `loaded` contains every +/// discovered doc. If no documentation file is found the function returns +/// `Ok(None)`. Unexpected I/O failures bubble up as `Err` so callers can +/// decide how to handle them. +async fn read_agents_md( + config: &mut Config, + fs: &dyn ExecutorFileSystem, +) -> io::Result> { + let max_total = config.project_doc_max_bytes; + + if max_total == 0 { + return Ok(None); } - /// Combines configured user instructions and AGENTS.md content into a - /// single model-visible instruction string. - pub(crate) async fn user_instructions( - &self, - environment: Option<&Environment>, - startup_warnings: &mut Vec, - ) -> Option { - let fs = environment?.get_filesystem(); - self.user_instructions_with_fs(fs.as_ref(), startup_warnings) - .await + let paths = agents_md_paths(config, fs).await?; + if paths.is_empty() { + return Ok(None); } - async fn user_instructions_with_fs( - &self, - fs: &dyn ExecutorFileSystem, - startup_warnings: &mut Vec, - ) -> Option { - let agents_md_docs = self.read_agents_md(fs, startup_warnings).await; + let mut remaining: u64 = max_total as u64; + let mut loaded = LoadedAgentsMd::default(); - let mut output = String::new(); + for p in paths { + if remaining == 0 { + break; + } - if let Some(instructions) = self.config.user_instructions.clone() { - output.push_str(&instructions); + let path_uri = PathUri::from_abs_path(&p)?; + match fs.get_metadata(&path_uri, /*sandbox*/ None).await { + Ok(metadata) if !metadata.is_file => continue, + Ok(_) => {} + Err(err) if err.kind() == io::ErrorKind::NotFound => continue, + Err(err) => return Err(err), } - match agents_md_docs { - Ok(Some(docs)) => { - if !output.is_empty() { - output.push_str(AGENTS_MD_SEPARATOR); - } - output.push_str(&docs); - } - Ok(None) => {} - Err(e) => { - error!("error trying to find AGENTS.md docs: {e:#}"); - } + let mut data = match fs.read_file(&path_uri, /*sandbox*/ None).await { + Ok(data) => data, + Err(err) if err.kind() == io::ErrorKind::NotFound => continue, + Err(err) => return Err(err), }; + warn_invalid_utf8(&p, &data, "Project", &mut config.startup_warnings); - if self.config.features.enabled(Feature::ChildAgentsMd) { - if !output.is_empty() { - output.push_str("\n\n"); - } - output.push_str(HIERARCHICAL_AGENTS_MESSAGE); + let size = data.len() as u64; + if size > remaining { + data.truncate(remaining as usize); } - if !output.is_empty() { - Some(output) - } else { - None + if size > remaining { + tracing::warn!( + "Project doc `{}` exceeds remaining budget ({} bytes) - truncating.", + p.display(), + remaining, + ); } - } - /// Returns all instruction source files included in the current config. - pub async fn instruction_sources(&self, fs: &dyn ExecutorFileSystem) -> Vec { - let mut global_instruction_warnings = Vec::new(); - let mut paths = Self::load_global_instructions( - LOCAL_FS.as_ref(), - Some(&self.config.codex_home), - &mut global_instruction_warnings, - ) - .await - .map(|loaded| vec![loaded.path]) - .unwrap_or_default(); - match self.agents_md_paths(fs).await { - Ok(agents_md_paths) => paths.extend(agents_md_paths), - Err(err) => { - tracing::warn!(error = %err, "failed to discover AGENTS.md docs for instruction sources"); - } + let text = String::from_utf8_lossy(&data).to_string(); + if !text.trim().is_empty() { + loaded.entries.push(InstructionEntry { + contents: text, + provenance: InstructionProvenance::Project(p), + }); + remaining = remaining.saturating_sub(data.len() as u64); } - paths } - /// Attempt to locate and load AGENTS.md documentation. - /// - /// On success returns `Ok(Some(contents))` where `contents` is the - /// concatenation of all discovered docs. If no documentation file is found - /// the function returns `Ok(None)`. Unexpected I/O failures bubble up as - /// `Err` so callers can decide how to handle them. - async fn read_agents_md( - &self, - fs: &dyn ExecutorFileSystem, - startup_warnings: &mut Vec, - ) -> io::Result> { - let max_total = self.config.project_doc_max_bytes; - - if max_total == 0 { - return Ok(None); - } + if loaded.is_empty() { + Ok(None) + } else { + Ok(Some(loaded)) + } +} - let paths = self.agents_md_paths(fs).await?; - if paths.is_empty() { - return Ok(None); +/// Discovers AGENTS.md files from the project root to the current working +/// directory, inclusive. Symlinks are allowed. +async fn agents_md_paths( + config: &Config, + fs: &dyn ExecutorFileSystem, +) -> io::Result> { + let dir = config.cwd.clone(); + + let mut merged = TomlValue::Table(toml::map::Map::new()); + for layer in config.config_layer_stack.get_layers( + ConfigLayerStackOrdering::LowestPrecedenceFirst, + /*include_disabled*/ false, + ) { + if matches!(layer.name, ConfigLayerSource::Project { .. }) { + continue; } - - let mut remaining: u64 = max_total as u64; - let mut parts: Vec = Vec::new(); - - for p in paths { - if remaining == 0 { + merge_toml_values(&mut merged, &layer.config); + } + let project_root_markers = match project_root_markers_from_config(&merged) { + Ok(Some(markers)) => markers, + Ok(None) => default_project_root_markers(), + Err(err) => { + tracing::warn!("invalid project_root_markers: {err}"); + default_project_root_markers() + } + }; + let mut project_root = None; + if !project_root_markers.is_empty() { + for ancestor in dir.ancestors() { + for marker in &project_root_markers { + let marker_path = ancestor.join(marker); + let marker_path_uri = PathUri::from_abs_path(&marker_path)?; + let marker_exists = match fs.get_metadata(&marker_path_uri, /*sandbox*/ None).await + { + Ok(_) => true, + Err(err) if err.kind() == io::ErrorKind::NotFound => false, + Err(err) => return Err(err), + }; + if marker_exists { + project_root = Some(ancestor.clone()); + break; + } + } + if project_root.is_some() { break; } + } + } - match fs.get_metadata(&p, /*sandbox*/ None).await { - Ok(metadata) if !metadata.is_file => continue, - Ok(_) => {} - Err(err) if err.kind() == io::ErrorKind::NotFound => continue, - Err(err) => return Err(err), + let search_dirs: Vec = if let Some(root) = project_root { + let mut dirs = Vec::new(); + let mut cursor = dir.clone(); + loop { + dirs.push(cursor.clone()); + if cursor == root { + break; } - - let mut data = match fs.read_file(&p, /*sandbox*/ None).await { - Ok(data) => data, + let Some(parent) = cursor.parent() else { + break; + }; + cursor = parent; + } + dirs.reverse(); + dirs + } else { + vec![dir] + }; + + let mut found: Vec = Vec::new(); + let candidate_filenames = candidate_filenames(config); + for d in search_dirs { + for name in &candidate_filenames { + let candidate = d.join(name); + let candidate_uri = PathUri::from_abs_path(&candidate)?; + match fs.get_metadata(&candidate_uri, /*sandbox*/ None).await { + Ok(md) if md.is_file => { + found.push(candidate); + break; + } + Ok(_) => {} Err(err) if err.kind() == io::ErrorKind::NotFound => continue, Err(err) => return Err(err), - }; - warn_invalid_utf8(&p, &data, "Project", startup_warnings); - - let size = data.len() as u64; - if size > remaining { - data.truncate(remaining as usize); } + } + } - if size > remaining { - tracing::warn!( - "Project doc `{}` exceeds remaining budget ({} bytes) - truncating.", - p.display(), - remaining, - ); - } + Ok(found) +} - let text = String::from_utf8_lossy(&data).to_string(); - if !text.trim().is_empty() { - parts.push(text); - remaining = remaining.saturating_sub(data.len() as u64); - } +fn candidate_filenames(config: &Config) -> Vec<&str> { + let mut names: Vec<&str> = Vec::with_capacity(2 + config.project_doc_fallback_filenames.len()); + names.push(LOCAL_AGENTS_MD_FILENAME); + names.push(DEFAULT_AGENTS_MD_FILENAME); + for candidate in &config.project_doc_fallback_filenames { + let candidate = candidate.as_str(); + if candidate.is_empty() { + continue; } - - if parts.is_empty() { - Ok(None) - } else { - Ok(Some(parts.join("\n\n"))) + if !names.contains(&candidate) { + names.push(candidate); } } + names +} + +/// Model-visible instructions loaded from AGENTS.md files and internal +/// guidance. +#[derive(Clone, Debug, Default, PartialEq, Eq)] +pub struct LoadedAgentsMd { + /// Host-provided user instructions. + user_instructions: Option, - /// Discover the list of AGENTS.md files using the same search rules as - /// `read_agents_md`, but return the file paths instead of concatenated - /// contents. The list is ordered from project root to the current working - /// directory (inclusive). Symlinks are allowed. When `project_doc_max_bytes` - /// is zero, returns an empty list. - async fn agents_md_paths( - &self, - fs: &dyn ExecutorFileSystem, - ) -> io::Result> { - if self.config.project_doc_max_bytes == 0 { - return Ok(Vec::new()); + /// Ordered instructions and their provenance. + entries: Vec, +} + +impl LoadedAgentsMd { + /// Creates loaded instructions containing one user-level AGENTS.md entry. + pub fn new_user(contents: String, path: AbsolutePathBuf) -> Self { + if contents.trim().is_empty() { + return Self::default(); + } + Self { + user_instructions: Some(UserInstructions { + text: contents, + source: path, + }), + entries: Vec::new(), } + } - let mut dir = self.config.cwd.clone(); - if let Ok(canon) = normalize_path(&dir) { - dir = AbsolutePathBuf::try_from(canon)?; + fn from_user_instructions(user_instructions: Option) -> Self { + Self { + user_instructions: user_instructions + .filter(|instructions| !instructions.text.trim().is_empty()), + entries: Vec::new(), } + } - let mut merged = TomlValue::Table(toml::map::Map::new()); - for layer in self.config.config_layer_stack.get_layers( - ConfigLayerStackOrdering::LowestPrecedenceFirst, - /*include_disabled*/ false, - ) { - if matches!(layer.name, ConfigLayerSource::Project { .. }) { - continue; - } - merge_toml_values(&mut merged, &layer.config); + /// Creates source-less user instructions for tests. + /// + /// This cannot be gated with `#[cfg(test)]` because integration tests + /// compile `codex-core` as a normal dependency without that configuration. + pub fn from_text_for_testing(contents: impl Into) -> Self { + let contents = contents.into(); + if contents.trim().is_empty() { + return Self::default(); } - let project_root_markers = match project_root_markers_from_config(&merged) { - Ok(Some(markers)) => markers, - Ok(None) => default_project_root_markers(), - Err(err) => { - tracing::warn!("invalid project_root_markers: {err}"); - default_project_root_markers() - } - }; - let mut project_root = None; - if !project_root_markers.is_empty() { - for ancestor in dir.ancestors() { - for marker in &project_root_markers { - let marker_path = ancestor.join(marker); - let marker_exists = match fs.get_metadata(&marker_path, /*sandbox*/ None).await - { - Ok(_) => true, - Err(err) if err.kind() == io::ErrorKind::NotFound => false, - Err(err) => return Err(err), - }; - if marker_exists { - project_root = Some(ancestor.clone()); - break; - } - } - if project_root.is_some() { - break; - } - } + Self { + user_instructions: None, + entries: vec![InstructionEntry { + contents, + provenance: InstructionProvenance::Internal, + }], } + } - let search_dirs: Vec = if let Some(root) = project_root { - let mut dirs = Vec::new(); - let mut cursor = dir.clone(); - loop { - dirs.push(cursor.clone()); - if cursor == root { - break; - } - let Some(parent) = cursor.parent() else { - break; - }; - cursor = parent; - } - dirs.reverse(); - dirs - } else { - vec![dir] - }; + fn is_empty(&self) -> bool { + self.user_instructions.is_none() + && self + .entries + .iter() + .all(|entry| entry.contents.trim().is_empty()) + } - let mut found: Vec = Vec::new(); - let candidate_filenames = self.candidate_filenames(); - for d in search_dirs { - for name in &candidate_filenames { - let candidate = d.join(name); - match fs.get_metadata(&candidate, /*sandbox*/ None).await { - Ok(md) if md.is_file => { - found.push(candidate); - break; - } - Ok(_) => {} - Err(err) if err.kind() == io::ErrorKind::NotFound => continue, - Err(err) => return Err(err), - } + /// Returns the concatenated model-visible instruction text. + pub fn text(&self) -> String { + let mut output = String::new(); + let mut has_previous = false; + let mut previous_was_project = false; + if let Some(instructions) = &self.user_instructions { + output.push_str(&instructions.text); + has_previous = true; + } + for entry in &self.entries { + let is_project = matches!(&entry.provenance, InstructionProvenance::Project(_)); + if has_previous { + // The project-doc marker tells the model where workspace-scoped + // instructions begin, so it is only needed on the transition + // from user or internal instructions to project instructions. + let separator = if is_project && !previous_was_project { + AGENTS_MD_SEPARATOR + } else { + "\n\n" + }; + output.push_str(separator); } + output.push_str(&entry.contents); + has_previous = true; + previous_was_project = is_project; } + output + } - Ok(found) + /// Returns the host-provided user instructions. + pub(crate) fn user_instructions(&self) -> Option<&UserInstructions> { + self.user_instructions.as_ref() } - fn candidate_filenames(&self) -> Vec<&str> { - let mut names: Vec<&str> = - Vec::with_capacity(2 + self.config.project_doc_fallback_filenames.len()); - names.push(LOCAL_AGENTS_MD_FILENAME); - names.push(DEFAULT_AGENTS_MD_FILENAME); - for candidate in &self.config.project_doc_fallback_filenames { - let candidate = candidate.as_str(); - if candidate.is_empty() { - continue; - } - if !names.contains(&candidate) { - names.push(candidate); - } + /// Returns the AGENTS.md files that supplied instruction entries. + pub fn sources(&self) -> impl Iterator { + self.user_instructions + .iter() + .map(|instructions| &instructions.source) + .chain( + self.entries + .iter() + .filter_map(|entry| entry.provenance.path()), + ) + } +} + +/// One model-visible instruction and its provenance. +#[derive(Clone, Debug, PartialEq, Eq)] +struct InstructionEntry { + /// Model-visible instruction text. + contents: String, + + /// Origin of the instruction. + provenance: InstructionProvenance, +} + +#[derive(Clone, Debug, PartialEq, Eq)] +enum InstructionProvenance { + /// Workspace instructions discovered from project AGENTS.md files. + Project(AbsolutePathBuf), + + /// Instructions without a file source, including internally defined guidance. + Internal, +} + +impl InstructionProvenance { + fn path(&self) -> Option<&AbsolutePathBuf> { + match self { + Self::Project(path) => Some(path), + Self::Internal => None, } - names } } diff --git a/codex-rs/core/src/agents_md_tests.rs b/codex-rs/core/src/agents_md_tests.rs index 2d6a5fa30b5..1db1f29215a 100644 --- a/codex-rs/core/src/agents_md_tests.rs +++ b/codex-rs/core/src/agents_md_tests.rs @@ -1,27 +1,250 @@ use super::*; use crate::config::ConfigBuilder; +use codex_config::ConfigLayerEntry; +use codex_config::ConfigLayerStack; +use codex_config::ConfigRequirements; +use codex_config::ConfigRequirementsToml; +use codex_exec_server::CopyOptions; +use codex_exec_server::CreateDirectoryOptions; +use codex_exec_server::ExecutorFileSystemFuture; +use codex_exec_server::FileMetadata; +use codex_exec_server::FileSystemSandboxContext; use codex_exec_server::LOCAL_FS; +use codex_exec_server::ReadDirectoryEntry; +use codex_exec_server::RemoveOptions; +use codex_extension_api::UserInstructions; use codex_features::Feature; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use core_test_support::PathBufExt; use core_test_support::TempDirExt; +use core_test_support::create_directory_symlink; use pretty_assertions::assert_eq; use std::fs; +use std::io; +use std::ops::Deref; +use std::ops::DerefMut; use std::path::Path; use std::path::PathBuf; use tempfile::TempDir; -async fn get_user_instructions(config: &Config) -> Option { +#[derive(Clone, Copy)] +enum InjectedFailure { + Metadata(io::ErrorKind), + Read(io::ErrorKind), +} + +struct FailingFileSystem { + path: AbsolutePathBuf, + failure: InjectedFailure, +} + +impl FailingFileSystem { + async fn canonicalize( + &self, + _path: &PathUri, + _sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result { + unreachable!("canonicalize should not be called") + } + + async fn read_file( + &self, + path: &PathUri, + sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result> { + if path.to_abs_path()? == self.path + && let InjectedFailure::Read(kind) = self.failure + { + return Err(io::Error::new(kind, "injected read failure")); + } + LOCAL_FS.read_file(path, sandbox).await + } + + async fn write_file( + &self, + _path: &PathUri, + _contents: Vec, + _sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result<()> { + unreachable!("write_file should not be called") + } + + async fn create_directory( + &self, + _path: &PathUri, + _create_directory_options: CreateDirectoryOptions, + _sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result<()> { + unreachable!("create_directory should not be called") + } + + async fn get_metadata( + &self, + path: &PathUri, + sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result { + if path.to_abs_path()? == self.path + && let InjectedFailure::Metadata(kind) = self.failure + { + return Err(io::Error::new(kind, "injected metadata failure")); + } + LOCAL_FS.get_metadata(path, sandbox).await + } + + async fn read_directory( + &self, + _path: &PathUri, + _sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result> { + unreachable!("read_directory should not be called") + } + + async fn remove( + &self, + _path: &PathUri, + _remove_options: RemoveOptions, + _sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result<()> { + unreachable!("remove should not be called") + } + + async fn copy( + &self, + _source_path: &PathUri, + _destination_path: &PathUri, + _copy_options: CopyOptions, + _sandbox: Option<&FileSystemSandboxContext>, + ) -> io::Result<()> { + unreachable!("copy should not be called") + } +} + +impl ExecutorFileSystem for FailingFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(FailingFileSystem::canonicalize(self, path, sandbox)) + } + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(FailingFileSystem::read_file(self, path, sandbox)) + } + + fn write_file<'a>( + &'a self, + path: &'a PathUri, + contents: Vec, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(FailingFileSystem::write_file(self, path, contents, sandbox)) + } + + fn create_directory<'a>( + &'a self, + path: &'a PathUri, + options: CreateDirectoryOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(FailingFileSystem::create_directory( + self, path, options, sandbox, + )) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(FailingFileSystem::get_metadata(self, path, sandbox)) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(FailingFileSystem::read_directory(self, path, sandbox)) + } + + fn remove<'a>( + &'a self, + path: &'a PathUri, + options: RemoveOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(FailingFileSystem::remove(self, path, options, sandbox)) + } + + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, + options: CopyOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(FailingFileSystem::copy( + self, + source_path, + destination_path, + options, + sandbox, + )) + } +} + +struct TestConfig { + config: Config, + user_instructions: Option, +} + +impl Deref for TestConfig { + type Target = Config; + + fn deref(&self) -> &Self::Target { + &self.config + } +} + +impl DerefMut for TestConfig { + fn deref_mut(&mut self) -> &mut Self::Target { + &mut self.config + } +} + +async fn get_user_instructions(config: &TestConfig) -> Option { let mut warnings = Vec::new(); - AgentsMdManager::new(config) - .user_instructions_with_fs(LOCAL_FS.as_ref(), &mut warnings) + load_agents_md(config, &mut warnings) .await + .map(|loaded| loaded.text()) } -async fn agents_md_paths(config: &Config) -> std::io::Result> { - AgentsMdManager::new(config) - .agents_md_paths(LOCAL_FS.as_ref()) - .await +async fn load_agents_md(config: &TestConfig, warnings: &mut Vec) -> Option { + let mut core_config = config.config.clone(); + let existing_warning_count = core_config.startup_warnings.len(); + let loaded = load_project_instructions( + &mut core_config, + config.user_instructions.clone(), + Some(LOCAL_FS.as_ref()), + ) + .await; + warnings.extend( + core_config + .startup_warnings + .into_iter() + .skip(existing_warning_count), + ); + loaded +} + +async fn agents_md_paths(config: &TestConfig) -> std::io::Result> { + super::agents_md_paths(&config.config, LOCAL_FS.as_ref()).await } fn assert_invalid_utf8_warning(warnings: &[String], source: &str, path: &Path) { @@ -42,7 +265,7 @@ fn assert_invalid_utf8_warning(warnings: &[String], source: &str, path: &Path) { /// optionally specify a custom `instructions` string – when `None` the /// value is cleared to mimic a scenario where no system instructions have /// been configured. -async fn make_config(root: &TempDir, limit: usize, instructions: Option<&str>) -> Config { +async fn make_config(root: &TempDir, limit: usize, instructions: Option<&str>) -> TestConfig { let codex_home = TempDir::new().unwrap(); let mut config = ConfigBuilder::default() .codex_home(codex_home.path().to_path_buf()) @@ -53,8 +276,14 @@ async fn make_config(root: &TempDir, limit: usize, instructions: Option<&str>) - config.cwd = root.abs(); config.project_doc_max_bytes = limit; - config.user_instructions = instructions.map(ToOwned::to_owned); - config + let user_instructions = instructions.map(|text| UserInstructions { + text: text.to_owned(), + source: config.codex_home.join(DEFAULT_AGENTS_MD_FILENAME), + }); + TestConfig { + config, + user_instructions, + } } async fn make_config_with_fallback( @@ -62,7 +291,7 @@ async fn make_config_with_fallback( limit: usize, instructions: Option<&str>, fallbacks: &[&str], -) -> Config { +) -> TestConfig { let mut config = make_config(root, limit, instructions).await; config.project_doc_fallback_filenames = fallbacks .iter() @@ -76,7 +305,7 @@ async fn make_config_with_project_root_markers( limit: usize, instructions: Option<&str>, markers: &[&str], -) -> Config { +) -> TestConfig { let codex_home = TempDir::new().unwrap(); let cli_overrides = vec![( "project_root_markers".to_string(), @@ -96,8 +325,14 @@ async fn make_config_with_project_root_markers( config.cwd = root.abs(); config.project_doc_max_bytes = limit; - config.user_instructions = instructions.map(ToOwned::to_owned); - config + let user_instructions = instructions.map(|text| UserInstructions { + text: text.to_owned(), + source: config.codex_home.join(DEFAULT_AGENTS_MD_FILENAME), + }); + TestConfig { + config, + user_instructions, + } } /// AGENTS.md missing – should yield `None`. @@ -115,17 +350,48 @@ async fn no_doc_file_returns_none() { assert!(res.is_none(), "Expected None when AGENTS.md is absent"); } -#[tokio::test] -async fn no_environment_returns_none() { - let tmp = tempfile::tempdir().expect("tempdir"); - let config = make_config(&tmp, /*limit*/ 4096, Some("user instructions")).await; +#[test] +fn empty_loaded_instructions_are_empty() { + let source = + AbsolutePathBuf::from_absolute_path("/tmp/AGENTS.md").expect("absolute source path"); - let mut warnings = Vec::new(); - let res = AgentsMdManager::new(&config) - .user_instructions(/*environment*/ None, &mut warnings) - .await; + assert_eq!( + LoadedAgentsMd::new_user(String::new(), source.clone()), + LoadedAgentsMd::default() + ); + assert_eq!( + LoadedAgentsMd::new_user(" \n\t".to_string(), source), + LoadedAgentsMd::default() + ); + assert_eq!( + LoadedAgentsMd::from_text_for_testing(String::new()), + LoadedAgentsMd::default() + ); + assert_eq!( + LoadedAgentsMd::from_text_for_testing(" \n\t"), + LoadedAgentsMd::default() + ); +} - assert_eq!(res, None); +#[test] +fn loaded_instructions_with_only_empty_or_whitespace_entries_are_empty() { + let empty = LoadedAgentsMd { + user_instructions: None, + entries: vec![InstructionEntry { + contents: String::new(), + provenance: InstructionProvenance::Internal, + }], + }; + let whitespace = LoadedAgentsMd { + user_instructions: None, + entries: vec![InstructionEntry { + contents: " \n\t".to_string(), + provenance: InstructionProvenance::Internal, + }], + }; + + assert!(empty.is_empty()); + assert!(whitespace.is_empty()); } /// Small file within the byte-limit is returned unmodified. @@ -145,27 +411,6 @@ async fn doc_smaller_than_limit_is_returned() { ); } -#[tokio::test] -async fn global_doc_invalid_utf8_warns_and_uses_lossy_text() { - let codex_home = tempfile::tempdir().expect("tempdir"); - let codex_home_abs = codex_home.abs(); - let path = codex_home_abs.join(DEFAULT_AGENTS_MD_FILENAME); - fs::write(&path, b"global\xFF doc").unwrap(); - - let mut warnings = Vec::new(); - let loaded = AgentsMdManager::load_global_instructions( - LOCAL_FS.as_ref(), - Some(&codex_home_abs), - &mut warnings, - ) - .await - .expect("global doc expected"); - - assert_eq!(loaded.contents, "global\u{FFFD} doc"); - assert_eq!(loaded.path, path); - assert_invalid_utf8_warning(&warnings, "Global", path.as_path()); -} - #[tokio::test] async fn project_doc_invalid_utf8_warns_and_uses_lossy_text() { let tmp = tempfile::tempdir().expect("tempdir"); @@ -174,14 +419,13 @@ async fn project_doc_invalid_utf8_warns_and_uses_lossy_text() { let config = make_config(&tmp, /*limit*/ 4096, /*instructions*/ None).await; let mut warnings = Vec::new(); - let res = AgentsMdManager::new(&config) - .user_instructions_with_fs(LOCAL_FS.as_ref(), &mut warnings) + let res = load_agents_md(&config, &mut warnings) .await - .expect("doc expected"); + .expect("doc expected") + .text(); assert_eq!(res, "project\u{FFFD} doc"); - let canonical_path = dunce::canonicalize(&path).expect("canonical doc path"); - assert_invalid_utf8_warning(&warnings, "Project", &canonical_path); + assert_invalid_utf8_warning(&warnings, "Project", config.cwd.join("AGENTS.md").as_path()); } /// Oversize file is truncated to `project_doc_max_bytes`. @@ -201,6 +445,92 @@ async fn doc_larger_than_limit_is_truncated() { assert_eq!(res, huge[..LIMIT]); } +#[tokio::test] +async fn total_byte_limit_truncates_later_project_docs() { + let repo = tempfile::tempdir().expect("tempdir"); + fs::write(repo.path().join(".git"), "").unwrap(); + fs::write(repo.path().join("AGENTS.md"), "root").unwrap(); + let nested = repo.path().join("nested"); + fs::create_dir(&nested).unwrap(); + fs::write(nested.join("AGENTS.md"), "abcdef").unwrap(); + + let mut config = make_config(&repo, /*limit*/ 7, /*instructions*/ None).await; + config.cwd = nested.abs(); + + let mut warnings = Vec::new(); + let loaded = load_agents_md(&config, &mut warnings) + .await + .expect("project instructions"); + let expected = LoadedAgentsMd { + user_instructions: None, + entries: vec![ + InstructionEntry { + contents: "root".to_string(), + provenance: InstructionProvenance::Project(repo.path().join("AGENTS.md").abs()), + }, + InstructionEntry { + contents: "abc".to_string(), + provenance: InstructionProvenance::Project(config.cwd.join("AGENTS.md")), + }, + ], + }; + + assert_eq!(loaded, expected); + assert_eq!(loaded.text(), "root\n\nabc"); + assert_eq!(warnings, Vec::::new()); +} + +#[tokio::test] +async fn read_agents_md_propagates_metadata_errors() { + let tmp = tempfile::tempdir().expect("tempdir"); + let mut config = make_config(&tmp, /*limit*/ 4096, /*instructions*/ None).await; + let marker_path = config.cwd.join(".git"); + let fs = FailingFileSystem { + path: marker_path, + failure: InjectedFailure::Metadata(io::ErrorKind::PermissionDenied), + }; + + let err = read_agents_md(&mut config.config, &fs) + .await + .expect_err("metadata error"); + + assert_eq!(err.kind(), io::ErrorKind::PermissionDenied); +} + +#[tokio::test] +async fn read_agents_md_propagates_read_errors() { + let tmp = tempfile::tempdir().expect("tempdir"); + fs::write(tmp.path().join("AGENTS.md"), "project doc").unwrap(); + let mut config = make_config(&tmp, /*limit*/ 4096, /*instructions*/ None).await; + let fs = FailingFileSystem { + path: config.cwd.join("AGENTS.md"), + failure: InjectedFailure::Read(io::ErrorKind::PermissionDenied), + }; + + let err = read_agents_md(&mut config.config, &fs) + .await + .expect_err("read error"); + + assert_eq!(err.kind(), io::ErrorKind::PermissionDenied); +} + +#[tokio::test] +async fn read_agents_md_ignores_files_removed_after_discovery() { + let tmp = tempfile::tempdir().expect("tempdir"); + fs::write(tmp.path().join("AGENTS.md"), "project doc").unwrap(); + let mut config = make_config(&tmp, /*limit*/ 4096, /*instructions*/ None).await; + let fs = FailingFileSystem { + path: config.cwd.join("AGENTS.md"), + failure: InjectedFailure::Read(io::ErrorKind::NotFound), + }; + + let loaded = read_agents_md(&mut config.config, &fs) + .await + .expect("removed file is recoverable"); + + assert_eq!(loaded, None); +} + /// When `cwd` is nested inside a repo, the search should locate AGENTS.md /// placed at the repository root (identified by `.git`). #[tokio::test] @@ -243,17 +573,6 @@ async fn zero_byte_limit_disables_docs() { ); } -#[tokio::test] -async fn zero_byte_limit_disables_discovery() { - let tmp = tempfile::tempdir().expect("tempdir"); - fs::write(tmp.path().join("AGENTS.md"), "something").unwrap(); - - let discovery = agents_md_paths(&make_config(&tmp, /*limit*/ 0, /*instructions*/ None).await) - .await - .expect("discover paths"); - assert_eq!(discovery, Vec::::new()); -} - /// When both system instructions and AGENTS.md docs are present the two /// should be concatenated with the separator. #[tokio::test] @@ -310,8 +629,32 @@ async fn concatenates_root_and_cwd_docs() { let mut cfg = make_config(&repo, /*limit*/ 4096, /*instructions*/ None).await; cfg.cwd = nested.abs(); - let res = get_user_instructions(&cfg).await.expect("doc expected"); - assert_eq!(res, "root doc\n\ncrate doc"); + let mut warnings = Vec::new(); + let loaded = load_agents_md(&cfg, &mut warnings) + .await + .expect("doc expected"); + let root_agents = repo.path().join("AGENTS.md").abs(); + let crate_agents = cfg.cwd.join("AGENTS.md"); + let expected = LoadedAgentsMd { + user_instructions: None, + entries: vec![ + InstructionEntry { + contents: "root doc".to_string(), + provenance: InstructionProvenance::Project(root_agents.clone()), + }, + InstructionEntry { + contents: "crate doc".to_string(), + provenance: InstructionProvenance::Project(crate_agents.clone()), + }, + ], + }; + + assert_eq!(loaded, expected); + assert_eq!(loaded.text(), "root doc\n\ncrate doc"); + assert_eq!( + loaded.sources().collect::>(), + vec![&root_agents, &crate_agents] + ); } #[tokio::test] @@ -334,14 +677,8 @@ async fn project_root_markers_are_honored_for_agents_discovery() { cfg.cwd = nested.abs(); let discovery = agents_md_paths(&cfg).await.expect("discover paths"); - let expected_parent = AbsolutePathBuf::try_from( - dunce::canonicalize(root.path().join("AGENTS.md")).expect("canonical parent doc path"), - ) - .expect("absolute parent doc path"); - let expected_child = AbsolutePathBuf::try_from( - dunce::canonicalize(cfg.cwd.join("AGENTS.md")).expect("canonical child doc path"), - ) - .expect("absolute child doc path"); + let expected_parent = root.path().join("AGENTS.md").abs(); + let expected_child = cfg.cwd.join("AGENTS.md"); assert_eq!(discovery.len(), 2); assert_eq!(discovery[0], expected_parent); assert_eq!(discovery[1], expected_child); @@ -350,6 +687,100 @@ async fn project_root_markers_are_honored_for_agents_discovery() { assert_eq!(res, "parent doc\n\nchild doc"); } +#[tokio::test] +async fn project_layers_do_not_override_project_root_markers() { + let root = tempfile::tempdir().expect("tempdir"); + fs::write(root.path().join(".git"), "").unwrap(); + fs::write(root.path().join("AGENTS.md"), "root doc").unwrap(); + let nested = root.path().join("nested"); + fs::create_dir(&nested).unwrap(); + fs::write(nested.join("AGENTS.md"), "nested doc").unwrap(); + + let mut config = make_config(&root, /*limit*/ 4096, /*instructions*/ None).await; + config.cwd = nested.abs(); + let project_layer = |dot_codex_folder: AbsolutePathBuf, marker: &str| { + ConfigLayerEntry::new( + ConfigLayerSource::Project { dot_codex_folder }, + TomlValue::Table( + [( + "project_root_markers".to_string(), + TomlValue::Array(vec![TomlValue::String(marker.to_string())]), + )] + .into_iter() + .collect(), + ), + ) + }; + config.config_layer_stack = ConfigLayerStack::new( + vec![ + project_layer(root.path().join(".codex").abs(), ".ignored-root-marker"), + project_layer(config.cwd.join(".codex"), ".ignored-nested-marker"), + ], + ConfigRequirements::default(), + ConfigRequirementsToml::default(), + ) + .expect("valid project layer ordering"); + + let discovery = agents_md_paths(&config).await.expect("discover paths"); + + assert_eq!( + discovery, + vec![ + root.path().join("AGENTS.md").abs(), + config.cwd.join("AGENTS.md"), + ] + ); +} + +#[tokio::test] +async fn agents_md_paths_preserve_symlinked_cwd() { + let tmp = tempfile::tempdir().expect("tempdir"); + let target = tmp.path().join("target"); + fs::create_dir(&target).unwrap(); + fs::write(target.join("AGENTS.md"), "project doc").unwrap(); + + let linked_cwd = tmp.path().join("linked"); + create_directory_symlink(&target, &linked_cwd); + + let mut cfg = make_config(&tmp, /*limit*/ 4096, /*instructions*/ None).await; + cfg.cwd = linked_cwd.abs(); + + let discovery = agents_md_paths(&cfg).await.expect("discover paths"); + assert_eq!(discovery, vec![cfg.cwd.join("AGENTS.md")]); + + let res = get_user_instructions(&cfg).await.expect("doc expected"); + assert_eq!(res, "project doc"); +} + +#[tokio::test] +async fn child_agents_message_after_global_instructions_uses_plain_separator() { + let tmp = tempfile::tempdir().expect("tempdir"); + let mut cfg = make_config(&tmp, /*limit*/ 4096, Some("global doc")).await; + cfg.features.enable(Feature::ChildAgentsMd).unwrap(); + + let mut warnings = Vec::new(); + let loaded = load_agents_md(&cfg, &mut warnings) + .await + .expect("instructions expected"); + let global_agents = cfg.codex_home.join(DEFAULT_AGENTS_MD_FILENAME); + let expected = LoadedAgentsMd { + user_instructions: Some(UserInstructions { + text: "global doc".to_string(), + source: global_agents, + }), + entries: vec![InstructionEntry { + contents: HIERARCHICAL_AGENTS_MESSAGE.to_string(), + provenance: InstructionProvenance::Internal, + }], + }; + + assert_eq!(loaded, expected); + assert_eq!( + loaded.text(), + format!("global doc\n\n{HIERARCHICAL_AGENTS_MESSAGE}") + ); +} + #[tokio::test] async fn instruction_sources_include_global_before_agents_md_docs() { let tmp = tempfile::tempdir().expect("tempdir"); @@ -360,15 +791,76 @@ async fn instruction_sources_include_global_before_agents_md_docs() { fs::create_dir_all(&cfg.codex_home).unwrap(); fs::write(&global_agents, "global doc").unwrap(); - let sources = AgentsMdManager::new(&cfg) - .instruction_sources(LOCAL_FS.as_ref()) - .await; - let project_agents = AbsolutePathBuf::try_from( - dunce::canonicalize(cfg.cwd.join("AGENTS.md")).expect("canonical project doc path"), - ) - .expect("absolute project doc path"); + let mut warnings = Vec::new(); + let loaded = load_agents_md(&cfg, &mut warnings) + .await + .expect("instructions expected"); + let project_agents = cfg.cwd.join("AGENTS.md"); + + let expected = LoadedAgentsMd { + user_instructions: Some(UserInstructions { + text: "global doc".to_string(), + source: global_agents.clone(), + }), + entries: vec![InstructionEntry { + contents: "project doc".to_string(), + provenance: InstructionProvenance::Project(project_agents.clone()), + }], + }; + assert_eq!(loaded, expected); + assert_eq!(loaded.user_instructions(), cfg.user_instructions.as_ref()); + assert_eq!( + loaded.sources().collect::>(), + vec![&global_agents, &project_agents] + ); + assert_eq!( + loaded.text(), + format!("global doc{AGENTS_MD_SEPARATOR}project doc") + ); +} + +#[tokio::test] +async fn child_agents_message_after_project_docs_is_not_an_instruction_source() { + let tmp = tempfile::tempdir().expect("tempdir"); + fs::write(tmp.path().join("AGENTS.md"), "project doc").unwrap(); + + let mut cfg = make_config(&tmp, /*limit*/ 4096, Some("global doc")).await; + cfg.features.enable(Feature::ChildAgentsMd).unwrap(); + let global_agents = cfg.codex_home.join(DEFAULT_AGENTS_MD_FILENAME); + fs::create_dir_all(&cfg.codex_home).unwrap(); + fs::write(&global_agents, "global doc").unwrap(); - assert_eq!(sources, vec![global_agents, project_agents]); + let mut warnings = Vec::new(); + let loaded = load_agents_md(&cfg, &mut warnings) + .await + .expect("instructions expected"); + let project_agents = cfg.cwd.join("AGENTS.md"); + + let expected = LoadedAgentsMd { + user_instructions: Some(UserInstructions { + text: "global doc".to_string(), + source: global_agents.clone(), + }), + entries: vec![ + InstructionEntry { + contents: "project doc".to_string(), + provenance: InstructionProvenance::Project(project_agents.clone()), + }, + InstructionEntry { + contents: HIERARCHICAL_AGENTS_MESSAGE.to_string(), + provenance: InstructionProvenance::Internal, + }, + ], + }; + assert_eq!(loaded, expected); + assert_eq!( + loaded.sources().collect::>(), + vec![&global_agents, &project_agents] + ); + assert_eq!( + loaded.text(), + format!("global doc{AGENTS_MD_SEPARATOR}project doc\n\n{HIERARCHICAL_AGENTS_MESSAGE}") + ); } /// AGENTS.override.md is preferred over AGENTS.md when both are present. diff --git a/codex-rs/core/src/client.rs b/codex-rs/core/src/client.rs index 124dfb18c08..75ed2039ac4 100644 --- a/codex-rs/core/src/client.rs +++ b/codex-rs/core/src/client.rs @@ -28,7 +28,6 @@ use std::sync::Arc; use std::sync::Mutex as StdMutex; use std::sync::OnceLock; use std::sync::atomic::AtomicBool; -use std::sync::atomic::AtomicU64; use std::sync::atomic::Ordering; use codex_api::ApiError; @@ -44,6 +43,7 @@ use codex_api::RawMemory as ApiRawMemory; use codex_api::RealtimeCallClient as ApiRealtimeCallClient; use codex_api::RealtimeSessionConfig as ApiRealtimeSessionConfig; use codex_api::Reasoning; +use codex_api::ReasoningContext; use codex_api::RequestTelemetry; use codex_api::ReqwestTransport; use codex_api::ResponseCreateWsRequest; @@ -70,7 +70,6 @@ use codex_login::default_client::build_reqwest_client; use codex_otel::SessionTelemetry; use codex_otel::current_span_w3c_trace_context; -use codex_protocol::SessionId; use codex_protocol::ThreadId; use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig; use codex_protocol::config_types::Verbosity as VerbosityConfig; @@ -79,7 +78,6 @@ use codex_protocol::openai_models::ModelInfo; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; use codex_protocol::protocol::InternalSessionSource; use codex_protocol::protocol::SessionSource; -use codex_protocol::protocol::SubAgentSource; use codex_protocol::protocol::W3cTraceContext; use codex_rollout_trace::CompactionTraceContext; use codex_rollout_trace::InferenceTraceAttempt; @@ -100,7 +98,6 @@ use tokio::sync::oneshot::error::TryRecvError; use tokio_tungstenite::tungstenite::Error; use tokio_tungstenite::tungstenite::Message; use tokio_util::sync::CancellationToken; -use tracing::debug; use tracing::instrument; use tracing::trace; use tracing::warn; @@ -112,6 +109,8 @@ use crate::client_common::Prompt; use crate::client_common::ResponseEvent; use crate::client_common::ResponseStream; use crate::feedback_tags; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::responses_metadata::subagent_header_value; use crate::util::emit_feedback_auth_recovery_tags; use codex_api::map_api_error; use codex_feedback::FeedbackRequestTags; @@ -143,7 +142,11 @@ pub const X_RESPONSESAPI_INCLUDE_TIMING_METRICS_HEADER: &str = "x-responsesapi-include-timing-metrics"; const X_CODEX_WS_STREAM_REQUEST_START_MS_CLIENT_METADATA_KEY: &str = "x-codex-ws-stream-request-start-ms"; +const WS_REQUEST_HEADER_RESPONSES_LITE_CLIENT_METADATA_KEY: &str = + "ws_request_header_x_openai_internal_codex_responses_lite"; const RESPONSES_WEBSOCKETS_V2_BETA_HEADER_VALUE: &str = "responses_websockets=2026-02-06"; +const X_OPENAI_INTERNAL_CODEX_RESPONSES_LITE_HEADER: &str = + "x-openai-internal-codex-responses-lite"; const RESPONSES_ENDPOINT: &str = "/responses"; const RESPONSES_COMPACT_ENDPOINT: &str = "/responses/compact"; // `/responses/compact` is unary, so the timeout covers the full response rather than one idle @@ -166,14 +169,10 @@ pub(crate) struct CompactConversationRequestSettings { /// configuration is per turn and is passed explicitly to streaming/unary methods. #[derive(Debug)] struct ModelClientState { - session_id: SessionId, thread_id: ThreadId, - window_generation: AtomicU64, - installation_id: String, provider: SharedModelProvider, auth_env_telemetry: AuthEnvTelemetry, session_source: SessionSource, - parent_thread_id: Option, model_verbosity: Option, enable_request_compression: bool, include_timing_metrics: bool, @@ -317,12 +316,9 @@ impl ModelClient { /// are passed to [`ModelClientSession::stream`] (and other turn-scoped methods) explicitly. pub fn new( auth_manager: Option>, - session_id: SessionId, thread_id: ThreadId, - installation_id: String, provider_info: ModelProviderInfo, session_source: SessionSource, - parent_thread_id: Option, model_verbosity: Option, enable_request_compression: bool, include_timing_metrics: bool, @@ -339,14 +335,10 @@ impl ModelClient { let include_attestation = model_provider.supports_attestation(); Self { state: Arc::new(ModelClientState { - session_id, thread_id, - window_generation: AtomicU64::new(0), - installation_id, provider: model_provider, auth_env_telemetry, session_source, - parent_thread_id, model_verbosity, enable_request_compression, include_timing_metrics, @@ -390,24 +382,6 @@ impl ModelClient { self.state.provider.auth_manager() } - pub(crate) fn set_window_generation(&self, window_generation: u64) { - self.state - .window_generation - .store(window_generation, Ordering::Relaxed); - self.store_cached_websocket_session(WebsocketSession::default()); - } - - pub(crate) fn advance_window_generation(&self) { - self.state.window_generation.fetch_add(1, Ordering::Relaxed); - self.store_cached_websocket_session(WebsocketSession::default()); - } - - pub(crate) fn current_window_id(&self) -> String { - let thread_id = self.state.thread_id; - let window_generation = self.state.window_generation.load(Ordering::Relaxed); - format!("{thread_id}:{window_generation}") - } - fn take_cached_websocket_session(&self) -> WebsocketSession { let mut cached_websocket_session = self .state @@ -453,6 +427,7 @@ impl ModelClient { /// /// The model selection and telemetry context are passed explicitly to keep `ModelClient` /// session-scoped. + #[allow(clippy::too_many_arguments)] pub(crate) async fn compact_conversation_history( &self, prompt: &Prompt, @@ -460,7 +435,7 @@ impl ModelClient { settings: CompactConversationRequestSettings, session_telemetry: &SessionTelemetry, compaction_trace: &CompactionTraceContext, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, ) -> Result> { if prompt.input.is_empty() { return Ok(Vec::new()); @@ -484,6 +459,7 @@ impl ModelClient { settings.effort, settings.summary, settings.service_tier, + responses_metadata, )?; let ResponsesApiRequest { model, @@ -510,22 +486,22 @@ impl ModelClient { }; let mut extra_headers = ApiHeaderMap::new(); - if let Ok(header_value) = HeaderValue::from_str(&self.state.installation_id) { + if let Ok(header_value) = HeaderValue::from_str(&responses_metadata.installation_id) { extra_headers.insert(X_CODEX_INSTALLATION_ID_HEADER, header_value); } extra_headers.extend(build_responses_headers( self.state.beta_features_header.as_deref(), /*turn_state*/ None, - parse_turn_metadata_header(turn_metadata_header).as_ref(), )); - extra_headers.extend(self.build_responses_identity_headers()); + extra_headers.extend(self.build_responses_compatibility_headers(responses_metadata)); extra_headers.extend(build_session_headers( - Some(self.state.session_id.to_string()), - Some(self.state.thread_id.to_string()), + Some(responses_metadata.session_id.to_string()), + Some(responses_metadata.thread_id.to_string()), )); if let Some(header_value) = self.generate_attestation_header_for().await { extra_headers.insert(X_OAI_ATTESTATION_HEADER, header_value); } + add_responses_lite_header(&mut extra_headers, model_info.use_responses_lite); let compact_request_timeout = client_setup .api_provider .stream_idle_timeout @@ -610,6 +586,7 @@ impl ModelClient { reasoning: effort.map(|effort| Reasoning { effort: Some(effort), summary: None, + context: None, }), }; @@ -638,47 +615,33 @@ impl ModelClient { extra_headers } - fn build_responses_identity_headers(&self) -> ApiHeaderMap { - let mut extra_headers = self.build_subagent_headers(); - if let Some(parent_thread_id) = parent_thread_id_header_value(self.state.parent_thread_id) - && let Ok(val) = HeaderValue::from_str(&parent_thread_id) - { - extra_headers.insert(X_CODEX_PARENT_THREAD_ID_HEADER, val); - } - if let Ok(val) = HeaderValue::from_str(&self.current_window_id()) { - extra_headers.insert(X_CODEX_WINDOW_ID_HEADER, val); + fn build_responses_compatibility_headers( + &self, + responses_metadata: &CodexResponsesMetadata, + ) -> ApiHeaderMap { + let mut extra_headers = responses_metadata.compatibility_headers(); + if matches!( + self.state.session_source, + SessionSource::Internal(InternalSessionSource::MemoryConsolidation) + ) { + extra_headers.insert( + X_OPENAI_MEMGEN_REQUEST_HEADER, + HeaderValue::from_static("true"), + ); } extra_headers } fn build_ws_client_metadata( &self, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, + use_responses_lite: bool, ) -> HashMap { - let mut client_metadata = HashMap::new(); - client_metadata.insert( - X_CODEX_INSTALLATION_ID_HEADER.to_string(), - self.state.installation_id.clone(), - ); - client_metadata.insert( - X_CODEX_WINDOW_ID_HEADER.to_string(), - self.current_window_id(), - ); - if let Some(subagent) = subagent_header_value(&self.state.session_source) { - client_metadata.insert(X_OPENAI_SUBAGENT_HEADER.to_string(), subagent); - } - if let Some(parent_thread_id) = parent_thread_id_header_value(self.state.parent_thread_id) { - client_metadata.insert( - X_CODEX_PARENT_THREAD_ID_HEADER.to_string(), - parent_thread_id, - ); - } - if let Some(turn_metadata_header) = parse_turn_metadata_header(turn_metadata_header) - && let Ok(turn_metadata) = turn_metadata_header.to_str() - { + let mut client_metadata = responses_metadata.client_metadata(); + if use_responses_lite { client_metadata.insert( - X_CODEX_TURN_METADATA_HEADER.to_string(), - turn_metadata.to_string(), + WS_REQUEST_HEADER_RESPONSES_LITE_CLIENT_METADATA_KEY.to_string(), + "true".to_string(), ); } client_metadata @@ -722,18 +685,24 @@ impl ModelClient { ) -> Option { if model_info.supports_reasoning_summaries { Some(Reasoning { - effort: effort.or(model_info.default_reasoning_level), + effort: effort.or_else(|| model_info.default_reasoning_level.clone()), summary: if summary == ReasoningSummaryConfig::None { None } else { Some(summary) }, + // When Responses Lite is disabled, omit context so Responses uses the default, + // which is currently `current_turn`. + context: model_info + .use_responses_lite + .then_some(ReasoningContext::AllTurns), }) } else { None } } + #[allow(clippy::too_many_arguments)] fn build_responses_request( &self, provider: &codex_api::Provider, @@ -742,9 +711,10 @@ impl ModelClient { effort: Option, summary: ReasoningSummaryConfig, service_tier: Option, + responses_metadata: &CodexResponsesMetadata, ) -> Result { let instructions = &prompt.base_instructions.text; - let input = prompt.get_formatted_input(); + let input = prompt.get_formatted_input_for_request(model_info.use_responses_lite); let tools = create_tools_json_for_responses_api(&prompt.tools)?; let reasoning = Self::build_reasoning(model_info, effort, summary); let include = if reasoning.is_some() { @@ -776,7 +746,7 @@ impl ModelClient { input, tools, tool_choice: "auto".to_string(), - parallel_tool_calls: prompt.parallel_tool_calls, + parallel_tool_calls: prompt.parallel_tool_calls && !model_info.use_responses_lite, reasoning, store: provider.is_azure_responses_endpoint(), stream: true, @@ -784,10 +754,7 @@ impl ModelClient { service_tier, prompt_cache_key, text, - client_metadata: Some(HashMap::from([( - X_CODEX_INSTALLATION_ID_HEADER.to_string(), - self.state.installation_id.clone(), - )])), + client_metadata: Some(responses_metadata.client_metadata()), }; Ok(request) } @@ -830,13 +797,13 @@ impl ModelClient { session_telemetry: &SessionTelemetry, api_provider: codex_api::Provider, api_auth: SharedAuthProvider, + responses_metadata: &CodexResponsesMetadata, turn_state: Option>>, - turn_metadata_header: Option<&str>, auth_context: AuthRequestTelemetryContext, request_route_telemetry: RequestRouteTelemetry, ) -> std::result::Result { let headers = self - .build_websocket_headers(turn_state.as_ref(), turn_metadata_header) + .build_websocket_headers(responses_metadata, turn_state.as_ref()) .await; let websocket_telemetry = ModelClientSession::build_websocket_telemetry( session_telemetry, @@ -916,22 +883,19 @@ impl ModelClient { /// replayed on reconnect within the same turn. async fn build_websocket_headers( &self, + responses_metadata: &CodexResponsesMetadata, turn_state: Option<&Arc>>, - turn_metadata_header: Option<&str>, ) -> ApiHeaderMap { - let turn_metadata_header = parse_turn_metadata_header(turn_metadata_header); - let session_id = self.state.session_id.to_string(); - let thread_id = self.state.thread_id.to_string(); - let mut headers = build_responses_headers( - self.state.beta_features_header.as_deref(), - turn_state, - turn_metadata_header.as_ref(), - ); - if let Ok(header_value) = HeaderValue::from_str(&thread_id) { + let mut headers = + build_responses_headers(self.state.beta_features_header.as_deref(), turn_state); + if let Ok(header_value) = HeaderValue::from_str(&responses_metadata.thread_id) { headers.insert("x-client-request-id", header_value); } - headers.extend(build_session_headers(Some(session_id), Some(thread_id))); - headers.extend(self.build_responses_identity_headers()); + headers.extend(build_session_headers( + Some(responses_metadata.session_id.to_string()), + Some(responses_metadata.thread_id.to_string()), + )); + headers.extend(self.build_responses_compatibility_headers(responses_metadata)); if let Some(header_value) = self.generate_attestation_header_for().await { headers.insert(X_OAI_ATTESTATION_HEADER, header_value); } @@ -967,18 +931,6 @@ impl ModelClientSession { .set_connection_reused(/*connection_reused*/ false); } - pub(crate) async fn send_response_processed(&self, response_id: &str) { - let Some(connection) = self.websocket_session.connection.as_ref() else { - return; - }; - if let Err(err) = connection - .send_response_processed(response_id.to_string()) - .await - { - debug!("failed to send response.processed websocket request: {err}"); - } - } - #[allow(clippy::too_many_arguments)] /// Builds shared Responses API transport options and request-body options. /// @@ -986,26 +938,27 @@ impl ModelClientSession { /// regardless of transport choice. async fn build_responses_options( &self, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, compression: Compression, + use_responses_lite: bool, ) -> ApiResponsesOptions { - let turn_metadata_header = parse_turn_metadata_header(turn_metadata_header); - let session_id = self.client.state.session_id.to_string(); - let thread_id = self.client.state.thread_id.to_string(); ApiResponsesOptions { - session_id: Some(session_id), - thread_id: Some(thread_id), + session_id: Some(responses_metadata.session_id.to_string()), + thread_id: Some(responses_metadata.thread_id.to_string()), session_source: Some(self.client.state.session_source.clone()), extra_headers: { let mut headers = build_responses_headers( self.client.state.beta_features_header.as_deref(), Some(&self.turn_state), - turn_metadata_header.as_ref(), ); - headers.extend(self.client.build_responses_identity_headers()); + headers.extend( + self.client + .build_responses_compatibility_headers(responses_metadata), + ); if let Some(header_value) = self.client.generate_attestation_header_for().await { headers.insert(X_OAI_ATTESTATION_HEADER, header_value); } + add_responses_lite_header(&mut headers, use_responses_lite); headers }, compression, @@ -1027,12 +980,12 @@ impl ModelClientSession { let previous_request = self.websocket_session.last_request.as_ref()?; let mut previous_without_input = previous_request.clone(); previous_without_input.input.clear(); + previous_without_input.client_metadata = None; let mut request_without_input = request.clone(); request_without_input.input.clear(); + request_without_input.client_metadata = None; if previous_without_input != request_without_input { - trace!( - "incremental request failed, properties didn't match {previous_without_input:?} != {request_without_input:?}" - ); + trace!("incremental request failed, websocket reuse properties didn't match"); return None; } @@ -1101,7 +1054,7 @@ impl ModelClientSession { pub async fn preconnect_websocket( &mut self, session_telemetry: &SessionTelemetry, - _model_info: &ModelInfo, + responses_metadata: &CodexResponsesMetadata, ) -> std::result::Result<(), ApiError> { if !self.client.responses_websocket_enabled() { return Ok(()); @@ -1126,8 +1079,8 @@ impl ModelClientSession { session_telemetry, client_setup.api_provider, client_setup.api_auth, + responses_metadata, Some(Arc::clone(&self.turn_state)), - /*turn_metadata_header*/ None, auth_context, RequestRouteTelemetry::for_endpoint(RESPONSES_ENDPOINT), ) @@ -1147,7 +1100,7 @@ impl ModelClientSession { wire_api = %self.client.state.provider.info().wire_api, transport = "responses_websocket", api.path = "responses", - turn.has_metadata_header = params.turn_metadata_header.is_some() + turn.has_metadata_header = params.responses_metadata.has_turn_metadata() ) )] async fn websocket_connection( @@ -1158,7 +1111,7 @@ impl ModelClientSession { session_telemetry, api_provider, api_auth, - turn_metadata_header, + responses_metadata, options, auth_context, request_route_telemetry, @@ -1182,8 +1135,8 @@ impl ModelClientSession { session_telemetry, api_provider, api_auth, + responses_metadata, Some(turn_state), - turn_metadata_header, auth_context, request_route_telemetry, ) @@ -1238,7 +1191,7 @@ impl ModelClientSession { transport = "responses_http", http.method = "POST", api.path = "responses", - turn.has_metadata_header = turn_metadata_header.is_some() + turn.has_metadata_header = responses_metadata.has_turn_metadata() ) )] async fn stream_responses_api( @@ -1249,7 +1202,7 @@ impl ModelClientSession { effort: Option, summary: ReasoningSummaryConfig, service_tier: Option, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, inference_trace: &InferenceTraceContext, ) -> Result { let auth_manager = self.client.state.provider.auth_manager(); @@ -1273,16 +1226,21 @@ impl ModelClientSession { ); let compression = self.responses_request_compression(client_setup.auth.as_ref()); let mut options = self - .build_responses_options(turn_metadata_header, compression) + .build_responses_options( + responses_metadata, + compression, + model_info.use_responses_lite, + ) .await; let request = self.client.build_responses_request( &client_setup.api_provider, prompt, model_info, - effort, + effort.clone(), summary, service_tier.clone(), + responses_metadata, )?; let inference_trace_attempt = inference_trace.start_attempt(); inference_trace_attempt.add_request_headers(&mut options.extra_headers); @@ -1350,7 +1308,7 @@ impl ModelClientSession { wire_api = %self.client.state.provider.info().wire_api, transport = "responses_websocket", api.path = "responses", - turn.has_metadata_header = turn_metadata_header.is_some(), + turn.has_metadata_header = responses_metadata.has_turn_metadata(), websocket.warmup = warmup ) )] @@ -1362,7 +1320,7 @@ impl ModelClientSession { effort: Option, summary: ReasoningSummaryConfig, service_tier: Option, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, warmup: bool, request_trace: Option, inference_trace: &InferenceTraceContext, @@ -1383,19 +1341,27 @@ impl ModelClientSession { let compression = self.responses_request_compression(client_setup.auth.as_ref()); let options = self - .build_responses_options(turn_metadata_header, compression) + .build_responses_options( + responses_metadata, + compression, + model_info.use_responses_lite, + ) .await; let request = self.client.build_responses_request( &client_setup.api_provider, prompt, model_info, - effort, + effort.clone(), summary, service_tier.clone(), + responses_metadata, )?; let mut ws_payload = ResponseCreateWsRequest { client_metadata: response_create_client_metadata( - Some(self.client.build_ws_client_metadata(turn_metadata_header)), + Some(self.client.build_ws_client_metadata( + responses_metadata, + model_info.use_responses_lite, + )), request_trace.as_ref(), ), ..ResponseCreateWsRequest::from(&request) @@ -1409,7 +1375,7 @@ impl ModelClientSession { session_telemetry, api_provider: client_setup.api_provider, api_auth: client_setup.api_auth, - turn_metadata_header, + responses_metadata, options: &options, auth_context: request_auth_context, request_route_telemetry: RequestRouteTelemetry::for_endpoint( @@ -1534,7 +1500,7 @@ impl ModelClientSession { effort: Option, summary: ReasoningSummaryConfig, service_tier: Option, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, ) -> Result<()> { if !self.client.responses_websocket_enabled() { return Ok(()); @@ -1552,7 +1518,7 @@ impl ModelClientSession { effort, summary, service_tier, - turn_metadata_header, + responses_metadata, /*warmup*/ true, current_span_w3c_trace_context(), &disabled_trace, @@ -1595,7 +1561,7 @@ impl ModelClientSession { effort: Option, summary: ReasoningSummaryConfig, service_tier: Option, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, inference_trace: &InferenceTraceContext, ) -> Result { let wire_api = self.client.state.provider.info().wire_api; @@ -1608,10 +1574,10 @@ impl ModelClientSession { prompt, model_info, session_telemetry, - effort, + effort.clone(), summary, service_tier.clone(), - turn_metadata_header, + responses_metadata, /*warmup*/ false, request_trace, inference_trace, @@ -1632,7 +1598,7 @@ impl ModelClientSession { effort, summary, service_tier, - turn_metadata_header, + responses_metadata, inference_trace, ) .await @@ -1659,22 +1625,12 @@ impl ModelClientSession { } } -/// Parses per-turn metadata into an HTTP header value. -/// -/// Invalid values are treated as absent so callers can compare and propagate -/// metadata with the same sanitization path used when constructing headers. -fn parse_turn_metadata_header(turn_metadata_header: Option<&str>) -> Option { - turn_metadata_header.and_then(|value| HeaderValue::from_str(value).ok()) -} - /// Stamp a ResponsesWsRequest with the current time. /// /// Meant to be called just before sending the request over the socket, to capture realistic /// transport timing. fn stamp_ws_stream_request_start_ms(request: &mut ResponsesWsRequest) { - let ResponsesWsRequest::ResponseCreate(payload) = request else { - return; - }; + let ResponsesWsRequest::ResponseCreate(payload) = request; payload .client_metadata .get_or_insert_with(HashMap::new) @@ -1690,11 +1646,9 @@ fn stamp_ws_stream_request_start_ms(request: &mut ResponsesWsRequest) { /// /// - `x-codex-beta-features`: comma-separated beta feature keys enabled for the session. /// - `x-codex-turn-state`: sticky routing token captured earlier in the turn. -/// - `x-codex-turn-metadata`: optional per-turn metadata for observability. fn build_responses_headers( beta_features_header: Option<&str>, turn_state: Option<&Arc>>, - turn_metadata_header: Option<&HeaderValue>, ) -> ApiHeaderMap { let mut headers = ApiHeaderMap::new(); if let Some(value) = beta_features_header @@ -1709,37 +1663,18 @@ fn build_responses_headers( { headers.insert(X_CODEX_TURN_STATE_HEADER, header_value); } - if let Some(header_value) = turn_metadata_header { - headers.insert(X_CODEX_TURN_METADATA_HEADER, header_value.clone()); - } headers } -fn subagent_header_value(session_source: &SessionSource) -> Option { - match session_source { - SessionSource::SubAgent(subagent_source) => match subagent_source { - SubAgentSource::Review => Some("review".to_string()), - SubAgentSource::Compact => Some("compact".to_string()), - SubAgentSource::MemoryConsolidation => Some("memory_consolidation".to_string()), - SubAgentSource::ThreadSpawn { .. } => Some("collab_spawn".to_string()), - SubAgentSource::Other(label) => Some(label.clone()), - }, - SessionSource::Internal(InternalSessionSource::MemoryConsolidation) => { - Some("memory_consolidation".to_string()) - } - SessionSource::Cli - | SessionSource::VSCode - | SessionSource::Exec - | SessionSource::Mcp - | SessionSource::Custom(_) - | SessionSource::Unknown => None, +fn add_responses_lite_header(headers: &mut ApiHeaderMap, use_responses_lite: bool) { + if use_responses_lite { + headers.insert( + X_OPENAI_INTERNAL_CODEX_RESPONSES_LITE_HEADER, + HeaderValue::from_static("true"), + ); } } -fn parent_thread_id_header_value(parent_thread_id: Option) -> Option { - parent_thread_id.map(|parent_thread_id| parent_thread_id.to_string()) -} - const RESPONSE_STREAM_CHANNEL_CAPACITY: usize = 1600; const STREAM_DROPPED_REASON: &str = "response stream dropped before provider terminal event"; @@ -1957,10 +1892,11 @@ impl AuthRequestTelemetryContext { let auth_telemetry = auth_header_telemetry(api_auth); Self { auth_mode: auth_mode.map(|mode| match mode { - AuthMode::ApiKey => "ApiKey", - AuthMode::Chatgpt | AuthMode::ChatgptAuthTokens | AuthMode::AgentIdentity => { - "Chatgpt" - } + AuthMode::ApiKey | AuthMode::BedrockApiKey => "ApiKey", + AuthMode::Chatgpt + | AuthMode::ChatgptAuthTokens + | AuthMode::AgentIdentity + | AuthMode::PersonalAccessToken => "Chatgpt", }), auth_header_attached: auth_telemetry.attached, auth_header_name: auth_telemetry.name, @@ -1975,7 +1911,7 @@ struct WebsocketConnectParams<'a> { session_telemetry: &'a SessionTelemetry, api_provider: codex_api::Provider, api_auth: SharedAuthProvider, - turn_metadata_header: Option<&'a str>, + responses_metadata: &'a CodexResponsesMetadata, options: &'a ApiResponsesOptions, auth_context: AuthRequestTelemetryContext, request_route_telemetry: RequestRouteTelemetry, diff --git a/codex-rs/core/src/client_common.rs b/codex-rs/core/src/client_common.rs index d775f9c01cf..4d7729d11be 100644 --- a/codex-rs/core/src/client_common.rs +++ b/codex-rs/core/src/client_common.rs @@ -2,7 +2,10 @@ pub use codex_api::ResponseEvent; use codex_config::types::Personality; use codex_protocol::error::Result; use codex_protocol::models::BaseInstructions; +use codex_protocol::models::ContentItem; +use codex_protocol::models::FunctionCallOutputContentItem; use codex_protocol::models::ResponseItem; +use codex_protocol::protocol::InterAgentCommunication; use codex_tools::ToolSpec; use futures::Stream; use serde_json::Value; @@ -53,7 +56,72 @@ impl Default for Prompt { impl Prompt { pub(crate) fn get_formatted_input(&self) -> Vec { - self.input.clone() + self.input + .iter() + .cloned() + .map(|item| { + let ResponseItem::Message { role, content, .. } = &item else { + return item; + }; + if role != "assistant" { + return item; + } + InterAgentCommunication::from_message_content(content) + .filter(|communication| communication.encrypted_content.is_some()) + .map(|communication| communication.to_model_input_item()) + .unwrap_or(item) + }) + .collect() + } + + pub(crate) fn get_formatted_input_for_request( + &self, + use_responses_lite: bool, + ) -> Vec { + let mut input = self.get_formatted_input(); + if use_responses_lite { + strip_image_details(&mut input); + } + input + } +} + +fn strip_image_details(items: &mut [ResponseItem]) { + for item in items { + match item { + ResponseItem::Message { content, .. } => { + for content_item in content { + if let ContentItem::InputImage { detail, .. } = content_item { + *detail = None; + } + } + } + ResponseItem::FunctionCallOutput { output, .. } + | ResponseItem::CustomToolCallOutput { output, .. } => { + if let Some(content) = output.content_items_mut() { + for content_item in content { + if let FunctionCallOutputContentItem::InputImage { detail, .. } = + content_item + { + *detail = None; + } + } + } + } + ResponseItem::Reasoning { .. } + | ResponseItem::AgentMessage { .. } + | ResponseItem::LocalShellCall { .. } + | ResponseItem::FunctionCall { .. } + | ResponseItem::ToolSearchCall { .. } + | ResponseItem::CustomToolCall { .. } + | ResponseItem::ToolSearchOutput { .. } + | ResponseItem::WebSearchCall { .. } + | ResponseItem::ImageGenerationCall { .. } + | ResponseItem::Compaction { .. } + | ResponseItem::CompactionTrigger + | ResponseItem::ContextCompaction { .. } + | ResponseItem::Other => {} + } } } diff --git a/codex-rs/core/src/client_common_tests.rs b/codex-rs/core/src/client_common_tests.rs index 45d43342229..4b218e490cf 100644 --- a/codex-rs/core/src/client_common_tests.rs +++ b/codex-rs/core/src/client_common_tests.rs @@ -3,10 +3,95 @@ use codex_api::ResponsesApiRequest; use codex_api::TextControls; use codex_api::create_text_param_for_request; use codex_protocol::config_types::ServiceTier; +use codex_protocol::models::FunctionCallOutputPayload; +use codex_protocol::models::ImageDetail; use pretty_assertions::assert_eq; use super::*; +fn prompt_with_image_outputs() -> Prompt { + Prompt { + input: vec![ + ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ContentItem::InputImage { + image_url: "https://example.com/image.png".to_string(), + detail: Some(ImageDetail::Original), + }], + phase: None, + }, + ResponseItem::FunctionCallOutput { + call_id: "function-call".to_string(), + output: FunctionCallOutputPayload::from_content_items(vec![ + FunctionCallOutputContentItem::InputImage { + image_url: "data:image/png;base64,function".to_string(), + detail: Some(ImageDetail::High), + }, + ]), + }, + ResponseItem::CustomToolCallOutput { + call_id: "custom-call".to_string(), + name: None, + output: FunctionCallOutputPayload::from_content_items(vec![ + FunctionCallOutputContentItem::InputImage { + image_url: "data:image/png;base64,custom".to_string(), + detail: Some(ImageDetail::Auto), + }, + ]), + }, + ], + ..Default::default() + } +} + +#[test] +fn responses_lite_request_copies_strip_image_details() { + let prompt = prompt_with_image_outputs(); + let original = prompt.input.clone(); + + let stripped = prompt.get_formatted_input_for_request(/*use_responses_lite*/ true); + + assert_eq!( + stripped, + vec![ + ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ContentItem::InputImage { + image_url: "https://example.com/image.png".to_string(), + detail: None, + }], + phase: None, + }, + ResponseItem::FunctionCallOutput { + call_id: "function-call".to_string(), + output: FunctionCallOutputPayload::from_content_items(vec![ + FunctionCallOutputContentItem::InputImage { + image_url: "data:image/png;base64,function".to_string(), + detail: None, + }, + ]), + }, + ResponseItem::CustomToolCallOutput { + call_id: "custom-call".to_string(), + name: None, + output: FunctionCallOutputPayload::from_content_items(vec![ + FunctionCallOutputContentItem::InputImage { + image_url: "data:image/png;base64,custom".to_string(), + detail: None, + }, + ]), + }, + ] + ); + assert_eq!(prompt.input, original); + assert_eq!( + prompt.get_formatted_input_for_request(/*use_responses_lite*/ false), + original + ); +} + #[test] fn serializes_text_verbosity_when_set() { let input: Vec = vec![]; diff --git a/codex-rs/core/src/client_tests.rs b/codex-rs/core/src/client_tests.rs index f8d904036af..18cd2022360 100644 --- a/codex-rs/core/src/client_tests.rs +++ b/codex-rs/core/src/client_tests.rs @@ -10,6 +10,9 @@ use super::X_OPENAI_SUBAGENT_HEADER; use crate::AttestationContext; use crate::AttestationProvider; use crate::GenerateAttestationFuture; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::test_support::TestCodexResponsesRequestKind; +use crate::test_support::responses_metadata as test_responses_metadata; use codex_api::ApiError; use codex_api::ResponseEvent; use codex_app_server_protocol::AuthMode; @@ -21,7 +24,6 @@ use codex_model_provider_info::ModelProviderInfo; use codex_model_provider_info::WireApi; use codex_model_provider_info::create_oss_provider_with_base_url; use codex_otel::SessionTelemetry; -use codex_protocol::SessionId; use codex_protocol::ThreadId; use codex_protocol::models::ContentItem; use codex_protocol::models::ResponseItem; @@ -60,24 +62,16 @@ use tracing_subscriber::layer::SubscriberExt; use tracing_subscriber::registry::LookupSpan; use tracing_subscriber::util::SubscriberInitExt; -fn test_model_client(session_source: SessionSource) -> ModelClient { - test_model_client_with_parent(session_source, /*parent_thread_id*/ None) -} +const TEST_INSTALLATION_ID: &str = "11111111-1111-4111-8111-111111111111"; -fn test_model_client_with_parent( - session_source: SessionSource, - parent_thread_id: Option, -) -> ModelClient { +fn test_model_client(session_source: SessionSource) -> ModelClient { let provider = create_oss_provider_with_base_url("https://example.com/v1", WireApi::Responses); let thread_id = ThreadId::new(); ModelClient::new( /*auth_manager*/ None, - thread_id.into(), thread_id, - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), provider, session_source, - parent_thread_id, /*model_verbosity*/ None, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, @@ -86,6 +80,26 @@ fn test_model_client_with_parent( ) } +fn test_responses_metadata_for_client( + client: &ModelClient, + turn_id: Option<&str>, + window_id: String, + parent_thread_id: Option, + request_kind: TestCodexResponsesRequestKind, +) -> CodexResponsesMetadata { + let thread_id = client.state.thread_id.to_string(); + test_responses_metadata( + TEST_INSTALLATION_ID, + &thread_id, + &thread_id, + turn_id, + window_id, + &client.state.session_source, + parent_thread_id, + request_kind, + ) +} + fn test_model_info() -> ModelInfo { serde_json::from_value(json!({ "slug": "gpt-test", @@ -280,45 +294,63 @@ fn build_subagent_headers_sets_internal_memory_consolidation_label() { #[test] fn build_ws_client_metadata_includes_window_lineage_and_turn_metadata() { let parent_thread_id = ThreadId::new(); - let client = test_model_client_with_parent( - SessionSource::SubAgent(SubAgentSource::ThreadSpawn { - parent_thread_id, - depth: 2, - agent_path: None, - agent_nickname: None, - agent_role: None, - }), + let client = test_model_client(SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, + depth: 2, + agent_path: None, + agent_nickname: None, + agent_role: None, + })); + + let thread_id = client.state.thread_id.to_string(); + let expected_window_id = format!("{thread_id}:1"); + let responses_metadata = test_responses_metadata_for_client( + &client, + Some("turn-123"), + expected_window_id.clone(), Some(parent_thread_id), + TestCodexResponsesRequestKind::Turn, ); - - client.advance_window_generation(); - - let client_metadata = client.build_ws_client_metadata(Some(r#"{"turn_id":"turn-123"}"#)); - let thread_id = client.state.thread_id; + let client_metadata = + client.build_ws_client_metadata(&responses_metadata, /*use_responses_lite*/ false); + let parent_thread_id = parent_thread_id.to_string(); + let turn_metadata: serde_json::Value = serde_json::from_str( + client_metadata + .get(X_CODEX_TURN_METADATA_HEADER) + .expect("turn metadata"), + ) + .expect("valid turn metadata"); + for (client_key, metadata_key, expected) in [ + ( + X_CODEX_INSTALLATION_ID_HEADER, + "installation_id", + "11111111-1111-4111-8111-111111111111", + ), + ("session_id", "session_id", thread_id.as_str()), + ("thread_id", "thread_id", thread_id.as_str()), + ("turn_id", "turn_id", "turn-123"), + ( + X_CODEX_WINDOW_ID_HEADER, + "window_id", + expected_window_id.as_str(), + ), + ( + X_CODEX_PARENT_THREAD_ID_HEADER, + "parent_thread_id", + parent_thread_id.as_str(), + ), + ] { + assert_eq!( + client_metadata.get(client_key).map(String::as_str), + Some(expected) + ); + assert_eq!(turn_metadata[metadata_key].as_str(), Some(expected)); + } assert_eq!( - client_metadata, - std::collections::HashMap::from([ - ( - X_CODEX_INSTALLATION_ID_HEADER.to_string(), - "11111111-1111-4111-8111-111111111111".to_string(), - ), - ( - X_CODEX_WINDOW_ID_HEADER.to_string(), - format!("{thread_id}:1"), - ), - ( - X_OPENAI_SUBAGENT_HEADER.to_string(), - "collab_spawn".to_string(), - ), - ( - X_CODEX_PARENT_THREAD_ID_HEADER.to_string(), - parent_thread_id.to_string(), - ), - ( - X_CODEX_TURN_METADATA_HEADER.to_string(), - r#"{"turn_id":"turn-123"}"#.to_string(), - ), - ]) + client_metadata + .get(X_OPENAI_SUBAGENT_HEADER) + .map(String::as_str), + Some("collab_spawn") ); } @@ -526,12 +558,9 @@ fn model_client_with_counting_attestation( }; let model_client = ModelClient::new( auth_manager, - SessionId::new(), ThreadId::new(), - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), provider, SessionSource::Exec, - /*parent_thread_id*/ None, /*model_verbosity*/ None, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, @@ -547,9 +576,16 @@ fn model_client_with_counting_attestation( async fn websocket_handshake_includes_attestation_for_chatgpt_codex_responses() { let (model_client, attestation_calls) = model_client_with_counting_attestation(/*include_attestation*/ true); + let responses_metadata = test_responses_metadata_for_client( + &model_client, + /*turn_id*/ None, + format!("{}:0", model_client.state.thread_id), + /*parent_thread_id*/ None, + TestCodexResponsesRequestKind::WebsocketConnection, + ); let headers = model_client - .build_websocket_headers(/*turn_state*/ None, /*turn_metadata_header*/ None) + .build_websocket_headers(&responses_metadata, /*turn_state*/ None) .await; assert_eq!( diff --git a/codex-rs/core/src/codex_delegate.rs b/codex-rs/core/src/codex_delegate.rs index 5a1473b0574..6ee03284639 100644 --- a/codex-rs/core/src/codex_delegate.rs +++ b/codex-rs/core/src/codex_delegate.rs @@ -5,6 +5,7 @@ use async_channel::Receiver; use async_channel::Sender; use codex_analytics::GuardianApprovalRequestSource; use codex_async_utils::OrCancelExt; +use codex_extension_api::LoadedUserInstructions; use codex_protocol::protocol::ApplyPatchApprovalRequestEvent; use codex_protocol::protocol::Event; use codex_protocol::protocol::EventMsg; @@ -79,8 +80,13 @@ pub(crate) async fn run_codex_thread_interactive( let (tx_ops, rx_ops) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY); let conversation_history = initial_history.unwrap_or(InitialHistory::New); let forked_from_thread_id = conversation_history.forked_from_id(); + let user_instructions = LoadedUserInstructions { + instructions: parent_session.user_instructions().await, + warnings: Vec::new(), + }; let CodexSpawnOk { codex, .. } = Box::pin(Codex::spawn(CodexSpawnArgs { config, + user_instructions, installation_id: parent_session.installation_id.clone(), auth_manager, models_manager, @@ -103,6 +109,7 @@ pub(crate) async fn run_codex_thread_interactive( parent_rollout_thread_trace: codex_rollout_trace::ThreadTraceContext::disabled(), parent_trace: None, environment_selections: parent_ctx.environments.clone(), + thread_extension_init: codex_extension_api::ExtensionDataInit::default(), analytics_events_client: Some(parent_session.services.analytics_events_client.clone()), thread_store: Arc::clone(&parent_session.services.thread_store), attestation_provider: parent_session.services.attestation_provider.clone(), @@ -196,7 +203,6 @@ pub(crate) async fn run_codex_thread_one_shot( // Send the initial input to kick off the one-shot turn. io.submit(Op::UserInput { - environments: None, items: input, final_output_json_schema, responsesapi_client_metadata: None, diff --git a/codex-rs/core/src/codex_delegate_tests.rs b/codex-rs/core/src/codex_delegate_tests.rs index 7dabb09d337..cb7767a16c2 100644 --- a/codex-rs/core/src/codex_delegate_tests.rs +++ b/codex-rs/core/src/codex_delegate_tests.rs @@ -452,7 +452,7 @@ async fn delegated_mcp_guardian_abort_returns_synthetic_decline_answer() { } #[tokio::test] -async fn delegated_mcp_user_reviewer_waits_for_metadata_lookup() { +async fn delegated_mcp_user_reviewer_returns_none_without_metadata() { let (parent_session, parent_ctx, _rx_events) = crate::session::tests::make_session_and_context_with_rx().await; let pending_mcp_invocations = Arc::new(Mutex::new(HashMap::from([( @@ -464,21 +464,6 @@ async fn delegated_mcp_user_reviewer_waits_for_metadata_lookup() { }, )]))); let cancel_token = CancellationToken::new(); - let manager = Arc::clone(&parent_session.services.mcp_connection_manager); - let (manager_locked_tx, manager_locked_rx) = std::sync::mpsc::sync_channel(0); - let (release_manager_tx, release_manager_rx) = std::sync::mpsc::sync_channel(0); - let manager_lock = tokio::task::spawn_blocking(move || { - let _manager_guard = manager.blocking_write(); - manager_locked_tx - .send(()) - .expect("manager lock receiver should remain open"); - release_manager_rx - .recv() - .expect("manager lock release sender should remain open"); - }); - manager_locked_rx - .recv_timeout(Duration::from_secs(1)) - .expect("manager write lock should be acquired"); let event = RequestUserInputEvent { call_id: "call-1".to_string(), @@ -498,24 +483,7 @@ async fn delegated_mcp_user_reviewer_waits_for_metadata_lookup() { &pending_mcp_invocations, &event, &cancel_token, - ); - tokio::pin!(response); - assert!( - timeout(Duration::from_millis(100), &mut response) - .await - .is_err(), - "manual reviewer should wait for MCP metadata" - ); - release_manager_tx - .send(()) - .expect("manager lock holder should remain open"); - manager_lock - .await - .expect("manager lock task should not panic"); - assert_eq!( - timeout(Duration::from_secs(1), response) - .await - .expect("manual reviewer should finish after MCP metadata lookup"), - None - ); + ) + .await; + assert_eq!(response, None); } diff --git a/codex-rs/core/src/codex_thread.rs b/codex-rs/core/src/codex_thread.rs index ac28a58ec3f..c4cb1e8e12f 100644 --- a/codex-rs/core/src/codex_thread.rs +++ b/codex-rs/core/src/codex_thread.rs @@ -1,7 +1,5 @@ use crate::agent::AgentStatus; use crate::config::ConstraintResult; -use crate::goals::ExternalGoalSet; -use crate::goals::GoalRuntimeEvent; use crate::session::Codex; use crate::session::SessionSettingsUpdate; use crate::session::SteerInputError; @@ -34,6 +32,7 @@ use codex_protocol::protocol::ThreadMemoryMode; use codex_protocol::protocol::ThreadSource; use codex_protocol::protocol::TokenUsageInfo; use codex_protocol::protocol::TurnEnvironmentSelection; +use codex_protocol::protocol::TurnEnvironmentSelections; use codex_protocol::protocol::W3cTraceContext; use codex_protocol::user_input::UserInput; use codex_thread_store::StoredThread; @@ -61,7 +60,7 @@ pub struct ThreadConfigSnapshot { pub approvals_reviewer: ApprovalsReviewer, pub permission_profile: PermissionProfile, pub active_permission_profile: Option, - pub cwd: AbsolutePathBuf, + pub environments: TurnEnvironmentSelections, pub workspace_roots: Vec, pub profile_workspace_roots: Vec, pub ephemeral: bool, @@ -70,6 +69,7 @@ pub struct ThreadConfigSnapshot { pub personality: Option, pub collaboration_mode: CollaborationMode, pub session_source: SessionSource, + pub forked_from_thread_id: Option, pub parent_thread_id: Option, pub thread_source: Option, } @@ -115,10 +115,18 @@ impl TryStartTurnIfIdleError { } impl ThreadConfigSnapshot { + pub fn cwd(&self) -> &AbsolutePathBuf { + &self.environments.legacy_fallback_cwd + } + + pub fn environment_selections(&self) -> &[TurnEnvironmentSelection] { + &self.environments.environments + } + pub fn sandbox_policy(&self) -> SandboxPolicy { codex_sandboxing::compatibility_sandbox_policy_for_permission_profile( &self.permission_profile, - self.cwd.as_path(), + self.cwd().as_path(), ) } } @@ -126,7 +134,7 @@ impl ThreadConfigSnapshot { /// Thread settings overrides that app-server validates before starting a turn. #[derive(Clone, Default)] pub struct CodexThreadSettingsOverrides { - pub cwd: Option, + pub environments: Option, pub workspace_roots: Option>, pub profile_workspace_roots: Option>, pub approval_policy: Option, @@ -151,6 +159,14 @@ pub struct CodexThread { out_of_band_elicitation_count: Mutex, } +#[derive(Debug, Eq, PartialEq)] +pub struct BackgroundTerminalInfo { + pub item_id: String, + pub process_id: String, + pub command: String, + pub cwd: AbsolutePathBuf, +} + /// Conduit for the bidirectional stream of messages that compose a thread /// (formerly called a conversation) in Codex. impl CodexThread { @@ -204,51 +220,11 @@ impl CodexThread { } } - pub async fn apply_goal_resume_runtime_effects(&self) -> anyhow::Result<()> { - self.codex - .session - .goal_runtime_apply(GoalRuntimeEvent::ThreadResumed) - .await - } - - pub async fn continue_active_goal_if_idle(&self) -> anyhow::Result<()> { + pub async fn emit_thread_idle_lifecycle_if_idle(&self) { self.codex .session - .goal_runtime_apply(GoalRuntimeEvent::MaybeContinueIfIdle) - .await - } - - pub async fn prepare_external_goal_mutation(&self) { - if let Err(err) = self - .codex - .session - .goal_runtime_apply(GoalRuntimeEvent::ExternalMutationStarting) - .await - { - tracing::warn!("failed to prepare external goal mutation: {err}"); - } - } - - pub async fn apply_external_goal_set(&self, external_set: ExternalGoalSet) { - if let Err(err) = self - .codex - .session - .goal_runtime_apply(GoalRuntimeEvent::ExternalSet { external_set }) - .await - { - tracing::warn!("failed to apply external goal status runtime effects: {err}"); - } - } - - pub async fn apply_external_goal_clear(&self) { - if let Err(err) = self - .codex - .session - .goal_runtime_apply(GoalRuntimeEvent::ExternalClear) - .await - { - tracing::warn!("failed to apply external goal clear runtime effects: {err}"); - } + .emit_thread_idle_lifecycle_if_idle() + .await; } #[doc(hidden)] @@ -275,6 +251,12 @@ impl CodexThread { trace: Option, client_user_message_id: Option, ) -> CodexResult { + self.codex + .session + .services + .agent_control + .ensure_execution_capacity_for_op(self.session_configured.thread_id, &op) + .await?; self.codex .submit_user_input_with_client_user_message_id(op, trace, client_user_message_id) .await @@ -365,7 +347,7 @@ impl CodexThread { overrides: CodexThreadSettingsOverrides, ) -> SessionSettingsUpdate { let CodexThreadSettingsOverrides { - cwd, + environments, workspace_roots, profile_workspace_roots, approval_policy, @@ -392,7 +374,7 @@ impl CodexThread { }; SessionSettingsUpdate { - cwd, + environments, workspace_roots, profile_workspace_roots, approval_policy, @@ -422,6 +404,17 @@ impl CodexThread { self.codex.agent_status().await } + pub async fn list_background_terminals(&self) -> Vec { + self.codex.session.list_background_terminals().await + } + + pub async fn terminate_background_terminal(&self, process_id: i32) -> bool { + self.codex + .session + .terminate_background_terminal(process_id) + .await + } + pub(crate) fn subscribe_status(&self) -> watch::Receiver { self.codex.agent_status.clone() } @@ -548,6 +541,11 @@ impl CodexThread { self.codex.thread_config_snapshot().await } + /// Returns the files that supplied the thread's loaded model instructions. + pub async fn instruction_sources(&self) -> Vec { + self.codex.instruction_sources().await + } + pub async fn config(&self) -> Arc { self.codex.session.get_config().await } diff --git a/codex-rs/core/src/compact.rs b/codex-rs/core/src/compact.rs index 4dc4c34e996..6ffb779d389 100644 --- a/codex-rs/core/src/compact.rs +++ b/codex-rs/core/src/compact.rs @@ -8,12 +8,14 @@ use crate::hook_runtime::PostCompactHookOutcome; use crate::hook_runtime::PreCompactHookOutcome; use crate::hook_runtime::run_post_compact_hooks; use crate::hook_runtime::run_pre_compact_hooks; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::responses_metadata::CodexResponsesRequestKind; +use crate::responses_metadata::CompactionTurnMetadata; #[cfg(test)] use crate::session::PreviousTurnSettings; use crate::session::session::Session; use crate::session::turn::get_last_assistant_message_from_turn; use crate::session::turn_context::TurnContext; -use crate::turn_metadata::CompactionTurnMetadata; use crate::util::backoff; use codex_analytics::CodexCompactionEvent; use codex_analytics::CompactionImplementation; @@ -143,17 +145,17 @@ async fn run_compact_task_inner( let pre_compact_outcome = run_pre_compact_hooks(&sess, &turn_context, trigger).await; match pre_compact_outcome { PreCompactHookOutcome::Continue => {} - PreCompactHookOutcome::Stopped { reason } => { - let error = reason.unwrap_or_else(|| "PreCompact hook stopped execution".to_string()); + PreCompactHookOutcome::Stopped => { + let error = CodexErr::TurnAborted; attempt .track( sess.as_ref(), CompactionStatus::Interrupted, - Some(error), - /*active_context_tokens_before*/ None, + Some(&error), + CompactionAnalyticsDetails::default(), ) .await; - return Err(CodexErr::TurnAborted); + return Err(error); } } let result = run_compact_task_inner_impl( @@ -165,7 +167,7 @@ async fn run_compact_task_inner( ) .await; let status = compaction_status_from_result(&result); - let error = result.as_ref().err().map(ToString::to_string); + let codex_error = result.as_ref().err(); if result.is_ok() { let post_compact_outcome = run_post_compact_hooks(&sess, &turn_context, trigger).await; if let PostCompactHookOutcome::Stopped = post_compact_outcome { @@ -173,8 +175,8 @@ async fn run_compact_task_inner( .track( sess.as_ref(), status, - error, - /*active_context_tokens_before*/ None, + codex_error, + CompactionAnalyticsDetails::default(), ) .await; return Err(CodexErr::TurnAborted); @@ -184,8 +186,8 @@ async fn run_compact_task_inner( .track( sess.as_ref(), status, - error, - /*active_context_tokens_before*/ None, + codex_error, + CompactionAnalyticsDetails::default(), ) .await; result.map(|_| ()) @@ -215,6 +217,12 @@ async fn run_compact_task_inner_impl( // Reuse one client session so turn-scoped state (sticky routing, websocket incremental // request tracking) // survives retries within this compact turn. + let window_id = sess.current_window_id().await; + let responses_metadata = turn_context.turn_metadata_state.to_responses_metadata( + sess.installation_id.clone(), + window_id, + CodexResponsesRequestKind::Compaction(compaction_metadata), + ); loop { // Clone is required because of the loop @@ -228,15 +236,11 @@ async fn run_compact_task_inner_impl( personality: turn_context.personality, ..Default::default() }; - let window_id = sess.services.model_client.current_window_id(); - let turn_metadata_header = turn_context - .turn_metadata_state - .current_header_value_for_compaction(&window_id, compaction_metadata); let attempt_result = drain_to_completed( &sess, turn_context.as_ref(), &mut client_session, - turn_metadata_header.as_deref(), + &responses_metadata, &prompt, ) .await; @@ -293,6 +297,7 @@ async fn run_compact_task_inner_impl( let user_messages = collect_user_messages(history_items); let mut new_history = build_compacted_history(Vec::new(), &user_messages, &summary_text); + let window_id = sess.advance_auto_compact_window_id().await; if matches!( initial_context_injection, @@ -309,6 +314,7 @@ async fn run_compact_task_inner_impl( let compacted_item = CompactedItem { message: summary_text.clone(), replacement_history: Some(new_history.clone()), + window_id: Some(window_id), }; sess.replace_compacted_history(new_history, reference_context_item, compacted_item) .await; @@ -335,6 +341,14 @@ pub(crate) struct CompactionAnalyticsAttempt { start_instant: Instant, } +#[derive(Clone, Copy, Default)] +pub(crate) struct CompactionAnalyticsDetails { + pub(crate) active_context_tokens_before: Option, + pub(crate) retained_image_count: Option, + pub(crate) compaction_summary_tokens: Option, + pub(crate) cached_input_tokens: Option, +} + impl CompactionAnalyticsAttempt { pub(crate) async fn begin( sess: &Session, @@ -362,9 +376,15 @@ impl CompactionAnalyticsAttempt { self, sess: &Session, status: CompactionStatus, - error: Option, - active_context_tokens_before: Option, + codex_error: Option<&CodexErr>, + details: CompactionAnalyticsDetails, ) { + let CompactionAnalyticsDetails { + active_context_tokens_before, + retained_image_count, + compaction_summary_tokens, + cached_input_tokens, + } = details; let active_context_tokens_before = active_context_tokens_before.unwrap_or(self.active_context_tokens_before); let active_context_tokens_after = sess.get_total_token_usage().await; @@ -379,9 +399,14 @@ impl CompactionAnalyticsAttempt { phase: self.phase, strategy: CompactionStrategy::Memento, status, - error, + codex_error_kind: codex_error.map(Into::into), + codex_error_http_status_code: codex_error + .and_then(CodexErr::http_status_code_value), active_context_tokens_before, active_context_tokens_after, + retained_image_count, + compaction_summary_tokens, + cached_input_tokens, started_at: self.started_at, completed_at: now_unix_seconds(), duration_ms: Some( @@ -565,7 +590,7 @@ async fn drain_to_completed( sess: &Session, turn_context: &TurnContext, client_session: &mut ModelClientSession, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, prompt: &Prompt, ) -> CodexResult<()> { let mut stream = client_session @@ -573,10 +598,10 @@ async fn drain_to_completed( prompt, &turn_context.model_info, &turn_context.session_telemetry, - turn_context.reasoning_effort, + turn_context.reasoning_effort.clone(), turn_context.reasoning_summary, turn_context.config.service_tier.clone(), - turn_metadata_header, + responses_metadata, // Rollout tracing currently models remote compaction only; local compaction streams // are left untraced until the reducer has a first-class local compaction lifecycle. &InferenceTraceContext::disabled(), diff --git a/codex-rs/core/src/compact_remote.rs b/codex-rs/core/src/compact_remote.rs index 444b1c3a69f..0822d0f0a65 100644 --- a/codex-rs/core/src/compact_remote.rs +++ b/codex-rs/core/src/compact_remote.rs @@ -3,20 +3,20 @@ use std::sync::Arc; use crate::Prompt; use crate::client::CompactConversationRequestSettings; use crate::compact::CompactionAnalyticsAttempt; +use crate::compact::CompactionAnalyticsDetails; use crate::compact::InitialContextInjection; use crate::compact::compaction_status_from_result; use crate::compact::insert_initial_context_before_last_real_user_or_summary; use crate::context_manager::ContextManager; -use crate::context_manager::TotalTokenUsageBreakdown; -use crate::context_manager::estimate_response_item_model_visible_bytes; use crate::hook_runtime::PostCompactHookOutcome; use crate::hook_runtime::PreCompactHookOutcome; use crate::hook_runtime::run_post_compact_hooks; use crate::hook_runtime::run_pre_compact_hooks; +use crate::responses_metadata::CodexResponsesRequestKind; +use crate::responses_metadata::CompactionTurnMetadata; use crate::session::session::Session; use crate::session::turn::built_tools; use crate::session::turn_context::TurnContext; -use crate::turn_metadata::CompactionTurnMetadata; use codex_analytics::CompactionImplementation; use codex_analytics::CompactionPhase; use codex_analytics::CompactionReason; @@ -34,9 +34,7 @@ use codex_protocol::protocol::CompactedItem; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::TurnStartedEvent; use codex_rollout_trace::CompactionCheckpointTracePayload; -use futures::TryFutureExt; use tokio_util::sync::CancellationToken; -use tracing::error; use tracing::info; const CONTEXT_WINDOW_TRUNCATED_OUTPUT_MESSAGE: &str = @@ -100,7 +98,10 @@ async fn run_remote_compact_task_inner( CompactionImplementation::ResponsesCompact, phase, ); - let mut active_context_tokens_before = sess.get_total_token_usage().await; + let mut analytics_details = CompactionAnalyticsDetails { + active_context_tokens_before: Some(sess.get_total_token_usage().await), + ..Default::default() + }; let attempt = CompactionAnalyticsAttempt::begin( sess.as_ref(), turn_context.as_ref(), @@ -113,17 +114,17 @@ async fn run_remote_compact_task_inner( let pre_compact_outcome = run_pre_compact_hooks(sess, turn_context, trigger).await; match pre_compact_outcome { PreCompactHookOutcome::Continue => {} - PreCompactHookOutcome::Stopped { reason } => { - let error = reason.unwrap_or_else(|| "PreCompact hook stopped execution".to_string()); + PreCompactHookOutcome::Stopped => { + let error = CodexErr::TurnAborted; attempt .track( sess.as_ref(), codex_analytics::CompactionStatus::Interrupted, - Some(error), - Some(active_context_tokens_before), + Some(&error), + analytics_details, ) .await; - return Err(CodexErr::TurnAborted); + return Err(error); } } let result = run_remote_compact_task_inner_impl( @@ -131,32 +132,22 @@ async fn run_remote_compact_task_inner( turn_context, initial_context_injection, compaction_metadata, - &mut active_context_tokens_before, + &mut analytics_details, ) .await; let status = compaction_status_from_result(&result); - let error = result.as_ref().err().map(ToString::to_string); + let codex_error = result.as_ref().err(); if result.is_ok() { let post_compact_outcome = run_post_compact_hooks(sess, turn_context, trigger).await; if let PostCompactHookOutcome::Stopped = post_compact_outcome { attempt - .track( - sess.as_ref(), - status, - error, - Some(active_context_tokens_before), - ) + .track(sess.as_ref(), status, codex_error, analytics_details) .await; return Err(CodexErr::TurnAborted); } } attempt - .track( - sess.as_ref(), - status, - error.clone(), - Some(active_context_tokens_before), - ) + .track(sess.as_ref(), status, codex_error, analytics_details) .await; if let Err(err) = result { sess.track_turn_codex_error(turn_context, &err); @@ -174,7 +165,7 @@ async fn run_remote_compact_task_inner_impl( turn_context: &Arc, initial_context_injection: InitialContextInjection, compaction_metadata: CompactionTurnMetadata, - active_context_tokens_before: &mut i64, + analytics_details: &mut CompactionAnalyticsDetails, ) -> CodexResult<()> { let context_compaction_item = ContextCompactionItem::new(); // Use the UI compaction item ID as the trace compaction ID so protocol lifecycle events, @@ -205,11 +196,14 @@ async fn run_remote_compact_task_inner_impl( } if estimated_deleted_tokens > 0 { let max_local_deleted_tokens = sess - .get_total_token_usage_breakdown() - .await - .estimated_tokens_of_items_added_since_last_successful_api_response; - *active_context_tokens_before = (*active_context_tokens_before) - .saturating_sub(estimated_deleted_tokens.min(max_local_deleted_tokens)); + .estimated_tokens_after_last_model_generated_item() + .await; + analytics_details.active_context_tokens_before = analytics_details + .active_context_tokens_before + .map(|active_context_tokens_before| { + active_context_tokens_before + .saturating_sub(estimated_deleted_tokens.min(max_local_deleted_tokens)) + }); } // This is the history selected for remote compaction, after any output rewriting required to // fit the compact endpoint. The checkpoint below records it separately from the next sampling @@ -231,10 +225,12 @@ async fn run_remote_compact_task_inner_impl( output_schema: None, output_schema_strict: true, }; - let window_id = sess.services.model_client.current_window_id(); - let turn_metadata_header = turn_context - .turn_metadata_state - .current_header_value_for_compaction(&window_id, compaction_metadata); + let window_id = sess.current_window_id().await; + let responses_metadata = turn_context.turn_metadata_state.to_responses_metadata( + sess.installation_id.clone(), + window_id, + CodexResponsesRequestKind::Compaction(compaction_metadata), + ); let mut new_history = sess .services .model_client @@ -242,7 +238,7 @@ async fn run_remote_compact_task_inner_impl( &prompt, &turn_context.model_info, CompactConversationRequestSettings { - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: turn_context.reasoning_summary, service_tier: if sess.services.auth_manager.auth_mode() == Some(AuthMode::ApiKey) { None @@ -252,21 +248,10 @@ async fn run_remote_compact_task_inner_impl( }, &turn_context.session_telemetry, &compaction_trace, - turn_metadata_header.as_deref(), + &responses_metadata, ) - .or_else(|err| async { - let total_usage_breakdown = sess.get_total_token_usage_breakdown().await; - let compact_request_log_data = - build_compact_request_log_data(&prompt.input, &prompt.base_instructions.text); - log_remote_compact_failure( - turn_context, - &compact_request_log_data, - total_usage_breakdown, - &err, - ); - Err(err) - }) .await?; + let new_window_id = sess.advance_auto_compact_window_id().await; new_history = process_compacted_history( sess.as_ref(), turn_context.as_ref(), @@ -282,6 +267,7 @@ async fn run_remote_compact_task_inner_impl( let compacted_item = CompactedItem { message: String::new(), replacement_history: Some(new_history.clone()), + window_id: Some(new_window_id), }; // Install is the semantic boundary where the compact endpoint's output becomes live // thread history. Keep it distinct from the later inference request so the reducer can @@ -348,6 +334,7 @@ pub(crate) fn should_keep_compacted_history_item(item: &ResponseItem) -> bool { } ResponseItem::Message { role, .. } if role == "assistant" => true, ResponseItem::Message { .. } => false, + ResponseItem::AgentMessage { .. } => true, ResponseItem::Compaction { .. } | ResponseItem::ContextCompaction { .. } => true, ResponseItem::CompactionTrigger => false, ResponseItem::Reasoning { .. } @@ -364,47 +351,6 @@ pub(crate) fn should_keep_compacted_history_item(item: &ResponseItem) -> bool { } } -#[derive(Debug)] -pub(crate) struct CompactRequestLogData { - failing_compaction_request_model_visible_bytes: i64, -} - -pub(crate) fn build_compact_request_log_data( - input: &[ResponseItem], - instructions: &str, -) -> CompactRequestLogData { - let failing_compaction_request_model_visible_bytes = input - .iter() - .map(estimate_response_item_model_visible_bytes) - .fold( - i64::try_from(instructions.len()).unwrap_or(i64::MAX), - i64::saturating_add, - ); - - CompactRequestLogData { - failing_compaction_request_model_visible_bytes, - } -} - -pub(crate) fn log_remote_compact_failure( - turn_context: &TurnContext, - log_data: &CompactRequestLogData, - total_usage_breakdown: TotalTokenUsageBreakdown, - err: &CodexErr, -) { - error!( - turn_id = %turn_context.sub_id, - last_api_response_total_tokens = total_usage_breakdown.last_api_response_total_tokens, - all_history_items_model_visible_bytes = total_usage_breakdown.all_history_items_model_visible_bytes, - estimated_tokens_of_items_added_since_last_successful_api_response = total_usage_breakdown.estimated_tokens_of_items_added_since_last_successful_api_response, - estimated_bytes_of_items_added_since_last_successful_api_response = total_usage_breakdown.estimated_bytes_of_items_added_since_last_successful_api_response, - model_context_window_tokens = ?turn_context.model_context_window(), - failing_compaction_request_model_visible_bytes = log_data.failing_compaction_request_model_visible_bytes, - compact_error = %err, - "remote compaction failed" - ); -} - pub(crate) fn trim_function_call_history_to_fit_context_window( history: &mut ContextManager, turn_context: &TurnContext, diff --git a/codex-rs/core/src/compact_remote_v2.rs b/codex-rs/core/src/compact_remote_v2.rs index ac64f7f0f2f..047c2527cb8 100644 --- a/codex-rs/core/src/compact_remote_v2.rs +++ b/codex-rs/core/src/compact_remote_v2.rs @@ -5,10 +5,9 @@ use crate::ResponseStream; use crate::client::ModelClientSession; use crate::client_common::ResponseEvent; use crate::compact::CompactionAnalyticsAttempt; +use crate::compact::CompactionAnalyticsDetails; use crate::compact::InitialContextInjection; use crate::compact::compaction_status_from_result; -use crate::compact_remote::build_compact_request_log_data; -use crate::compact_remote::log_remote_compact_failure; use crate::compact_remote::process_compacted_history; use crate::compact_remote::should_keep_compacted_history_item; use crate::compact_remote::trim_function_call_history_to_fit_context_window; @@ -16,17 +15,18 @@ use crate::hook_runtime::PostCompactHookOutcome; use crate::hook_runtime::PreCompactHookOutcome; use crate::hook_runtime::run_post_compact_hooks; use crate::hook_runtime::run_pre_compact_hooks; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::responses_metadata::CodexResponsesRequestKind; +use crate::responses_metadata::CompactionTurnMetadata; use crate::responses_retry::ResponsesStreamRequest; use crate::responses_retry::handle_retryable_response_stream_error; use crate::session::session::Session; use crate::session::turn::built_tools; use crate::session::turn_context::TurnContext; -use crate::turn_metadata::CompactionTurnMetadata; use codex_analytics::CompactionImplementation; use codex_analytics::CompactionPhase; use codex_analytics::CompactionReason; use codex_analytics::CompactionTrigger; -use codex_features::Feature; use codex_protocol::error::CodexErr; use codex_protocol::error::Result as CodexResult; use codex_protocol::items::ContextCompactionItem; @@ -113,7 +113,10 @@ async fn run_remote_compact_task_inner( CompactionImplementation::ResponsesCompactionV2, phase, ); - let mut active_context_tokens_before = sess.get_total_token_usage().await; + let mut analytics_details = CompactionAnalyticsDetails { + active_context_tokens_before: Some(sess.get_total_token_usage().await), + ..Default::default() + }; let attempt = CompactionAnalyticsAttempt::begin( sess.as_ref(), turn_context.as_ref(), @@ -126,17 +129,17 @@ async fn run_remote_compact_task_inner( let pre_compact_outcome = run_pre_compact_hooks(sess, turn_context, trigger).await; match pre_compact_outcome { PreCompactHookOutcome::Continue => {} - PreCompactHookOutcome::Stopped { reason } => { - let error = reason.unwrap_or_else(|| "PreCompact hook stopped execution".to_string()); + PreCompactHookOutcome::Stopped => { + let error = CodexErr::TurnAborted; attempt .track( sess.as_ref(), codex_analytics::CompactionStatus::Interrupted, - Some(error), - Some(active_context_tokens_before), + Some(&error), + analytics_details, ) .await; - return Err(CodexErr::TurnAborted); + return Err(error); } } let result = run_remote_compact_task_inner_impl( @@ -145,32 +148,22 @@ async fn run_remote_compact_task_inner( client_session, initial_context_injection, compaction_metadata, - &mut active_context_tokens_before, + &mut analytics_details, ) .await; let status = compaction_status_from_result(&result); - let error = result.as_ref().err().map(ToString::to_string); + let codex_error = result.as_ref().err(); if result.is_ok() { let post_compact_outcome = run_post_compact_hooks(sess, turn_context, trigger).await; if let PostCompactHookOutcome::Stopped = post_compact_outcome { attempt - .track( - sess.as_ref(), - status, - error, - Some(active_context_tokens_before), - ) + .track(sess.as_ref(), status, codex_error, analytics_details) .await; return Err(CodexErr::TurnAborted); } } attempt - .track( - sess.as_ref(), - status, - error.clone(), - Some(active_context_tokens_before), - ) + .track(sess.as_ref(), status, codex_error, analytics_details) .await; if let Err(err) = result { sess.track_turn_codex_error(turn_context, &err); @@ -189,7 +182,7 @@ async fn run_remote_compact_task_inner_impl( client_session: Option<&mut ModelClientSession>, initial_context_injection: InitialContextInjection, compaction_metadata: CompactionTurnMetadata, - active_context_tokens_before: &mut i64, + analytics_details: &mut CompactionAnalyticsDetails, ) -> CodexResult<()> { let context_compaction_item = ContextCompactionItem::new(); let compaction_trace = sess.services.rollout_thread_trace.compaction_trace_context( @@ -219,11 +212,14 @@ async fn run_remote_compact_task_inner_impl( } if estimated_deleted_tokens > 0 { let max_local_deleted_tokens = sess - .get_total_token_usage_breakdown() - .await - .estimated_tokens_of_items_added_since_last_successful_api_response; - *active_context_tokens_before = (*active_context_tokens_before) - .saturating_sub(estimated_deleted_tokens.min(max_local_deleted_tokens)); + .estimated_tokens_after_last_model_generated_item() + .await; + analytics_details.active_context_tokens_before = analytics_details + .active_context_tokens_before + .map(|active_context_tokens_before| { + active_context_tokens_before + .saturating_sub(estimated_deleted_tokens.min(max_local_deleted_tokens)) + }); } let trace_input_history = history.raw_items().to_vec(); @@ -246,10 +242,12 @@ async fn run_remote_compact_task_inner_impl( output_schema_strict: true, }; - let window_id = sess.services.model_client.current_window_id(); - let turn_metadata_header = turn_context - .turn_metadata_state - .current_header_value_for_compaction(&window_id, compaction_metadata); + let window_id = sess.current_window_id().await; + let responses_metadata = turn_context.turn_metadata_state.to_responses_metadata( + sess.installation_id.clone(), + window_id, + CodexResponsesRequestKind::Compaction(compaction_metadata), + ); let trace_attempt = compaction_trace.start_attempt(&serde_json::json!({ "model": turn_context.model_info.slug.as_str(), "instructions": prompt.base_instructions.text.as_str(), @@ -270,7 +268,7 @@ async fn run_remote_compact_task_inner_impl( turn_context, client_session, &prompt, - turn_metadata_header.as_deref(), + &responses_metadata, ) .await; @@ -281,13 +279,17 @@ async fn run_remote_compact_task_inner_impl( ); let RemoteCompactionV2Output { compaction_output, - response_id, token_usage, } = compaction_output_result?; if let Some(token_usage) = token_usage { - *active_context_tokens_before = token_usage.input_tokens; + analytics_details.active_context_tokens_before = Some(token_usage.input_tokens); + analytics_details.compaction_summary_tokens = Some(token_usage.output_tokens); + analytics_details.cached_input_tokens = Some(token_usage.cached_input_tokens); } - let compacted_history = build_v2_compacted_history(&prompt_input, compaction_output); + let (compacted_history, retained_images) = + build_v2_compacted_history(&prompt_input, compaction_output); + analytics_details.retained_image_count = Some(retained_images); + let new_window_id = sess.advance_auto_compact_window_id().await; let new_history = process_compacted_history( sess.as_ref(), turn_context.as_ref(), @@ -303,6 +305,7 @@ async fn run_remote_compact_task_inner_impl( let compacted_item = CompactedItem { message: String::new(), replacement_history: Some(new_history.clone()), + window_id: Some(new_window_id), }; compaction_trace.record_installed(&CompactionCheckpointTracePayload { input_history: &trace_input_history, @@ -314,18 +317,11 @@ async fn run_remote_compact_task_inner_impl( sess.emit_turn_item_completed(turn_context, compaction_item) .await; - if turn_context - .features - .enabled(Feature::ResponsesWebsocketResponseProcessed) - { - client_session.send_response_processed(&response_id).await; - } Ok(()) } struct RemoteCompactionV2Output { compaction_output: ResponseItem, - response_id: String, token_usage: Option, } @@ -334,7 +330,7 @@ async fn run_remote_compaction_request_v2( turn_context: &TurnContext, client_session: &mut ModelClientSession, prompt: &Prompt, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, ) -> CodexResult { let max_retries = turn_context .provider @@ -348,10 +344,10 @@ async fn run_remote_compaction_request_v2( prompt, &turn_context.model_info, &turn_context.session_telemetry, - turn_context.reasoning_effort, + turn_context.reasoning_effort.clone(), turn_context.reasoning_summary, turn_context.config.service_tier.clone(), - turn_metadata_header, + responses_metadata, &InferenceTraceContext::disabled(), ) .await @@ -362,12 +358,9 @@ async fn run_remote_compaction_request_v2( match result { Ok(compaction_output) => return Ok(compaction_output), - Err(err) if !err.is_retryable() => { - log_remote_compaction_request_failure(sess, turn_context, prompt, &err).await; - return Err(err); - } + Err(err) if !err.is_retryable() => return Err(err), Err(err) => { - if let Err(err) = handle_retryable_response_stream_error( + handle_retryable_response_stream_error( &mut retries, max_retries, err, @@ -376,40 +369,19 @@ async fn run_remote_compaction_request_v2( turn_context, ResponsesStreamRequest::RemoteCompactionV2, ) - .await - { - log_remote_compaction_request_failure(sess, turn_context, prompt, &err).await; - return Err(err); - } + .await?; } } } } -async fn log_remote_compaction_request_failure( - sess: &Session, - turn_context: &TurnContext, - prompt: &Prompt, - err: &CodexErr, -) { - let total_usage_breakdown = sess.get_total_token_usage_breakdown().await; - let compact_request_log_data = - build_compact_request_log_data(&prompt.input, &prompt.base_instructions.text); - log_remote_compact_failure( - turn_context, - &compact_request_log_data, - total_usage_breakdown, - err, - ); -} - async fn collect_compaction_output( mut stream: ResponseStream, ) -> CodexResult { let mut output_item_count = 0usize; let mut compaction_count = 0usize; let mut compaction_output = None; - let mut completed_response_id = None; + let mut saw_completed = false; let mut completed_token_usage = None; while let Some(event) = stream.next().await { match event? { @@ -422,12 +394,8 @@ async fn collect_compaction_output( } } } - ResponseEvent::Completed { - response_id, - token_usage, - .. - } => { - completed_response_id = Some(response_id); + ResponseEvent::Completed { token_usage, .. } => { + saw_completed = true; completed_token_usage = token_usage; break; } @@ -435,12 +403,12 @@ async fn collect_compaction_output( } } - let Some(response_id) = completed_response_id else { + if !saw_completed { return Err(CodexErr::Stream( "remote compaction v2 stream closed before response.completed".to_string(), None, )); - }; + } if compaction_count != 1 { return Err(CodexErr::Fatal(format!( @@ -453,7 +421,6 @@ async fn collect_compaction_output( }; Ok(RemoteCompactionV2Output { compaction_output, - response_id, token_usage: completed_token_usage, }) } @@ -461,7 +428,7 @@ async fn collect_compaction_output( fn build_v2_compacted_history( prompt_input: &[ResponseItem], compaction_output: ResponseItem, -) -> Vec { +) -> (Vec, usize) { let retained = prompt_input .iter() .filter(|item| is_retained_for_remote_compaction_v2(item)) @@ -470,8 +437,12 @@ fn build_v2_compacted_history( .collect::>(); let mut retained = truncate_retained_messages_for_remote_compaction(retained, RETAINED_MESSAGE_TOKEN_BUDGET); + let retained_image_count = retained + .iter() + .map(retained_input_image_count) + .sum::(); retained.push(compaction_output); - retained + (retained, retained_image_count) } fn is_retained_for_remote_compaction_v2(item: &ResponseItem) -> bool { @@ -482,6 +453,17 @@ fn is_retained_for_remote_compaction_v2(item: &ResponseItem) -> bool { matches!(role.as_str(), "user" | "developer" | "system") } +fn retained_input_image_count(item: &ResponseItem) -> usize { + let ResponseItem::Message { content, .. } = item else { + return 0; + }; + + content + .iter() + .filter(|item| matches!(item, ContentItem::InputImage { .. })) + .count() +} + fn truncate_retained_messages_for_remote_compaction( items: Vec, max_tokens: usize, @@ -631,7 +613,7 @@ mod tests { encrypted_content: "new".to_string(), }; - let history = build_v2_compacted_history(&input, output.clone()); + let (history, _) = build_v2_compacted_history(&input, output.clone()); assert_eq!( history, @@ -658,11 +640,40 @@ mod tests { encrypted_content: "new".to_string(), }; - let history = build_v2_compacted_history(&input, output.clone()); + let (history, _) = build_v2_compacted_history(&input, output.clone()); assert_eq!(history, vec![old, new, output]); } + #[test] + fn build_v2_compacted_history_counts_retained_input_images() { + let input = vec![ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ + ContentItem::InputText { + text: "user".to_string(), + }, + ContentItem::InputImage { + image_url: "data:image/png;base64,abc".to_string(), + detail: None, + }, + ContentItem::InputImage { + image_url: "data:image/png;base64,def".to_string(), + detail: None, + }, + ], + phase: None, + }]; + let output = ResponseItem::Compaction { + encrypted_content: "new".to_string(), + }; + + let (_, retained_image_count) = build_v2_compacted_history(&input, output); + + assert_eq!(retained_image_count, 2); + } + #[test] fn retained_history_truncation_keeps_newest_messages_first() { let middle = message("user", "middle1234", /*phase*/ None); @@ -804,7 +815,6 @@ mod tests { .expect("compaction should be collected"); assert_eq!(output.compaction_output, compaction); - assert_eq!(output.response_id, "resp-compact"); assert_eq!( output.token_usage, Some(TokenUsage { diff --git a/codex-rs/core/src/compact_tests.rs b/codex-rs/core/src/compact_tests.rs index 69bd95f2df0..550a7ec8467 100644 --- a/codex-rs/core/src/compact_tests.rs +++ b/codex-rs/core/src/compact_tests.rs @@ -483,6 +483,7 @@ async fn process_compacted_history_reinjects_model_switch_message() { }]; let previous_turn_settings = PreviousTurnSettings { model: "previous-regular-model".to_string(), + comp_hash: None, realtime_active: None, }; diff --git a/codex-rs/core/src/config/agent_roles.rs b/codex-rs/core/src/config/agent_roles.rs index abdef33e7d8..dfcec2eac81 100644 --- a/codex-rs/core/src/config/agent_roles.rs +++ b/codex-rs/core/src/config/agent_roles.rs @@ -7,6 +7,7 @@ use codex_config::config_toml::ConfigToml; use codex_exec_server::ExecutorFileSystem; use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_absolute_path::AbsolutePathBufGuard; +use codex_utils_path_uri::PathUri; use serde::Deserialize; use std::collections::BTreeMap; use std::collections::BTreeSet; @@ -319,7 +320,8 @@ async fn read_resolved_agent_role_file( path: &AbsolutePathBuf, role_name_hint: Option<&str>, ) -> std::io::Result { - let contents = fs.read_file_text(path, /*sandbox*/ None).await?; + let path_uri = PathUri::from_abs_path(path)?; + let contents = fs.read_file_text(&path_uri, /*sandbox*/ None).await?; let config_base_dir = path.parent().unwrap_or_else(|| path.clone()); parse_agent_role_file_contents( &contents, @@ -391,8 +393,9 @@ async fn validate_agent_role_config_file( return Ok(()); }; + let config_file_uri = PathUri::from_abs_path(config_file)?; let metadata = fs - .get_metadata(config_file, /*sandbox*/ None) + .get_metadata(&config_file_uri, /*sandbox*/ None) .await .map_err(|e| { std::io::Error::new( @@ -522,7 +525,8 @@ async fn collect_agent_role_files( let mut files = Vec::new(); let mut dirs = vec![dir.clone()]; while let Some(dir) = dirs.pop() { - let entries = match fs.read_directory(&dir, /*sandbox*/ None).await { + let dir_uri = PathUri::from_abs_path(&dir)?; + let entries = match fs.read_directory(&dir_uri, /*sandbox*/ None).await { Ok(entries) => entries, Err(err) if err.kind() == ErrorKind::NotFound => continue, Err(err) => return Err(err), diff --git a/codex-rs/core/src/config/config_loader_tests.rs b/codex-rs/core/src/config/config_loader_tests.rs index 5edecebec03..87a46fd14a5 100644 --- a/codex-rs/core/src/config/config_loader_tests.rs +++ b/codex-rs/core/src/config/config_loader_tests.rs @@ -31,7 +31,7 @@ use codex_config::test_support::CloudConfigBundleFixture; use codex_exec_server::LOCAL_FS; use codex_protocol::config_types::TrustLevel; use codex_protocol::config_types::WebSearchMode; -use codex_protocol::models::BUILT_IN_PERMISSION_PROFILE_READ_ONLY; +use codex_protocol::models::BUILT_IN_PERMISSION_PROFILE_DANGER_FULL_ACCESS; use codex_protocol::models::BUILT_IN_PERMISSION_PROFILE_WORKSPACE; use codex_protocol::models::PermissionProfile; use codex_protocol::protocol::AskForApproval; @@ -1375,7 +1375,10 @@ default_permissions = "managed-standard" tokio::fs::write( &requirements_path, r#" -allowed_permissions = ["managed-standard"] +default_permissions = "managed-standard" + +[allowed_permission_profiles] +managed-standard = true [permissions.managed-standard] extends = ":workspace" @@ -1397,8 +1400,8 @@ extends = ":workspace" config .config_layer_stack .requirements_toml() - .allowed_permissions, - Some(vec!["managed-standard".to_string()]) + .allowed_permission_profiles, + Some(BTreeMap::from([("managed-standard".to_string(), true)])) ); assert_eq!( config @@ -1411,26 +1414,9 @@ extends = ":workspace" } #[tokio::test] -async fn system_allowed_permissions_keep_builtin_permission_fallbacks() -> anyhow::Result<()> { - for (trust_level, expected_profile) in [ - ( - Some(TrustLevel::Trusted), - if cfg!(target_os = "windows") { - BUILT_IN_PERMISSION_PROFILE_READ_ONLY - } else { - BUILT_IN_PERMISSION_PROFILE_WORKSPACE - }, - ), - ( - Some(TrustLevel::Untrusted), - if cfg!(target_os = "windows") { - BUILT_IN_PERMISSION_PROFILE_READ_ONLY - } else { - BUILT_IN_PERMISSION_PROFILE_WORKSPACE - }, - ), - (None, BUILT_IN_PERMISSION_PROFILE_READ_ONLY), - ] { +async fn system_allowed_permission_profiles_select_managed_default_without_local_default() +-> anyhow::Result<()> { + for trust_level in [Some(TrustLevel::Trusted), Some(TrustLevel::Untrusted), None] { let tmp = tempdir()?; let codex_home = tmp.path().join("home"); tokio::fs::create_dir_all(&codex_home).await?; @@ -1447,10 +1433,17 @@ async fn system_allowed_permissions_keep_builtin_permission_fallbacks() -> anyho tokio::fs::write( &requirements_path, r#" -allowed_permissions = ["managed-standard"] +default_permissions = "managed-standard" + +[allowed_permission_profiles] +managed-build = true +managed-standard = true [permissions.managed-standard.filesystem] ":workspace_roots" = "read" + +[permissions.managed-build] +extends = ":workspace" "#, ) .await?; @@ -1470,15 +1463,225 @@ allowed_permissions = ["managed-standard"] .permissions .active_permission_profile() .map(|profile| profile.id), - Some(expected_profile.to_string()), + Some("managed-standard".to_string()), "trust level {trust_level:?}", ); + assert!( + !config.startup_warnings.iter().any(|warning| warning + .contains("Configured value for `permission_profile` is disallowed")), + "{:?}", + config.startup_warnings + ); } Ok(()) } #[tokio::test] -async fn system_allowed_permissions_keep_explicit_builtin_defaults() -> anyhow::Result<()> { +async fn system_allowed_permission_profiles_require_managed_default() -> anyhow::Result<()> { + let tmp = tempdir()?; + let codex_home = tmp.path().join("home"); + tokio::fs::create_dir_all(&codex_home).await?; + let requirements_path = tmp.path().join("requirements.toml"); + tokio::fs::write( + &requirements_path, + r#" +[permissions.managed-standard] +extends = ":read-only" + +[allowed_permission_profiles] +managed-standard = true +"#, + ) + .await?; + + let mut overrides = LoaderOverrides::without_managed_config_for_tests(); + overrides.system_requirements_path = Some(requirements_path); + let err = ConfigBuilder::default() + .codex_home(codex_home) + .fallback_cwd(Some(tmp.path().to_path_buf())) + .loader_overrides(overrides) + .build() + .await + .expect_err("allowed_permission_profiles without default_permissions should fail"); + + assert!( + err.to_string().contains( + "default_permissions must be set unless allowed_permission_profiles allows both" + ), + "{err}" + ); + Ok(()) +} + +#[tokio::test] +async fn system_allowed_permission_profiles_standard_pair_defaults_to_workspace() +-> anyhow::Result<()> { + let tmp = tempdir()?; + let codex_home = tmp.path().join("home"); + tokio::fs::create_dir_all(&codex_home).await?; + let requirements_path = tmp.path().join("requirements.toml"); + tokio::fs::write( + &requirements_path, + r#" +[allowed_permission_profiles] +":read-only" = true +":workspace" = true +"#, + ) + .await?; + + let mut overrides = LoaderOverrides::without_managed_config_for_tests(); + overrides.system_requirements_path = Some(requirements_path); + let config = ConfigBuilder::default() + .codex_home(codex_home) + .fallback_cwd(Some(tmp.path().to_path_buf())) + .loader_overrides(overrides) + .build() + .await?; + + assert_eq!( + config + .permissions + .active_permission_profile() + .map(|profile| profile.id), + Some(BUILT_IN_PERMISSION_PROFILE_WORKSPACE.to_string()) + ); + Ok(()) +} + +#[tokio::test] +async fn system_managed_default_must_be_allowed() -> anyhow::Result<()> { + let tmp = tempdir()?; + let codex_home = tmp.path().join("home"); + tokio::fs::create_dir_all(&codex_home).await?; + let requirements_path = tmp.path().join("requirements.toml"); + tokio::fs::write( + &requirements_path, + r#" +default_permissions = "managed-build" + +[allowed_permission_profiles] +managed-standard = true + +[permissions.managed-standard] +extends = ":read-only" + +[permissions.managed-build] +extends = ":workspace" +"#, + ) + .await?; + + let mut overrides = LoaderOverrides::without_managed_config_for_tests(); + overrides.system_requirements_path = Some(requirements_path); + let err = ConfigBuilder::default() + .codex_home(codex_home) + .fallback_cwd(Some(tmp.path().to_path_buf())) + .loader_overrides(overrides) + .build() + .await + .expect_err("managed default outside allowed_permission_profiles should fail"); + + assert!( + err.to_string().contains( + "default_permissions `managed-build` must be allowed by allowed_permission_profiles" + ), + "{err}" + ); + Ok(()) +} + +#[tokio::test] +async fn system_managed_default_requires_allowed_permission_profiles() -> anyhow::Result<()> { + let tmp = tempdir()?; + let codex_home = tmp.path().join("home"); + tokio::fs::create_dir_all(&codex_home).await?; + let requirements_path = tmp.path().join("requirements.toml"); + tokio::fs::write( + &requirements_path, + r#" +default_permissions = ":read-only" +"#, + ) + .await?; + + let mut overrides = LoaderOverrides::without_managed_config_for_tests(); + overrides.system_requirements_path = Some(requirements_path); + let err = ConfigBuilder::default() + .codex_home(codex_home) + .fallback_cwd(Some(tmp.path().to_path_buf())) + .loader_overrides(overrides) + .build() + .await + .expect_err("managed default without allowed_permission_profiles should fail"); + + assert!( + err.to_string() + .contains("default_permissions requires allowed_permission_profiles"), + "{err}" + ); + Ok(()) +} + +#[tokio::test] +async fn system_allowed_permission_profiles_fall_back_from_disallowed_danger_full_access() +-> anyhow::Result<()> { + let tmp = tempdir()?; + let codex_home = tmp.path().join("home"); + tokio::fs::create_dir_all(&codex_home).await?; + tokio::fs::write( + codex_home.join(CONFIG_TOML_FILE), + format!( + r#" +default_permissions = "{BUILT_IN_PERMISSION_PROFILE_DANGER_FULL_ACCESS}" +"# + ), + ) + .await?; + let requirements_path = tmp.path().join("requirements.toml"); + tokio::fs::write( + &requirements_path, + r#" +default_permissions = "managed-standard" + +[allowed_permission_profiles] +managed-standard = true + +[permissions.managed-standard.filesystem] +":workspace_roots" = "read" +"#, + ) + .await?; + + let cwd = AbsolutePathBuf::from_absolute_path(tmp.path())?; + let mut overrides = LoaderOverrides::without_managed_config_for_tests(); + overrides.system_requirements_path = Some(requirements_path); + let config = ConfigBuilder::default() + .codex_home(codex_home) + .fallback_cwd(Some(cwd.to_path_buf())) + .loader_overrides(overrides) + .build() + .await?; + + assert_eq!( + config + .permissions + .active_permission_profile() + .map(|profile| profile.id), + Some("managed-standard".to_string()) + ); + assert!( + config.startup_warnings.iter().any(|warning| warning + .contains("Configured value for `permission_profile` is disallowed by requirements")), + "{:?}", + config.startup_warnings + ); + Ok(()) +} + +#[tokio::test] +async fn system_allowed_permission_profiles_fall_back_from_disallowed_workspace() +-> anyhow::Result<()> { let tmp = tempdir()?; let codex_home = tmp.path().join("home"); tokio::fs::create_dir_all(&codex_home).await?; @@ -1493,7 +1696,10 @@ default_permissions = ":workspace" tokio::fs::write( &requirements_path, r#" -allowed_permissions = ["managed-standard"] +default_permissions = "managed-standard" + +[allowed_permission_profiles] +managed-standard = true [permissions.managed-standard.filesystem] ":workspace_roots" = "read" @@ -1516,7 +1722,13 @@ allowed_permissions = ["managed-standard"] .permissions .active_permission_profile() .map(|profile| profile.id), - Some(BUILT_IN_PERMISSION_PROFILE_WORKSPACE.to_string()) + Some("managed-standard".to_string()) + ); + assert!( + config.startup_warnings.iter().any(|warning| warning + .contains("Configured value for `permission_profile` is disallowed by requirements")), + "{:?}", + config.startup_warnings ); Ok(()) } @@ -1538,7 +1750,11 @@ default_permissions = "managed-build" tokio::fs::write( &requirements_path, r#" -allowed_permissions = ["managed-standard", "managed-build"] +default_permissions = "managed-standard" + +[allowed_permission_profiles] +managed-build = true +managed-standard = true [permissions.managed-standard] extends = ":read-only" @@ -1579,7 +1795,10 @@ async fn system_requirements_warn_for_disallowed_explicit_permission_override() tokio::fs::write( &requirements_path, r#" -allowed_permissions = ["managed-standard"] +default_permissions = "managed-standard" + +[allowed_permission_profiles] +managed-standard = true [permissions.managed-standard] extends = ":workspace" diff --git a/codex-rs/core/src/config/config_tests.rs b/codex-rs/core/src/config/config_tests.rs index dac8286749f..9072cff3c24 100644 --- a/codex-rs/core/src/config/config_tests.rs +++ b/codex-rs/core/src/config/config_tests.rs @@ -1,5 +1,3 @@ -use crate::agents_md::DEFAULT_AGENTS_MD_FILENAME; -use crate::agents_md::LOCAL_AGENTS_MD_FILENAME; use crate::config::edit::ConfigEdit; use crate::config::edit::ConfigEditsBuilder; use crate::config::edit::apply_blocking; @@ -205,53 +203,6 @@ async fn load_config_normalizes_relative_cwd_override() -> std::io::Result<()> { Ok(()) } -#[tokio::test] -async fn load_config_loads_global_agents_instructions() -> std::io::Result<()> { - let codex_home = tempdir()?; - std::fs::write( - codex_home.path().join(DEFAULT_AGENTS_MD_FILENAME), - "\n global instructions \n", - )?; - - let mut config = Config::load_from_base_config_with_overrides( - ConfigToml::default(), - ConfigOverrides::default(), - codex_home.abs(), - ) - .await?; - let _ = config.features.enable(Feature::MemoryTool); - - assert_eq!( - config.user_instructions.as_deref(), - Some("global instructions") - ); - Ok(()) -} - -#[tokio::test] -async fn load_config_prefers_global_agents_override_instructions() -> std::io::Result<()> { - let codex_home = tempdir()?; - std::fs::write( - codex_home.path().join(DEFAULT_AGENTS_MD_FILENAME), - "global instructions", - )?; - let global_agents_override_path = codex_home.path().join(LOCAL_AGENTS_MD_FILENAME); - std::fs::write(&global_agents_override_path, "local override instructions")?; - - let config = Config::load_from_base_config_with_overrides( - ConfigToml::default(), - ConfigOverrides::default(), - codex_home.abs(), - ) - .await?; - - assert_eq!( - config.user_instructions.as_deref(), - Some("local override instructions") - ); - Ok(()) -} - #[tokio::test] async fn test_toml_parsing() { let history_with_persistence = r#" @@ -476,6 +427,32 @@ async fn load_config_resolves_experimental_request_user_input_enabled() -> std:: Ok(()) } +#[tokio::test] +async fn load_config_resolves_code_mode_config() -> std::io::Result<()> { + let codex_home = tempdir()?; + let config_toml: ConfigToml = toml::from_str( + r#" +[features.code_mode] +enabled = true +excluded_tool_namespaces = ["mcp__codex_apps", "multi_agent_v1"] +"#, + ) + .expect("TOML deserialization should succeed"); + let config = Config::load_from_base_config_with_overrides( + config_toml, + ConfigOverrides::default(), + codex_home.abs(), + ) + .await?; + + assert_eq!( + config.code_mode.excluded_tool_namespaces, + vec!["mcp__codex_apps".to_string(), "multi_agent_v1".to_string()] + ); + assert!(config.features.enabled(Feature::CodeMode)); + Ok(()) +} + #[test] fn rejects_provider_auth_with_env_key() { let err = toml::from_str::( @@ -4370,13 +4347,14 @@ async fn rebuild_preserving_session_layers_refreshes_plugin_derived_mcp_config() .await?; let plugins_manager = PluginsManager::new(codex_home.path().to_path_buf()); let mcp_config = config.to_mcp_config(&plugins_manager).await; + let configured_servers = mcp_config.mcp_server_catalog.configured_servers(); assert_eq!( - mcp_config.configured_mcp_servers.get("sample"), + configured_servers.get("sample"), Some(&http_mcp("https://sample.example/mcp")) ); assert_eq!( - mcp_config.plugin_ids_by_mcp_server_name, + mcp_config.mcp_server_catalog.plugin_ids_by_server_name(), HashMap::from([("sample".to_string(), "sample@test".to_string())]) ); @@ -4426,12 +4404,18 @@ enabled = true .await?; let plugins_manager = PluginsManager::new(codex_home.path().to_path_buf()); let mcp_config = config.to_mcp_config(&plugins_manager).await; + let configured_servers = mcp_config.mcp_server_catalog.configured_servers(); assert_eq!( - mcp_config.configured_mcp_servers.get("sample"), + configured_servers.get("sample"), Some(&http_mcp("https://user.example/mcp")) ); - assert!(mcp_config.plugin_ids_by_mcp_server_name.is_empty()); + assert!( + mcp_config + .mcp_server_catalog + .plugin_ids_by_server_name() + .is_empty() + ); Ok(()) } @@ -4488,17 +4472,16 @@ url = "https://sample.example/mcp" .await?; let plugins_manager = PluginsManager::new(codex_home.path().to_path_buf()); let mcp_config = config.to_mcp_config(&plugins_manager).await; + let configured_servers = mcp_config.mcp_server_catalog.configured_servers(); assert_eq!( - mcp_config - .configured_mcp_servers + configured_servers .get("sample") .map(|server| (server.enabled, server.disabled_reason.clone())), Some((true, None)) ); assert_eq!( - mcp_config - .configured_mcp_servers + configured_servers .get("unlisted") .map(|server| (server.enabled, server.disabled_reason.clone())), Some(( @@ -4561,10 +4544,10 @@ enabled = true .await?; let plugins_manager = PluginsManager::new(codex_home.path().to_path_buf()); let mcp_config = config.to_mcp_config(&plugins_manager).await; + let configured_servers = mcp_config.mcp_server_catalog.configured_servers(); assert_eq!( - mcp_config - .configured_mcp_servers + configured_servers .get("sample") .map(|server| (server.enabled, server.disabled_reason.clone())), Some(( @@ -5466,14 +5449,9 @@ async fn to_mcp_config_preserves_apps_feature_from_config() -> std::io::Result<( .await?; let plugins_manager = PluginsManager::new(codex_home.path().to_path_buf()); - config.apps_mcp_path_override = Some("/custom/mcp".to_string()); config.apps_mcp_product_sku = Some("tpp".to_string()); let mcp_config = config.to_mcp_config(&plugins_manager).await; assert!(mcp_config.apps_enabled); - assert_eq!( - mcp_config.apps_mcp_path_override.as_deref(), - Some("/custom/mcp") - ); assert_eq!(mcp_config.apps_mcp_product_sku.as_deref(), Some("tpp")); let _ = config.features.disable(Feature::Apps); @@ -8317,7 +8295,8 @@ async fn test_requirements_web_search_mode_allowlist_does_not_warn_when_unset() allowed_approval_policies: None, allowed_approvals_reviewers: None, allowed_sandbox_modes: None, - allowed_permissions: None, + allowed_permission_profiles: None, + default_permissions: None, remote_sandbox_config: None, allowed_web_search_modes: Some(vec![codex_config::WebSearchModeRequirement::Cached]), allow_managed_hooks_only: None, @@ -8827,84 +8806,6 @@ allow_login_shell = false Ok(()) } -#[tokio::test] -async fn config_loads_apps_mcp_path_override_from_feature_config() -> std::io::Result<()> { - let codex_home = TempDir::new()?; - let toml = r#" -model = "gpt-5.4" - -[features.apps_mcp_path_override] -path = "/custom/mcp" -"#; - let cfg: ConfigToml = - toml::from_str(toml).expect("TOML deserialization should succeed for apps MCP feature"); - - let config = Config::load_from_base_config_with_overrides( - cfg, - ConfigOverrides::default(), - codex_home.abs(), - ) - .await?; - - assert_eq!( - config.apps_mcp_path_override.as_deref(), - Some("/custom/mcp") - ); - Ok(()) -} - -#[tokio::test] -async fn config_defaults_enabled_apps_mcp_path_override_to_plugin_service() -> std::io::Result<()> { - let codex_home = TempDir::new()?; - let toml = r#" -model = "gpt-5.4" - -[features] -apps_mcp_path_override = true -"#; - let cfg: ConfigToml = - toml::from_str(toml).expect("TOML deserialization should succeed for apps MCP feature"); - - let config = Config::load_from_base_config_with_overrides( - cfg, - ConfigOverrides::default(), - codex_home.abs(), - ) - .await?; - - assert!(config.features.enabled(Feature::AppsMcpPathOverride)); - assert_eq!(config.apps_mcp_path_override.as_deref(), Some("/ps/mcp")); - Ok(()) -} - -#[tokio::test] -async fn config_preserves_explicit_apps_mcp_path_override_path() -> std::io::Result<()> { - let codex_home = TempDir::new()?; - let toml = r#" -model = "gpt-5.4" - -[features.apps_mcp_path_override] -enabled = true -path = "/custom/mcp" -"#; - let cfg: ConfigToml = - toml::from_str(toml).expect("TOML deserialization should succeed for apps MCP feature"); - - let config = Config::load_from_base_config_with_overrides( - cfg, - ConfigOverrides::default(), - codex_home.abs(), - ) - .await?; - - assert_eq!( - config.apps_mcp_path_override.as_deref(), - Some("/custom/mcp") - ); - assert!(config.features.enabled(Feature::AppsMcpPathOverride)); - Ok(()) -} - #[tokio::test] async fn config_loads_apps_mcp_product_sku_from_toml() -> std::io::Result<()> { let codex_home = TempDir::new()?; @@ -9879,10 +9780,7 @@ enabled = true .build() .await?; - assert_eq!(config.multi_agent_v2.max_concurrent_threads_per_session, 4); - assert_eq!(config.multi_agent_v2.min_wait_timeout_ms, 10_000); - assert_eq!(config.multi_agent_v2.max_wait_timeout_ms, 3_600_000); - assert_eq!(config.multi_agent_v2.default_wait_timeout_ms, 30_000); + assert_eq!(config.multi_agent_v2, MultiAgentV2Config::default()); assert_eq!( ( config.agent_max_threads, @@ -9890,36 +9788,32 @@ enabled = true ), (None, Some(3)) ); - assert_eq!( - config.multi_agent_v2.root_agent_usage_hint_text.as_deref(), - Some(DEFAULT_MULTI_AGENT_V2_ROOT_AGENT_USAGE_HINT_TEXT) - ); - assert!( - !config - .multi_agent_v2 - .root_agent_usage_hint_text - .as_deref() - .unwrap_or_default() - .contains("maximum concurrency"), - ); - assert_eq!( - config.multi_agent_v2.subagent_usage_hint_text.as_deref(), - Some(DEFAULT_MULTI_AGENT_V2_SUBAGENT_USAGE_HINT_TEXT) - ); - assert!( - !config - .multi_agent_v2 - .subagent_usage_hint_text - .as_deref() - .unwrap_or_default() - .contains("maximum concurrency"), - ); - assert!(config.multi_agent_v2.hide_spawn_agent_metadata); - assert!(config.multi_agent_v2.non_code_mode_only); Ok(()) } +#[test] +fn multi_agent_v2_default_usage_hints_use_configured_thread_cap() { + let config_toml = toml::from_str( + r#"[features.multi_agent_v2] +enabled = true +max_concurrent_threads_per_session = 17 +"#, + ) + .expect("multi-agent v2 config should parse"); + + let config = resolve_multi_agent_v2_config(&config_toml); + let concurrency_guidance = "There are 17 available concurrency slots, meaning that up to 17 agents can be active at once, including you."; + assert!( + [ + config.root_agent_usage_hint_text, + config.subagent_usage_hint_text, + ] + .into_iter() + .all(|hint| hint.is_some_and(|hint| hint.ends_with(concurrency_guidance))) + ); +} + #[tokio::test] async fn multi_agent_v2_empty_usage_hint_overrides_clear_default_hints() -> std::io::Result<()> { let codex_home = TempDir::new()?; diff --git a/codex-rs/core/src/config/edit.rs b/codex-rs/core/src/config/edit.rs index 862660ba2e1..2d7a41323b7 100644 --- a/codex-rs/core/src/config/edit.rs +++ b/codex-rs/core/src/config/edit.rs @@ -225,7 +225,7 @@ impl ConfigDocument { ); mutated |= self.write_optional_value( &["model_reasoning_effort"], - effort.map(|effort| value(effort.to_string())), + effort.as_ref().map(|effort| value(effort.to_string())), ); mutated }), diff --git a/codex-rs/core/src/config/mod.rs b/codex-rs/core/src/config/mod.rs index 2c3cd4d6c33..1c3942853e1 100644 --- a/codex-rs/core/src/config/mod.rs +++ b/codex-rs/core/src/config/mod.rs @@ -1,4 +1,3 @@ -use crate::agents_md::AgentsMdManager; use crate::config::edit::ConfigEdit; use crate::config::edit::ConfigEditsBuilder; use crate::path_utils::normalize_for_native_workdir; @@ -57,7 +56,7 @@ use codex_config::types::WindowsSandboxModeToml; use codex_core_plugins::PluginsConfigInput; use codex_exec_server::ExecutorFileSystem; use codex_exec_server::LOCAL_FS; -use codex_features::AppsMcpPathOverrideConfigToml; +use codex_features::CodeModeConfigToml; use codex_features::Feature; use codex_features::FeatureConfigSource; use codex_features::FeatureOverrides; @@ -70,6 +69,8 @@ use codex_git_utils::resolve_root_git_project_for_trust; use codex_install_context::InstallContext; use codex_login::AuthManagerConfig; use codex_mcp::McpConfig; +use codex_mcp::McpServerRegistration; +use codex_mcp::ResolvedMcpCatalog; use codex_memories_read::memory_root; use codex_model_provider_info::LEGACY_OLLAMA_CHAT_PROVIDER_ID; use codex_model_provider_info::ModelProviderInfo; @@ -101,8 +102,10 @@ use codex_protocol::permissions::NetworkSandboxPolicy; use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::MultiAgentVersion; use codex_protocol::protocol::SandboxPolicy; +pub use codex_thread_store::ExtraConfig; use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_absolute_path::AbsolutePathBufGuard; +use codex_utils_path_uri::PathUri; use rmcp::model::ElicitationCapability; use rmcp::model::FormElicitationCapability; use rmcp::model::UrlElicitationCapability; @@ -111,12 +114,12 @@ use serde::Serialize; use std::collections::BTreeMap; use std::collections::HashMap; use std::collections::HashSet; -use std::collections::hash_map::Entry; use std::io::ErrorKind; use std::path::Path; use std::path::PathBuf; use std::sync::Arc; +use crate::config::permissions::BUILT_IN_READ_ONLY_PROFILE; use crate::config::permissions::BUILT_IN_WORKSPACE_PROFILE; use crate::config::permissions::apply_network_proxy_feature_config; use crate::config::permissions::builtin_permission_profile; @@ -199,7 +202,7 @@ All agents in the team, including the agents that you can assign tasks to, are e You can use `spawn_agent` to create a new agent, `followup_task` to give an existing agent a new task and trigger a turn, and `send_message` to pass a message to a running agent without triggering a turn. Child agents can also spawn their own sub-agents. You can decide how much context you want to propagate to your sub-agents with the `fork_turns` parameter. -Use multi-agent capabilities only when there is a real reason to split the work; handle trivial or simple tasks directly. +Default to doing the work yourself. Spawn sub-agents only for concrete, bounded subtasks that can run independently alongside useful local work and are likely to materially shorten completion time. Do not delegate simple tasks, small edits, routine searches, or work you can complete quickly yourself. You will receive messages in the analysis channel in the form: ``` @@ -216,7 +219,7 @@ You can spawn sub-agents to handle subtasks, and those sub-agents can spawn thei You can use `spawn_agent` to create a new agent, `followup_task` to give an existing agent a new task and trigger a turn, and `send_message` to pass a message to a running agent. Child agents can also spawn their own sub-agents. -Use multi-agent capabilities only when there is a real reason to split the work; handle trivial or simple tasks directly. +Default to doing the work yourself. Spawn sub-agents only for concrete, bounded subtasks that can run independently alongside useful local work and are likely to materially shorten completion time. Do not delegate simple tasks, small edits, routine searches, or work you can complete quickly yourself. When you provide a response in the final channel, that content is immediately delivered back to your parent agent. @@ -230,6 +233,13 @@ Payload: ``` You may also see them addressed as to=/root/..., which indicates your identity is /root/... "#; + +fn default_multi_agent_v2_usage_hint_text(usage_hint_text: &str, max_concurrency: usize) -> String { + format!( + "{usage_hint_text}\nThere are {max_concurrency} available concurrency slots, meaning that up to {max_concurrency} agents can be active at once, including you." + ) +} + pub(crate) const HARD_MIN_MULTI_AGENT_V2_TIMEOUT_MS: i64 = 0; pub(crate) const HARD_MAX_MULTI_AGENT_V2_TIMEOUT_MS: i64 = DEFAULT_MULTI_AGENT_V2_MAX_WAIT_TIMEOUT_MS; @@ -643,9 +653,6 @@ pub struct Config { /// Defaults to `false`. pub show_raw_agent_reasoning: bool, - /// User-provided instructions from AGENTS.md. - pub user_instructions: Option, - /// Base instructions override. pub base_instructions: Option, @@ -867,6 +874,9 @@ pub struct Config { /// When true, session is not persisted on disk. Default to `false` pub ephemeral: bool, + /// Optional extra configuration fields for the thread. + pub extra_config: Option, + /// Whether enabled hooks should run without requiring persisted hook trust for this session. /// /// This is a runtime-only knob populated from invocation overrides, not from config files. @@ -924,9 +934,6 @@ pub struct Config { /// Base URL for requests to ChatGPT (as opposed to the OpenAI API). pub chatgpt_base_url: String, - /// Optional path override for the host-owned apps MCP server. - pub apps_mcp_path_override: Option, - /// Optional product SKU forwarded to the host-owned apps MCP server. pub apps_mcp_product_sku: Option, @@ -977,6 +984,9 @@ pub struct Config { /// Whether to register the experimental request_user_input tool. pub experimental_request_user_input_enabled: bool, + /// Configuration for the experimental code-mode tool surface. + pub code_mode: CodeModeConfig, + /// If set to `true`, used only the experimental unified exec tool. pub use_experimental_unified_exec_tool: bool, @@ -1029,6 +1039,11 @@ pub struct Config { pub otel: codex_config::types::OtelConfig, } +#[derive(Debug, Clone, Default, PartialEq, Eq, Serialize)] +pub struct CodeModeConfig { + pub excluded_tool_namespaces: Vec, +} + #[derive(Debug, Clone, PartialEq, Eq, Serialize)] pub struct MultiAgentV2Config { pub max_concurrent_threads_per_session: usize, @@ -1044,22 +1059,23 @@ pub struct MultiAgentV2Config { pub non_code_mode_only: bool, } -impl Default for MultiAgentV2Config { - fn default() -> Self { +impl MultiAgentV2Config { + fn defaults_for_max_concurrency(max_concurrent_threads_per_session: usize) -> Self { Self { - max_concurrent_threads_per_session: - DEFAULT_MULTI_AGENT_V2_MAX_CONCURRENT_THREADS_PER_SESSION, + max_concurrent_threads_per_session, min_wait_timeout_ms: DEFAULT_MULTI_AGENT_V2_MIN_WAIT_TIMEOUT_MS, max_wait_timeout_ms: DEFAULT_MULTI_AGENT_V2_MAX_WAIT_TIMEOUT_MS, default_wait_timeout_ms: DEFAULT_MULTI_AGENT_V2_DEFAULT_WAIT_TIMEOUT_MS, usage_hint_enabled: true, usage_hint_text: None, - root_agent_usage_hint_text: Some( - DEFAULT_MULTI_AGENT_V2_ROOT_AGENT_USAGE_HINT_TEXT.to_string(), - ), - subagent_usage_hint_text: Some( - DEFAULT_MULTI_AGENT_V2_SUBAGENT_USAGE_HINT_TEXT.to_string(), - ), + root_agent_usage_hint_text: Some(default_multi_agent_v2_usage_hint_text( + DEFAULT_MULTI_AGENT_V2_ROOT_AGENT_USAGE_HINT_TEXT, + max_concurrent_threads_per_session, + )), + subagent_usage_hint_text: Some(default_multi_agent_v2_usage_hint_text( + DEFAULT_MULTI_AGENT_V2_SUBAGENT_USAGE_HINT_TEXT, + max_concurrent_threads_per_session, + )), tool_namespace: None, hide_spawn_agent_metadata: true, non_code_mode_only: true, @@ -1067,6 +1083,14 @@ impl Default for MultiAgentV2Config { } } +impl Default for MultiAgentV2Config { + fn default() -> Self { + Self::defaults_for_max_concurrency( + DEFAULT_MULTI_AGENT_V2_MAX_CONCURRENT_THREADS_PER_SESSION, + ) + } +} + #[derive(Debug, Clone, Copy, PartialEq, Eq, Default)] pub enum TerminalResizeReflowMaxRows { /// Use the runtime terminal detector to choose a scrollback-sized cap. @@ -1368,12 +1392,18 @@ impl Config { ) -> McpConfig { let plugins_input = self.plugins_config_input(); let loaded_plugins = plugins_manager.plugins_for_config(&plugins_input).await; - let mut configured_mcp_servers = self.mcp_servers.get().clone(); - let mut plugin_ids_by_mcp_server_name = HashMap::new(); - for plugin in loaded_plugins + let mut catalog = ResolvedMcpCatalog::builder(); + let empty_mcp_allowlist = self + .config_layer_stack + .requirements() + .mcp_servers + .as_ref() + .filter(|requirements| requirements.value.is_empty()); + for (plugin_order, plugin) in loaded_plugins .plugins() .iter() .filter(|plugin| plugin.is_active()) + .enumerate() { let mut plugin_mcp_servers = plugin.mcp_servers.clone(); filter_plugin_mcp_servers_by_requirements( @@ -1381,26 +1411,25 @@ impl Config { &mut plugin_mcp_servers, self.config_layer_stack.requirements().plugins.as_ref(), ); + filter_mcp_servers_by_requirements(&mut plugin_mcp_servers, empty_mcp_allowlist); for (name, plugin_server) in plugin_mcp_servers { - if let Entry::Vacant(entry) = configured_mcp_servers.entry(name.clone()) { - entry.insert(plugin_server); - plugin_ids_by_mcp_server_name.insert(name, plugin.config_name.clone()); - } + catalog.register(McpServerRegistration::from_plugin( + name, + plugin.config_name.clone(), + plugin_order, + plugin_server, + )); } } - if let Some(mcp_requirements) = self.config_layer_stack.requirements().mcp_servers.as_ref() - && mcp_requirements.value.is_empty() - { - // A present empty allowlist bans configurable MCPs, including plugin MCPs merged - // above. - filter_mcp_servers_by_requirements(&mut configured_mcp_servers, Some(mcp_requirements)); + for (name, server) in self.mcp_servers.get() { + catalog.register(McpServerRegistration::from_config( + name.clone(), + server.clone(), + )); } - plugin_ids_by_mcp_server_name - .retain(|server_name, _| configured_mcp_servers.contains_key(server_name)); McpConfig { chatgpt_base_url: self.chatgpt_base_url.clone(), - apps_mcp_path_override: self.apps_mcp_path_override.clone(), apps_mcp_product_sku: self.apps_mcp_product_sku.clone(), codex_home: self.codex_home.to_path_buf(), mcp_oauth_credentials_store_mode: self.mcp_oauth_credentials_store_mode, @@ -1424,8 +1453,7 @@ impl Config { // indicates this should be an empty object. ElicitationCapability::default() }, - configured_mcp_servers, - plugin_ids_by_mcp_server_name, + mcp_server_catalog: catalog.build(), plugin_capability_summaries: loaded_plugins.capability_summaries().to_vec(), } } @@ -2235,9 +2263,9 @@ pub struct ConfigOverrides { pub bypass_hook_trust: Option, /// Additional directories that should be treated as writable roots for this session. pub additional_writable_roots: Vec, - /// Explicit runtime workspace roots for this session. When set, this is - /// the full runtime root list rather than an additive override. - pub workspace_roots: Option>, + /// Explicit absolute runtime workspace roots for this session. When set, + /// this is the full runtime root list rather than an additive override. + pub workspace_roots: Option>, } fn dedupe_absolute_paths(paths: &mut Vec) { @@ -2290,13 +2318,24 @@ fn resolve_experimental_request_user_input_enabled(config_toml: &ConfigToml) -> .is_none_or(|config| config.enabled) } +fn resolve_code_mode_config(config_toml: &ConfigToml) -> CodeModeConfig { + let base = code_mode_toml_config(config_toml.features.as_ref()); + + CodeModeConfig { + excluded_tool_namespaces: base + .and_then(|config| config.excluded_tool_namespaces.as_ref()) + .cloned() + .unwrap_or_default(), + } +} + fn resolve_multi_agent_v2_config(config_toml: &ConfigToml) -> MultiAgentV2Config { let base = multi_agent_v2_toml_config(config_toml.features.as_ref()); - let default = MultiAgentV2Config::default(); - let max_concurrent_threads_per_session = base .and_then(|config| config.max_concurrent_threads_per_session) - .unwrap_or(default.max_concurrent_threads_per_session); + .unwrap_or(DEFAULT_MULTI_AGENT_V2_MAX_CONCURRENT_THREADS_PER_SESSION); + let default = + MultiAgentV2Config::defaults_for_max_concurrency(max_concurrent_threads_per_session); let min_wait_timeout_ms = base .and_then(|config| config.min_wait_timeout_ms) .unwrap_or(default.min_wait_timeout_ms); @@ -2372,17 +2411,15 @@ fn resolve_optional_prompt_text( } } -fn multi_agent_v2_toml_config(features: Option<&FeaturesToml>) -> Option<&MultiAgentV2ConfigToml> { - match features?.multi_agent_v2.as_ref()? { +fn code_mode_toml_config(features: Option<&FeaturesToml>) -> Option<&CodeModeConfigToml> { + match features?.code_mode.as_ref()? { FeatureToml::Enabled(_) => None, FeatureToml::Config(config) => Some(config), } } -fn apps_mcp_path_override_toml_config( - features: Option<&FeaturesToml>, -) -> Option<&AppsMcpPathOverrideConfigToml> { - match features?.apps_mcp_path_override.as_ref()? { +fn multi_agent_v2_toml_config(features: Option<&FeaturesToml>) -> Option<&MultiAgentV2ConfigToml> { + match features?.multi_agent_v2.as_ref()? { FeatureToml::Enabled(_) => None, FeatureToml::Config(config) => Some(config), } @@ -2573,13 +2610,6 @@ impl Config { .startup_warnings() .unwrap_or_default() .to_vec(); - let user_instructions = AgentsMdManager::load_global_instructions( - LOCAL_FS.as_ref(), - Some(&codex_home), - &mut startup_warnings, - ) - .await - .map(|loaded| loaded.contents); // Destructure ConfigOverrides fully to ensure all overrides are applied. let ConfigOverrides { @@ -2794,12 +2824,7 @@ impl Config { || !requested_additional_writable_roots.is_empty() || legacy_workspace_roots_explicit; let mut workspace_roots = match workspace_roots_override { - Some(workspace_roots) => workspace_roots - .into_iter() - .map(|path| { - AbsolutePathBuf::resolve_path_against_base(path, resolved_cwd.as_path()) - }) - .collect(), + Some(workspace_roots) => workspace_roots, None => { let mut workspace_roots = vec![resolved_cwd.clone()]; workspace_roots.extend(requested_additional_writable_roots.clone()); @@ -3013,15 +3038,8 @@ impl Config { let web_search_config = resolve_web_search_config(&cfg); let experimental_request_user_input_enabled = resolve_experimental_request_user_input_enabled(&cfg); + let code_mode = resolve_code_mode_config(&cfg); let multi_agent_v2 = resolve_multi_agent_v2_config(&cfg); - let apps_mcp_path_override = if features.enabled(Feature::AppsMcpPathOverride) { - let base = apps_mcp_path_override_toml_config(cfg.features.as_ref()); - base.and_then(|config| config.path.as_ref()) - .cloned() - .or_else(|| Some("/ps/mcp".to_string())) - } else { - None - }; let terminal_resize_reflow = resolve_terminal_resize_reflow_config(&cfg); let agent_roles = @@ -3430,7 +3448,6 @@ impl Config { approvals_reviewer: constrained_approvals_reviewer.value(), enforce_residency: enforce_residency.value, notify: cfg.notify, - user_instructions, base_instructions, personality, developer_instructions, @@ -3501,6 +3518,7 @@ impl Config { config_layer_stack, history, ephemeral: ephemeral.unwrap_or_default(), + extra_config: None, bypass_hook_trust, file_opener: cfg.file_opener.unwrap_or(UriBasedFileOpener::VsCode), codex_self_exe, @@ -3523,7 +3541,6 @@ impl Config { chatgpt_base_url: cfg .chatgpt_base_url .unwrap_or("https://chatgpt.com/backend-api/".to_string()), - apps_mcp_path_override, apps_mcp_product_sku: cfg.apps_mcp_product_sku.clone(), realtime_audio: cfg .audio @@ -3554,6 +3571,7 @@ impl Config { web_search_mode: constrained_web_search_mode.value, web_search_config, experimental_request_user_input_enabled, + code_mode, use_experimental_unified_exec_tool, background_terminal_max_timeout, ghost_snapshot, @@ -3644,8 +3662,9 @@ impl Config { return Ok(None); }; + let path_uri = PathUri::from_abs_path(path)?; let contents = fs - .read_file_text(path, /*sandbox*/ None) + .read_file_text(&path_uri, /*sandbox*/ None) .await .map_err(|e| { std::io::Error::new( @@ -3811,7 +3830,9 @@ fn resolve_effective_permission_selection<'a>( Ok(EffectivePermissionSelection { profiles, selected_profile_id, - requirements_force_profile_selection: requirements_toml.allowed_permissions.is_some(), + requirements_force_profile_selection: requirements_toml + .allowed_permission_profiles + .is_some(), }) } @@ -3821,28 +3842,36 @@ fn resolve_default_permissions<'a>( requirements_toml: &'a ConfigRequirementsToml, startup_warnings: &mut Vec, ) -> std::io::Result> { - let allowed_permissions = requirements_toml.allowed_permissions.as_ref(); - let mut default_permissions = default_permissions_override.or(configured_default_permissions); - if let (Some(selected_permissions), Some(allowed_permissions)) = - (default_permissions, allowed_permissions) - && !is_builtin_permission_profile_name(selected_permissions) - && !allowed_permissions - .iter() - .any(|allowed_permission| allowed_permission == selected_permissions) - { - let Some(fallback_permissions) = allowed_permissions.first().map(String::as_str) else { - return Err(std::io::Error::new( - ErrorKind::InvalidInput, - "requirements.toml allowed_permissions must include at least one profile", - )); - }; - startup_warnings.push(format!( - "Configured value for `permission_profile` is disallowed by requirements; falling back from `{selected_permissions}` to required value `{fallback_permissions}`." + let selected_permissions = default_permissions_override.or(configured_default_permissions); + let Some(allowed_permission_profiles) = requirements_toml.allowed_permission_profiles.as_ref() + else { + return Ok(selected_permissions); + }; + let Some(fallback_permissions) = requirements_toml + .default_permissions + .as_deref() + .or_else(|| implicit_default_permissions(allowed_permission_profiles)) + else { + return Err(std::io::Error::new( + ErrorKind::InvalidInput, + "requirements.toml default_permissions must be set unless allowed_permission_profiles allows both `:workspace` and `:read-only`", )); - default_permissions = Some(fallback_permissions); - } + }; - Ok(default_permissions) + match selected_permissions { + None => Ok(Some(fallback_permissions)), + Some(selected_permissions) + if is_permission_allowed(allowed_permission_profiles, selected_permissions) => + { + Ok(Some(selected_permissions)) + } + Some(selected_permissions) => { + startup_warnings.push(format!( + "Configured value for `permission_profile` is disallowed by requirements; falling back from `{selected_permissions}` to required value `{fallback_permissions}`." + )); + Ok(Some(fallback_permissions)) + } + } } fn validate_required_permission_profile_catalog( @@ -3856,30 +3885,67 @@ fn validate_required_permission_profile_catalog( .is_some_and(|permissions| permissions.entries.contains_key(profile_id)) }; - let Some(allowed_permissions) = requirements_toml.allowed_permissions.as_ref() else { + let Some(allowed_permission_profiles) = requirements_toml.allowed_permission_profiles.as_ref() + else { + if requirements_toml.default_permissions.is_some() { + return Err(std::io::Error::new( + ErrorKind::InvalidInput, + "requirements.toml default_permissions requires allowed_permission_profiles", + )); + } return Ok(()); }; - if allowed_permissions.is_empty() { - return Err(std::io::Error::new( - ErrorKind::InvalidInput, - "requirements.toml allowed_permissions must include at least one profile", - )); - } - - for profile_id in allowed_permissions { + for profile_id in allowed_permission_profiles.keys() { if !is_known_profile(profile_id) { return Err(std::io::Error::new( ErrorKind::InvalidInput, format!( - "requirements.toml allowed_permissions refers to undefined profile `{profile_id}`" + "requirements.toml allowed_permission_profiles refers to undefined profile `{profile_id}`" ), )); } } + let Some(default_permissions) = requirements_toml + .default_permissions + .as_deref() + .or_else(|| implicit_default_permissions(allowed_permission_profiles)) + else { + return Err(std::io::Error::new( + ErrorKind::InvalidInput, + "requirements.toml default_permissions must be set unless allowed_permission_profiles allows both `:workspace` and `:read-only`", + )); + }; + if !is_permission_allowed(allowed_permission_profiles, default_permissions) { + return Err(std::io::Error::new( + ErrorKind::InvalidInput, + format!( + "requirements.toml default_permissions `{default_permissions}` must be allowed by allowed_permission_profiles" + ), + )); + } + Ok(()) } +fn implicit_default_permissions( + allowed_permission_profiles: &BTreeMap, +) -> Option<&'static str> { + (is_permission_allowed(allowed_permission_profiles, BUILT_IN_WORKSPACE_PROFILE) + && is_permission_allowed(allowed_permission_profiles, BUILT_IN_READ_ONLY_PROFILE)) + .then_some(BUILT_IN_WORKSPACE_PROFILE) +} + +fn is_permission_allowed( + allowed_permission_profiles: &BTreeMap, + profile_id: &str, +) -> bool { + allowed_permission_profiles + .get(profile_id) + .copied() + .unwrap_or(false) +} + fn normalize_guardian_policy_config(value: Option<&str>) -> Option { value.and_then(|value| { let trimmed = value.trim(); diff --git a/codex-rs/core/src/config/network_proxy_spec.rs b/codex-rs/core/src/config/network_proxy_spec.rs index 631a826ac71..653e6987f30 100644 --- a/codex-rs/core/src/config/network_proxy_spec.rs +++ b/codex-rs/core/src/config/network_proxy_spec.rs @@ -1,8 +1,8 @@ -use async_trait::async_trait; use codex_config::NetworkConstraints; use codex_execpolicy::Policy; use codex_network_proxy::BlockedRequestObserver; use codex_network_proxy::ConfigReloader; +use codex_network_proxy::ConfigReloaderFuture; use codex_network_proxy::ConfigState; use codex_network_proxy::NetworkDecision; use codex_network_proxy::NetworkPolicyDecider; @@ -58,14 +58,13 @@ impl StaticNetworkProxyReloader { } } -#[async_trait] impl ConfigReloader for StaticNetworkProxyReloader { - async fn maybe_reload(&self) -> anyhow::Result> { - Ok(None) + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(async { Ok(None) }) } - async fn reload_now(&self) -> anyhow::Result { - Ok(self.state.clone()) + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(async { Ok(self.state.clone()) }) } fn source_label(&self) -> String { diff --git a/codex-rs/core/src/config_lock.rs b/codex-rs/core/src/config_lock.rs index 14ee7e11051..f99ded0bf8b 100644 --- a/codex-rs/core/src/config_lock.rs +++ b/codex-rs/core/src/config_lock.rs @@ -125,6 +125,9 @@ fn config_lock_for_comparison( ) -> ConfigLockfileToml { let mut lockfile = lockfile.clone(); clear_config_lock_debug_controls(&mut lockfile.config); + if let Some(features) = lockfile.config.features.as_mut() { + features.clear_removed_compatibility_entries(); + } if options.allow_codex_version_mismatch { lockfile.codex_version.clear(); } diff --git a/codex-rs/core/src/connectors.rs b/codex-rs/core/src/connectors.rs index 7a8344b3d7a..8ccf51ef5f6 100644 --- a/codex-rs/core/src/connectors.rs +++ b/codex-rs/core/src/connectors.rs @@ -1,4 +1,3 @@ -use std::collections::HashMap; use std::collections::HashSet; use std::sync::Arc; use std::sync::LazyLock; @@ -18,6 +17,7 @@ use codex_protocol::models::PermissionProfile; use codex_tools::DiscoverableTool; use rmcp::model::ToolAnnotations; use serde::Deserialize; +use tokio_util::sync::CancellationToken; use tracing::warn; use crate::config::Config; @@ -41,8 +41,9 @@ use codex_mcp::ToolInfo; use codex_mcp::ToolPluginProvenance; use codex_mcp::codex_apps_tools_cache_key; use codex_mcp::compute_auth_statuses; +use codex_mcp::effective_mcp_servers; use codex_mcp::host_owned_codex_apps_enabled; -use codex_mcp::with_codex_apps_mcp; +use codex_mcp::tool_plugin_provenance; const CONNECTORS_READY_TIMEOUT_ON_EMPTY_TOOLS: Duration = Duration::from_secs(30); @@ -220,6 +221,23 @@ pub async fn list_accessible_connectors_from_mcp_tools_with_environment_manager( config: &Config, force_refetch: bool, environment_manager: Arc, +) -> anyhow::Result { + let plugins_manager = Arc::new(PluginsManager::new(config.codex_home.to_path_buf())); + let mcp_manager = Arc::new(McpManager::new(plugins_manager)); + list_accessible_connectors_from_mcp_tools_with_mcp_manager( + config, + force_refetch, + environment_manager, + mcp_manager, + ) + .await +} + +pub async fn list_accessible_connectors_from_mcp_tools_with_mcp_manager( + config: &Config, + force_refetch: bool, + environment_manager: Arc, + mcp_manager: Arc, ) -> anyhow::Result { let auth_manager = AuthManager::shared_from_config(config, /*enable_codex_api_key_env*/ false).await; @@ -234,9 +252,8 @@ pub async fn list_accessible_connectors_from_mcp_tools_with_environment_manager( }); } let cache_key = accessible_connectors_cache_key(config, auth.as_ref()); - let plugins_manager = Arc::new(PluginsManager::new(config.codex_home.to_path_buf())); - let mcp_manager = McpManager::new(Arc::clone(&plugins_manager)); - let tool_plugin_provenance = mcp_manager.tool_plugin_provenance(config).await; + let mcp_config = mcp_manager.runtime_config(config).await; + let tool_plugin_provenance = tool_plugin_provenance(&mcp_config); if !force_refetch && let Some(cached_connectors) = read_cached_accessible_connectors(&cache_key) { let cached_connectors = codex_connectors::filter::filter_disallowed_connectors( @@ -250,8 +267,8 @@ pub async fn list_accessible_connectors_from_mcp_tools_with_environment_manager( }); } - let mcp_config = config.to_mcp_config(plugins_manager.as_ref()).await; - let mcp_servers = with_codex_apps_mcp(HashMap::new(), auth.as_ref(), &mcp_config); + let mut mcp_servers = effective_mcp_servers(&mcp_config, auth.as_ref()); + mcp_servers.retain(|name, _| name == CODEX_APPS_MCP_SERVER_NAME); let host_owned_codex_apps_enabled = host_owned_codex_apps_enabled(&mcp_config, auth.as_ref()); if mcp_servers.is_empty() { return Ok(AccessibleConnectorsStatus { @@ -270,13 +287,15 @@ pub async fn list_accessible_connectors_from_mcp_tools_with_environment_manager( let (tx_event, rx_event) = unbounded(); drop(rx_event); - let (mut mcp_connection_manager, cancel_token) = McpConnectionManager::new( + let cancel_token = CancellationToken::new(); + let mcp_connection_manager = McpConnectionManager::new( &mcp_servers, config.mcp_oauth_credentials_store_mode, auth_status_entries, &config.permissions.approval_policy, INITIAL_SUBMIT_ID.to_owned(), tx_event, + cancel_token.clone(), PermissionProfile::default(), // Connector discovery is threadless. Use an actually configured env if // one exists, but do not reintroduce the old hidden-local fallback. diff --git a/codex-rs/core/src/context/available_skills_instructions.rs b/codex-rs/core/src/context/available_skills_instructions.rs index f7921072b2b..4e166d436cf 100644 --- a/codex-rs/core/src/context/available_skills_instructions.rs +++ b/codex-rs/core/src/context/available_skills_instructions.rs @@ -5,12 +5,23 @@ use codex_protocol::protocol::SKILLS_INSTRUCTIONS_OPEN_TAG; use super::ContextualUserFragment; +/// Model-context fragment describing the skills available to Codex. #[derive(Debug, Clone, PartialEq, Eq)] -pub(crate) struct AvailableSkillsInstructions { +pub struct AvailableSkillsInstructions { skill_root_lines: Vec, skill_lines: Vec, } +impl AvailableSkillsInstructions { + /// Creates a skills context fragment from pre-rendered catalog lines. + pub fn from_skill_lines(skill_lines: Vec) -> Self { + Self { + skill_root_lines: Vec::new(), + skill_lines, + } + } +} + impl From for AvailableSkillsInstructions { fn from(available_skills: AvailableSkills) -> Self { Self { diff --git a/codex-rs/core/src/context/contextual_user_message_tests.rs b/codex-rs/core/src/context/contextual_user_message_tests.rs index dc7cb0f5347..c3f360772ab 100644 --- a/codex-rs/core/src/context/contextual_user_message_tests.rs +++ b/codex-rs/core/src/context/contextual_user_message_tests.rs @@ -33,14 +33,14 @@ fn detects_subagent_notification_fragment_case_insensitively() { #[test] fn detects_internal_model_context_fragment() { let text = InternalModelContextFragment::new( - InternalContextSource::from_static("goal"), - "Continue working toward the active thread goal.", + InternalContextSource::from_static("extension"), + "Internal steering.", ) .render(); assert_eq!( text, - "\nContinue working toward the active thread goal.\n" + "\nInternal steering.\n" ); assert!(is_contextual_user_fragment(&ContentItem::InputText { text @@ -65,7 +65,7 @@ fn does_not_hide_arbitrary_context_tags() { #[test] fn rejects_invalid_internal_model_context_source() { assert!(!is_contextual_user_fragment(&ContentItem::InputText { - text: "\nbody\n" + text: "\nbody\n" .to_string(), })); } @@ -73,13 +73,13 @@ fn rejects_invalid_internal_model_context_source() { #[test] fn contextual_user_fragment_is_dyn_compatible() { let fragment: Box = Box::new(InternalModelContextFragment::new( - InternalContextSource::from_static("goal"), - "Continue working toward the active thread goal.", + InternalContextSource::from_static("extension"), + "Internal steering.", )); assert_eq!( fragment.render(), - "\nContinue working toward the active thread goal.\n" + "\nInternal steering.\n" ); } diff --git a/codex-rs/core/src/context/environment_context_tests.rs b/codex-rs/core/src/context/environment_context_tests.rs index 49c3fc0c581..c8e491b68c8 100644 --- a/codex-rs/core/src/context/environment_context_tests.rs +++ b/codex-rs/core/src/context/environment_context_tests.rs @@ -178,6 +178,7 @@ fn turn_context_item_filesystem_uses_workspace_roots_instead_of_cwd() { network: None, file_system_sandbox_policy: None, model: "gpt-5".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, diff --git a/codex-rs/core/src/context/image_generation_instructions.rs b/codex-rs/core/src/context/image_generation_instructions.rs index 52ce1ca4e9b..6986a7c64f2 100644 --- a/codex-rs/core/src/context/image_generation_instructions.rs +++ b/codex-rs/core/src/context/image_generation_instructions.rs @@ -1,6 +1,27 @@ use super::ContextualUserFragment; use std::fmt::Display; +/// Maximum size of the extension's model-facing generated-image path hint. +const MAX_IMAGE_GENERATION_OUTPUT_HINT_BYTES: usize = 1024; + +/// Returns the extension's model-facing hint, or omits it if the path makes it too large. +pub fn extension_image_generation_output_hint( + image_output_dir: impl Display, + image_output_path: impl Display, +) -> Option { + let hint = image_generation_hint(image_output_dir, image_output_path); + (hint.len() <= MAX_IMAGE_GENERATION_OUTPUT_HINT_BYTES).then_some(hint) +} + +fn image_generation_hint( + image_output_dir: impl Display, + image_output_path: impl Display, +) -> String { + format!( + "Generated images are saved to {image_output_dir} as {image_output_path} by default.\nIf you need to use a generated image at another path, copy it and leave the original in place unless the user explicitly asks you to delete it." + ) +} + #[derive(Debug, Clone, PartialEq)] pub(crate) struct ImageGenerationInstructions { image_output_dir: String, @@ -30,9 +51,6 @@ impl ContextualUserFragment for ImageGenerationInstructions { } fn body(&self) -> String { - format!( - "Generated images are saved to {} as {} by default.\nIf you need to use a generated image at another path, copy it and leave the original in place unless the user explicitly asks you to delete it.", - self.image_output_dir, self.image_output_path - ) + image_generation_hint(&self.image_output_dir, &self.image_output_path) } } diff --git a/codex-rs/core/src/context/mod.rs b/codex-rs/core/src/context/mod.rs index 5115bda6d42..a470c3afb7b 100644 --- a/codex-rs/core/src/context/mod.rs +++ b/codex-rs/core/src/context/mod.rs @@ -23,6 +23,7 @@ mod realtime_end_instructions; mod realtime_start_instructions; mod realtime_start_with_instructions; mod subagent_notification; +mod token_budget_context; mod turn_aborted; mod user_instructions; mod user_shell_command; @@ -30,7 +31,7 @@ mod user_shell_command; pub(crate) use approved_command_prefix_saved::ApprovedCommandPrefixSaved; pub(crate) use apps_instructions::AppsInstructions; pub(crate) use available_plugins_instructions::AvailablePluginsInstructions; -pub(crate) use available_skills_instructions::AvailableSkillsInstructions; +pub use available_skills_instructions::AvailableSkillsInstructions; pub(crate) use codex_context_fragments::AdditionalContextDeveloperFragment; pub(crate) use codex_context_fragments::AdditionalContextUserFragment; pub use codex_context_fragments::ContextualUserFragment; @@ -44,6 +45,7 @@ pub(crate) use environment_context::EnvironmentContext; pub(crate) use guardian_followup_review_reminder::GuardianFollowupReviewReminder; pub(crate) use hook_additional_context::HookAdditionalContext; pub(crate) use image_generation_instructions::ImageGenerationInstructions; +pub use image_generation_instructions::extension_image_generation_output_hint; pub use internal_model_context::InternalContextSource; pub use internal_model_context::InternalModelContextFragment; pub use internal_model_context::InvalidInternalContextSource; @@ -59,6 +61,8 @@ pub(crate) use realtime_end_instructions::RealtimeEndInstructions; pub(crate) use realtime_start_instructions::RealtimeStartInstructions; pub(crate) use realtime_start_with_instructions::RealtimeStartWithInstructions; pub(crate) use subagent_notification::SubagentNotification; +pub(crate) use token_budget_context::TokenBudgetContext; +pub(crate) use token_budget_context::TokenBudgetRemainingContext; pub(crate) use turn_aborted::TurnAborted; pub(crate) use user_instructions::UserInstructions; pub(crate) use user_shell_command::UserShellCommand; diff --git a/codex-rs/core/src/context/token_budget_context.rs b/codex-rs/core/src/context/token_budget_context.rs new file mode 100644 index 00000000000..37b355d51a3 --- /dev/null +++ b/codex-rs/core/src/context/token_budget_context.rs @@ -0,0 +1,82 @@ +use super::ContextualUserFragment; +use codex_protocol::ThreadId; + +#[derive(Debug, Clone, PartialEq, Eq)] +pub(crate) struct TokenBudgetContext { + thread_id: ThreadId, + window_id: u64, + tokens_left: i64, +} + +impl TokenBudgetContext { + pub(crate) fn new(thread_id: ThreadId, window_id: u64, tokens_left: i64) -> Self { + Self { + thread_id, + window_id, + tokens_left, + } + } +} + +impl ContextualUserFragment for TokenBudgetContext { + fn role(&self) -> &'static str { + "developer" + } + + fn markers(&self) -> (&'static str, &'static str) { + Self::type_markers() + } + + fn type_markers() -> (&'static str, &'static str) { + ("\n", "\n") + } + + fn body(&self) -> String { + let thread_id = self.thread_id; + let window_id = self.window_id; + let tokens_left = self.tokens_left; + format!( + "Thread id {thread_id}.\nCurrent context window {window_id}.\nYou have {tokens_left} tokens left in this context window." + ) + } +} + +#[derive(Debug, Clone, PartialEq, Eq)] +pub(crate) struct TokenBudgetRemainingContext { + tokens_left: Option, +} + +impl TokenBudgetRemainingContext { + pub(crate) fn new(tokens_left: i64) -> Self { + Self { + tokens_left: Some(tokens_left), + } + } + + pub(crate) fn unknown() -> Self { + Self { tokens_left: None } + } +} + +impl ContextualUserFragment for TokenBudgetRemainingContext { + fn role(&self) -> &'static str { + "developer" + } + + fn markers(&self) -> (&'static str, &'static str) { + Self::type_markers() + } + + fn type_markers() -> (&'static str, &'static str) { + ("\n", "\n") + } + + fn body(&self) -> String { + match self.tokens_left { + Some(tokens_left) => { + format!("You have {tokens_left} tokens left in this context window.") + } + None => "You have unknown tokens left in this context window.".to_string(), + } + } +} diff --git a/codex-rs/core/src/context_manager/history.rs b/codex-rs/core/src/context_manager/history.rs index 0be9bbc18e1..479ccc89c6c 100644 --- a/codex-rs/core/src/context_manager/history.rs +++ b/codex-rs/core/src/context_manager/history.rs @@ -50,14 +50,6 @@ pub(crate) struct ContextManager { reference_context_item: Option, } -#[derive(Debug, Clone, Copy, Default)] -pub(crate) struct TotalTokenUsageBreakdown { - pub last_api_response_total_tokens: i64, - pub all_history_items_model_visible_bytes: i64, - pub estimated_tokens_of_items_added_since_last_successful_api_response: i64, - pub estimated_bytes_of_items_added_since_last_successful_api_response: i64, -} - impl ContextManager { pub(crate) fn new() -> Self { Self { @@ -321,32 +313,11 @@ impl ContextManager { } } - pub(crate) fn get_total_token_usage_breakdown(&self) -> TotalTokenUsageBreakdown { - let last_usage = self - .token_info - .as_ref() - .map(|info| info.last_token_usage.clone()) - .unwrap_or_default(); - let items_after_last_model_generated = self.items_after_last_model_generated_item(); - - TotalTokenUsageBreakdown { - last_api_response_total_tokens: last_usage.total_tokens, - all_history_items_model_visible_bytes: self - .items - .iter() - .map(estimate_response_item_model_visible_bytes) - .fold(0i64, i64::saturating_add), - estimated_tokens_of_items_added_since_last_successful_api_response: - items_after_last_model_generated - .iter() - .map(estimate_item_token_count) - .fold(0i64, i64::saturating_add), - estimated_bytes_of_items_added_since_last_successful_api_response: - items_after_last_model_generated - .iter() - .map(estimate_response_item_model_visible_bytes) - .fold(0i64, i64::saturating_add), - } + pub(crate) fn estimated_tokens_after_last_model_generated_item(&self) -> i64 { + self.items_after_last_model_generated_item() + .iter() + .map(estimate_item_token_count) + .fold(0i64, i64::saturating_add) } /// This function enforces a couple of invariants on the in-memory history: @@ -386,6 +357,7 @@ impl ContextManager { output: truncate_function_output_payload(output, policy_with_serialization_budget), }, ResponseItem::Message { .. } + | ResponseItem::AgentMessage { .. } | ResponseItem::Reasoning { .. } | ResponseItem::LocalShellCall { .. } | ResponseItem::FunctionCall { .. } @@ -474,7 +446,8 @@ pub(crate) fn truncate_function_output_payload( fn is_api_message(message: &ResponseItem) -> bool { match message { ResponseItem::Message { role, .. } => role.as_str() != "system", - ResponseItem::FunctionCallOutput { .. } + ResponseItem::AgentMessage { .. } + | ResponseItem::FunctionCallOutput { .. } | ResponseItem::FunctionCall { .. } | ResponseItem::ToolSearchCall { .. } | ResponseItem::ToolSearchOutput { .. } @@ -530,7 +503,7 @@ static ORIGINAL_IMAGE_ESTIMATE_CACHE: LazyLock i64 { +fn estimate_response_item_model_visible_bytes(item: &ResponseItem) -> i64 { match item { ResponseItem::Reasoning { encrypted_content: Some(content), @@ -720,11 +693,15 @@ fn is_model_generated_item(item: &ResponseItem) -> bool { ResponseItem::FunctionCallOutput { .. } | ResponseItem::ToolSearchOutput { .. } | ResponseItem::CustomToolCallOutput { .. } + | ResponseItem::AgentMessage { .. } | ResponseItem::Other => false, } } pub(crate) fn is_user_turn_boundary(item: &ResponseItem) -> bool { + if matches!(item, ResponseItem::AgentMessage { .. }) { + return true; + } let ResponseItem::Message { role, content, .. } = item else { return false; }; diff --git a/codex-rs/core/src/context_manager/history_tests.rs b/codex-rs/core/src/context_manager/history_tests.rs index bb22749cb38..f4bc87f5b8e 100644 --- a/codex-rs/core/src/context_manager/history_tests.rs +++ b/codex-rs/core/src/context_manager/history_tests.rs @@ -130,6 +130,7 @@ fn reference_context_item() -> TurnContextItem { network: None, file_system_sandbox_policy: None, model: "gpt-test".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, diff --git a/codex-rs/core/src/context_manager/mod.rs b/codex-rs/core/src/context_manager/mod.rs index 2295c49df3e..f811c8b373c 100644 --- a/codex-rs/core/src/context_manager/mod.rs +++ b/codex-rs/core/src/context_manager/mod.rs @@ -3,7 +3,5 @@ mod normalize; pub(crate) mod updates; pub(crate) use history::ContextManager; -pub(crate) use history::TotalTokenUsageBreakdown; -pub(crate) use history::estimate_response_item_model_visible_bytes; pub(crate) use history::is_user_turn_boundary; pub(crate) use history::truncate_function_output_payload; diff --git a/codex-rs/core/src/event_mapping.rs b/codex-rs/core/src/event_mapping.rs index d3cae7feed4..e9383aef415 100644 --- a/codex-rs/core/src/event_mapping.rs +++ b/codex-rs/core/src/event_mapping.rs @@ -16,6 +16,7 @@ use codex_protocol::models::is_local_image_close_tag_text; use codex_protocol::models::is_local_image_open_tag_text; use codex_protocol::protocol::COLLABORATION_MODE_OPEN_TAG; use codex_protocol::protocol::REALTIME_CONVERSATION_OPEN_TAG; +use codex_protocol::protocol::SKILLS_INSTRUCTIONS_OPEN_TAG; use codex_protocol::user_input::UserInput; use tracing::warn; use uuid::Uuid; @@ -29,7 +30,9 @@ const CONTEXTUAL_DEVELOPER_PREFIXES: &[&str] = &[ "", COLLABORATION_MODE_OPEN_TAG, REALTIME_CONVERSATION_OPEN_TAG, + SKILLS_INSTRUCTIONS_OPEN_TAG, "", + "", ]; pub(crate) fn is_contextual_user_message_content(message: &[ContentItem]) -> bool { diff --git a/codex-rs/core/src/event_mapping_tests.rs b/codex-rs/core/src/event_mapping_tests.rs index 4cf1b72d5d6..6f9dad64bb2 100644 --- a/codex-rs/core/src/event_mapping_tests.rs +++ b/codex-rs/core/src/event_mapping_tests.rs @@ -1,3 +1,5 @@ +use super::has_non_contextual_dev_message_content; +use super::is_contextual_dev_message_content; use super::parse_turn_item; use crate::context::ContextualUserFragment; use crate::context::InternalContextSource; @@ -13,9 +15,30 @@ use codex_protocol::models::ReasoningItemContent; use codex_protocol::models::ReasoningItemReasoningSummary; use codex_protocol::models::ResponseItem; use codex_protocol::models::WebSearchAction; +use codex_protocol::protocol::SKILLS_INSTRUCTIONS_OPEN_TAG; use codex_protocol::user_input::UserInput; use pretty_assertions::assert_eq; +#[test] +fn recognizes_skills_instructions_as_contextual_developer_content() { + assert!(is_contextual_dev_message_content(&[ + ContentItem::InputText { + text: format!("{SKILLS_INSTRUCTIONS_OPEN_TAG}\n## Skills"), + }, + ])); +} + +#[test] +fn recognizes_token_budget_as_contextual_developer_content() { + let content = vec![ContentItem::InputText { + text: "\nYou have 710 tokens left in this context window.\n" + .to_string(), + }]; + + assert!(is_contextual_dev_message_content(&content)); + assert!(!has_non_contextual_dev_message_content(&content)); +} + #[test] fn parses_user_message_with_text_and_two_images() { let img1 = "https://example.com/one.png".to_string(); @@ -324,8 +347,8 @@ fn internal_model_context_does_not_parse_as_visible_turn_item() { role: "user".to_string(), content: vec![ContentItem::InputText { text: InternalModelContextFragment::new( - InternalContextSource::from_static("goal"), - "Continue working toward the active thread goal.", + InternalContextSource::from_static("extension"), + "Internal steering.", ) .render(), }], diff --git a/codex-rs/core/src/exec_policy.rs b/codex-rs/core/src/exec_policy.rs index a44ffbe3ab6..7b33a196b08 100644 --- a/codex-rs/core/src/exec_policy.rs +++ b/codex-rs/core/src/exec_policy.rs @@ -20,9 +20,9 @@ use codex_execpolicy::RuleMatch; use codex_execpolicy::blocking_append_allow_prefix_rule; use codex_execpolicy::blocking_append_network_rule; use codex_protocol::approvals::ExecPolicyAmendment; +use codex_protocol::config_types::WindowsSandboxLevel; use codex_protocol::models::PermissionProfile; use codex_protocol::permissions::FileSystemSandboxKind; -use codex_protocol::permissions::FileSystemSandboxPolicy; use codex_protocol::protocol::AskForApproval; use codex_shell_command::is_dangerous_command::command_might_be_dangerous; use codex_shell_command::is_safe_command::is_known_safe_command; @@ -121,8 +121,7 @@ pub(crate) enum ExecPolicyCommandOrigin { pub(crate) struct UnmatchedCommandContext<'a> { pub(crate) approval_policy: AskForApproval, pub(crate) permission_profile: &'a PermissionProfile, - pub(crate) file_system_sandbox_policy: &'a FileSystemSandboxPolicy, - pub(crate) sandbox_cwd: &'a Path, + pub(crate) windows_sandbox_level: WindowsSandboxLevel, pub(crate) sandbox_permissions: SandboxPermissions, pub(crate) used_complex_parsing: bool, pub(crate) command_origin: ExecPolicyCommandOrigin, @@ -242,8 +241,7 @@ pub(crate) struct ExecApprovalRequest<'a> { pub(crate) command: &'a [String], pub(crate) approval_policy: AskForApproval, pub(crate) permission_profile: PermissionProfile, - pub(crate) file_system_sandbox_policy: &'a FileSystemSandboxPolicy, - pub(crate) sandbox_cwd: &'a Path, + pub(crate) windows_sandbox_level: WindowsSandboxLevel, pub(crate) sandbox_permissions: SandboxPermissions, pub(crate) prefix_rule: Option>, } @@ -277,8 +275,7 @@ impl ExecPolicyManager { command, approval_policy, permission_profile, - file_system_sandbox_policy, - sandbox_cwd, + windows_sandbox_level, sandbox_permissions, prefix_rule, } = req; @@ -298,8 +295,7 @@ impl ExecPolicyManager { UnmatchedCommandContext { approval_policy, permission_profile: &permission_profile, - file_system_sandbox_policy, - sandbox_cwd, + windows_sandbox_level, sandbox_permissions, used_complex_parsing, command_origin, @@ -636,12 +632,12 @@ pub(crate) fn render_decision_for_unmatched_command( let UnmatchedCommandContext { approval_policy, permission_profile, - file_system_sandbox_policy, - sandbox_cwd, + windows_sandbox_level, sandbox_permissions, used_complex_parsing, command_origin, } = context; + let file_system_sandbox_policy = permission_profile.file_system_sandbox_policy(); let is_known_safe = match command_origin { ExecPolicyCommandOrigin::Generic => is_known_safe_command(command), #[cfg(windows)] @@ -650,19 +646,18 @@ pub(crate) fn render_decision_for_unmatched_command( } }; - // On Windows, ReadOnly sandbox is not a real sandbox, so special-case it - // here. - let environment_lacks_sandbox_protections = cfg!(windows) - && profile_is_managed_read_only( - permission_profile, - file_system_sandbox_policy, - sandbox_cwd, - ); + // When the Windows sandbox backend is disabled, managed filesystem + // restrictions are only a policy shape; there is no platform sandbox to + // enforce the boundary. Keep that legacy case conservative while still + // relying on the real Windows sandbox when it is enabled. + let windows_managed_fs_restrictions_without_sandbox_backend = cfg!(windows) + && windows_sandbox_level == WindowsSandboxLevel::Disabled + && profile_has_managed_filesystem_restrictions(permission_profile); if is_known_safe && !used_complex_parsing && (approval_policy == AskForApproval::UnlessTrusted - || environment_lacks_sandbox_protections) + || windows_managed_fs_restrictions_without_sandbox_backend) { return Decision::Allow; } @@ -680,7 +675,7 @@ pub(crate) fn render_decision_for_unmatched_command( codex_shell_command::is_dangerous_command::is_dangerous_powershell_words(command) } }; - if command_is_dangerous || environment_lacks_sandbox_protections { + if command_is_dangerous || windows_managed_fs_restrictions_without_sandbox_backend { return match approval_policy { AskForApproval::Never => { let sandbox_is_explicitly_disabled = matches!( @@ -749,20 +744,14 @@ pub(crate) fn render_decision_for_unmatched_command( } } -fn profile_is_managed_read_only( - permission_profile: &PermissionProfile, - file_system_sandbox_policy: &FileSystemSandboxPolicy, - sandbox_cwd: &Path, -) -> bool { +fn profile_has_managed_filesystem_restrictions(permission_profile: &PermissionProfile) -> bool { + let file_system_sandbox_policy = permission_profile.file_system_sandbox_policy(); matches!(permission_profile, PermissionProfile::Managed { .. }) && matches!( file_system_sandbox_policy.kind, FileSystemSandboxKind::Restricted ) && !file_system_sandbox_policy.has_full_disk_write_access() - && file_system_sandbox_policy - .get_writable_roots_with_cwd(sandbox_cwd) - .is_empty() } fn default_policy_path(codex_home: &Path) -> PathBuf { diff --git a/codex-rs/core/src/exec_policy_tests.rs b/codex-rs/core/src/exec_policy_tests.rs index 7b0883db2a9..a74cd5d2dd3 100644 --- a/codex-rs/core/src/exec_policy_tests.rs +++ b/codex-rs/core/src/exec_policy_tests.rs @@ -15,10 +15,12 @@ use codex_config::Sourced; use codex_config::config_toml::ConfigToml; use codex_config::config_toml::ProjectConfig; use codex_protocol::config_types::TrustLevel; +use codex_protocol::config_types::WindowsSandboxLevel; use codex_protocol::models::PermissionProfile; use codex_protocol::permissions::FileSystemAccessMode; use codex_protocol::permissions::FileSystemPath; use codex_protocol::permissions::FileSystemSandboxEntry; +use codex_protocol::permissions::FileSystemSandboxPolicy; use codex_protocol::permissions::FileSystemSpecialPath; use codex_protocol::permissions::NetworkSandboxPolicy; use codex_protocol::protocol::AskForApproval; @@ -104,31 +106,6 @@ async fn write_project_trust_config( .await } -fn read_only_file_system_sandbox_policy() -> FileSystemSandboxPolicy { - FileSystemSandboxPolicy::restricted(vec![FileSystemSandboxEntry { - path: FileSystemPath::Special { - value: FileSystemSpecialPath::Root, - }, - access: FileSystemAccessMode::Read, - }]) -} - -fn workspace_write_file_system_sandbox_policy() -> FileSystemSandboxPolicy { - FileSystemSandboxPolicy::workspace_write( - &[], - /*exclude_tmpdir_env_var*/ false, - /*exclude_slash_tmp*/ false, - ) -} - -fn unrestricted_file_system_sandbox_policy() -> FileSystemSandboxPolicy { - FileSystemSandboxPolicy::unrestricted() -} - -fn external_file_system_sandbox_policy() -> FileSystemSandboxPolicy { - FileSystemSandboxPolicy::external_sandbox() -} - async fn test_config() -> (TempDir, Config) { let home = TempDir::new().expect("create temp dir"); let config = ConfigBuilder::without_managed_config_for_tests() @@ -665,7 +642,6 @@ async fn evaluates_bash_lc_inner_commands() { ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -761,7 +737,6 @@ async fn evaluates_heredoc_script_against_prefix_rules() { command, approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -785,7 +760,6 @@ async fn omits_auto_amendment_for_heredoc_fallback_prompts() { ], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -809,7 +783,6 @@ async fn drops_requested_amendment_for_heredoc_fallback_prompts_when_it_wont_mat ], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: Some(vec![ "python3".to_string(), @@ -837,7 +810,6 @@ async fn drops_requested_amendment_for_heredoc_fallback_prompts_when_it_matches( ], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: Some(vec!["python3".to_string()]), }, @@ -862,7 +834,6 @@ async fn heredoc_with_variable_assignment_is_not_reduced_to_allowed_prefix() { ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -893,7 +864,6 @@ EOF"# ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::workspace_write(), - file_system_sandbox_policy: workspace_write_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -927,7 +897,6 @@ EOF"# ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::workspace_write(), - file_system_sandbox_policy: workspace_write_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: None, }, @@ -967,7 +936,6 @@ prefix_rule( ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -986,7 +954,6 @@ async fn exec_approval_requirement_prefers_execpolicy_match() { command: vec!["rm".to_string()], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1014,7 +981,6 @@ prefix_rule(pattern=["git"], decision="allow") command: vec![git_path, "status".to_string()], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1048,7 +1014,6 @@ prefix_rule(pattern=["git"], decision="prompt") command: vec![disallowed_git_path.clone(), "status".to_string()], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1075,7 +1040,6 @@ async fn requested_prefix_rule_can_approve_absolute_path_commands() { ], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: Some(vec!["cargo".to_string(), "install".to_string()]), }, @@ -1098,7 +1062,6 @@ async fn exec_approval_requirement_respects_approval_policy() { command: vec!["rm".to_string()], approval_policy: AskForApproval::Never, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1126,8 +1089,7 @@ fn unmatched_granular_policy_still_prompts_for_restricted_sandbox_escalation() { mcp_elicitations: true, }), permission_profile: &PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::RequireEscalated, used_complex_parsing: false, command_origin: ExecPolicyCommandOrigin::Generic, @@ -1137,9 +1099,8 @@ fn unmatched_granular_policy_still_prompts_for_restricted_sandbox_escalation() { } #[test] -fn unmatched_on_request_uses_split_filesystem_policy_for_escalation_prompts() { +fn unmatched_on_request_uses_permission_profile_file_system_policy_for_escalation_prompts() { let command = vec!["madeup-cmd".to_string()]; - let restricted_file_system_policy = FileSystemSandboxPolicy::restricted(vec![]); assert_eq!( Decision::Prompt, @@ -1147,9 +1108,8 @@ fn unmatched_on_request_uses_split_filesystem_policy_for_escalation_prompts() { &command, UnmatchedCommandContext { approval_policy: AskForApproval::OnRequest, - permission_profile: &PermissionProfile::Disabled, - file_system_sandbox_policy: &restricted_file_system_policy, - sandbox_cwd: Path::new("/tmp"), + permission_profile: &PermissionProfile::read_only(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::RequireEscalated, used_complex_parsing: false, command_origin: ExecPolicyCommandOrigin::Generic, @@ -1169,8 +1129,7 @@ fn known_safe_on_request_still_prompts_for_restricted_sandbox_escalation() { UnmatchedCommandContext { approval_policy: AskForApproval::OnRequest, permission_profile: &PermissionProfile::workspace_write(), - file_system_sandbox_policy: &workspace_write_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::RestrictedToken, sandbox_permissions: SandboxPermissions::RequireEscalated, used_complex_parsing: false, command_origin: ExecPolicyCommandOrigin::Generic, @@ -1180,7 +1139,7 @@ fn known_safe_on_request_still_prompts_for_restricted_sandbox_escalation() { } #[test] -fn managed_cwd_write_profile_is_not_read_only() { +fn managed_cwd_write_profile_has_filesystem_restrictions() { let file_system_sandbox_policy = FileSystemSandboxPolicy::restricted(vec![ FileSystemSandboxEntry { path: FileSystemPath::Special { @@ -1200,15 +1159,13 @@ fn managed_cwd_write_profile_is_not_read_only() { NetworkSandboxPolicy::Restricted, ); - assert!(!profile_is_managed_read_only( - &permission_profile, - &file_system_sandbox_policy, - Path::new("/tmp/project") + assert!(profile_has_managed_filesystem_restrictions( + &permission_profile )); } #[test] -fn managed_unresolvable_write_profile_is_still_read_only() { +fn managed_unresolvable_write_profile_has_filesystem_restrictions() { let file_system_sandbox_policy = FileSystemSandboxPolicy::restricted(vec![ FileSystemSandboxEntry { path: FileSystemPath::Special { @@ -1231,10 +1188,27 @@ fn managed_unresolvable_write_profile_is_still_read_only() { NetworkSandboxPolicy::Restricted, ); - assert!(profile_is_managed_read_only( - &permission_profile, + assert!(profile_has_managed_filesystem_restrictions( + &permission_profile + )); +} + +#[test] +fn managed_full_disk_write_profile_has_no_filesystem_restrictions() { + let file_system_sandbox_policy = + FileSystemSandboxPolicy::restricted(vec![FileSystemSandboxEntry { + path: FileSystemPath::Special { + value: FileSystemSpecialPath::Root, + }, + access: FileSystemAccessMode::Write, + }]); + let permission_profile = PermissionProfile::from_runtime_permissions( &file_system_sandbox_policy, - Path::new("/tmp/project") + NetworkSandboxPolicy::Restricted, + ); + + assert!(!profile_has_managed_filesystem_restrictions( + &permission_profile )); } @@ -1250,7 +1224,6 @@ async fn exec_approval_requirement_prompts_for_inline_additional_permissions_und ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::WithAdditionalPermissions, prefix_rule: None, }, @@ -1273,7 +1246,6 @@ async fn exec_approval_requirement_prompts_for_known_safe_escalation_under_on_re command: vec!["echo".to_string(), "hello".to_string()], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::workspace_write(), - file_system_sandbox_policy: workspace_write_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: None, }, @@ -1303,7 +1275,6 @@ async fn exec_approval_requirement_rejects_known_safe_escalation_when_granular_s mcp_elicitations: true, }), permission_profile: PermissionProfile::workspace_write(), - file_system_sandbox_policy: workspace_write_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: None, }, @@ -1329,7 +1300,6 @@ async fn exec_approval_requirement_rejects_unmatched_sandbox_escalation_when_gra mcp_elicitations: true, }), permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: None, }, @@ -1365,8 +1335,7 @@ async fn mixed_rule_and_sandbox_prompt_prioritizes_rule_for_rejection_decision() mcp_elicitations: true, }), permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: None, }) @@ -1403,8 +1372,7 @@ async fn mixed_rule_and_sandbox_prompt_rejects_when_granular_rules_are_disabled( mcp_elicitations: true, }), permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: None, }) @@ -1428,8 +1396,7 @@ async fn exec_approval_requirement_falls_back_to_heuristics() { command: &command, approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }) @@ -1454,8 +1421,7 @@ async fn empty_bash_lc_script_falls_back_to_original_command() { command: &command, approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }) @@ -1484,8 +1450,7 @@ async fn whitespace_bash_lc_script_falls_back_to_original_command() { command: &command, approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }) @@ -1514,8 +1479,7 @@ async fn request_rule_uses_prefix_rule() { command: &command, approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: Some(vec!["cargo".to_string(), "install".to_string()]), }) @@ -1547,8 +1511,7 @@ async fn request_rule_falls_back_when_prefix_rule_does_not_approve_all_commands( command: &command, approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: &unrestricted_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::RequireEscalated, prefix_rule: Some(vec!["cargo".to_string(), "install".to_string()]), }) @@ -1587,8 +1550,7 @@ async fn heuristics_apply_when_other_commands_match_policy() { command: &command, approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: &unrestricted_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }) @@ -1663,7 +1625,6 @@ async fn proposed_execpolicy_amendment_is_present_for_single_command_without_pol command: command.clone(), approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1683,7 +1644,6 @@ async fn proposed_execpolicy_amendment_is_omitted_when_policy_prompts() { command: vec!["rm".to_string()], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1707,7 +1667,6 @@ async fn proposed_execpolicy_amendment_is_present_for_multi_command_scripts() { ], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1737,7 +1696,6 @@ async fn proposed_execpolicy_amendment_uses_first_no_match_in_multi_command_scri command, approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1761,7 +1719,6 @@ async fn proposed_execpolicy_amendment_is_present_when_heuristics_allow() { command: command.clone(), approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1785,7 +1742,6 @@ async fn proposed_execpolicy_amendment_is_suppressed_when_policy_matches_allow() ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1816,7 +1772,6 @@ prefix_rule(pattern=["cat"], decision="allow") command: command.clone(), approval_policy, permission_profile: PermissionProfile::workspace_write(), - file_system_sandbox_policy: workspace_write_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -1848,7 +1803,6 @@ prefix_rule(pattern=["bash"], decision="allow") ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -2014,7 +1968,6 @@ async fn dangerous_rm_rf_requires_approval_in_danger_full_access() { command: command.clone(), approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -2078,8 +2031,7 @@ async fn verify_approval_requirement_for_unsafe_powershell_command() { command: &sneaky_command, approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: permissions, prefix_rule: None, }) @@ -2103,8 +2055,7 @@ async fn verify_approval_requirement_for_unsafe_powershell_command() { command: &dangerous_command, approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: permissions, prefix_rule: None, }) @@ -2124,8 +2075,7 @@ async fn verify_approval_requirement_for_unsafe_powershell_command() { command: &dangerous_command, approval_policy: AskForApproval::Never, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: permissions, prefix_rule: None, }) @@ -2146,7 +2096,6 @@ async fn dangerous_command_allowed_when_sandbox_is_explicitly_disabled() { permission_profile: PermissionProfile::External { network: NetworkSandboxPolicy::Restricted, }, - file_system_sandbox_policy: external_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -2171,7 +2120,6 @@ async fn dangerous_command_forbidden_in_external_sandbox_when_policy_matches() { permission_profile: PermissionProfile::External { network: NetworkSandboxPolicy::Restricted, }, - file_system_sandbox_policy: external_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -2188,7 +2136,6 @@ struct ExecApprovalRequirementScenario { command: Vec, approval_policy: AskForApproval, permission_profile: PermissionProfile, - file_system_sandbox_policy: FileSystemSandboxPolicy, sandbox_permissions: SandboxPermissions, prefix_rule: Option>, } @@ -2212,7 +2159,6 @@ async fn exec_approval_requirement_for_command( command, approval_policy, permission_profile, - file_system_sandbox_policy, sandbox_permissions, prefix_rule, } = test; @@ -2224,8 +2170,7 @@ async fn exec_approval_requirement_for_command( command: &command, approval_policy, permission_profile, - file_system_sandbox_policy: &file_system_sandbox_policy, - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::RestrictedToken, sandbox_permissions, prefix_rule, }) diff --git a/codex-rs/core/src/exec_policy_windows_tests.rs b/codex-rs/core/src/exec_policy_windows_tests.rs index 1d14d938137..735cdd4ddce 100644 --- a/codex-rs/core/src/exec_policy_windows_tests.rs +++ b/codex-rs/core/src/exec_policy_windows_tests.rs @@ -1,6 +1,5 @@ use super::*; use pretty_assertions::assert_eq; -use std::path::Path; #[tokio::test] async fn evaluates_powershell_inner_commands_against_prompt_rules() { @@ -15,7 +14,6 @@ async fn evaluates_powershell_inner_commands_against_prompt_rules() { ], approval_policy: AskForApproval::Never, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -39,7 +37,6 @@ async fn evaluates_powershell_inner_commands_against_allow_rules() { ], approval_policy: AskForApproval::UnlessTrusted, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: read_only_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, @@ -81,8 +78,7 @@ fn unmatched_safe_powershell_words_are_allowed() { UnmatchedCommandContext { approval_policy: AskForApproval::UnlessTrusted, permission_profile: &PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: Path::new("/tmp"), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, used_complex_parsing: false, command_origin: ExecPolicyCommandOrigin::PowerShell, @@ -91,6 +87,90 @@ fn unmatched_safe_powershell_words_are_allowed() { ); } +#[test] +fn read_only_windows_sandbox_runs_unmatched_commands_under_sandbox() { + let command = vec!["cmd.exe".to_string(), "/c".to_string(), "dir".to_string()]; + + for windows_sandbox_level in [ + WindowsSandboxLevel::RestrictedToken, + WindowsSandboxLevel::Elevated, + ] { + assert_eq!( + Decision::Allow, + render_decision_for_unmatched_command( + &command, + UnmatchedCommandContext { + approval_policy: AskForApproval::Never, + permission_profile: &PermissionProfile::read_only(), + windows_sandbox_level, + sandbox_permissions: SandboxPermissions::UseDefault, + used_complex_parsing: false, + command_origin: ExecPolicyCommandOrigin::Generic, + }, + ) + ); + } +} + +#[test] +fn read_only_windows_policy_without_sandbox_backend_still_requires_approval() { + let command = vec!["cmd.exe".to_string(), "/c".to_string(), "dir".to_string()]; + + assert_eq!( + Decision::Forbidden, + render_decision_for_unmatched_command( + &command, + UnmatchedCommandContext { + approval_policy: AskForApproval::Never, + permission_profile: &PermissionProfile::read_only(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, + sandbox_permissions: SandboxPermissions::UseDefault, + used_complex_parsing: false, + command_origin: ExecPolicyCommandOrigin::Generic, + }, + ), + "command is forbidden because approval policy is never and there is no Windows sandbox to rely on" + ); +} + +#[test] +fn writable_windows_policy_without_sandbox_backend_still_requires_approval() { + let command = vec!["cmd.exe".to_string(), "/c".to_string(), "dir".to_string()]; + let file_system_sandbox_policy = FileSystemSandboxPolicy::restricted(vec![ + FileSystemSandboxEntry { + path: FileSystemPath::Special { + value: FileSystemSpecialPath::Root, + }, + access: FileSystemAccessMode::Read, + }, + FileSystemSandboxEntry { + path: FileSystemPath::Special { + value: FileSystemSpecialPath::project_roots(/*subpath*/ None), + }, + access: FileSystemAccessMode::Write, + }, + ]); + let permission_profile = PermissionProfile::from_runtime_permissions( + &file_system_sandbox_policy, + NetworkSandboxPolicy::Restricted, + ); + + assert_eq!( + Decision::Forbidden, + render_decision_for_unmatched_command( + &command, + UnmatchedCommandContext { + approval_policy: AskForApproval::Never, + permission_profile: &permission_profile, + windows_sandbox_level: WindowsSandboxLevel::Disabled, + sandbox_permissions: SandboxPermissions::UseDefault, + used_complex_parsing: false, + command_origin: ExecPolicyCommandOrigin::Generic, + }, + ) + ); +} + #[tokio::test] async fn unmatched_dangerous_powershell_inner_commands_require_approval() { let inner_command = vec![ @@ -110,7 +190,6 @@ async fn unmatched_dangerous_powershell_inner_commands_require_approval() { ], approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::Disabled, - file_system_sandbox_policy: unrestricted_file_system_sandbox_policy(), sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }, diff --git a/codex-rs/core/src/git_info_tests.rs b/codex-rs/core/src/git_info_tests.rs index 946779d06b2..e172cd5f20f 100644 --- a/codex-rs/core/src/git_info_tests.rs +++ b/codex-rs/core/src/git_info_tests.rs @@ -340,46 +340,6 @@ async fn test_get_has_changes_with_untracked_change_returns_true() { assert_eq!(get_has_changes(&repo_path).await, Some(true)); } -#[cfg(unix)] -#[tokio::test] -async fn test_get_has_changes_ignores_repo_fsmonitor_config() { - let temp_dir = TempDir::new().expect("Failed to create temp dir"); - let repo_path = create_test_git_repo(&temp_dir).await; - let helper_path = repo_path.join("fsmonitor-helper.sh"); - let marker_path = repo_path.join("fsmonitor-ran"); - - fs::write( - &helper_path, - format!( - "#!/bin/sh\nprintf ran > \"{}\"\n", - marker_path.to_string_lossy() - ), - ) - .expect("write fsmonitor helper"); - let mut permissions = fs::metadata(&helper_path) - .expect("read fsmonitor helper metadata") - .permissions(); - permissions.set_mode(0o755); - fs::set_permissions(&helper_path, permissions).expect("mark fsmonitor helper executable"); - - Command::new("git") - .args([ - "config", - "core.fsmonitor", - helper_path.to_string_lossy().as_ref(), - ]) - .current_dir(&repo_path) - .output() - .await - .expect("configure fsmonitor helper"); - - assert_eq!(get_has_changes(&repo_path).await, Some(true)); - assert!( - !marker_path.exists(), - "metadata collection should not invoke repository fsmonitor helpers" - ); -} - #[cfg(unix)] #[tokio::test] async fn test_get_has_changes_ignores_configured_hooks_path() { diff --git a/codex-rs/core/src/goals.rs b/codex-rs/core/src/goals.rs deleted file mode 100644 index 6e0663655c9..00000000000 --- a/codex-rs/core/src/goals.rs +++ /dev/null @@ -1,1622 +0,0 @@ -//! Core support for persisted thread goals. -//! -//! This module bridges core sessions and the state-db goal table. It validates -//! goal mutations, converts between state and protocol shapes, emits goal-update -//! events, and owns helper hooks used by goal lifecycle behavior. - -use crate::StateDbHandle; -use crate::context::ContextualUserFragment; -use crate::context::InternalContextSource; -use crate::context::InternalModelContextFragment; -use crate::session::TurnInput; -use crate::session::session::Session; -use crate::session::turn_context::TurnContext; -use crate::state::ActiveTurn; -use crate::state::TurnState; -use crate::tasks::RegularTask; -use crate::tools::handlers::goal_spec::UPDATE_GOAL_TOOL_NAME; -use anyhow::Context; -use codex_features::Feature; -use codex_otel::GOAL_BLOCKED_METRIC; -use codex_otel::GOAL_BUDGET_LIMITED_METRIC; -use codex_otel::GOAL_COMPLETED_METRIC; -use codex_otel::GOAL_CREATED_METRIC; -use codex_otel::GOAL_DURATION_SECONDS_METRIC; -use codex_otel::GOAL_RESUMED_METRIC; -use codex_otel::GOAL_TOKEN_COUNT_METRIC; -use codex_otel::GOAL_USAGE_LIMITED_METRIC; -use codex_prompts::budget_limit_prompt; -use codex_prompts::continuation_prompt; -use codex_prompts::objective_updated_prompt; -use codex_protocol::ThreadId; -use codex_protocol::config_types::ModeKind; -use codex_protocol::models::ResponseItem; -use codex_protocol::protocol::EventMsg; -use codex_protocol::protocol::ThreadGoal; -use codex_protocol::protocol::ThreadGoalStatus; -use codex_protocol::protocol::ThreadGoalUpdatedEvent; -use codex_protocol::protocol::TokenUsage; -use codex_protocol::protocol::validate_thread_goal_objective; -use codex_rollout::state_db::reconcile_rollout; -use codex_thread_store::LocalThreadStore; -use futures::future::BoxFuture; -use std::sync::Arc; -use std::time::Duration; -use std::time::Instant; -use tokio::sync::Mutex; -use tokio::sync::Semaphore; -use tokio::sync::SemaphorePermit; - -pub(crate) struct SetGoalRequest { - pub(crate) objective: Option, - pub(crate) status: Option, - pub(crate) token_budget: Option>, -} - -pub(crate) struct CreateGoalRequest { - pub(crate) objective: String, - pub(crate) token_budget: Option, -} - -#[derive(Clone, Copy)] -enum BudgetLimitSteering { - Allowed, - Suppressed, -} - -#[derive(Clone, Copy)] -enum TerminalMetricEmission { - Emit, - Suppress, -} - -/// Describes whether an external goal mutation created a new logical goal or -/// updated an existing one. -#[derive(Clone)] -pub enum ExternalGoalPreviousStatus { - NewGoal, - Existing(ExternalGoalPreviousGoal), -} - -#[derive(Clone)] -pub struct ExternalGoalPreviousGoal { - goal_id: String, - status: codex_state::ThreadGoalStatus, - objective: String, -} - -impl From<&codex_state::ThreadGoal> for ExternalGoalPreviousStatus { - fn from(goal: &codex_state::ThreadGoal) -> Self { - Self::Existing(ExternalGoalPreviousGoal::from(goal)) - } -} - -impl From<&codex_state::ThreadGoal> for ExternalGoalPreviousGoal { - fn from(goal: &codex_state::ThreadGoal) -> Self { - Self { - goal_id: goal.goal_id.clone(), - status: goal.status, - objective: goal.objective.clone(), - } - } -} - -/// Runtime effects for an externally persisted goal mutation. -#[derive(Clone)] -pub struct ExternalGoalSet { - pub goal: codex_state::ThreadGoal, - pub previous_status: ExternalGoalPreviousStatus, -} - -/// Runtime lifecycle events that can affect goal accounting, scheduling, or -/// model-visible steering. -/// -/// Callers report the session event they observed; this module owns the policy -/// for how that event changes goal runtime state. -pub(crate) enum GoalRuntimeEvent<'a> { - TurnStarted { - turn_context: &'a TurnContext, - token_usage: TokenUsage, - }, - ToolCompleted { - turn_context: &'a TurnContext, - tool_name: &'a str, - }, - ToolCompletedGoal { - turn_context: &'a TurnContext, - }, - TurnFinished { - turn_context: &'a TurnContext, - turn_completed: bool, - }, - MaybeContinueIfIdle, - TaskAborted { - turn_context: Option<&'a TurnContext>, - }, - UsageLimitReached { - turn_context: &'a TurnContext, - }, - ExternalMutationStarting, - ExternalSet { - external_set: ExternalGoalSet, - }, - ExternalClear, - ThreadResumed, -} - -pub(crate) struct GoalRuntimeState { - pub(crate) state_db: Mutex>, - pub(crate) budget_limit_reported_goal_id: Mutex>, - accounting_lock: Semaphore, - accounting: Mutex, - pub(crate) continuation_lock: Semaphore, -} - -struct GoalContinuationCandidate { - goal_id: String, - items: Vec, -} - -impl GoalRuntimeState { - pub(crate) fn new() -> Self { - Self { - state_db: Mutex::new(None), - budget_limit_reported_goal_id: Mutex::new(None), - accounting_lock: Semaphore::new(/*permits*/ 1), - accounting: Mutex::new(GoalAccountingSnapshot::new()), - continuation_lock: Semaphore::new(/*permits*/ 1), - } - } -} - -#[derive(Debug)] -struct GoalAccountingSnapshot { - turn: Option, - wall_clock: GoalWallClockAccountingSnapshot, -} - -#[derive(Debug)] -struct GoalTurnAccountingSnapshot { - turn_id: String, - last_accounted_token_usage: TokenUsage, - active_goal_id: Option, -} - -impl GoalRuntimeState { - async fn accounting_permit(&self) -> anyhow::Result> { - self.accounting_lock - .acquire() - .await - .context("goal accounting semaphore closed") - } -} - -impl GoalAccountingSnapshot { - fn new() -> Self { - Self { - turn: None, - wall_clock: GoalWallClockAccountingSnapshot::new(), - } - } -} - -impl GoalTurnAccountingSnapshot { - fn new(turn_id: impl Into, token_usage: TokenUsage) -> Self { - Self { - turn_id: turn_id.into(), - last_accounted_token_usage: token_usage, - active_goal_id: None, - } - } - - fn mark_active_goal(&mut self, goal_id: impl Into) { - self.active_goal_id = Some(goal_id.into()); - } - - fn active_this_turn(&self) -> bool { - self.active_goal_id.is_some() - } - - fn active_goal_id(&self) -> Option { - self.active_goal_id.clone() - } - - fn clear_active_goal(&mut self) { - self.active_goal_id = None; - } - - fn reset_baseline(&mut self, token_usage: TokenUsage) { - self.last_accounted_token_usage = token_usage; - } - - fn token_delta_since_last_accounting(&self, current: &TokenUsage) -> i64 { - let last = &self.last_accounted_token_usage; - let delta = TokenUsage { - input_tokens: current.input_tokens.saturating_sub(last.input_tokens), - cached_input_tokens: current - .cached_input_tokens - .saturating_sub(last.cached_input_tokens), - output_tokens: current.output_tokens.saturating_sub(last.output_tokens), - reasoning_output_tokens: current - .reasoning_output_tokens - .saturating_sub(last.reasoning_output_tokens), - total_tokens: current.total_tokens.saturating_sub(last.total_tokens), - }; - goal_token_delta_for_usage(&delta) - } - - fn mark_accounted(&mut self, current: TokenUsage) { - self.last_accounted_token_usage = current; - } -} - -#[derive(Debug)] -struct GoalWallClockAccountingSnapshot { - last_accounted_at: Instant, - active_goal_id: Option, -} - -impl GoalWallClockAccountingSnapshot { - fn new() -> Self { - Self { - last_accounted_at: Instant::now(), - active_goal_id: None, - } - } - - fn time_delta_since_last_accounting(&self) -> i64 { - let last = self.last_accounted_at; - i64::try_from(last.elapsed().as_secs()).unwrap_or(i64::MAX) - } - - fn mark_accounted(&mut self, accounted_seconds: i64) { - if accounted_seconds <= 0 { - return; - } - let advance = Duration::from_secs(u64::try_from(accounted_seconds).unwrap_or(u64::MAX)); - self.last_accounted_at = self - .last_accounted_at - .checked_add(advance) - .unwrap_or_else(Instant::now); - } - - fn reset_baseline(&mut self) { - self.last_accounted_at = Instant::now(); - } - - fn mark_active_goal(&mut self, goal_id: impl Into) { - let goal_id = goal_id.into(); - if self.active_goal_id.as_deref() != Some(goal_id.as_str()) { - self.reset_baseline(); - self.active_goal_id = Some(goal_id); - } - } - - fn clear_active_goal(&mut self) { - self.active_goal_id = None; - self.reset_baseline(); - } - - fn active_goal_id(&self) -> Option { - self.active_goal_id.clone() - } -} - -impl Session { - /// Applies runtime policy for a goal lifecycle event. - /// - /// Goal data methods validate and persist state; this dispatcher owns the - /// cross-cutting runtime behavior: plan mode ignores continuations, turn - /// starts capture the active goal and token baseline, tool completions - /// account usage and may inject budget steering, completion accounting - /// suppresses that steering, external mutations account best-effort before - /// changing state, thread resumes restore runtime state for already-active - /// goals, explicit maybe-continue events - /// start idle goal continuation turns, and continuation turns with no counted - /// autonomous activity suppress the next automatic continuation until - /// user/tool/external activity resets it. - pub(crate) fn goal_runtime_apply<'a>( - self: &'a Arc, - event: GoalRuntimeEvent<'a>, - ) -> BoxFuture<'a, anyhow::Result<()>> { - match event { - GoalRuntimeEvent::TurnStarted { - turn_context, - token_usage, - } => Box::pin(async move { - self.mark_thread_goal_turn_started(turn_context, token_usage) - .await; - Ok(()) - }), - GoalRuntimeEvent::ToolCompleted { - turn_context, - tool_name, - } => Box::pin(async move { - if tool_name != UPDATE_GOAL_TOOL_NAME { - self.account_thread_goal_progress( - turn_context, - BudgetLimitSteering::Allowed, - TerminalMetricEmission::Emit, - ) - .await?; - } - Ok(()) - }), - GoalRuntimeEvent::ToolCompletedGoal { turn_context } => Box::pin(async move { - self.account_thread_goal_progress( - turn_context, - BudgetLimitSteering::Suppressed, - TerminalMetricEmission::Suppress, - ) - .await?; - Ok(()) - }), - GoalRuntimeEvent::TurnFinished { - turn_context, - turn_completed, - } => Box::pin(async move { - self.finish_thread_goal_turn(turn_context, turn_completed) - .await; - Ok(()) - }), - GoalRuntimeEvent::MaybeContinueIfIdle => Box::pin(async move { - self.maybe_continue_goal_if_idle_runtime().await; - Ok(()) - }), - GoalRuntimeEvent::TaskAborted { turn_context } => Box::pin(async move { - self.handle_thread_goal_task_abort(turn_context).await; - Ok(()) - }), - GoalRuntimeEvent::UsageLimitReached { turn_context } => Box::pin(async move { - self.usage_limit_active_thread_goal_for_turn(turn_context) - .await?; - Ok(()) - }), - GoalRuntimeEvent::ExternalMutationStarting => Box::pin(async move { - if let Err(err) = self.account_thread_goal_before_external_mutation().await { - tracing::warn!( - "failed to account thread goal progress before external mutation: {err}" - ); - } - Ok(()) - }), - GoalRuntimeEvent::ExternalSet { external_set } => Box::pin(async move { - self.apply_external_thread_goal_status(external_set).await; - Ok(()) - }), - GoalRuntimeEvent::ExternalClear => Box::pin(async move { - self.clear_stopped_thread_goal_runtime_state().await; - Ok(()) - }), - GoalRuntimeEvent::ThreadResumed => Box::pin(async move { - self.restore_thread_goal_runtime_after_resume().await?; - Ok(()) - }), - } - } - - pub(crate) async fn get_thread_goal(&self) -> anyhow::Result> { - if !self.enabled(Feature::Goals) { - anyhow::bail!("goals feature is disabled"); - } - - let state_db = self.require_state_db_for_thread_goals().await?; - state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await - .map(|goal| goal.map(protocol_goal_from_state)) - } - - pub(crate) async fn set_thread_goal( - &self, - turn_context: &TurnContext, - request: SetGoalRequest, - ) -> anyhow::Result { - if !self.enabled(Feature::Goals) { - anyhow::bail!("goals feature is disabled"); - } - - let SetGoalRequest { - objective, - status, - token_budget, - } = request; - validate_goal_budget(token_budget.flatten())?; - let state_db = self.require_state_db_for_thread_goals().await?; - let objective = objective.map(|objective| objective.trim().to_string()); - if let Some(objective) = objective.as_deref() - && let Err(err) = validate_thread_goal_objective(objective) - { - anyhow::bail!("{err}"); - } - - self.account_thread_goal_wall_clock_usage( - &state_db, - codex_state::GoalAccountingMode::ActiveOnly, - TerminalMetricEmission::Emit, - ) - .await?; - let mut replacing_goal = false; - let previous_status; - let goal = if let Some(objective) = objective.as_deref() { - let existing_goal = state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await?; - previous_status = existing_goal.as_ref().map(|goal| goal.status); - if let Some(existing_goal) = existing_goal.as_ref() { - state_db - .thread_goals() - .update_thread_goal( - self.thread_id, - codex_state::GoalUpdate { - objective: Some(objective.to_string()), - status: status.map(state_goal_status_from_protocol), - token_budget, - expected_goal_id: Some(existing_goal.goal_id.clone()), - }, - ) - .await? - .ok_or_else(|| { - anyhow::anyhow!( - "cannot update goal for thread {}: no goal exists", - self.thread_id - ) - })? - } else { - replacing_goal = true; - state_db - .thread_goals() - .replace_thread_goal( - self.thread_id, - objective, - status - .map(state_goal_status_from_protocol) - .unwrap_or(codex_state::ThreadGoalStatus::Active), - token_budget.flatten(), - ) - .await? - } - } else { - let existing_goal = state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await?; - previous_status = existing_goal.as_ref().map(|goal| goal.status); - let expected_goal_id = existing_goal.map(|goal| goal.goal_id); - let status = status.map(state_goal_status_from_protocol); - state_db - .thread_goals() - .update_thread_goal( - self.thread_id, - codex_state::GoalUpdate { - objective: None, - status, - token_budget, - expected_goal_id, - }, - ) - .await? - .ok_or_else(|| { - anyhow::anyhow!( - "cannot update goal for thread {}: no goal exists", - self.thread_id - ) - })? - }; - - if objective.is_some() { - set_thread_preview_from_goal_objective( - &state_db, - self.thread_id, - goal.objective.as_str(), - ) - .await; - } - let goal_status = goal.status; - let goal_id = goal.goal_id.clone(); - let previous_status_for_goal = if replacing_goal { - None - } else { - previous_status - }; - if replacing_goal { - self.emit_goal_created_metric(); - } - self.emit_goal_resumed_metric_if_status_changed(previous_status_for_goal, goal_status); - self.emit_goal_terminal_metrics_if_status_changed(previous_status_for_goal, &goal); - let goal = protocol_goal_from_state(goal); - *self.goal_runtime.budget_limit_reported_goal_id.lock().await = None; - let newly_active_goal = goal_status == codex_state::ThreadGoalStatus::Active - && (replacing_goal - || previous_status - .is_some_and(|status| status != codex_state::ThreadGoalStatus::Active)); - if newly_active_goal { - let current_token_usage = self.total_token_usage().await.unwrap_or_default(); - self.mark_active_goal_accounting( - goal_id, - Some(turn_context.sub_id.clone()), - current_token_usage, - ) - .await; - } else if goal_status != codex_state::ThreadGoalStatus::Active { - self.clear_active_goal_accounting(turn_context).await; - } - self.send_event( - turn_context, - EventMsg::ThreadGoalUpdated(ThreadGoalUpdatedEvent { - thread_id: self.thread_id, - turn_id: Some(turn_context.sub_id.clone()), - goal: goal.clone(), - }), - ) - .await; - Ok(goal) - } - - pub(crate) async fn create_thread_goal( - &self, - turn_context: &TurnContext, - request: CreateGoalRequest, - ) -> anyhow::Result { - if !self.enabled(Feature::Goals) { - anyhow::bail!("goals feature is disabled"); - } - - let CreateGoalRequest { - objective, - token_budget, - } = request; - validate_goal_budget(token_budget)?; - let objective = objective.trim(); - validate_thread_goal_objective(objective).map_err(anyhow::Error::msg)?; - - let state_db = self.require_state_db_for_thread_goals().await?; - self.account_thread_goal_wall_clock_usage( - &state_db, - codex_state::GoalAccountingMode::ActiveOnly, - TerminalMetricEmission::Emit, - ) - .await?; - let goal = state_db - .thread_goals() - .insert_thread_goal( - self.thread_id, - objective, - codex_state::ThreadGoalStatus::Active, - token_budget, - ) - .await? - .ok_or_else(|| { - anyhow::anyhow!( - "cannot create a new goal because thread {} already has a goal", - self.thread_id - ) - })?; - - set_thread_preview_from_goal_objective(&state_db, self.thread_id, goal.objective.as_str()) - .await; - let goal_id = goal.goal_id.clone(); - self.emit_goal_created_metric(); - let goal = protocol_goal_from_state(goal); - *self.goal_runtime.budget_limit_reported_goal_id.lock().await = None; - - let current_token_usage = self.total_token_usage().await.unwrap_or_default(); - self.mark_active_goal_accounting( - goal_id, - Some(turn_context.sub_id.clone()), - current_token_usage, - ) - .await; - - self.send_event( - turn_context, - EventMsg::ThreadGoalUpdated(ThreadGoalUpdatedEvent { - thread_id: self.thread_id, - turn_id: Some(turn_context.sub_id.clone()), - goal: goal.clone(), - }), - ) - .await; - Ok(goal) - } - - async fn apply_external_thread_goal_status(self: &Arc, external_set: ExternalGoalSet) { - let ExternalGoalSet { - goal, - previous_status, - } = external_set; - let previous_goal = match previous_status { - ExternalGoalPreviousStatus::NewGoal => None, - ExternalGoalPreviousStatus::Existing(goal) => Some(goal), - }; - let replaced_existing_goal = previous_goal - .as_ref() - .is_some_and(|previous_goal| previous_goal.goal_id != goal.goal_id); - if previous_goal.is_none() || replaced_existing_goal { - self.emit_goal_created_metric(); - } - let objective_changed = previous_goal - .as_ref() - .is_some_and(|previous_goal| previous_goal.objective != goal.objective); - let previous_status = previous_goal - .as_ref() - .and_then(|previous_goal| (!replaced_existing_goal).then_some(previous_goal.status)); - self.emit_goal_resumed_metric_if_status_changed(previous_status, goal.status); - self.emit_goal_terminal_metrics_if_status_changed(previous_status, &goal); - let goal_for_steering = objective_changed.then(|| protocol_goal_from_state(goal.clone())); - let goal_id = goal.goal_id; - let status = goal.status; - match status { - codex_state::ThreadGoalStatus::Active => { - let turn_id = self - .active_turn_context() - .await - .map(|turn_context| turn_context.sub_id.clone()); - let current_token_usage = self.total_token_usage().await.unwrap_or_default(); - self.mark_active_goal_accounting(goal_id, turn_id, current_token_usage) - .await; - if let Some(goal) = goal_for_steering { - let item = goal_context_input_item(objective_updated_prompt(&goal)); - if self.inject_if_running(vec![item]).await.is_err() { - tracing::debug!( - "skipping objective-updated goal steering because no turn is active" - ); - } - } - self.maybe_continue_goal_if_idle_runtime().await; - } - codex_state::ThreadGoalStatus::BudgetLimited => { - if self.active_turn_context().await.is_none() { - self.clear_stopped_thread_goal_runtime_state().await; - } - } - codex_state::ThreadGoalStatus::Paused - | codex_state::ThreadGoalStatus::Blocked - | codex_state::ThreadGoalStatus::UsageLimited - | codex_state::ThreadGoalStatus::Complete => { - self.clear_stopped_thread_goal_runtime_state().await; - } - } - } - - async fn clear_stopped_thread_goal_runtime_state(&self) { - *self.goal_runtime.budget_limit_reported_goal_id.lock().await = None; - let mut accounting = self.goal_runtime.accounting.lock().await; - if let Some(turn) = accounting.turn.as_mut() { - turn.clear_active_goal(); - } - accounting.wall_clock.clear_active_goal(); - } - - async fn clear_active_goal_accounting(&self, turn_context: &TurnContext) { - let mut accounting = self.goal_runtime.accounting.lock().await; - if let Some(turn) = accounting.turn.as_mut() - && turn.turn_id == turn_context.sub_id - { - turn.clear_active_goal(); - } - accounting.wall_clock.clear_active_goal(); - } - - async fn mark_active_goal_accounting( - &self, - goal_id: String, - turn_id: Option, - token_usage: TokenUsage, - ) { - let mut accounting = self.goal_runtime.accounting.lock().await; - if let Some(turn_id) = turn_id { - match accounting.turn.as_mut() { - Some(turn) if turn.turn_id == turn_id => { - turn.reset_baseline(token_usage); - turn.mark_active_goal(goal_id.clone()); - } - _ => { - let mut turn = GoalTurnAccountingSnapshot::new(turn_id, token_usage); - turn.mark_active_goal(goal_id.clone()); - accounting.turn = Some(turn); - } - } - } - accounting.wall_clock.mark_active_goal(goal_id); - } - - fn emit_goal_created_metric(&self) { - self.services - .session_telemetry - .counter(GOAL_CREATED_METRIC, /*inc*/ 1, &[]); - } - - fn emit_goal_resumed_metric(&self) { - self.services - .session_telemetry - .counter(GOAL_RESUMED_METRIC, /*inc*/ 1, &[]); - } - - fn emit_goal_resumed_metric_if_status_changed( - &self, - previous_status: Option, - goal_status: codex_state::ThreadGoalStatus, - ) { - if goal_status == codex_state::ThreadGoalStatus::Active - && matches!( - previous_status, - Some( - codex_state::ThreadGoalStatus::Paused - | codex_state::ThreadGoalStatus::Blocked - | codex_state::ThreadGoalStatus::UsageLimited - ) - ) - { - self.emit_goal_resumed_metric(); - } - } - - fn emit_goal_terminal_metrics_if_status_changed( - &self, - previous_status: Option, - goal: &codex_state::ThreadGoal, - ) { - if previous_status == Some(goal.status) { - return; - } - - let counter = match goal.status { - codex_state::ThreadGoalStatus::Blocked => GOAL_BLOCKED_METRIC, - codex_state::ThreadGoalStatus::UsageLimited => GOAL_USAGE_LIMITED_METRIC, - codex_state::ThreadGoalStatus::BudgetLimited => GOAL_BUDGET_LIMITED_METRIC, - codex_state::ThreadGoalStatus::Complete => GOAL_COMPLETED_METRIC, - codex_state::ThreadGoalStatus::Active | codex_state::ThreadGoalStatus::Paused => { - return; - } - }; - let status_tag = [("status", goal.status.as_str())]; - self.services - .session_telemetry - .counter(counter, /*inc*/ 1, &[]); - self.services.session_telemetry.histogram( - GOAL_TOKEN_COUNT_METRIC, - goal.tokens_used, - &status_tag, - ); - self.services.session_telemetry.histogram( - GOAL_DURATION_SECONDS_METRIC, - goal.time_used_seconds, - &status_tag, - ); - } - - async fn current_goal_status_for_metrics( - &self, - state_db: &StateDbHandle, - expected_goal_id: Option<&str>, - ) -> anyhow::Result> { - let goal = state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await?; - Ok(goal.and_then(|goal| { - expected_goal_id - .is_none_or(|expected_goal_id| goal.goal_id == expected_goal_id) - .then_some(goal.status) - })) - } - - async fn active_turn_context(&self) -> Option> { - let active = self.active_turn.lock().await; - active - .as_ref() - .and_then(|active_turn| active_turn.task.as_ref()) - .map(|task| Arc::clone(&task.turn_context)) - } - - async fn mark_thread_goal_turn_started( - &self, - turn_context: &TurnContext, - token_usage: TokenUsage, - ) { - self.goal_runtime.accounting.lock().await.turn = Some(GoalTurnAccountingSnapshot::new( - turn_context.sub_id.clone(), - token_usage, - )); - - if !self.enabled(Feature::Goals) { - return; - } - if should_ignore_goal_for_mode(turn_context.collaboration_mode.mode) { - self.clear_active_goal_accounting(turn_context).await; - return; - } - let state_db = match self.state_db_for_thread_goals().await { - Ok(Some(state_db)) => state_db, - Ok(None) => return, - Err(err) => { - tracing::warn!("failed to open state db at turn start: {err}"); - return; - } - }; - match state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await - { - Ok(Some(goal)) - if matches!( - goal.status, - codex_state::ThreadGoalStatus::Active - | codex_state::ThreadGoalStatus::BudgetLimited - ) => - { - let mut accounting = self.goal_runtime.accounting.lock().await; - if let Some(turn) = accounting.turn.as_mut() - && turn.turn_id == turn_context.sub_id - { - turn.mark_active_goal(goal.goal_id.clone()); - } - accounting.wall_clock.mark_active_goal(goal.goal_id); - } - Ok(Some(_)) | Ok(None) => { - self.goal_runtime - .accounting - .lock() - .await - .wall_clock - .clear_active_goal(); - } - Err(err) => { - tracing::warn!("failed to read thread goal at turn start: {err}"); - } - } - } - - async fn clear_reserved_goal_continuation_turn(&self, turn_state: &Arc>) { - let mut active_turn_guard = self.active_turn.lock().await; - if let Some(active_turn) = active_turn_guard.as_ref() - && active_turn.task.is_none() - && Arc::ptr_eq(&active_turn.turn_state, turn_state) - { - *active_turn_guard = None; - } - } - - async fn finish_thread_goal_turn( - self: &Arc, - turn_context: &TurnContext, - turn_completed: bool, - ) { - if turn_completed - && let Err(err) = self - .account_thread_goal_progress( - turn_context, - BudgetLimitSteering::Suppressed, - TerminalMetricEmission::Emit, - ) - .await - { - tracing::warn!("failed to account thread goal progress at turn end: {err}"); - } - - if turn_completed { - let mut accounting = self.goal_runtime.accounting.lock().await; - if accounting - .turn - .as_ref() - .is_some_and(|turn| turn.turn_id == turn_context.sub_id) - { - accounting.turn = None; - } - } - } - - async fn handle_thread_goal_task_abort(&self, turn_context: Option<&TurnContext>) { - if let Some(turn_context) = turn_context { - if let Err(err) = self - .account_thread_goal_progress( - turn_context, - BudgetLimitSteering::Suppressed, - TerminalMetricEmission::Emit, - ) - .await - { - tracing::warn!("failed to account thread goal progress after abort: {err}"); - } - let mut accounting = self.goal_runtime.accounting.lock().await; - if accounting - .turn - .as_ref() - .is_some_and(|turn| turn.turn_id == turn_context.sub_id) - { - accounting.turn = None; - } - } - } - - async fn account_thread_goal_progress( - &self, - turn_context: &TurnContext, - budget_limit_steering: BudgetLimitSteering, - terminal_metric_emission: TerminalMetricEmission, - ) -> anyhow::Result<()> { - if !self.enabled(Feature::Goals) { - return Ok(()); - } - if should_ignore_goal_for_mode(turn_context.collaboration_mode.mode) { - return Ok(()); - } - let Some(state_db) = self.state_db_for_thread_goals().await? else { - return Ok(()); - }; - let _accounting_permit = self.goal_runtime.accounting_permit().await?; - let current_token_usage = self.total_token_usage().await.unwrap_or_default(); - let (token_delta, expected_goal_id, time_delta_seconds) = { - let accounting = self.goal_runtime.accounting.lock().await; - let Some(turn) = accounting - .turn - .as_ref() - .filter(|turn| turn.turn_id == turn_context.sub_id) - else { - return Ok(()); - }; - if !turn.active_this_turn() { - return Ok(()); - } - ( - turn.token_delta_since_last_accounting(¤t_token_usage), - turn.active_goal_id(), - accounting.wall_clock.time_delta_since_last_accounting(), - ) - }; - if time_delta_seconds == 0 && token_delta <= 0 { - return Ok(()); - } - let previous_status = self - .current_goal_status_for_metrics(&state_db, expected_goal_id.as_deref()) - .await?; - let outcome = state_db - .thread_goals() - .account_thread_goal_usage( - self.thread_id, - time_delta_seconds, - token_delta, - codex_state::GoalAccountingMode::ActiveOnly, - expected_goal_id.as_deref(), - ) - .await?; - let budget_limit_was_already_reported = { - let reported_goal_id = self.goal_runtime.budget_limit_reported_goal_id.lock().await; - expected_goal_id - .as_deref() - .is_some_and(|goal_id| reported_goal_id.as_deref() == Some(goal_id)) - }; - let goal = match outcome { - codex_state::GoalAccountingOutcome::Updated(goal) => { - let clear_active_goal = match goal.status { - codex_state::ThreadGoalStatus::Active => false, - codex_state::ThreadGoalStatus::BudgetLimited => { - matches!(budget_limit_steering, BudgetLimitSteering::Suppressed) - } - codex_state::ThreadGoalStatus::Paused - | codex_state::ThreadGoalStatus::Blocked - | codex_state::ThreadGoalStatus::UsageLimited - | codex_state::ThreadGoalStatus::Complete => true, - }; - { - let mut accounting = self.goal_runtime.accounting.lock().await; - if let Some(turn) = accounting - .turn - .as_mut() - .filter(|turn| turn.turn_id == turn_context.sub_id) - { - turn.mark_accounted(current_token_usage); - if clear_active_goal { - turn.clear_active_goal(); - } - } - accounting.wall_clock.mark_accounted(time_delta_seconds); - if clear_active_goal { - accounting.wall_clock.clear_active_goal(); - } - } - if matches!(terminal_metric_emission, TerminalMetricEmission::Emit) { - self.emit_goal_terminal_metrics_if_status_changed(previous_status, &goal); - } - goal - } - codex_state::GoalAccountingOutcome::Unchanged(_) => return Ok(()), - }; - let should_steer_budget_limit = - matches!(budget_limit_steering, BudgetLimitSteering::Allowed) - && goal.status == codex_state::ThreadGoalStatus::BudgetLimited - && !budget_limit_was_already_reported; - let goal_status = goal.status; - let goal_id = goal.goal_id.clone(); - if goal_status != codex_state::ThreadGoalStatus::BudgetLimited { - *self.goal_runtime.budget_limit_reported_goal_id.lock().await = None; - } - let goal = protocol_goal_from_state(goal); - self.send_event( - turn_context, - EventMsg::ThreadGoalUpdated(ThreadGoalUpdatedEvent { - thread_id: self.thread_id, - turn_id: Some(turn_context.sub_id.clone()), - goal: goal.clone(), - }), - ) - .await; - if should_steer_budget_limit { - let item = budget_limit_steering_item(&goal); - if self.inject_if_running(vec![item]).await.is_err() { - tracing::debug!("skipping budget-limit goal steering because no turn is active"); - } - *self.goal_runtime.budget_limit_reported_goal_id.lock().await = Some(goal_id); - } - Ok(()) - } - - async fn account_thread_goal_before_external_mutation(&self) -> anyhow::Result<()> { - if let Some(turn_context) = self.active_turn_context().await { - return self - .account_thread_goal_progress( - turn_context.as_ref(), - BudgetLimitSteering::Suppressed, - TerminalMetricEmission::Emit, - ) - .await; - } - - let Some(state_db) = self.state_db_for_thread_goals().await? else { - return Ok(()); - }; - self.account_thread_goal_wall_clock_usage( - &state_db, - codex_state::GoalAccountingMode::ActiveOnly, - TerminalMetricEmission::Suppress, - ) - .await?; - Ok(()) - } - - async fn account_thread_goal_wall_clock_usage( - &self, - state_db: &StateDbHandle, - mode: codex_state::GoalAccountingMode, - terminal_metric_emission: TerminalMetricEmission, - ) -> anyhow::Result> { - let _accounting_permit = self.goal_runtime.accounting_permit().await?; - let (time_delta_seconds, expected_goal_id) = { - let accounting = self.goal_runtime.accounting.lock().await; - ( - accounting.wall_clock.time_delta_since_last_accounting(), - accounting.wall_clock.active_goal_id(), - ) - }; - if time_delta_seconds == 0 { - return Ok(None); - } - let previous_status = self - .current_goal_status_for_metrics(state_db, expected_goal_id.as_deref()) - .await?; - - match state_db - .thread_goals() - .account_thread_goal_usage( - self.thread_id, - time_delta_seconds, - /*token_delta*/ 0, - mode, - expected_goal_id.as_deref(), - ) - .await? - { - codex_state::GoalAccountingOutcome::Updated(goal) => { - if matches!(terminal_metric_emission, TerminalMetricEmission::Emit) { - self.emit_goal_terminal_metrics_if_status_changed(previous_status, &goal); - } - self.goal_runtime - .accounting - .lock() - .await - .wall_clock - .mark_accounted(time_delta_seconds); - let goal = protocol_goal_from_state(goal); - Ok(Some(goal)) - } - codex_state::GoalAccountingOutcome::Unchanged(goal) => { - { - let mut accounting = self.goal_runtime.accounting.lock().await; - accounting.wall_clock.reset_baseline(); - accounting.wall_clock.clear_active_goal(); - } - if let Some(goal) = goal { - let goal = protocol_goal_from_state(goal); - return Ok(Some(goal)); - } - Ok(None) - } - } - } - - async fn usage_limit_active_thread_goal_for_turn( - &self, - turn_context: &TurnContext, - ) -> anyhow::Result<()> { - if should_ignore_goal_for_mode(turn_context.collaboration_mode.mode) { - return Ok(()); - } - - if !self.enabled(Feature::Goals) { - return Ok(()); - } - - let _continuation_guard = self - .goal_runtime - .continuation_lock - .acquire() - .await - .context("goal continuation semaphore closed")?; - let Some(state_db) = self.state_db_for_thread_goals().await? else { - return Ok(()); - }; - self.account_thread_goal_progress( - turn_context, - BudgetLimitSteering::Suppressed, - TerminalMetricEmission::Emit, - ) - .await?; - let previous_status = self - .current_goal_status_for_metrics(&state_db, /*expected_goal_id*/ None) - .await?; - let Some(goal) = state_db - .thread_goals() - .usage_limit_active_thread_goal(self.thread_id) - .await? - else { - return Ok(()); - }; - self.emit_goal_terminal_metrics_if_status_changed(previous_status, &goal); - let goal = protocol_goal_from_state(goal); - *self.goal_runtime.budget_limit_reported_goal_id.lock().await = None; - self.clear_active_goal_accounting(turn_context).await; - self.send_event( - turn_context, - EventMsg::ThreadGoalUpdated(ThreadGoalUpdatedEvent { - thread_id: self.thread_id, - turn_id: Some(turn_context.sub_id.clone()), - goal, - }), - ) - .await; - Ok(()) - } - - async fn restore_thread_goal_runtime_after_resume(&self) -> anyhow::Result<()> { - if !self.enabled(Feature::Goals) { - return Ok(()); - } - if should_ignore_goal_for_mode(self.collaboration_mode().await.mode) { - tracing::debug!( - "skipping goal runtime restore while current collaboration mode ignores goals" - ); - return Ok(()); - } - - let _continuation_guard = self - .goal_runtime - .continuation_lock - .acquire() - .await - .context("goal continuation semaphore closed")?; - let Some(state_db) = self.state_db_for_thread_goals().await? else { - return Ok(()); - }; - let Some(goal) = state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await? - else { - self.clear_stopped_thread_goal_runtime_state().await; - return Ok(()); - }; - match goal.status { - codex_state::ThreadGoalStatus::Active => { - self.goal_runtime - .accounting - .lock() - .await - .wall_clock - .mark_active_goal(goal.goal_id); - self.emit_goal_resumed_metric(); - } - codex_state::ThreadGoalStatus::Paused - | codex_state::ThreadGoalStatus::Blocked - | codex_state::ThreadGoalStatus::UsageLimited - | codex_state::ThreadGoalStatus::BudgetLimited - | codex_state::ThreadGoalStatus::Complete => { - self.clear_stopped_thread_goal_runtime_state().await; - } - } - Ok(()) - } - - async fn maybe_continue_goal_if_idle_runtime(self: &Arc) { - self.maybe_start_turn_for_pending_work().await; - self.maybe_start_goal_continuation_turn().await; - } - - async fn maybe_start_goal_continuation_turn(self: &Arc) { - let Ok(_continuation_guard) = self.goal_runtime.continuation_lock.acquire().await else { - tracing::warn!("goal continuation semaphore closed"); - return; - }; - let Some(candidate) = self.goal_continuation_candidate_if_active().await else { - return; - }; - - let turn_state = { - let mut active_turn = self.active_turn.lock().await; - if active_turn.is_some() { - return; - } - let active_turn = active_turn.get_or_insert_with(ActiveTurn::default); - Arc::clone(&active_turn.turn_state) - }; - let goal_is_current = match self.state_db_for_thread_goals().await { - Ok(Some(state_db)) => match state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await - { - Ok(Some(goal)) - if goal.goal_id == candidate.goal_id - && goal.status == codex_state::ThreadGoalStatus::Active => - { - true - } - Ok(Some(_)) | Ok(None) => { - tracing::debug!( - "skipping active goal continuation because the goal changed before launch" - ); - false - } - Err(err) => { - tracing::warn!("failed to re-read thread goal before continuation: {err}"); - false - } - }, - Ok(None) => { - tracing::debug!("skipping active goal continuation for ephemeral thread"); - false - } - Err(err) => { - tracing::warn!("failed to open state db before goal continuation: {err}"); - false - } - }; - if !goal_is_current { - self.clear_reserved_goal_continuation_turn(&turn_state) - .await; - return; - } - self.input_queue - .extend_pending_input_for_turn_state( - turn_state.as_ref(), - candidate - .items - .into_iter() - .map(TurnInput::ResponseItem) - .collect(), - ) - .await; - - let turn_context = self - .new_default_turn_with_sub_id(uuid::Uuid::new_v4().to_string()) - .await; - self.maybe_emit_unknown_model_warning_for_turn(turn_context.as_ref()) - .await; - let still_reserved = { - let active_turn = self.active_turn.lock().await; - active_turn.as_ref().is_some_and(|active_turn| { - active_turn.task.is_none() && Arc::ptr_eq(&active_turn.turn_state, &turn_state) - }) - }; - if !still_reserved { - self.clear_reserved_goal_continuation_turn(&turn_state) - .await; - return; - } - self.start_task(turn_context, Vec::new(), RegularTask::new()) - .await; - } - - async fn goal_continuation_candidate_if_active( - self: &Arc, - ) -> Option { - if !self.enabled(Feature::Goals) { - return None; - } - if should_ignore_goal_for_mode(self.collaboration_mode().await.mode) { - tracing::debug!("skipping active goal continuation while plan mode is active"); - return None; - } - if self.active_turn.lock().await.is_some() { - tracing::debug!("skipping active goal continuation because a turn is already active"); - return None; - } - if self.input_queue.has_trigger_turn_mailbox_items().await { - tracing::debug!( - "skipping active goal continuation because trigger-turn mailbox input is pending" - ); - return None; - } - let state_db = match self.state_db_for_thread_goals().await { - Ok(Some(state_db)) => state_db, - Ok(None) => { - tracing::debug!("skipping active goal continuation for ephemeral thread"); - return None; - } - Err(err) => { - tracing::warn!("failed to open state db for goal continuation: {err}"); - return None; - } - }; - let goal = match state_db - .thread_goals() - .get_thread_goal(self.thread_id) - .await - { - Ok(Some(goal)) => goal, - Ok(None) => { - tracing::debug!("skipping active goal continuation because no goal is set"); - return None; - } - Err(err) => { - tracing::warn!("failed to read thread goal for continuation: {err}"); - return None; - } - }; - if goal.status != codex_state::ThreadGoalStatus::Active { - tracing::debug!(status = ?goal.status, "skipping inactive thread goal"); - return None; - } - if self.active_turn.lock().await.is_some() - || self.input_queue.has_trigger_turn_mailbox_items().await - { - tracing::debug!("skipping active goal continuation because pending work appeared"); - return None; - } - let goal_id = goal.goal_id.clone(); - let goal = protocol_goal_from_state(goal); - Some(GoalContinuationCandidate { - goal_id, - items: vec![goal_context_input_item(continuation_prompt(&goal))], - }) - } -} - -impl Session { - async fn state_db_for_thread_goals(&self) -> anyhow::Result> { - let config = self.get_config().await; - if config.ephemeral { - return Ok(None); - } - - self.try_ensure_rollout_materialized() - .await - .context("failed to materialize rollout before opening state db for thread goals")?; - - let state_db = if let Some(state_db) = self.state_db() { - state_db - } else if let Some(state_db) = self.goal_runtime.state_db.lock().await.clone() { - state_db - } else if let Some(local_store) = self - .services - .thread_store - .as_any() - .downcast_ref::() - { - local_store.state_db().await.ok_or_else(|| { - anyhow::anyhow!( - "thread goals require a local persisted thread with a state database" - ) - })? - } else { - anyhow::bail!("thread goals require a local persisted thread with a state database"); - }; - - let thread_metadata_present = state_db - .get_thread(self.thread_id) - .await - .context("failed to read thread metadata before reconciling thread goals")? - .is_some(); - if !thread_metadata_present { - let rollout_path = self - .current_rollout_path() - .await - .context("failed to locate rollout before reconciling thread goals")? - .ok_or_else(|| { - anyhow::anyhow!("thread goals require materialized thread metadata") - })?; - reconcile_rollout( - Some(&state_db), - rollout_path.as_path(), - config.model_provider_id.as_str(), - /*builder*/ None, - &[], - /*archived_only*/ None, - /*new_thread_memory_mode*/ None, - ) - .await; - let thread_metadata_present = state_db - .get_thread(self.thread_id) - .await - .context("failed to read thread metadata after reconciling thread goals")? - .is_some(); - if !thread_metadata_present { - anyhow::bail!("thread metadata is unavailable after reconciling thread goals"); - } - } - - *self.goal_runtime.state_db.lock().await = Some(state_db.clone()); - Ok(Some(state_db)) - } - - async fn require_state_db_for_thread_goals(&self) -> anyhow::Result { - self.state_db_for_thread_goals().await?.ok_or_else(|| { - anyhow::anyhow!("thread goals require a persisted thread; this thread is ephemeral") - }) - } -} - -async fn set_thread_preview_from_goal_objective( - state_db: &StateDbHandle, - thread_id: ThreadId, - objective: &str, -) { - if let Err(err) = state_db - .set_thread_preview_if_empty(thread_id, objective) - .await - { - tracing::warn!( - "failed to set empty thread preview from goal objective for {thread_id}: {err}" - ); - } -} - -fn should_ignore_goal_for_mode(mode: ModeKind) -> bool { - mode == ModeKind::Plan -} - -fn budget_limit_steering_item(goal: &ThreadGoal) -> ResponseItem { - goal_context_input_item(budget_limit_prompt(goal)) -} - -fn goal_context_input_item(prompt: String) -> ResponseItem { - ContextualUserFragment::into(InternalModelContextFragment::new( - InternalContextSource::from_static("goal"), - prompt, - )) -} - -pub(crate) fn protocol_goal_from_state(goal: codex_state::ThreadGoal) -> ThreadGoal { - ThreadGoal { - thread_id: goal.thread_id, - objective: goal.objective, - status: protocol_goal_status_from_state(goal.status), - token_budget: goal.token_budget, - tokens_used: goal.tokens_used, - time_used_seconds: goal.time_used_seconds, - created_at: goal.created_at.timestamp(), - updated_at: goal.updated_at.timestamp(), - } -} - -pub(crate) fn protocol_goal_status_from_state( - status: codex_state::ThreadGoalStatus, -) -> ThreadGoalStatus { - match status { - codex_state::ThreadGoalStatus::Active => ThreadGoalStatus::Active, - codex_state::ThreadGoalStatus::Paused => ThreadGoalStatus::Paused, - codex_state::ThreadGoalStatus::Blocked => ThreadGoalStatus::Blocked, - codex_state::ThreadGoalStatus::UsageLimited => ThreadGoalStatus::UsageLimited, - codex_state::ThreadGoalStatus::BudgetLimited => ThreadGoalStatus::BudgetLimited, - codex_state::ThreadGoalStatus::Complete => ThreadGoalStatus::Complete, - } -} - -pub(crate) fn state_goal_status_from_protocol( - status: ThreadGoalStatus, -) -> codex_state::ThreadGoalStatus { - match status { - ThreadGoalStatus::Active => codex_state::ThreadGoalStatus::Active, - ThreadGoalStatus::Paused => codex_state::ThreadGoalStatus::Paused, - ThreadGoalStatus::Blocked => codex_state::ThreadGoalStatus::Blocked, - ThreadGoalStatus::UsageLimited => codex_state::ThreadGoalStatus::UsageLimited, - ThreadGoalStatus::BudgetLimited => codex_state::ThreadGoalStatus::BudgetLimited, - ThreadGoalStatus::Complete => codex_state::ThreadGoalStatus::Complete, - } -} - -pub(crate) fn validate_goal_budget(value: Option) -> anyhow::Result<()> { - if let Some(value) = value - && value <= 0 - { - anyhow::bail!("goal budgets must be positive when provided"); - } - Ok(()) -} - -pub(crate) fn goal_token_delta_for_usage(usage: &TokenUsage) -> i64 { - usage - .non_cached_input() - .saturating_add(usage.output_tokens.max(0)) -} - -#[cfg(test)] -mod tests { - use super::goal_context_input_item; - use super::goal_token_delta_for_usage; - use super::should_ignore_goal_for_mode; - use codex_protocol::config_types::ModeKind; - use codex_protocol::models::ContentItem; - use codex_protocol::models::ResponseItem; - use codex_protocol::protocol::TokenUsage; - use std::time::Duration; - use std::time::Instant; - - #[test] - fn goal_continuation_is_ignored_only_in_plan_mode() { - assert!(should_ignore_goal_for_mode(ModeKind::Plan)); - assert!(!should_ignore_goal_for_mode(ModeKind::Default)); - assert!(!should_ignore_goal_for_mode(ModeKind::PairProgramming)); - assert!(!should_ignore_goal_for_mode(ModeKind::Execute)); - } - - #[test] - fn goal_token_delta_excludes_cached_input_and_does_not_double_count_reasoning() { - let usage = TokenUsage { - input_tokens: 900, - cached_input_tokens: 400, - output_tokens: 80, - reasoning_output_tokens: 20, - total_tokens: 1_000, - }; - - assert_eq!(580, goal_token_delta_for_usage(&usage)); - } - - #[test] - fn wall_clock_accounting_advances_by_persisted_seconds() { - let mut snapshot = super::GoalWallClockAccountingSnapshot::new(); - let original = Instant::now() - Duration::from_millis(1500); - snapshot.last_accounted_at = original; - - snapshot.mark_accounted(/*accounted_seconds*/ 1); - assert_eq!( - original + Duration::from_secs(1), - snapshot.last_accounted_at - ); - - let token_only_original = snapshot.last_accounted_at; - snapshot.mark_accounted(/*accounted_seconds*/ 0); - assert_eq!(token_only_original, snapshot.last_accounted_at); - } - - #[test] - fn goal_context_input_item_is_hidden_user_context() { - let item = goal_context_input_item("Continue working.".to_string()); - - assert_eq!( - item, - ResponseItem::Message { - id: None, - role: "user".to_string(), - content: vec![ContentItem::InputText { - text: "\nContinue working.\n".to_string(), - }], - phase: None, - } - ); - } -} diff --git a/codex-rs/core/src/guardian/mod.rs b/codex-rs/core/src/guardian/mod.rs index b4920f1ff6f..b06a2daad30 100644 --- a/codex-rs/core/src/guardian/mod.rs +++ b/codex-rs/core/src/guardian/mod.rs @@ -168,7 +168,7 @@ use prompt::render_guardian_transcript_entries; #[cfg(test)] use review::GuardianReviewOutcome; #[cfg(test)] -use review::run_guardian_review_session as run_guardian_review_session_for_test; +use review::run_guardian_review_session_with_retry as run_guardian_review_session_for_test; #[cfg(test)] use review_session::build_guardian_review_session_config as build_guardian_review_session_config_for_test; diff --git a/codex-rs/core/src/guardian/review.rs b/codex-rs/core/src/guardian/review.rs index 06d1a789318..99f9c5d9995 100644 --- a/codex-rs/core/src/guardian/review.rs +++ b/codex-rs/core/src/guardian/review.rs @@ -7,6 +7,7 @@ use codex_analytics::GuardianReviewTrackContext; use codex_analytics::GuardianReviewedAction; use codex_protocol::config_types::ApprovalsReviewer; use codex_protocol::protocol::AskForApproval; +use codex_protocol::protocol::CodexErrorInfo; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::GuardianAssessmentDecisionSource; use codex_protocol::protocol::GuardianAssessmentEvent; @@ -19,11 +20,14 @@ use codex_protocol::protocol::TurnAbortReason; use codex_protocol::protocol::WarningEvent; use std::sync::Arc; use tokio::sync::oneshot; +use tokio::time::Instant; +use tokio::time::sleep_until; use tokio_util::sync::CancellationToken; use crate::session::session::Session; use crate::session::turn_context::TurnContext; use crate::turn_timing::now_unix_timestamp_ms; +use crate::util::backoff; use super::AUTO_REVIEW_DENIAL_WINDOW_SIZE; use super::GUARDIAN_REVIEW_TIMEOUT; @@ -58,6 +62,8 @@ const GUARDIAN_TIMEOUT_INSTRUCTIONS: &str = concat!( "You may retry once, or ask the user for guidance or explicit approval.", ); +const GUARDIAN_REVIEW_MAX_ATTEMPTS: i64 = 3; + pub(crate) fn new_guardian_review_id() -> String { uuid::Uuid::new_v4().to_string() } @@ -95,9 +101,16 @@ pub(super) enum GuardianReviewOutcome { #[derive(Debug)] pub(super) enum GuardianReviewError { - PromptBuild { message: String }, - Session { message: String }, - Parse { message: String }, + PromptBuild { + message: String, + }, + Session { + message: String, + error_info: Option, + }, + Parse { + message: String, + }, Timeout, Cancelled, } @@ -112,6 +125,14 @@ impl GuardianReviewError { fn session(err: anyhow::Error) -> Self { Self::Session { message: err.to_string(), + error_info: None, + } + } + + fn session_with_error_info(err: anyhow::Error, error_info: CodexErrorInfo) -> Self { + Self::Session { + message: err.to_string(), + error_info: Some(error_info), } } @@ -335,13 +356,14 @@ async fn run_guardian_review( let schema = guardian_output_schema(); let terminal_action = action_summary.clone(); - let (outcome, analytics_result) = Box::pin(run_guardian_review_session( + let (outcome, analytics_result) = Box::pin(run_guardian_review_session_with_retry( session.clone(), turn.clone(), request, retry_reason.clone(), schema, external_cancel, + GUARDIAN_REVIEW_MAX_ATTEMPTS, )) .await; @@ -464,7 +486,7 @@ async fn run_guardian_review( | GuardianReviewError::Parse { .. } => { let message = match &error { GuardianReviewError::PromptBuild { message } - | GuardianReviewError::Session { message } + | GuardianReviewError::Session { message, .. } | GuardianReviewError::Parse { message } => message, GuardianReviewError::Timeout | GuardianReviewError::Cancelled => { "guardian review failed" @@ -657,13 +679,14 @@ pub(crate) fn spawn_approval_request_review( /// context. It may still reuse the parent's managed-network allowlist for /// read-only checks, but it intentionally runs without inherited exec-policy /// rules. -pub(super) async fn run_guardian_review_session( +async fn run_guardian_review_session_before_deadline( session: Arc, turn: Arc, request: GuardianApprovalRequest, retry_reason: Option, schema: serde_json::Value, external_cancel: Option, + deadline: Instant, ) -> (GuardianReviewOutcome, GuardianReviewAnalyticsResult) { let network_proxy = session.services.network_proxy.load_full(); let live_network_config = match network_proxy.as_ref() { @@ -702,7 +725,7 @@ pub(super) async fn run_guardian_review_session( .supported_reasoning_efforts .iter() .any(|effort| effort.effort == codex_protocol::openai_models::ReasoningEffort::Low), - Some(preset.default_reasoning_effort), + Some(preset.default_reasoning_effort.clone()), ); (review_model_id.to_string(), reasoning_effort) } else { @@ -712,7 +735,8 @@ pub(super) async fn run_guardian_review_session( .iter() .any(|preset| preset.effort == codex_protocol::openai_models::ReasoningEffort::Low), turn.reasoning_effort - .or(turn.model_info.default_reasoning_level), + .clone() + .or_else(|| turn.model_info.default_reasoning_level.clone()), ); ( model_override @@ -725,7 +749,7 @@ pub(super) async fn run_guardian_review_session( turn.config.as_ref(), live_network_config.clone(), guardian_model.as_str(), - guardian_reasoning_effort, + guardian_reasoning_effort.clone(), ); let guardian_config = match guardian_config { Ok(config) => config, @@ -752,6 +776,7 @@ pub(super) async fn run_guardian_review_session( reasoning_summary: turn.reasoning_summary, personality: turn.personality, external_cancel, + deadline, }), ) .await; @@ -786,10 +811,16 @@ pub(super) async fn run_guardian_review_session( GuardianReviewOutcome::Error(GuardianReviewError::prompt_build(err)), session_analytics_result, ), - GuardianReviewSessionOutcome::SessionFailed(err) => ( - GuardianReviewOutcome::Error(GuardianReviewError::session(err)), - session_analytics_result, - ), + GuardianReviewSessionOutcome::SessionFailed { error, error_info } => { + let error = match error_info { + Some(error_info) => GuardianReviewError::session_with_error_info(error, error_info), + None => GuardianReviewError::session(error), + }; + ( + GuardianReviewOutcome::Error(error), + session_analytics_result, + ) + } GuardianReviewSessionOutcome::TimedOut => ( GuardianReviewOutcome::Error(GuardianReviewError::Timeout), session_analytics_result, @@ -801,9 +832,85 @@ pub(super) async fn run_guardian_review_session( } } +pub(super) async fn run_guardian_review_session_with_retry( + session: Arc, + turn: Arc, + request: GuardianApprovalRequest, + retry_reason: Option, + schema: serde_json::Value, + external_cancel: Option, + max_attempts: i64, +) -> (GuardianReviewOutcome, GuardianReviewAnalyticsResult) { + assert!(max_attempts > 0, "guardian review must run at least once"); + let deadline = Instant::now() + GUARDIAN_REVIEW_TIMEOUT; + let mut attempt_count = 1; + loop { + let (outcome, mut analytics_result) = run_guardian_review_session_before_deadline( + Arc::clone(&session), + Arc::clone(&turn), + request.clone(), + retry_reason.clone(), + schema.clone(), + external_cancel.clone(), + deadline, + ) + .await; + analytics_result.attempt_count = attempt_count; + if attempt_count >= max_attempts || !should_retry_guardian_review(&outcome) { + return (outcome, analytics_result); + } + if let Some(error) = + wait_before_guardian_retry(attempt_count, deadline, external_cancel.as_ref()).await + { + return (GuardianReviewOutcome::Error(error), analytics_result); + } + attempt_count += 1; + } +} + +async fn wait_before_guardian_retry( + attempt_count: i64, + deadline: Instant, + external_cancel: Option<&CancellationToken>, +) -> Option { + let retry_delay = backoff(attempt_count as u64); + let retry_at = (Instant::now() + retry_delay).min(deadline); + tokio::select! { + _ = sleep_until(retry_at) => { + (Instant::now() >= deadline).then_some(GuardianReviewError::Timeout) + } + _ = async { + if let Some(cancel_token) = external_cancel { + cancel_token.cancelled().await; + } else { + std::future::pending::<()>().await; + } + } => Some(GuardianReviewError::Cancelled), + } +} + +fn should_retry_guardian_review(outcome: &GuardianReviewOutcome) -> bool { + matches!( + outcome, + GuardianReviewOutcome::Error( + GuardianReviewError::Session { + error_info: Some( + CodexErrorInfo::ServerOverloaded + | CodexErrorInfo::HttpConnectionFailed { .. } + | CodexErrorInfo::ResponseStreamConnectionFailed { .. } + | CodexErrorInfo::InternalServerError + | CodexErrorInfo::ResponseStreamDisconnected { .. } + ), + .. + } | GuardianReviewError::Parse { .. } + ) + ) +} + #[cfg(test)] mod review_tests { use super::*; + use std::time::Duration; #[test] fn guardian_review_error_reason_distinguishes_error_kinds() { @@ -811,6 +918,10 @@ mod review_tests { let prompt_error = GuardianReviewError::prompt_build(anyhow::anyhow!("bad prompt/config")); let session_error = GuardianReviewError::session(anyhow::anyhow!("guardian runtime failed")); + let structured_session_error = GuardianReviewError::session_with_error_info( + anyhow::anyhow!("temporary guardian failure"), + CodexErrorInfo::ServerOverloaded, + ); assert!(matches!( parse_error.failure_reason(), @@ -824,5 +935,109 @@ mod review_tests { session_error.failure_reason(), GuardianReviewFailureReason::SessionError )); + assert!(matches!( + structured_session_error.failure_reason(), + GuardianReviewFailureReason::SessionError + )); + } + + #[test] + fn guardian_review_retry_only_retries_transient_session_and_parse_errors() { + let assessment = GuardianAssessment { + risk_level: GuardianRiskLevel::High, + user_authorization: GuardianUserAuthorization::Unknown, + outcome: GuardianAssessmentOutcome::Deny, + rationale: "deny".to_string(), + }; + let transient_error_info = [ + CodexErrorInfo::ServerOverloaded, + CodexErrorInfo::HttpConnectionFailed { + http_status_code: Some(502), + }, + CodexErrorInfo::ResponseStreamConnectionFailed { + http_status_code: Some(503), + }, + CodexErrorInfo::InternalServerError, + CodexErrorInfo::ResponseStreamDisconnected { + http_status_code: None, + }, + ]; + let mut outcomes = transient_error_info + .into_iter() + .map(|error_info| { + ( + GuardianReviewOutcome::Error(GuardianReviewError::session_with_error_info( + anyhow::anyhow!("transient session"), + error_info, + )), + true, + ) + }) + .collect::>(); + outcomes.extend([ + (GuardianReviewOutcome::Completed(assessment), false), + ( + GuardianReviewOutcome::Error(GuardianReviewError::prompt_build(anyhow::anyhow!( + "prompt" + ))), + false, + ), + ( + GuardianReviewOutcome::Error(GuardianReviewError::session(anyhow::anyhow!( + "session" + ))), + false, + ), + ( + GuardianReviewOutcome::Error(GuardianReviewError::session_with_error_info( + anyhow::anyhow!("bad request"), + CodexErrorInfo::BadRequest, + )), + false, + ), + ( + GuardianReviewOutcome::Error(GuardianReviewError::parse(anyhow::anyhow!("parse"))), + true, + ), + ( + GuardianReviewOutcome::Error(GuardianReviewError::Timeout), + false, + ), + ( + GuardianReviewOutcome::Error(GuardianReviewError::Cancelled), + false, + ), + ]); + + for (outcome, expected) in outcomes { + assert_eq!(should_retry_guardian_review(&outcome), expected); + } + } + + #[tokio::test] + async fn guardian_review_retry_wait_honors_cancellation() { + let cancel_token = CancellationToken::new(); + cancel_token.cancel(); + + let error = wait_before_guardian_retry( + /*attempt_count*/ 1, + Instant::now() + Duration::from_secs(/*secs*/ 1), + Some(&cancel_token), + ) + .await; + + assert!(matches!(error, Some(GuardianReviewError::Cancelled))); + } + + #[tokio::test] + async fn guardian_review_retry_wait_honors_deadline() { + let error = wait_before_guardian_retry( + /*attempt_count*/ 1, + Instant::now(), + /*external_cancel*/ None, + ) + .await; + + assert!(matches!(error, Some(GuardianReviewError::Timeout))); } } diff --git a/codex-rs/core/src/guardian/review_session.rs b/codex-rs/core/src/guardian/review_session.rs index c139a910a75..63b778838e0 100644 --- a/codex-rs/core/src/guardian/review_session.rs +++ b/codex-rs/core/src/guardian/review_session.rs @@ -7,6 +7,7 @@ use std::time::Duration; use anyhow::anyhow; use codex_analytics::GuardianReviewAnalyticsResult; use codex_analytics::GuardianReviewSessionKind; +use codex_extension_api::UserInstructions; use codex_protocol::ThreadId; use codex_protocol::config_types::AutoCompactTokenLimitScope; use codex_protocol::config_types::Personality; @@ -15,6 +16,8 @@ use codex_protocol::models::PermissionProfile; use codex_protocol::models::ResponseItem; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; use codex_protocol::protocol::AskForApproval; +use codex_protocol::protocol::CodexErrorInfo; +use codex_protocol::protocol::ErrorEvent; use codex_protocol::protocol::Event; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::InitialHistory; @@ -45,7 +48,6 @@ use codex_features::Feature; use codex_model_provider_info::ModelProviderInfo; use codex_utils_absolute_path::AbsolutePathBuf; -use super::GUARDIAN_REVIEW_TIMEOUT; use super::GUARDIAN_REVIEWER_NAME; use super::GuardianApprovalRequest; use super::prompt::GuardianPromptMode; @@ -59,7 +61,10 @@ const GUARDIAN_INTERRUPT_DRAIN_TIMEOUT: Duration = Duration::from_secs(5); pub(crate) enum GuardianReviewSessionOutcome { Completed(anyhow::Result>), PromptBuildFailed(anyhow::Error), - SessionFailed(anyhow::Error), + SessionFailed { + error: anyhow::Error, + error_info: Option, + }, TimedOut, Aborted, } @@ -76,6 +81,7 @@ pub(crate) struct GuardianReviewSessionParams { pub(crate) reasoning_summary: ReasoningSummaryConfig, pub(crate) personality: Option, pub(crate) external_cancel: Option, + pub(crate) deadline: tokio::time::Instant, } #[derive(Default)] @@ -146,7 +152,7 @@ struct GuardianReviewSessionReuseKey { permissions: Permissions, developer_instructions: Option, base_instructions: Option, - user_instructions: Option, + user_instructions: Option, compact_prompt: Option, cwd: AbsolutePathBuf, mcp_servers: Constrained>, @@ -158,7 +164,10 @@ struct GuardianReviewSessionReuseKey { } impl GuardianReviewSessionReuseKey { - fn from_spawn_config(spawn_config: &Config) -> Self { + fn from_spawn_config( + spawn_config: &Config, + user_instructions: Option, + ) -> Self { Self { model: spawn_config.model.clone(), model_provider_id: spawn_config.model_provider_id.clone(), @@ -166,12 +175,12 @@ impl GuardianReviewSessionReuseKey { model_context_window: spawn_config.model_context_window, model_auto_compact_token_limit: spawn_config.model_auto_compact_token_limit, model_auto_compact_token_limit_scope: spawn_config.model_auto_compact_token_limit_scope, - model_reasoning_effort: spawn_config.model_reasoning_effort, + model_reasoning_effort: spawn_config.model_reasoning_effort.clone(), model_reasoning_summary: spawn_config.model_reasoning_summary, permissions: spawn_config.permissions.clone(), developer_instructions: spawn_config.developer_instructions.clone(), base_instructions: spawn_config.base_instructions.clone(), - user_instructions: spawn_config.user_instructions.clone(), + user_instructions, compact_prompt: spawn_config.compact_prompt.clone(), cwd: spawn_config.cwd.clone(), mcp_servers: spawn_config.mcp_servers.clone(), @@ -311,8 +320,11 @@ impl GuardianReviewSessionManager { &self, params: GuardianReviewSessionParams, ) -> (GuardianReviewSessionOutcome, GuardianReviewAnalyticsResult) { - let deadline = tokio::time::Instant::now() + GUARDIAN_REVIEW_TIMEOUT; - let next_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config(¶ms.spawn_config); + let deadline = params.deadline; + let next_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + ¶ms.spawn_config, + params.parent_session.user_instructions().await, + ); let mut stale_trunk_to_shutdown = None; let mut spawned_trunk = false; let trunk_candidate = match run_before_review_deadline( @@ -363,7 +375,9 @@ impl GuardianReviewSessionManager { state.trunk.as_ref().cloned() } - Err(outcome) => return (outcome, GuardianReviewAnalyticsResult::without_session()), + Err(outcome) => { + return (outcome, GuardianReviewAnalyticsResult::without_session()); + } }; if let Some(review_session) = stale_trunk_to_shutdown { @@ -433,6 +447,7 @@ impl GuardianReviewSessionManager { pub(crate) async fn cache_for_test(&self, codex: Codex) { let reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( codex.session.get_config().await.as_ref(), + codex.session.user_instructions().await, ); self.state.lock().await.trunk = Some(Arc::new(GuardianReviewSession { reuse_key, @@ -451,6 +466,7 @@ impl GuardianReviewSessionManager { pub(crate) async fn register_ephemeral_for_test(&self, codex: Codex) { let reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( codex.session.get_config().await.as_ref(), + codex.session.user_instructions().await, ); self.state .lock() @@ -559,7 +575,9 @@ impl GuardianReviewSessionManager { GuardianReviewAnalyticsResult::without_session(), ); } - Err(outcome) => return (outcome, GuardianReviewAnalyticsResult::without_session()), + Err(outcome) => { + return (outcome, GuardianReviewAnalyticsResult::without_session()); + } }; self.register_active_ephemeral(Arc::clone(&review_session)) .await; @@ -657,7 +675,8 @@ async fn run_review_on_session( let guardian_reasoning_effort = if model_info.supports_reasoning_summaries { params .reasoning_effort - .or(model_info.default_reasoning_level) + .clone() + .or_else(|| model_info.default_reasoning_level.clone()) } else { None }; @@ -719,19 +738,27 @@ async fn run_review_on_session( .await .unwrap_or_default(); let guardian_permission_profile = PermissionProfile::read_only(); + let parent_turn_environments = params.parent_turn.environments.to_selections(); + let parent_turn_legacy_fallback_cwd = params + .parent_turn + .environments + .primary() + .map(|environment| environment.cwd.clone()) + .unwrap_or_else(|| params.parent_turn.config.cwd.clone()); let submit_result = run_before_review_deadline( deadline, params.external_cancel.as_ref(), Box::pin(review_session.codex.submit(Op::UserInput { items: prompt_items.items, - environments: None, final_output_json_schema: Some(params.schema.clone()), responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - #[allow(deprecated)] - cwd: Some(params.parent_turn.cwd.to_path_buf()), + environments: Some(codex_protocol::protocol::TurnEnvironmentSelections::new( + parent_turn_legacy_fallback_cwd, + parent_turn_environments, + )), approval_policy: Some(AskForApproval::Never), sandbox_policy: None, permission_profile: Some(guardian_permission_profile), @@ -741,7 +768,7 @@ async fn run_review_on_session( mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: params.model.clone(), - reasoning_effort: params.reasoning_effort, + reasoning_effort: params.reasoning_effort.clone(), developer_instructions: None, }, }), @@ -754,7 +781,10 @@ async fn run_review_on_session( Ok(Ok(child_turn_id)) => child_turn_id, Ok(Err(err)) => { return ( - GuardianReviewSessionOutcome::SessionFailed(err.into()), + GuardianReviewSessionOutcome::SessionFailed { + error: err.into(), + error_info: None, + }, false, analytics_result, ); @@ -815,7 +845,7 @@ async fn wait_for_guardian_review( ) -> (GuardianReviewSessionOutcome, bool, bool) { let timeout = tokio::time::sleep_until(deadline); tokio::pin!(timeout); - let mut last_error_message: Option = None; + let mut last_error: Option = None; loop { tokio::select! { @@ -852,10 +882,13 @@ async fn wait_for_guardian_review( .time_to_first_token_ms .and_then(|ms| u64::try_from(ms).ok()); if turn_complete.last_agent_message.is_none() - && let Some(error_message) = last_error_message + && let Some(error) = last_error { return ( - GuardianReviewSessionOutcome::Completed(Err(anyhow!(error_message))), + GuardianReviewSessionOutcome::SessionFailed { + error: anyhow!(error.message), + error_info: error.codex_error_info, + }, true, true, ); @@ -867,7 +900,7 @@ async fn wait_for_guardian_review( ); } EventMsg::Error(error) => { - last_error_message = Some(error.message); + last_error = Some(error); } EventMsg::TurnAborted(_) => { return (GuardianReviewSessionOutcome::Aborted, true, false); @@ -910,6 +943,8 @@ pub(crate) fn build_guardian_review_session_config( let mut guardian_config = parent_config.clone(); guardian_config.model = Some(active_model.to_string()); guardian_config.model_reasoning_effort = reasoning_effort; + guardian_config.model_provider.request_max_retries = Some(1); + guardian_config.model_provider.stream_max_retries = Some(1); guardian_config.include_skill_instructions = false; guardian_config.base_instructions = Some( parent_config @@ -1048,8 +1083,10 @@ mod tests { let (tx_event, rx_event) = async_channel::unbounded(); let (_agent_status_tx, agent_status) = tokio::sync::watch::channel(AgentStatus::PendingInit); - let reuse_key = - GuardianReviewSessionReuseKey::from_spawn_config(session.get_config().await.as_ref()); + let reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + session.get_config().await.as_ref(), + session.user_instructions().await, + ); ( GuardianReviewSession { @@ -1106,7 +1143,7 @@ mod tests { async fn test_review_params() -> GuardianReviewSessionParams { let (session, turn) = crate::session::tests::make_session_and_context().await; let model = turn.model_info.slug.clone(); - let reasoning_effort = turn.reasoning_effort; + let reasoning_effort = turn.reasoning_effort.clone(); let reasoning_summary = turn.reasoning_summary; let personality = turn.personality; #[allow(deprecated)] @@ -1115,7 +1152,7 @@ mod tests { turn.config.as_ref(), /*live_network_config*/ None, model.as_str(), - reasoning_effort, + reasoning_effort.clone(), ) .expect("guardian config"); @@ -1138,6 +1175,7 @@ mod tests { reasoning_summary, personality, external_cancel: None, + deadline: tokio::time::Instant::now() + Duration::from_secs(30), } } @@ -1151,8 +1189,10 @@ mod tests { /*reasoning_effort*/ None, ) .expect("cached guardian config"); - let cached_reuse_key = - GuardianReviewSessionReuseKey::from_spawn_config(&cached_spawn_config); + let cached_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + &cached_spawn_config, + /*user_instructions*/ None, + ); let mut changed_parent_config = parent_config; changed_parent_config.model_provider.base_url = @@ -1164,12 +1204,18 @@ mod tests { /*reasoning_effort*/ None, ) .expect("next guardian config"); - let next_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config(&next_spawn_config); + let next_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + &next_spawn_config, + /*user_instructions*/ None, + ); assert_ne!(cached_reuse_key, next_reuse_key); assert_eq!( cached_reuse_key, - GuardianReviewSessionReuseKey::from_spawn_config(&cached_spawn_config) + GuardianReviewSessionReuseKey::from_spawn_config( + &cached_spawn_config, + /*user_instructions*/ None, + ) ); } @@ -1223,8 +1269,10 @@ mod tests { /*reasoning_effort*/ None, ) .expect("cached guardian config"); - let cached_reuse_key = - GuardianReviewSessionReuseKey::from_spawn_config(&cached_spawn_config); + let cached_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + &cached_spawn_config, + /*user_instructions*/ None, + ); let mut changed_parent_config = parent_config; changed_parent_config.model_auto_compact_token_limit_scope = @@ -1236,7 +1284,10 @@ mod tests { /*reasoning_effort*/ None, ) .expect("next guardian config"); - let next_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config(&next_spawn_config); + let next_reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + &next_spawn_config, + /*user_instructions*/ None, + ); assert_ne!(cached_reuse_key, next_reuse_key); } @@ -1463,6 +1514,31 @@ mod tests { assert!(keep_review_session); } + #[tokio::test] + async fn run_review_removes_trunk_when_event_stream_is_broken() { + let (mut review_session, tx_event, _rx_sub) = test_review_session().await; + let params = test_review_params().await; + review_session.reuse_key = GuardianReviewSessionReuseKey::from_spawn_config( + ¶ms.spawn_config, + params.parent_session.user_instructions().await, + ); + let manager = GuardianReviewSessionManager { + state: Arc::new(Mutex::new(GuardianReviewSessionState { + trunk: Some(Arc::new(review_session)), + ephemeral_reviews: Vec::new(), + })), + }; + drop(tx_event); + + let (outcome, _) = manager.run_review(params).await; + + assert!(matches!( + outcome, + GuardianReviewSessionOutcome::Completed(Err(_)) + )); + assert!(manager.state.lock().await.trunk.is_none()); + } + #[tokio::test] async fn wait_for_guardian_review_ignores_prior_turn_completion() { let (review_session, tx_event, _rx_sub) = test_review_session().await; @@ -1535,6 +1611,47 @@ mod tests { assert!(capture_token_usage); } + #[tokio::test] + async fn wait_for_guardian_review_preserves_structured_session_error() { + let (review_session, tx_event, _rx_sub) = test_review_session().await; + tx_event + .send(Event { + id: "current-turn".to_string(), + msg: EventMsg::Error(ErrorEvent { + message: "temporary failure".to_string(), + codex_error_info: Some(CodexErrorInfo::ServerOverloaded), + }), + }) + .await + .expect("queue guardian error"); + tx_event + .send(turn_complete_event( + "current-turn", + /*last_agent_message*/ None, + Some(42), + )) + .await + .expect("queue current turn completion"); + + let mut analytics_result = GuardianReviewAnalyticsResult::without_session(); + let (outcome, keep_review_session, capture_token_usage) = wait_for_guardian_review( + &review_session, + "current-turn", + tokio::time::Instant::now() + Duration::from_secs(1), + /*external_cancel*/ None, + &mut analytics_result, + ) + .await; + + let GuardianReviewSessionOutcome::SessionFailed { error, error_info } = outcome else { + panic!("expected structured session failure"); + }; + assert_eq!(error.to_string(), "temporary failure"); + assert_eq!(error_info, Some(CodexErrorInfo::ServerOverloaded)); + assert!(keep_review_session); + assert!(capture_token_usage); + } + #[tokio::test] async fn wait_for_guardian_review_ignores_prior_turn_aborts() { let (review_session, tx_event, _rx_sub) = test_review_session().await; diff --git a/codex-rs/core/src/guardian/tests.rs b/codex-rs/core/src/guardian/tests.rs index ffadd801ca6..1698ea0c682 100644 --- a/codex-rs/core/src/guardian/tests.rs +++ b/codex-rs/core/src/guardian/tests.rs @@ -55,10 +55,11 @@ use core_test_support::context_snapshot::ContextSnapshotOptions; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_response_created; -use core_test_support::responses::mount_response_once; +use core_test_support::responses::mount_response_sequence; use core_test_support::responses::mount_sse_once; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; +use core_test_support::responses::sse_failed; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::streaming_sse::StreamingSseChunk; @@ -172,6 +173,50 @@ async fn guardian_test_session_and_turn( guardian_test_session_and_turn_with_base_url(server.uri().as_str()).await } +async fn guardian_test_session_turn_and_rx( + server: &wiremock::MockServer, +) -> ( + Arc, + Arc, + async_channel::Receiver, +) { + let (mut session, mut turn, rx) = + crate::session::tests::make_session_and_context_with_rx().await; + Arc::get_mut(&mut session) + .expect("session should be uniquely owned") + .thread_id = fixed_guardian_parent_session_id(); + let mut config = (*turn.config).clone(); + config.model_provider.base_url = Some(format!("{}/v1", server.uri())); + let config = Arc::new(config); + let models_manager = test_support::models_manager_with_provider( + config.codex_home.to_path_buf(), + Arc::clone(&session.services.auth_manager), + config.model_provider.clone(), + ); + Arc::get_mut(&mut session) + .expect("session should be uniquely owned") + .services + .models_manager = models_manager; + let turn_mut = Arc::get_mut(&mut turn).expect("turn should be uniquely owned"); + turn_mut.config = Arc::clone(&config); + turn_mut.provider = + create_model_provider(config.model_provider.clone(), turn_mut.auth_manager.clone()); + turn_mut.user_instructions = None; + + (session, turn, rx) +} + +fn guardian_shell_request(id: &str) -> GuardianApprovalRequest { + GuardianApprovalRequest::Shell { + id: id.to_string(), + command: vec!["git".to_string(), "push".to_string()], + cwd: test_path_buf("/repo/codex-rs/core").abs(), + sandbox_permissions: crate::sandboxing::SandboxPermissions::UseDefault, + additional_permissions: None, + justification: Some("Need to push the reviewed docs fix.".to_string()), + } +} + async fn guardian_test_session_and_turn_with_base_url( base_url: &str, ) -> (Arc, Arc) { @@ -179,7 +224,6 @@ async fn guardian_test_session_and_turn_with_base_url( session.thread_id = fixed_guardian_parent_session_id(); let mut config = (*turn.config).clone(); config.model_provider.base_url = Some(format!("{base_url}/v1")); - config.user_instructions = None; let config = Arc::new(config); let models_manager = test_support::models_manager_with_provider( config.codex_home.to_path_buf(), @@ -1343,6 +1387,7 @@ async fn guardian_request_model_for_auto_review_override( Some("Sandbox denied outbound git push to github.com.".to_string()), guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; let (GuardianReviewOutcome::Completed(_), _) = outcome else { @@ -1454,6 +1499,7 @@ async fn guardian_review_request_layout_matches_model_visible_request_snapshot() Some("Sandbox denied outbound git push to github.com.".to_string()), guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; let (GuardianReviewOutcome::Completed(assessment), metadata) = outcome else { @@ -1632,6 +1678,7 @@ async fn guardian_reuses_prompt_cache_key_and_appends_prior_reviews() -> anyhow: Some("First retry reason".to_string()), guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; session @@ -1676,6 +1723,7 @@ async fn guardian_reuses_prompt_cache_key_and_appends_prior_reviews() -> anyhow: Some("Second retry reason".to_string()), guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; session @@ -1716,6 +1764,7 @@ async fn guardian_reuses_prompt_cache_key_and_appends_prior_reviews() -> anyhow: Some("Third retry reason".to_string()), guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; @@ -1907,6 +1956,7 @@ async fn guardian_reused_trunk_ignores_stale_prior_turn_completion() -> anyhow:: /*retry_reason*/ None, guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; let (GuardianReviewOutcome::Completed(first_assessment), first_metadata) = first_outcome else { @@ -1949,6 +1999,7 @@ async fn guardian_reused_trunk_ignores_stale_prior_turn_completion() -> anyhow:: /*retry_reason*/ None, guardian_output_schema(), /*external_cancel*/ None, + /*max_attempts*/ 1, ) .await; let (GuardianReviewOutcome::Completed(second_assessment), second_metadata) = second_outcome @@ -1978,15 +2029,17 @@ async fn guardian_review_surfaces_responses_api_errors_in_rejection_reason() -> let server = start_mock_server().await; let error_message = "Item 'rs_test' of type 'reasoning' was provided without its required following item."; - let _request_log = mount_response_once( + let request_log = mount_response_sequence( &server, - wiremock::ResponseTemplate::new(400).set_body_json(serde_json::json!({ - "error": { - "message": error_message, - "type": "invalid_request_error", - "param": "input" - } - })), + vec![ + wiremock::ResponseTemplate::new(400).set_body_json(serde_json::json!({ + "error": { + "message": error_message, + "type": "invalid_request_error", + "param": "input" + } + })), + ], ) .await; @@ -1994,7 +2047,6 @@ async fn guardian_review_surfaces_responses_api_errors_in_rejection_reason() -> crate::session::tests::make_session_and_context_with_rx().await; let mut config = (*turn.config).clone(); config.model_provider.base_url = Some(format!("{}/v1", server.uri())); - config.user_instructions = None; let config = Arc::new(config); let models_manager = test_support::models_manager_with_provider( config.codex_home.to_path_buf(), @@ -2030,6 +2082,7 @@ async fn guardian_review_surfaces_responses_api_errors_in_rejection_reason() -> .await; assert_eq!(decision, ReviewDecision::Denied); + assert_eq!(request_log.requests().len(), 1); let mut warnings = Vec::new(); let mut denial_rationales = Vec::new(); @@ -2080,13 +2133,255 @@ async fn guardian_review_surfaces_responses_api_errors_in_rejection_reason() -> Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn guardian_review_retries_transient_session_failure_then_approves() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let approval = serde_json::json!({ + "risk_level": "low", + "user_authorization": "high", + "outcome": "allow", + "rationale": "retry succeeded", + }) + .to_string(); + let request_log = mount_sse_sequence( + &server, + vec![ + sse_failed( + "resp-session-failure", + "server_is_overloaded", + "temporary reviewer overload", + ), + sse(vec![ + ev_response_created("resp-approved"), + ev_assistant_message("msg-approved", &approval), + ev_completed("resp-approved"), + ]), + ], + ) + .await; + let (session, turn) = guardian_test_session_and_turn(&server).await; + seed_guardian_parent_history(&session, &turn).await; + + let (outcome, metadata) = run_guardian_review_session_for_test( + Arc::clone(&session), + Arc::clone(&turn), + guardian_shell_request("shell-session-retry"), + /*retry_reason*/ None, + guardian_output_schema(), + /*external_cancel*/ None, + /*max_attempts*/ 3, + ) + .await; + + let GuardianReviewOutcome::Completed(assessment) = outcome else { + panic!("expected guardian assessment"); + }; + assert_eq!(assessment.outcome, GuardianAssessmentOutcome::Allow); + assert_eq!(assessment.rationale, "retry succeeded"); + assert_eq!(metadata.attempt_count, 2); + assert!(matches!( + metadata.guardian_session_kind, + Some(codex_analytics::GuardianReviewSessionKind::TrunkReused) + )); + assert_eq!(request_log.requests().len(), 2); + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn guardian_review_does_not_retry_missing_assessment_payload() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let request_log = mount_sse_sequence( + &server, + vec![sse(vec![ + ev_response_created("resp-missing-assessment"), + ev_completed("resp-missing-assessment"), + ])], + ) + .await; + let (session, turn) = guardian_test_session_and_turn(&server).await; + seed_guardian_parent_history(&session, &turn).await; + + let decision = review_approval_request( + &session, + &turn, + "review-missing-assessment".to_string(), + guardian_shell_request("shell-missing-assessment"), + /*retry_reason*/ None, + ) + .await; + + assert_eq!(decision, ReviewDecision::Denied); + assert_eq!(request_log.requests().len(), 1); + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn guardian_review_retries_two_parse_failures_then_approves() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let approval = serde_json::json!({ + "risk_level": "low", + "user_authorization": "high", + "outcome": "allow", + "rationale": "retry succeeded", + }) + .to_string(); + let request_log = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-parse-failure-1"), + ev_assistant_message("msg-parse-failure-1", "not valid guardian json"), + ev_completed("resp-parse-failure-1"), + ]), + sse(vec![ + ev_response_created("resp-parse-failure-2"), + ev_assistant_message("msg-parse-failure-2", "still not valid guardian json"), + ev_completed("resp-parse-failure-2"), + ]), + sse(vec![ + ev_response_created("resp-approved"), + ev_assistant_message("msg-approved", &approval), + ev_completed("resp-approved"), + ]), + ], + ) + .await; + let (session, turn) = guardian_test_session_and_turn(&server).await; + seed_guardian_parent_history(&session, &turn).await; + + let (outcome, metadata) = run_guardian_review_session_for_test( + Arc::clone(&session), + Arc::clone(&turn), + guardian_shell_request("shell-parse-retry"), + /*retry_reason*/ None, + guardian_output_schema(), + /*external_cancel*/ None, + /*max_attempts*/ 3, + ) + .await; + + let GuardianReviewOutcome::Completed(assessment) = outcome else { + panic!("expected guardian assessment"); + }; + assert_eq!(assessment.outcome, GuardianAssessmentOutcome::Allow); + assert_eq!(assessment.rationale, "retry succeeded"); + assert_eq!(metadata.attempt_count, 3); + assert!(matches!( + metadata.guardian_session_kind, + Some(codex_analytics::GuardianReviewSessionKind::TrunkReused) + )); + assert_eq!(request_log.requests().len(), 3); + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn guardian_review_exhausts_three_failures_with_one_terminal_event() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let request_log = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-parse-failure-1"), + ev_assistant_message("msg-parse-failure-1", "invalid one"), + ev_completed("resp-parse-failure-1"), + ]), + sse(vec![ + ev_response_created("resp-parse-failure-2"), + ev_assistant_message("msg-parse-failure-2", "invalid two"), + ev_completed("resp-parse-failure-2"), + ]), + sse(vec![ + ev_response_created("resp-parse-failure-3"), + ev_assistant_message("msg-parse-failure-3", "invalid three"), + ev_completed("resp-parse-failure-3"), + ]), + ], + ) + .await; + let (session, turn, rx) = guardian_test_session_turn_and_rx(&server).await; + seed_guardian_parent_history(&session, &turn).await; + + let decision = review_approval_request( + &session, + &turn, + "review-exhausted-retry".to_string(), + guardian_shell_request("shell-exhausted-retry"), + /*retry_reason*/ None, + ) + .await; + + assert_eq!(decision, ReviewDecision::Denied); + assert_eq!(request_log.requests().len(), 3); + let mut statuses = Vec::new(); + while let Ok(event) = rx.try_recv() { + if let EventMsg::GuardianAssessment(event) = event.msg { + statuses.push(event.status); + } + } + assert_eq!( + statuses, + vec![ + GuardianAssessmentStatus::InProgress, + GuardianAssessmentStatus::Denied, + ] + ); + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn guardian_review_does_not_retry_valid_denial() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let denial = serde_json::json!({ + "risk_level": "high", + "user_authorization": "unknown", + "outcome": "deny", + "rationale": "unsafe", + }) + .to_string(); + let request_log = mount_sse_sequence( + &server, + vec![sse(vec![ + ev_response_created("resp-denied"), + ev_assistant_message("msg-denied", &denial), + ev_completed("resp-denied"), + ])], + ) + .await; + let (session, turn) = guardian_test_session_and_turn(&server).await; + seed_guardian_parent_history(&session, &turn).await; + + let decision = review_approval_request( + &session, + &turn, + "review-valid-denial".to_string(), + guardian_shell_request("shell-valid-denial"), + /*retry_reason*/ None, + ) + .await; + + assert_eq!(decision, ReviewDecision::Denied); + assert_eq!(request_log.requests().len(), 1); + Ok(()) +} + #[tokio::test] -async fn guardian_parallel_reviews_fork_from_last_committed_trunk_history() -> anyhow::Result<()> { +async fn guardian_ephemeral_retry_preserves_parallel_trunk_and_fork_history() -> anyhow::Result<()> +{ const TEST_STACK_SIZE_BYTES: usize = 4 * 1024 * 1024; let handle = std::thread::Builder::new() - .name("guardian_parallel_reviews_fork_from_last_committed_trunk_history".to_string()) + .name("guardian_ephemeral_retry_preserves_parallel_trunk_and_fork_history".to_string()) .stack_size(TEST_STACK_SIZE_BYTES) .spawn(|| -> anyhow::Result<()> { let runtime = tokio::runtime::Builder::new_current_thread() @@ -2141,10 +2436,18 @@ async fn guardian_parallel_reviews_fork_from_last_committed_trunk_history() -> a gate: None, body: sse(vec![ ev_response_created("resp-guardian-3"), - ev_assistant_message("msg-guardian-3", &third_assessment), + ev_assistant_message("msg-guardian-3", "not valid guardian json"), ev_completed("resp-guardian-3"), ]), }], + vec![StreamingSseChunk { + gate: None, + body: sse(vec![ + ev_response_created("resp-guardian-4"), + ev_assistant_message("msg-guardian-4", &third_assessment), + ev_completed("resp-guardian-4"), + ]), + }], ]) .await; @@ -2271,20 +2574,28 @@ async fn guardian_parallel_reviews_fork_from_last_committed_trunk_history() -> a .await; assert_eq!(third_decision, ReviewDecision::Approved); let requests = server.requests().await; - assert_eq!(requests.len(), 3); + assert_eq!(requests.len(), 4); let second_request_body = serde_json::from_slice::(&requests[1])?; - let third_request_body = serde_json::from_slice::(&requests[2])?; + let failed_ephemeral_request_body = + serde_json::from_slice::(&requests[2])?; + let retried_ephemeral_request_body = + serde_json::from_slice::(&requests[3])?; assert_eq!( second_request_body["prompt_cache_key"], - third_request_body["prompt_cache_key"], + failed_ephemeral_request_body["prompt_cache_key"], "forked guardian review should reuse the trunk guardian prompt cache key" ); - let third_request_body_text = third_request_body.to_string(); + assert_eq!( + failed_ephemeral_request_body["prompt_cache_key"], + retried_ephemeral_request_body["prompt_cache_key"], + "retried ephemeral review should preserve the guardian prompt cache key" + ); + let third_request_body_text = retried_ephemeral_request_body.to_string(); assert!( third_request_body_text.contains("first guardian rationale"), "forked guardian review should include the last committed trunk assessment" ); - let third_user_message = last_user_message_text_from_body(&third_request_body); + let third_user_message = last_user_message_text_from_body(&retried_ephemeral_request_body); assert!(third_user_message.contains(">>> TRANSCRIPT DELTA START\n")); assert!( third_user_message.contains("[5] user: Please inspect pending changes before pushing.") @@ -2315,7 +2626,7 @@ async fn guardian_parallel_reviews_fork_from_last_committed_trunk_history() -> a match handle.join() { Ok(result) => result, Err(_) => Err(anyhow::anyhow!( - "guardian_parallel_reviews_fork_from_last_committed_trunk_history thread panicked" + "guardian_ephemeral_retry_preserves_parallel_trunk_and_fork_history thread panicked" )), } } @@ -2541,6 +2852,10 @@ async fn guardian_review_session_config_keeps_bedrock_provider_for_bedrock_gpt_5 ) .expect("guardian config"); + let mut expected_model_provider = + ModelProviderInfo::create_amazon_bedrock_provider(/*aws*/ None); + expected_model_provider.request_max_retries = Some(1); + expected_model_provider.stream_max_retries = Some(1); assert_eq!( ( guardian_config.model, @@ -2550,7 +2865,7 @@ async fn guardian_review_session_config_keeps_bedrock_provider_for_bedrock_gpt_5 ( Some(AMAZON_BEDROCK_GPT_5_4_MODEL_ID.to_string()), AMAZON_BEDROCK_PROVIDER_ID.to_string(), - ModelProviderInfo::create_amazon_bedrock_provider(/*aws*/ None), + expected_model_provider, ) ); } diff --git a/codex-rs/core/src/hook_runtime.rs b/codex-rs/core/src/hook_runtime.rs index 6e2d4fe33c7..1097f7bc788 100644 --- a/codex-rs/core/src/hook_runtime.rs +++ b/codex-rs/core/src/hook_runtime.rs @@ -36,6 +36,7 @@ use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::SubAgentSource; use codex_thread_store::ReadThreadParams; use serde_json::Value; +use tracing::instrument; use crate::context::ContextualUserFragment; use crate::context::HookAdditionalContext; @@ -97,6 +98,7 @@ impl From for ContextInjectingHookOutcome { } } +#[instrument(level = "trace", skip_all)] pub(crate) async fn run_pending_session_start_hooks( sess: &Arc, turn_context: &Arc, @@ -291,6 +293,7 @@ pub(crate) async fn run_post_tool_use_hooks( outcome } +#[instrument(level = "trace", skip_all)] pub(crate) async fn run_turn_stop_hooks( sess: &Arc, turn_context: &Arc, @@ -382,9 +385,7 @@ pub(crate) async fn run_pre_compact_hooks( let outcome = sess.hooks().run_pre_compact(request).await; emit_hook_completed_events(sess, turn_context, outcome.hook_events).await; if outcome.should_stop { - PreCompactHookOutcome::Stopped { - reason: outcome.stop_reason, - } + PreCompactHookOutcome::Stopped } else { PreCompactHookOutcome::Continue } @@ -392,7 +393,7 @@ pub(crate) async fn run_pre_compact_hooks( pub(crate) enum PreCompactHookOutcome { Continue, - Stopped { reason: Option }, + Stopped, } pub(crate) enum PostCompactHookOutcome { @@ -427,6 +428,7 @@ pub(crate) async fn run_post_compact_hooks( } } +#[instrument(level = "trace", skip_all)] pub(crate) async fn run_legacy_after_agent_hook( sess: &Arc, turn_context: &Arc, diff --git a/codex-rs/core/src/image_preparation.rs b/codex-rs/core/src/image_preparation.rs new file mode 100644 index 00000000000..d992adb8093 --- /dev/null +++ b/codex-rs/core/src/image_preparation.rs @@ -0,0 +1,122 @@ +use codex_protocol::models::ContentItem; +use codex_protocol::models::FunctionCallOutputContentItem; +use codex_protocol::models::ImageDetail; +use codex_protocol::models::ResponseItem; +use codex_utils_image::ImageProcessingError; +use codex_utils_image::PromptImageMode; +use codex_utils_image::PromptImageResizeLimits; +use codex_utils_image::load_data_url_for_prompt; +use tracing::warn; + +pub(crate) const IMAGE_PROCESSING_ERROR_PLACEHOLDER: &str = + "image content omitted because it could not be processed"; +const IMAGE_TOO_LARGE_PLACEHOLDER: &str = + "image content omitted because it exceeded the supported size limit; use a smaller image"; +const UNSUPPORTED_LOW_DETAIL_PLACEHOLDER: &str = "image content omitted because detail 'low' is not supported; use 'high', 'original', or 'auto'"; + +const HIGH_DETAIL_LIMITS: PromptImageResizeLimits = PromptImageResizeLimits { + max_dimension: 2048, + max_patches: 2_500, +}; +const ORIGINAL_DETAIL_LIMITS: PromptImageResizeLimits = PromptImageResizeLimits { + max_dimension: 6000, + max_patches: 10_000, +}; +#[derive(Debug, thiserror::Error)] +enum ImagePreparationError { + #[error("image detail `low` is not supported")] + UnsupportedLowDetail, + #[error(transparent)] + Processing(#[from] ImageProcessingError), +} + +impl ImagePreparationError { + fn placeholder(&self) -> &'static str { + match self { + ImagePreparationError::UnsupportedLowDetail => UNSUPPORTED_LOW_DETAIL_PLACEHOLDER, + ImagePreparationError::Processing(ImageProcessingError::ImageTooLarge { .. }) => { + IMAGE_TOO_LARGE_PLACEHOLDER + } + ImagePreparationError::Processing(_) => IMAGE_PROCESSING_ERROR_PLACEHOLDER, + } + } +} + +pub(crate) fn prepare_response_items(items: &mut [ResponseItem]) { + for item in items { + match item { + ResponseItem::Message { content, .. } => prepare_message_content(content), + ResponseItem::FunctionCallOutput { output, .. } + | ResponseItem::CustomToolCallOutput { output, .. } => { + if let Some(content) = output.content_items_mut() { + prepare_tool_output_content(content); + } + } + ResponseItem::Reasoning { .. } + | ResponseItem::AgentMessage { .. } + | ResponseItem::LocalShellCall { .. } + | ResponseItem::FunctionCall { .. } + | ResponseItem::ToolSearchCall { .. } + | ResponseItem::CustomToolCall { .. } + | ResponseItem::ToolSearchOutput { .. } + | ResponseItem::WebSearchCall { .. } + | ResponseItem::ImageGenerationCall { .. } + | ResponseItem::Compaction { .. } + | ResponseItem::CompactionTrigger + | ResponseItem::ContextCompaction { .. } + | ResponseItem::Other => {} + } + } +} + +fn prepare_message_content(items: &mut [ContentItem]) { + for item in items { + if let ContentItem::InputImage { image_url, detail } = item + && is_data_url(image_url) + && let Err(error) = prepare_image(image_url, *detail) + { + warn!(%error, "failed to prepare message image"); + *item = ContentItem::InputText { + text: error.placeholder().to_string(), + }; + } + } +} + +fn prepare_tool_output_content(items: &mut [FunctionCallOutputContentItem]) { + for item in items { + if let FunctionCallOutputContentItem::InputImage { image_url, detail } = item + && is_data_url(image_url) + && let Err(error) = prepare_image(image_url, *detail) + { + warn!(%error, "failed to prepare tool output image"); + *item = FunctionCallOutputContentItem::InputText { + text: error.placeholder().to_string(), + }; + } + } +} + +fn is_data_url(image_url: &str) -> bool { + image_url + .get(.."data:".len()) + .is_some_and(|prefix| prefix.eq_ignore_ascii_case("data:")) +} + +fn prepare_image( + image_url: &mut String, + detail: Option, +) -> Result<(), ImagePreparationError> { + let limits = match detail { + None | Some(ImageDetail::Auto | ImageDetail::High) => HIGH_DETAIL_LIMITS, + Some(ImageDetail::Original) => ORIGINAL_DETAIL_LIMITS, + Some(ImageDetail::Low) => return Err(ImagePreparationError::UnsupportedLowDetail), + }; + let image = load_data_url_for_prompt(image_url, PromptImageMode::ResizeWithLimits(limits))?; + *image_url = image.into_data_url(); + Ok(()) +} + +#[cfg(test)] +#[path = "image_preparation_tests.rs"] +mod tests; diff --git a/codex-rs/core/src/image_preparation_tests.rs b/codex-rs/core/src/image_preparation_tests.rs new file mode 100644 index 00000000000..1d54973cc24 --- /dev/null +++ b/codex-rs/core/src/image_preparation_tests.rs @@ -0,0 +1,193 @@ +use std::io::Cursor; + +use base64::Engine; +use base64::engine::general_purpose::STANDARD as BASE64_STANDARD; +use codex_protocol::models::FunctionCallOutputBody; +use codex_protocol::models::FunctionCallOutputPayload; +use codex_utils_image::data_url_from_bytes; +use image::DynamicImage; +use image::GenericImageView; +use image::ImageBuffer; +use image::ImageFormat; +use image::Rgba; +use pretty_assertions::assert_eq; + +use super::*; + +fn png_data_url(width: u32, height: u32) -> (String, Vec) { + let image = ImageBuffer::from_pixel(width, height, Rgba([10u8, 20, 30, 255])); + let mut encoded = Cursor::new(Vec::new()); + DynamicImage::ImageRgba8(image) + .write_to(&mut encoded, ImageFormat::Png) + .expect("encode PNG"); + let bytes = encoded.into_inner(); + (data_url_from_bytes("image/png", &bytes), bytes) +} + +fn decoded_image(image_url: &str) -> (Vec, DynamicImage) { + let (_, payload) = image_url.split_once(',').expect("data URL payload"); + let bytes = BASE64_STANDARD.decode(payload).expect("decode image URL"); + let image = image::load_from_memory(&bytes).expect("decode processed image"); + (bytes, image) +} + +#[test] +fn preparation_preserves_small_image_bytes_and_non_data_urls() { + let (data_url, original_bytes) = png_data_url(/*width*/ 64, /*height*/ 32); + let http_url = "https://example.com/image.png".to_string(); + let mut items = vec![ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ + ContentItem::InputImage { + image_url: data_url, + detail: Some(ImageDetail::High), + }, + ContentItem::InputImage { + image_url: http_url.clone(), + detail: Some(ImageDetail::Low), + }, + ], + phase: None, + }]; + + prepare_response_items(&mut items); + + let ResponseItem::Message { content, .. } = &items[0] else { + panic!("expected message"); + }; + let [ + ContentItem::InputImage { image_url, .. }, + ContentItem::InputImage { + image_url: preserved_http_url, + detail: Some(ImageDetail::Low), + }, + ] = content.as_slice() + else { + panic!("expected two images"); + }; + assert_eq!(decoded_image(image_url).0, original_bytes); + assert_eq!(preserved_http_url, &http_url); +} + +#[test] +fn detail_policies_apply_the_expected_budgets() { + for (detail, input_dimensions, expected_dimensions) in [ + (Some(ImageDetail::High), (2048, 2048), (1600, 1600)), + (Some(ImageDetail::Original), (6401, 100), (6000, 94)), + (Some(ImageDetail::Original), (3201, 3201), (3200, 3200)), + (Some(ImageDetail::Auto), (2048, 2048), (1600, 1600)), + (None, (2048, 2048), (1600, 1600)), + ] { + let (image_url, _) = png_data_url(input_dimensions.0, input_dimensions.1); + let mut items = vec![ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ContentItem::InputImage { image_url, detail }], + phase: None, + }]; + + prepare_response_items(&mut items); + + let ResponseItem::Message { content, .. } = &items[0] else { + panic!("expected message"); + }; + let [ContentItem::InputImage { image_url, .. }] = content.as_slice() else { + panic!("expected image"); + }; + assert_eq!(decoded_image(image_url).1.dimensions(), expected_dimensions); + } +} + +#[test] +fn preparation_replaces_only_failed_tool_images_and_preserves_metadata() { + let (valid_image_url, _) = png_data_url(/*width*/ 64, /*height*/ 32); + let expected_valid_image_url = valid_image_url.clone(); + let mut items = vec![ResponseItem::CustomToolCallOutput { + call_id: "call-1".to_string(), + name: None, + output: FunctionCallOutputPayload { + body: FunctionCallOutputBody::ContentItems(vec![ + FunctionCallOutputContentItem::InputText { + text: "before".to_string(), + }, + FunctionCallOutputContentItem::InputImage { + image_url: "data:image/png;base64,%%%".to_string(), + detail: Some(ImageDetail::High), + }, + FunctionCallOutputContentItem::InputImage { + image_url: data_url_from_bytes("image/png", b"not an image"), + detail: Some(ImageDetail::High), + }, + FunctionCallOutputContentItem::InputImage { + image_url: valid_image_url.clone(), + detail: Some(ImageDetail::Low), + }, + FunctionCallOutputContentItem::InputImage { + image_url: valid_image_url, + detail: Some(ImageDetail::High), + }, + ]), + success: Some(true), + }, + }]; + + prepare_response_items(&mut items); + + assert_eq!( + items, + vec![ResponseItem::CustomToolCallOutput { + call_id: "call-1".to_string(), + name: None, + output: FunctionCallOutputPayload { + body: FunctionCallOutputBody::ContentItems(vec![ + FunctionCallOutputContentItem::InputText { + text: "before".to_string(), + }, + FunctionCallOutputContentItem::InputText { + text: IMAGE_PROCESSING_ERROR_PLACEHOLDER.to_string(), + }, + FunctionCallOutputContentItem::InputText { + text: IMAGE_PROCESSING_ERROR_PLACEHOLDER.to_string(), + }, + FunctionCallOutputContentItem::InputText { + text: UNSUPPORTED_LOW_DETAIL_PLACEHOLDER.to_string(), + }, + FunctionCallOutputContentItem::InputImage { + image_url: expected_valid_image_url, + detail: Some(ImageDetail::High), + }, + ]), + success: Some(true), + }, + }] + ); +} + +#[test] +fn preparation_errors_use_bounded_actionable_placeholders() { + let cases = [ + ( + ImagePreparationError::UnsupportedLowDetail, + UNSUPPORTED_LOW_DETAIL_PLACEHOLDER, + ), + ( + ImagePreparationError::Processing(ImageProcessingError::ImageTooLarge { + representation: "decoded input", + size: 2, + max: 1, + }), + IMAGE_TOO_LARGE_PLACEHOLDER, + ), + ( + ImagePreparationError::Processing(ImageProcessingError::InvalidDataUrl { + reason: "details remain in logs".to_string(), + }), + IMAGE_PROCESSING_ERROR_PLACEHOLDER, + ), + ]; + + for (error, expected) in cases { + assert_eq!(error.placeholder(), expected); + } +} diff --git a/codex-rs/core/src/installation_id.rs b/codex-rs/core/src/installation_id.rs index a42e6b6d835..a87c660f613 100644 --- a/codex-rs/core/src/installation_id.rs +++ b/codex-rs/core/src/installation_id.rs @@ -11,6 +11,9 @@ use std::os::unix::fs::OpenOptionsExt; use std::os::unix::fs::PermissionsExt; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_file_lock::FileLockOutcome; +use codex_utils_file_lock::acquire_sibling_lock_dir; +use codex_utils_file_lock::lock_exclusive_optional; use tokio::fs; use uuid::Uuid; @@ -29,7 +32,10 @@ pub async fn resolve_installation_id(codex_home: &AbsolutePathBuf) -> Result None, + FileLockOutcome::Unsupported => Some(acquire_sibling_lock_dir(&path)?), + }; #[cfg(unix)] { diff --git a/codex-rs/core/src/lib.rs b/codex-rs/core/src/lib.rs index d3031ad2227..073c06cedeb 100644 --- a/codex-rs/core/src/lib.rs +++ b/codex-rs/core/src/lib.rs @@ -12,13 +12,17 @@ mod client_common; mod realtime_context; mod realtime_conversation; mod realtime_prompt; +mod responses_metadata; mod responses_retry; pub(crate) mod session; +pub use responses_metadata::CodexResponsesMetadata; pub use session::SteerInputError; +pub use turn_metadata::detached_memory_responses_metadata; mod codex_thread; mod compact_remote; mod compact_remote_v2; mod config_lock; +pub use codex_thread::BackgroundTerminalInfo; pub use codex_thread::CodexThread; pub use codex_thread::CodexThreadSettingsOverrides; pub use codex_thread::ThreadConfigSnapshot; @@ -39,11 +43,9 @@ pub mod exec_env; mod exec_policy; #[cfg(test)] mod git_info_tests; -mod goals; -pub use goals::ExternalGoalPreviousStatus; -pub use goals::ExternalGoalSet; mod guardian; mod hook_runtime; +mod image_preparation; mod installation_id; pub(crate) mod landlock; pub use landlock::spawn_command_under_linux_sandbox; @@ -83,7 +85,6 @@ mod sandbox_tags; pub mod sandboxing; mod session_prefix; mod session_startup_prewarm; -mod shell_detect; pub mod skills; pub(crate) use skills::SkillInjections; pub(crate) use skills::SkillLoadOutcome; @@ -99,6 +100,7 @@ pub(crate) use skills::manager; pub(crate) use skills::maybe_emit_implicit_skill_invocation; pub(crate) use skills::skills_load_input_from_config; mod stream_events_utils; +pub use stream_events_utils::image_generation_artifact_path; pub mod test_support; mod unified_exec; pub mod windows_sandbox; @@ -127,9 +129,9 @@ pub type NewConversation = NewThread; #[deprecated(note = "use CodexThread")] pub type CodexConversation = CodexThread; pub(crate) mod agents_md; -pub use agents_md::AgentsMdManager; pub use agents_md::DEFAULT_AGENTS_MD_FILENAME; pub use agents_md::LOCAL_AGENTS_MD_FILENAME; +pub use agents_md::LoadedAgentsMd; mod rollout; pub(crate) mod safety; mod session_rollout_init_error; @@ -191,7 +193,6 @@ pub use exec_policy::check_execpolicy_for_warnings; pub use exec_policy::format_exec_policy_error_with_source; pub use exec_policy::load_exec_policy; pub use installation_id::resolve_installation_id; -pub use turn_metadata::build_turn_metadata_header; pub mod compact; mod memory_usage; pub mod otel_init; diff --git a/codex-rs/core/src/mcp.rs b/codex-rs/core/src/mcp.rs index 91ebce4ad86..5af247b6900 100644 --- a/codex-rs/core/src/mcp.rs +++ b/codex-rs/core/src/mcp.rs @@ -4,39 +4,117 @@ use std::sync::Arc; use crate::config::Config; use codex_config::McpServerConfig; use codex_core_plugins::PluginsManager; +use codex_extension_api::ExtensionRegistry; +use codex_extension_api::McpServerContribution; use codex_login::CodexAuth; +use codex_mcp::CODEX_APPS_MCP_SERVER_NAME; use codex_mcp::EffectiveMcpServer; -use codex_mcp::ToolPluginProvenance; +use codex_mcp::McpConfig; +use codex_mcp::McpServerRegistration; +use codex_mcp::codex_apps_mcp_server_config; use codex_mcp::configured_mcp_servers; use codex_mcp::effective_mcp_servers; -use codex_mcp::tool_plugin_provenance as collect_tool_plugin_provenance; + +const LEGACY_CODEX_APPS_REGISTRATION_ID: &str = "legacy_codex_apps"; #[derive(Clone)] pub struct McpManager { plugins_manager: Arc, + extensions: Arc>, } impl McpManager { pub fn new(plugins_manager: Arc) -> Self { - Self { plugins_manager } + Self { + plugins_manager, + extensions: codex_extension_api::empty_extension_registry(), + } + } + + /// Creates a manager that resolves host-installed MCP contributions. + pub fn new_with_extensions( + plugins_manager: Arc, + extensions: Arc>, + ) -> Self { + Self { + plugins_manager, + extensions, + } } + /// Returns the MCP config after applying compatibility built-ins and + /// runtime-only extension overlays. + pub async fn runtime_config(&self, config: &Config) -> McpConfig { + let mut mcp_config = config.to_mcp_config(self.plugins_manager.as_ref()).await; + let mut catalog = mcp_config.mcp_server_catalog.to_builder(); + if mcp_config.apps_enabled { + catalog.register(McpServerRegistration::from_compatibility( + CODEX_APPS_MCP_SERVER_NAME.to_string(), + LEGACY_CODEX_APPS_REGISTRATION_ID, + codex_apps_mcp_server_config( + &mcp_config.chatgpt_base_url, + mcp_config.apps_mcp_product_sku.as_deref(), + ), + )); + } else { + catalog.remove_compatibility( + CODEX_APPS_MCP_SERVER_NAME.to_string(), + LEGACY_CODEX_APPS_REGISTRATION_ID, + ); + } + + let mut contribution_order = 0; + for contributor in self.extensions.mcp_server_contributors() { + for contribution in contributor.contribute(config).await { + match contribution { + McpServerContribution::Set { + name, + config: server_config, + } => catalog.register(McpServerRegistration::from_extension( + name, + contributor.id(), + contribution_order, + *server_config, + )), + McpServerContribution::Remove { name } => { + catalog.remove_extension(name, contributor.id(), contribution_order) + } + } + contribution_order += 1; + } + } + let catalog = catalog.build(); + for conflict in catalog.conflicts() { + tracing::warn!( + server = conflict.name, + outcome = ?conflict.outcome, + contenders = ?conflict.contenders, + "conflicting MCP server actions; using resolved catalog outcome" + ); + } + mcp_config.mcp_server_catalog = catalog; + mcp_config + } + + /// Returns config- and plugin-backed servers without runtime contributions. pub async fn configured_servers(&self, config: &Config) -> HashMap { let mcp_config = config.to_mcp_config(self.plugins_manager.as_ref()).await; configured_mcp_servers(&mcp_config) } + /// Returns configured and host-contributed servers before auth gating. + pub async fn runtime_servers(&self, config: &Config) -> HashMap { + let mcp_config = self.runtime_config(config).await; + configured_mcp_servers(&mcp_config) + } + + /// Returns runtime servers after auth gating and compatibility built-ins. pub async fn effective_servers( &self, config: &Config, auth: Option<&CodexAuth>, ) -> HashMap { - let mcp_config = config.to_mcp_config(self.plugins_manager.as_ref()).await; + let mcp_config = self.runtime_config(config).await; effective_mcp_servers(&mcp_config, auth) } - - pub async fn tool_plugin_provenance(&self, config: &Config) -> ToolPluginProvenance { - let mcp_config = config.to_mcp_config(self.plugins_manager.as_ref()).await; - collect_tool_plugin_provenance(&mcp_config) - } } diff --git a/codex-rs/core/src/mcp_skill_dependencies.rs b/codex-rs/core/src/mcp_skill_dependencies.rs index 936f1b5fb5c..304deb500dd 100644 --- a/codex-rs/core/src/mcp_skill_dependencies.rs +++ b/codex-rs/core/src/mcp_skill_dependencies.rs @@ -56,7 +56,7 @@ pub(crate) async fn maybe_prompt_and_install_mcp_dependencies( let installed = sess .services .mcp_manager - .configured_servers(config.as_ref()) + .runtime_servers(config.as_ref()) .await; let missing = collect_missing_mcp_dependencies(mentioned_skills, &installed); if missing.is_empty() { @@ -98,7 +98,7 @@ pub(crate) async fn maybe_install_mcp_dependencies( } let codex_home = config.codex_home.clone(); - let installed = sess.services.mcp_manager.configured_servers(config).await; + let installed = sess.services.mcp_manager.runtime_servers(config).await; let missing = collect_missing_mcp_dependencies(mentioned_skills, &installed); if missing.is_empty() { return; @@ -190,16 +190,22 @@ pub(crate) async fn maybe_install_mcp_dependencies( } } - // Refresh from the config-backed merged MCP map (global + repo + managed) - // and overlay the updated global servers so we don't drop repo-scoped - // servers. Runtime additions such as built-ins are rebuilt by the refresh - // path from the current config. - let mut refresh_servers = sess.services.mcp_manager.configured_servers(config).await; + let mut refresh_config = config.clone(); + let mut configured_servers = config.mcp_servers.get().clone(); for (name, server_config) in &servers { - refresh_servers + configured_servers .entry(name.clone()) .or_insert_with(|| server_config.clone()); } + if let Err(err) = refresh_config.mcp_servers.set(configured_servers) { + warn!("failed to refresh MCP dependencies for mentioned skills: {err}"); + return; + } + let refresh_servers = sess + .services + .mcp_manager + .runtime_servers(&refresh_config) + .await; sess.refresh_mcp_servers_now( turn_context, refresh_servers, diff --git a/codex-rs/core/src/mcp_tool_call.rs b/codex-rs/core/src/mcp_tool_call.rs index b9a8d4ff083..e5273a66692 100644 --- a/codex-rs/core/src/mcp_tool_call.rs +++ b/codex-rs/core/src/mcp_tool_call.rs @@ -319,8 +319,7 @@ async fn handle_approved_mcp_tool_call( let server_origin = sess .services .mcp_connection_manager - .read() - .await + .load_full() .server_origin(&server) .map(str::to_string); @@ -606,8 +605,7 @@ async fn maybe_request_codex_apps_auth_elicitation( if !sess .services .mcp_connection_manager - .read() - .await + .load_full() .is_host_owned_codex_apps_server(server) { return result; @@ -669,13 +667,9 @@ async fn maybe_request_codex_apps_auth_elicitation( auth_elicitation_completed_result(&plan.auth_failure, result.meta) } -#[expect( - clippy::await_holding_invalid_type, - reason = "Codex Apps cache refresh reads through the session-owned manager guard" -)] async fn refresh_codex_apps_after_connector_auth(sess: &Session, turn_context: &TurnContext) { let mcp_tools_result = { - let manager = sess.services.mcp_connection_manager.read().await; + let manager = sess.services.mcp_connection_manager.load_full(); manager.hard_refresh_codex_apps_tools_cache().await }; @@ -694,10 +688,6 @@ async fn refresh_codex_apps_after_connector_auth(sess: &Session, turn_context: & } } -#[expect( - clippy::await_holding_invalid_type, - reason = "MCP sandbox metadata reads through the session-owned manager guard" -)] async fn augment_mcp_tool_request_meta_with_sandbox_state( sess: &Session, turn_context: &TurnContext, @@ -707,8 +697,7 @@ async fn augment_mcp_tool_request_meta_with_sandbox_state( let supports_sandbox_state_meta = sess .services .mcp_connection_manager - .read() - .await + .load_full() .server_supports_sandbox_state_meta_capability(server) .await .unwrap_or(false); @@ -757,8 +746,7 @@ async fn maybe_mark_thread_memory_mode_polluted( let pollutes_memory = sess .services .mcp_connection_manager - .read() - .await + .load_full() .server_pollutes_memory(server); if !pollutes_memory { return; @@ -1414,17 +1402,13 @@ async fn mcp_tool_approval_decision_from_guardian( } } -#[expect( - clippy::await_holding_invalid_type, - reason = "MCP approval metadata reads through the session-owned manager guard" -)] pub(crate) async fn lookup_mcp_tool_metadata( sess: &Session, turn_context: &TurnContext, server: &str, tool_name: &str, ) -> Option { - let manager = sess.services.mcp_connection_manager.read().await; + let manager = sess.services.mcp_connection_manager.load_full(); let plugin_id = manager .plugin_id_for_mcp_server_name(server) .map(str::to_string); @@ -1509,10 +1493,6 @@ fn get_mcp_app_resource_uri( }) } -#[expect( - clippy::await_holding_invalid_type, - reason = "MCP app metadata reads through the session-owned manager guard" -)] async fn lookup_mcp_app_usage_metadata( sess: &Session, server: &str, @@ -1521,8 +1501,7 @@ async fn lookup_mcp_app_usage_metadata( let tools = sess .services .mcp_connection_manager - .read() - .await + .load_full() .list_all_tools() .await; diff --git a/codex-rs/core/src/mcp_tool_call_tests.rs b/codex-rs/core/src/mcp_tool_call_tests.rs index bd71c3a0546..723948b7bec 100644 --- a/codex-rs/core/src/mcp_tool_call_tests.rs +++ b/codex-rs/core/src/mcp_tool_call_tests.rs @@ -46,6 +46,7 @@ use std::path::Path; use std::path::PathBuf; use std::sync::Arc; use tempfile::tempdir; +use tokio_util::sync::CancellationToken; use tracing::Instrument; use tracing::Level; use tracing_subscriber::fmt::format::FmtSpan; @@ -1256,13 +1257,14 @@ fn codex_apps_auth_failure_metadata() -> McpToolApprovalMetadata { async fn install_host_owned_codex_apps_manager(session: &Session, turn_context: &TurnContext) { let auth = session.services.auth_manager.auth().await; - let (manager, _cancel_token) = codex_mcp::McpConnectionManager::new( + let manager = codex_mcp::McpConnectionManager::new( &HashMap::new(), turn_context.config.mcp_oauth_credentials_store_mode, HashMap::new(), &turn_context.approval_policy, turn_context.sub_id.clone(), session.get_tx_event(), + CancellationToken::new(), turn_context.permission_profile(), codex_mcp::McpRuntimeContext::new(Arc::clone(&session.services.environment_manager), { #[allow(deprecated)] @@ -1278,7 +1280,10 @@ async fn install_host_owned_codex_apps_manager(session: &Session, turn_context: /*elicitation_reviewer*/ None, ) .await; - *session.services.mcp_connection_manager.write().await = manager; + session + .services + .mcp_connection_manager + .store(Arc::new(manager)); } #[tokio::test] diff --git a/codex-rs/core/src/mcp_tool_exposure.rs b/codex-rs/core/src/mcp_tool_exposure.rs index 5dc66af7340..d430851570f 100644 --- a/codex-rs/core/src/mcp_tool_exposure.rs +++ b/codex-rs/core/src/mcp_tool_exposure.rs @@ -4,6 +4,7 @@ use codex_features::Feature; use codex_mcp::CODEX_APPS_MCP_SERVER_NAME; use codex_mcp::ToolInfo as McpToolInfo; use codex_mcp::tool_is_model_visible; +use tracing::instrument; use crate::config::Config; use crate::connectors; @@ -15,6 +16,7 @@ pub(crate) struct McpToolExposure { pub(crate) deferred_tools: Option>, } +#[instrument(level = "trace", skip_all)] pub(crate) fn build_mcp_tool_exposure( all_mcp_tools: &[McpToolInfo], connectors: Option<&[connectors::AppInfo]>, diff --git a/codex-rs/core/src/network_proxy_loader.rs b/codex-rs/core/src/network_proxy_loader.rs index b91eaa26ca3..e0ffe99259c 100644 --- a/codex-rs/core/src/network_proxy_loader.rs +++ b/codex-rs/core/src/network_proxy_loader.rs @@ -7,7 +7,6 @@ use crate::exec_policy::format_exec_policy_error_with_source; use crate::exec_policy::load_exec_policy; use anyhow::Context; use anyhow::Result; -use async_trait::async_trait; use codex_app_server_protocol::ConfigLayerSource; use codex_config::CONFIG_TOML_FILE; use codex_config::ConfigLayerStack; @@ -23,6 +22,7 @@ use codex_config::permissions_toml::PermissionsToml; use codex_config::permissions_toml::overlay_network_domain_permissions; use codex_exec_server::LOCAL_FS; use codex_network_proxy::ConfigReloader; +use codex_network_proxy::ConfigReloaderFuture; use codex_network_proxy::ConfigState; use codex_network_proxy::NetworkMode; use codex_network_proxy::NetworkProxyConfig; @@ -361,13 +361,6 @@ impl MtimeConfigReloader { } }) } -} - -#[async_trait] -impl ConfigReloader for MtimeConfigReloader { - fn source_label(&self) -> String { - "config layers".to_string() - } async fn maybe_reload(&self) -> Result> { if !self.needs_reload().await { @@ -388,6 +381,20 @@ impl ConfigReloader for MtimeConfigReloader { } } +impl ConfigReloader for MtimeConfigReloader { + fn source_label(&self) -> String { + "config layers".to_string() + } + + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(MtimeConfigReloader::maybe_reload(self)) + } + + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(MtimeConfigReloader::reload_now(self)) + } +} + #[cfg(test)] #[path = "network_proxy_loader_tests.rs"] mod tests; diff --git a/codex-rs/core/src/plugins/discoverable.rs b/codex-rs/core/src/plugins/discoverable.rs index 8ddec7056e7..fc77ae21e61 100644 --- a/codex-rs/core/src/plugins/discoverable.rs +++ b/codex-rs/core/src/plugins/discoverable.rs @@ -41,6 +41,7 @@ pub(crate) async fn list_tool_suggest_discoverable_plugins( .into_iter() .map(|plugin| DiscoverablePluginInfo { id: plugin.id, + remote_plugin_id: plugin.remote_plugin_id, name: plugin.name, description: plugin.description, has_skills: plugin.has_skills, diff --git a/codex-rs/core/src/plugins/discoverable_tests.rs b/codex-rs/core/src/plugins/discoverable_tests.rs index 992bf93f458..a6da04e77cb 100644 --- a/codex-rs/core/src/plugins/discoverable_tests.rs +++ b/codex-rs/core/src/plugins/discoverable_tests.rs @@ -7,7 +7,7 @@ use crate::plugins::test_support::write_plugins_feature_config; use codex_core_plugins::OPENAI_BUNDLED_MARKETPLACE_NAME; use codex_core_plugins::PluginInstallRequest; use codex_core_plugins::PluginsManager; -use codex_core_plugins::remote::RemotePluginScope; +use codex_core_plugins::remote::REMOTE_GLOBAL_MARKETPLACE_NAME; use codex_core_plugins::remote::RemotePluginServiceConfig; use codex_core_plugins::remote::fetch_and_cache_global_remote_plugin_catalog; use codex_core_plugins::startup_sync::curated_plugins_repo_path; @@ -362,7 +362,7 @@ remote_plugin = true .build_and_cache_remote_installed_plugin_marketplaces( &config.plugins_config_input(), Some(&auth), - &[RemotePluginScope::Global], + &[REMOTE_GLOBAL_MARKETPLACE_NAME], /*on_effective_plugins_changed*/ None, ) .await @@ -393,6 +393,7 @@ remote_plugin = true remote_plugins, vec![DiscoverablePluginInfo { id: "github@openai-curated-remote".to_string(), + remote_plugin_id: Some("plugins~Plugin_remote_github".to_string()), name: "Remote GitHub".to_string(), description: Some("Remote GitHub short".to_string()), has_skills: true, @@ -680,6 +681,7 @@ async fn list_tool_suggest_discoverable_plugins_normalizes_description() { discoverable_plugins, vec![DiscoverablePluginInfo { id: "slack@openai-curated".to_string(), + remote_plugin_id: None, name: "slack".to_string(), description: Some("Plugin with extra spacing".to_string()), has_skills: true, @@ -816,6 +818,7 @@ discoverables = [{ type = "plugin", id = "sample@openai-curated" }] discoverable_plugins, vec![DiscoverablePluginInfo { id: "sample@openai-curated".to_string(), + remote_plugin_id: None, name: "sample".to_string(), description: Some( "Plugin that includes skills, MCP servers, and app connectors".to_string(), diff --git a/codex-rs/core/src/prompt_debug.rs b/codex-rs/core/src/prompt_debug.rs index f6bf7d0022a..74fe19f38eb 100644 --- a/codex-rs/core/src/prompt_debug.rs +++ b/codex-rs/core/src/prompt_debug.rs @@ -2,10 +2,10 @@ use std::sync::Arc; use codex_exec_server::EnvironmentManager; use codex_exec_server::ExecServerRuntimePaths; +use codex_extension_api::UserInstructionsProvider; use codex_login::AuthManager; use codex_protocol::error::CodexErr; use codex_protocol::error::Result as CodexResult; -use codex_protocol::models::ResponseInputItem; use codex_protocol::models::ResponseItem; use codex_protocol::protocol::SessionSource; use codex_protocol::user_input::UserInput; @@ -27,6 +27,7 @@ pub async fn build_prompt_input( mut config: Config, input: Vec, state_db: Option, + user_instructions_provider: Arc, ) -> CodexResult> { config.ephemeral = true; @@ -53,6 +54,7 @@ pub async fn build_prompt_input( .map_err(|err| CodexErr::Fatal(err.to_string()))?, ), empty_extension_registry(), + user_instructions_provider, /*analytics_events_client*/ None, thread_store, state_db.clone(), @@ -78,8 +80,7 @@ pub(crate) async fn build_prompt_input_from_session( .await; if !input.is_empty() { - let input_item = ResponseInputItem::from(input); - let response_item = ResponseItem::from(input_item); + let response_item = sess.response_item_from_user_input(turn_context.as_ref(), input); sess.record_conversation_items(turn_context.as_ref(), std::slice::from_ref(&response_item)) .await; } diff --git a/codex-rs/core/src/realtime_context_tests.rs b/codex-rs/core/src/realtime_context_tests.rs index 8e74599897c..8c3aa8d97e5 100644 --- a/codex-rs/core/src/realtime_context_tests.rs +++ b/codex-rs/core/src/realtime_context_tests.rs @@ -30,6 +30,7 @@ use tempfile::TempDir; fn stored_thread(cwd: &str, title: &str, first_user_message: &str) -> StoredThread { StoredThread { thread_id: ThreadId::new(), + extra_config: None, rollout_path: Some(PathBuf::from("/tmp/rollout.jsonl")), forked_from_id: None, parent_thread_id: None, diff --git a/codex-rs/core/src/realtime_conversation.rs b/codex-rs/core/src/realtime_conversation.rs index 9f35fb2fa45..33568f6f38f 100644 --- a/codex-rs/core/src/realtime_conversation.rs +++ b/codex-rs/core/src/realtime_conversation.rs @@ -1,5 +1,6 @@ use crate::client::ModelClient; use crate::realtime_context::build_realtime_startup_context; +use crate::realtime_context::truncate_realtime_text_to_token_budget; use crate::realtime_prompt::prepare_realtime_backend_prompt; use crate::session::session::Session; use anyhow::Context; @@ -64,6 +65,8 @@ const USER_TEXT_IN_QUEUE_CAPACITY: usize = 64; const HANDOFF_OUT_QUEUE_CAPACITY: usize = 64; const OUTPUT_EVENTS_QUEUE_CAPACITY: usize = 256; const REALTIME_STARTUP_CONTEXT_TOKEN_BUDGET: usize = 5_300; +const REALTIME_ASSISTANT_OUTPUT_TOKEN_BUDGET: usize = 1_000; +const STANDALONE_HANDOFF_ID: &str = "codex"; const DEFAULT_REALTIME_MODEL: &str = "gpt-realtime-1.5"; pub(crate) const REALTIME_USER_TEXT_PREFIX: &str = "[USER] "; pub(crate) const REALTIME_BACKEND_TEXT_PREFIX: &str = "[BACKEND] "; @@ -106,6 +109,9 @@ struct RealtimeHandoffState { #[derive(Debug, PartialEq, Eq)] enum HandoffOutput { + StandaloneAssistantOutput { + output_text: String, + }, ProgressUpdate { handoff_id: String, output_text: String, @@ -460,22 +466,38 @@ impl RealtimeConversationManager { state.handoff.clone() }; - let Some(handoff_id) = handoff.active_handoff.lock().await.clone() else { - return Ok(()); + let active_handoff = handoff.active_handoff.lock().await.clone(); + let output = match active_handoff { + Some(handoff_id) => { + let output_text = prefix_realtime_text( + output_text, + REALTIME_BACKEND_TEXT_PREFIX, + handoff.session_kind, + ); + *handoff.last_output_text.lock().await = Some(output_text.clone()); + HandoffOutput::ProgressUpdate { + handoff_id, + output_text, + } + } + None if output_text.trim().is_empty() => return Ok(()), + None => { + let output_text = prefix_realtime_text( + output_text, + REALTIME_BACKEND_TEXT_PREFIX, + handoff.session_kind, + ); + HandoffOutput::StandaloneAssistantOutput { + output_text: truncate_realtime_text_to_token_budget( + &output_text, + REALTIME_ASSISTANT_OUTPUT_TOKEN_BUDGET, + ), + } + } }; - - let output_text = prefix_realtime_text( - output_text, - REALTIME_BACKEND_TEXT_PREFIX, - handoff.session_kind, - ); - *handoff.last_output_text.lock().await = Some(output_text.clone()); handoff .output_tx - .send(HandoffOutput::ProgressUpdate { - handoff_id, - output_text, - }) + .send(output) .await .map_err(|_| CodexErr::InvalidRequest("conversation is not running".to_string()))?; Ok(()) @@ -511,14 +533,6 @@ impl RealtimeConversationManager { .map_err(|_| CodexErr::InvalidRequest("conversation is not running".to_string())) } - pub(crate) async fn active_handoff_id(&self) -> Option { - let handoff = { - let guard = self.state.lock().await; - guard.as_ref().map(|state| state.handoff.clone()) - }?; - handoff.active_handoff.lock().await.clone() - } - pub(crate) async fn clear_active_handoff(&self) { let handoff = { let guard = self.state.lock().await; @@ -625,12 +639,14 @@ async fn prepare_realtime_start( if let Some(realtime_ws_base_url) = &config.experimental_realtime_ws_base_url { api_provider.base_url = realtime_ws_base_url.clone(); } - let version = config.realtime.version; + let version = params.version.unwrap_or(config.realtime.version); let session_config = build_realtime_session_config( sess, + params.model, params.prompt, params.realtime_session_id, params.output_modality, + version, params.voice, ) .await?; @@ -664,9 +680,11 @@ async fn prepare_realtime_start( pub(crate) async fn build_realtime_session_config( sess: &Arc, + model: Option, prompt: Option>, realtime_session_id: Option, output_modality: RealtimeOutputModality, + version: RealtimeWsVersion, voice: Option, ) -> CodexResult { let config = sess.get_config().await; @@ -689,18 +707,15 @@ pub(crate) async fn build_realtime_session_config( (false, false) => format!("{prompt}\n\n{startup_context}"), }; let model = Some( - config - .experimental_realtime_ws_model - .clone() + model + .or_else(|| config.experimental_realtime_ws_model.clone()) .unwrap_or_else(|| DEFAULT_REALTIME_MODEL.to_string()), ); - let event_parser = match config.realtime.version { + let event_parser = match version { RealtimeWsVersion::V1 => RealtimeEventParser::V1, RealtimeWsVersion::V2 => RealtimeEventParser::RealtimeV2, }; - if config.realtime.version == RealtimeWsVersion::V1 - && matches!(output_modality, RealtimeOutputModality::Text) - { + if version == RealtimeWsVersion::V1 && matches!(output_modality, RealtimeOutputModality::Text) { return Err(CodexErr::InvalidRequest( "text realtime output modality requires realtime v2".to_string(), )); @@ -711,8 +726,8 @@ pub(crate) async fn build_realtime_session_config( }; let voice = voice .or(config.realtime.voice) - .unwrap_or_else(|| default_realtime_voice(config.realtime.version)); - validate_realtime_voice(config.realtime.version, voice)?; + .unwrap_or_else(|| default_realtime_voice(version)); + validate_realtime_voice(version, voice)?; Ok(RealtimeSessionConfig { instructions: prompt, model, @@ -739,10 +754,6 @@ fn prefix_realtime_text(text: String, prefix: &str, session_kind: RealtimeSessio format!("{prefix}{text}") } -pub(crate) fn prefix_realtime_v2_text(text: String, prefix: &str) -> String { - prefix_realtime_text(text, prefix, RealtimeSessionKind::V2) -} - fn validate_realtime_voice(version: RealtimeWsVersion, voice: RealtimeVoice) -> CodexResult<()> { let voices = RealtimeVoicesList::builtin(); let allowed = match version { @@ -1191,6 +1202,15 @@ async fn handle_handoff_output( let result = match event_parser { RealtimeEventParser::V1 => match handoff_output { + HandoffOutput::StandaloneAssistantOutput { output_text } => { + // TODO(guinness): Use the new client event for standalone handoffs once the API changes are complete. + writer + .send_conversation_handoff_append( + STANDALONE_HANDOFF_ID.to_string(), + output_text, + ) + .await + } HandoffOutput::ProgressUpdate { handoff_id, output_text, @@ -1205,6 +1225,15 @@ async fn handle_handoff_output( } }, RealtimeEventParser::RealtimeV2 => match handoff_output { + HandoffOutput::StandaloneAssistantOutput { output_text } => { + if let Err(err) = writer.send_conversation_item_create(output_text).await { + Err(err) + } else { + return response_create_queue + .request_create(writer, events_tx, "standalone assistant output") + .await; + } + } HandoffOutput::ProgressUpdate { handoff_id, output_text, diff --git a/codex-rs/core/src/responses_metadata.rs b/codex-rs/core/src/responses_metadata.rs new file mode 100644 index 00000000000..6e86ed8eb3f --- /dev/null +++ b/codex-rs/core/src/responses_metadata.rs @@ -0,0 +1,366 @@ +use std::collections::BTreeMap; +use std::collections::HashMap; + +use codex_analytics::CompactionImplementation; +use codex_analytics::CompactionPhase; +use codex_analytics::CompactionReason; +use codex_analytics::CompactionStrategy; +use codex_analytics::CompactionTrigger; +use codex_protocol::ThreadId; +use codex_protocol::protocol::InternalSessionSource; +use codex_protocol::protocol::SessionSource; +use codex_protocol::protocol::SubAgentSource; +use codex_utils_string::to_ascii_json_string; +use http::HeaderMap as ApiHeaderMap; +use http::HeaderValue; +use serde::Serialize; +use serde_json::Value; + +use crate::client::X_CODEX_INSTALLATION_ID_HEADER; +use crate::client::X_CODEX_PARENT_THREAD_ID_HEADER; +use crate::client::X_CODEX_TURN_METADATA_HEADER; +use crate::client::X_CODEX_WINDOW_ID_HEADER; +use crate::client::X_OPENAI_SUBAGENT_HEADER; + +pub(crate) const INSTALLATION_ID_KEY: &str = "installation_id"; +pub(crate) const SESSION_ID_KEY: &str = "session_id"; +pub(crate) const THREAD_ID_KEY: &str = "thread_id"; +pub(crate) const TURN_ID_KEY: &str = "turn_id"; +pub(crate) const WINDOW_ID_KEY: &str = "window_id"; +pub(crate) const REQUEST_KIND_KEY: &str = "request_kind"; +pub(crate) const COMPACTION_KEY: &str = "compaction"; +pub(crate) const TURN_STARTED_AT_UNIX_MS_KEY: &str = "turn_started_at_unix_ms"; + +pub(crate) const FORKED_FROM_THREAD_ID_KEY: &str = "forked_from_thread_id"; +pub(crate) const PARENT_THREAD_ID_KEY: &str = "parent_thread_id"; +pub(crate) const SUBAGENT_KIND_KEY: &str = "subagent_kind"; +pub(crate) const SANDBOX_KEY: &str = "sandbox"; +pub(crate) const WORKSPACES_KEY: &str = "workspaces"; + +// App-server clients can specify additional metadata in the `responsesapi_client_metadata` param +// when submitting a turn, but they must not override fields owned by core. +const RESERVED_METADATA_KEYS: &[&str] = &[ + INSTALLATION_ID_KEY, + X_CODEX_INSTALLATION_ID_HEADER, + SESSION_ID_KEY, + THREAD_ID_KEY, + TURN_ID_KEY, + WINDOW_ID_KEY, + X_CODEX_WINDOW_ID_HEADER, + X_CODEX_TURN_METADATA_HEADER, + X_CODEX_PARENT_THREAD_ID_HEADER, + X_OPENAI_SUBAGENT_HEADER, + REQUEST_KIND_KEY, + COMPACTION_KEY, + TURN_STARTED_AT_UNIX_MS_KEY, + FORKED_FROM_THREAD_ID_KEY, + PARENT_THREAD_ID_KEY, + SUBAGENT_KIND_KEY, + SANDBOX_KEY, + WORKSPACES_KEY, +]; + +/// Metadata attached to model requests whose purpose is conversation compaction. +/// +/// This covers both local compaction requests sent through the normal `/responses` path and remote +/// compaction requests sent through `/responses/compact`. These fields describe the operation at +/// dispatch time. Post-response outcomes such as status, error, duration, and token deltas remain +/// in compaction analytics events. +#[derive(Clone, Copy, Debug, Serialize)] +pub(crate) struct CompactionTurnMetadata { + trigger: CompactionTrigger, + reason: CompactionReason, + implementation: CompactionImplementation, + phase: CompactionPhase, + strategy: CompactionStrategy, +} + +impl CompactionTurnMetadata { + pub(crate) fn new( + trigger: CompactionTrigger, + reason: CompactionReason, + implementation: CompactionImplementation, + phase: CompactionPhase, + ) -> Self { + Self { + trigger, + reason, + implementation, + phase, + strategy: CompactionStrategy::Memento, + } + } +} + +#[derive(Clone, Copy, Debug)] +pub(crate) enum CodexResponsesRequestKind { + Turn, + Prewarm, + Compaction(CompactionTurnMetadata), + Memory, +} + +impl CodexResponsesRequestKind { + fn metadata(self) -> (&'static str, Option) { + match self { + CodexResponsesRequestKind::Turn => ("turn", None), + CodexResponsesRequestKind::Prewarm => ("prewarm", None), + CodexResponsesRequestKind::Compaction(metadata) => ("compaction", Some(metadata)), + CodexResponsesRequestKind::Memory => ("memory", None), + } + } + + fn has_turn_identity(self) -> bool { + !matches!(self, CodexResponsesRequestKind::Memory) + } +} + +#[derive(Clone, Debug, Serialize, Default)] +pub(crate) struct TurnMetadataWorkspace { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub(crate) associated_remote_urls: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub(crate) latest_git_commit_hash: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub(crate) has_changes: Option, +} + +/// Caller-owned snapshot of Codex metadata sent to ResponsesAPI. +/// +/// The full Codex turn metadata blob is transported canonically as +/// `client_metadata["x-codex-turn-metadata"]`. Flat `client_metadata` keys and direct HTTP/ws +/// headers are generated compatibility projections of this snapshot, not separate sources of +/// truth. +#[derive(Clone, Debug)] +pub struct CodexResponsesMetadata { + pub(crate) installation_id: String, + pub(crate) session_id: String, + pub(crate) thread_id: String, + pub(crate) turn_id: Option, + pub(crate) window_id: String, + pub(crate) request_kind: Option, + pub(crate) forked_from_thread_id: Option, + pub(crate) parent_thread_id: Option, + pub(crate) subagent_header: Option, + pub(crate) subagent_kind: Option, + pub(crate) sandbox: Option, + pub(crate) workspaces: BTreeMap, + pub(crate) turn_started_at_unix_ms: Option, + pub(crate) extra: BTreeMap, +} + +impl CodexResponsesMetadata { + pub(crate) fn new( + installation_id: String, + session_id: String, + thread_id: String, + window_id: String, + ) -> Self { + Self { + installation_id, + session_id, + thread_id, + turn_id: None, + window_id, + request_kind: None, + forked_from_thread_id: None, + parent_thread_id: None, + subagent_header: None, + subagent_kind: None, + sandbox: None, + workspaces: BTreeMap::new(), + turn_started_at_unix_ms: None, + extra: BTreeMap::new(), + } + } + + pub(crate) fn has_turn_metadata(&self) -> bool { + self.request_kind.is_some() + } + + pub(crate) fn turn_metadata_json(&self) -> Option { + to_ascii_json_string(&self.turn_metadata_payload()).ok() + } + + pub(crate) fn turn_metadata_value(&self) -> Option { + serde_json::to_value(self.turn_metadata_payload()).ok() + } + + pub(crate) fn client_metadata(&self) -> HashMap { + let mut client_metadata = HashMap::from([ + ( + X_CODEX_INSTALLATION_ID_HEADER.to_string(), + self.installation_id.clone(), + ), + (SESSION_ID_KEY.to_string(), self.session_id.clone()), + (THREAD_ID_KEY.to_string(), self.thread_id.clone()), + (X_CODEX_WINDOW_ID_HEADER.to_string(), self.window_id.clone()), + ]); + if let Some(turn_id) = &self.turn_id { + client_metadata.insert(TURN_ID_KEY.to_string(), turn_id.clone()); + } + if let Some(subagent_header) = &self.subagent_header { + client_metadata.insert( + X_OPENAI_SUBAGENT_HEADER.to_string(), + subagent_header.clone(), + ); + } + if let Some(parent_thread_id) = self.parent_thread_id { + client_metadata.insert( + X_CODEX_PARENT_THREAD_ID_HEADER.to_string(), + parent_thread_id.to_string(), + ); + } + if self.has_turn_metadata() + && let Some(turn_metadata_json) = self.turn_metadata_json() + { + client_metadata.insert(X_CODEX_TURN_METADATA_HEADER.to_string(), turn_metadata_json); + } + client_metadata + } + + pub(crate) fn compatibility_headers(&self) -> ApiHeaderMap { + let mut headers = ApiHeaderMap::new(); + insert_header(&mut headers, X_CODEX_WINDOW_ID_HEADER, &self.window_id); + // Direct x-codex-turn-metadata is compatibility output. New per-request consumers should + // prefer client_metadata["x-codex-turn-metadata"], which is rendered from this same object. + if self.has_turn_metadata() + && let Some(turn_metadata_json) = self.turn_metadata_json() + { + insert_header( + &mut headers, + X_CODEX_TURN_METADATA_HEADER, + &turn_metadata_json, + ); + } + if let Some(parent_thread_id) = self.parent_thread_id { + insert_header( + &mut headers, + X_CODEX_PARENT_THREAD_ID_HEADER, + &parent_thread_id.to_string(), + ); + } + if let Some(subagent_header) = &self.subagent_header { + insert_header(&mut headers, X_OPENAI_SUBAGENT_HEADER, subagent_header); + } + headers + } + + fn turn_metadata_payload(&self) -> CodexTurnMetadataPayload<'_> { + let request_kind = self.request_kind; + let (request_kind_value, compaction) = request_kind.map_or((None, None), |request_kind| { + let (request_kind, compaction) = request_kind.metadata(); + (Some(request_kind), compaction) + }); + let has_turn_identity = + request_kind.is_none_or(CodexResponsesRequestKind::has_turn_identity); + let has_request_identity = + request_kind.is_some_and(CodexResponsesRequestKind::has_turn_identity); + CodexTurnMetadataPayload { + installation_id: has_request_identity.then_some(self.installation_id.as_str()), + session_id: has_turn_identity.then_some(self.session_id.as_str()), + thread_id: has_turn_identity.then_some(self.thread_id.as_str()), + turn_id: has_turn_identity + .then_some(self.turn_id.as_deref()) + .flatten(), + window_id: has_request_identity.then_some(self.window_id.as_str()), + request_kind: request_kind_value, + forked_from_thread_id: self.forked_from_thread_id, + parent_thread_id: self.parent_thread_id, + subagent_kind: self.subagent_kind.as_deref(), + sandbox: self.sandbox.as_deref(), + workspaces: non_empty_workspaces(&self.workspaces), + turn_started_at_unix_ms: self.turn_started_at_unix_ms, + compaction, + // responsesapi_client_metadata enriches the Codex turn metadata blob, not literal + // top-level Responses client_metadata. Reserved Codex-owned keys are filtered when + // these extras enter turn state. + extra: &self.extra, + } + } +} + +pub(crate) fn subagent_header_value(session_source: &SessionSource) -> Option { + match session_source { + SessionSource::SubAgent(subagent_source) => match subagent_source { + SubAgentSource::Review => Some("review".to_string()), + SubAgentSource::Compact => Some("compact".to_string()), + SubAgentSource::MemoryConsolidation => Some("memory_consolidation".to_string()), + SubAgentSource::ThreadSpawn { .. } => Some("collab_spawn".to_string()), + SubAgentSource::Other(label) => Some(label.clone()), + }, + SessionSource::Internal(InternalSessionSource::MemoryConsolidation) => { + Some("memory_consolidation".to_string()) + } + SessionSource::Cli + | SessionSource::VSCode + | SessionSource::Exec + | SessionSource::Mcp + | SessionSource::Custom(_) + | SessionSource::Unknown => None, + } +} + +pub(crate) fn subagent_metadata_kind(session_source: &SessionSource) -> Option { + match session_source { + SessionSource::SubAgent(subagent_source) => Some(subagent_source.kind().to_string()), + SessionSource::Cli + | SessionSource::VSCode + | SessionSource::Exec + | SessionSource::Mcp + | SessionSource::Custom(_) + | SessionSource::Internal(_) + | SessionSource::Unknown => None, + } +} + +fn insert_header(headers: &mut ApiHeaderMap, name: &'static str, value: &str) { + if let Ok(header_value) = HeaderValue::from_str(value) { + headers.insert(name, header_value); + } +} + +pub(crate) fn filter_extra_metadata(extra: HashMap) -> BTreeMap { + extra + .into_iter() + .filter(|(key, _)| !RESERVED_METADATA_KEYS.contains(&key.as_str())) + .collect() +} + +fn non_empty_workspaces( + workspaces: &BTreeMap, +) -> Option<&BTreeMap> { + (!workspaces.is_empty()).then_some(workspaces) +} + +#[derive(Serialize)] +struct CodexTurnMetadataPayload<'a> { + #[serde(default, skip_serializing_if = "Option::is_none")] + installation_id: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + session_id: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + thread_id: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + turn_id: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + window_id: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + request_kind: Option<&'static str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + forked_from_thread_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + parent_thread_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + subagent_kind: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + sandbox: Option<&'a str>, + #[serde(default, skip_serializing_if = "Option::is_none")] + workspaces: Option<&'a BTreeMap>, + #[serde(default, skip_serializing_if = "Option::is_none")] + turn_started_at_unix_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + compaction: Option, + #[serde(flatten)] + extra: &'a BTreeMap, +} diff --git a/codex-rs/core/src/session/config_lock.rs b/codex-rs/core/src/session/config_lock.rs index 85815f8533f..ec2056581c3 100644 --- a/codex-rs/core/src/session/config_lock.rs +++ b/codex-rs/core/src/session/config_lock.rs @@ -2,7 +2,6 @@ use anyhow::Context; use codex_config::config_toml::ConfigLockfileToml; use codex_config::config_toml::ConfigToml; use codex_config::types::MemoriesToml; -use codex_features::AppsMcpPathOverrideConfigToml; use codex_features::Feature; use codex_features::FeatureToml; use codex_features::FeaturesToml; @@ -129,7 +128,7 @@ fn save_config_resolved_fields( ) -> anyhow::Result<()> { lock_config.web_search = Some(config.web_search_mode.value()); lock_config.model_provider = Some(config.model_provider_id.clone()); - lock_config.plan_mode_reasoning_effort = config.plan_mode_reasoning_effort; + lock_config.plan_mode_reasoning_effort = config.plan_mode_reasoning_effort.clone(); lock_config.model_verbosity = config.model_verbosity; lock_config.include_permissions_instructions = Some(config.include_permissions_instructions); lock_config.include_apps_instructions = Some(config.include_apps_instructions); @@ -149,10 +148,6 @@ fn save_config_resolved_fields( resolved_config_to_toml(&config.multi_agent_v2, "features.multi_agent_v2")?; multi_agent_v2.enabled = Some(config.features.enabled(Feature::MultiAgentV2)); features.multi_agent_v2 = Some(FeatureToml::Config(multi_agent_v2)); - features.apps_mcp_path_override = Some(FeatureToml::Config(AppsMcpPathOverrideConfigToml { - enabled: Some(config.features.enabled(Feature::AppsMcpPathOverride)), - path: config.apps_mcp_path_override.clone(), - })); lock_config.memories = Some(resolved_config_to_toml::( &config.memories, "memories", @@ -251,6 +246,14 @@ mod tests { spec.key ); } + assert_eq!( + features.code_mode, + Some(FeatureToml::Enabled( + sc.original_config_do_not_use + .features + .enabled(Feature::CodeMode) + )) + ); let multi_agent_v2 = features .multi_agent_v2 @@ -317,6 +320,32 @@ mod tests { assert!(message.contains("model = "), "{message}"); } + #[tokio::test] + async fn lock_validation_ignores_removed_apps_mcp_path_override() { + let sc = crate::session::tests::make_session_configuration_for_tests().await; + let actual = sc.to_config_lockfile_toml().expect("lock should serialize"); + let mut expected_value = toml::Value::try_from(&actual).expect("lock should become TOML"); + expected_value["config"]["features"] + .as_table_mut() + .expect("features should be a table") + .insert( + "apps_mcp_path_override".to_string(), + toml::Value::Table(toml::Table::from_iter([ + ("enabled".to_string(), toml::Value::Boolean(true)), + ( + "path".to_string(), + toml::Value::String("/custom/mcp".to_string()), + ), + ])), + ); + let expected: ConfigLockfileToml = expected_value + .try_into() + .expect("lock with removed input should deserialize"); + + validate_config_lock_replay(&expected, &actual, ConfigLockReplayOptions::default()) + .expect("removed compatibility input should not cause lock drift"); + } + #[tokio::test] async fn lock_validation_rejects_codex_version_mismatch_by_default() { let sc = crate::session::tests::make_session_configuration_for_tests().await; diff --git a/codex-rs/core/src/session/handlers.rs b/codex-rs/core/src/session/handlers.rs index 7730a30ad77..bfb87a0ff3e 100644 --- a/codex-rs/core/src/session/handlers.rs +++ b/codex-rs/core/src/session/handlers.rs @@ -15,10 +15,6 @@ use crate::session::session::Session; use crate::session::session::SessionSettingsUpdate; use crate::config::Config; -use crate::realtime_context::REALTIME_TURN_TOKEN_BUDGET; -use crate::realtime_context::truncate_realtime_text_to_token_budget; -use crate::realtime_conversation::REALTIME_USER_TEXT_PREFIX; -use crate::realtime_conversation::prefix_realtime_v2_text; use crate::review_prompts::resolve_review_request; use crate::session::spawn_review_thread; use crate::tasks::CompactTask; @@ -54,9 +50,7 @@ use codex_protocol::request_user_input::RequestUserInputResponse; use crate::context_manager::is_user_turn_boundary; use codex_protocol::dynamic_tools::DynamicToolResponse; -use codex_protocol::items::UserMessageItem; use codex_protocol::mcp::RequestId as ProtocolRequestId; -use codex_protocol::user_input::UserInput; use codex_rmcp_client::ElicitationAction; use codex_rmcp_client::ElicitationResponse; use serde_json::Value; @@ -91,14 +85,7 @@ pub async fn user_input_or_turn( op: Op, client_user_message_id: Option, ) { - user_input_or_turn_inner( - sess, - sub_id, - op, - /*mirror_user_text_to_realtime*/ Some(()), - client_user_message_id, - ) - .await; + user_input_or_turn_inner(sess, sub_id, op, client_user_message_id).await; } pub async fn update_thread_settings( @@ -122,7 +109,7 @@ async fn thread_settings_update( thread_settings: ThreadSettingsOverrides, ) -> SessionSettingsUpdate { let ThreadSettingsOverrides { - cwd, + environments, workspace_roots, profile_workspace_roots, approval_policy, @@ -151,7 +138,7 @@ async fn thread_settings_update( } }; SessionSettingsUpdate { - cwd, + environments, workspace_roots, profile_workspace_roots, approval_policy, @@ -173,6 +160,7 @@ async fn thread_settings_applied_event(sess: &Session) -> EventMsg { let state = sess.state.lock().await; state.session_configuration.thread_config_snapshot() }; + let cwd = snapshot.cwd().clone(); EventMsg::ThreadSettingsApplied(ThreadSettingsAppliedEvent { thread_settings: ThreadSettingsSnapshot { model: snapshot.model, @@ -182,7 +170,7 @@ async fn thread_settings_applied_event(sess: &Session) -> EventMsg { approvals_reviewer: snapshot.approvals_reviewer, permission_profile: snapshot.permission_profile, active_permission_profile: snapshot.active_permission_profile, - cwd: snapshot.cwd, + cwd, reasoning_effort: snapshot.reasoning_effort, reasoning_summary: snapshot.reasoning_summary, personality: snapshot.personality, @@ -195,12 +183,10 @@ pub(super) async fn user_input_or_turn_inner( sess: &Arc, sub_id: String, op: Op, - mirror_user_text_to_realtime: Option<()>, client_user_message_id: Option, ) { let Op::UserInput { items, - environments, final_output_json_schema, responsesapi_client_metadata, additional_context, @@ -216,7 +202,6 @@ pub(super) async fn user_input_or_turn_inner( SessionSettingsUpdate::default() }; updates.final_output_json_schema = Some(final_output_json_schema); - updates.environments = environments; let Ok(current_context) = sess.new_turn_with_sub_id(sub_id.clone(), updates).await else { // new_turn_with_sub_id already emits the error event. @@ -231,7 +216,7 @@ pub(super) async fn user_input_or_turn_inner( } sess.maybe_emit_unknown_model_warning_for_turn(current_context.as_ref()) .await; - let accepted_items = match sess + match sess .steer_input( items.clone(), additional_context.clone(), @@ -243,7 +228,6 @@ pub(super) async fn user_input_or_turn_inner( { Ok(_) => { current_context.session_telemetry.user_prompt(&items); - Some(items) } Err(SteerInputError::NoActiveTurn(items)) => { if let Some(responsesapi_client_metadata) = responsesapi_client_metadata { @@ -257,7 +241,6 @@ pub(super) async fn user_input_or_turn_inner( Some(sess.mcp_elicitation_reviewer()), ) .await; - let accepted_items = items.clone(); let additional_context_input = { let mut state = sess.state.lock().await; state.additional_context.merge(additional_context) @@ -279,7 +262,6 @@ pub(super) async fn user_input_or_turn_inner( crate::tasks::RegularTask::new(), ) .await; - Some(accepted_items) } Err(err) => { sess.send_event_raw(Event { @@ -287,33 +269,7 @@ pub(super) async fn user_input_or_turn_inner( msg: EventMsg::Error(err.to_error_event()), }) .await; - None } - }; - if let (Some(items), Some(())) = (accepted_items, mirror_user_text_to_realtime) { - self::mirror_user_text_to_realtime(sess, &items).await; - } -} - -async fn mirror_user_text_to_realtime(sess: &Arc, items: &[UserInput]) { - let text = UserMessageItem::new(items).message(); - if text.is_empty() { - return; - } - let text = if sess.conversation.is_running_v2().await { - prefix_realtime_v2_text(text, REALTIME_USER_TEXT_PREFIX) - } else { - text - }; - let text = truncate_realtime_text_to_token_budget(&text, REALTIME_TURN_TOKEN_BUDGET); - if text.is_empty() { - return; - } - if sess.conversation.running_state().await.is_none() { - return; - } - if let Err(err) = sess.conversation.text_in(text).await { - debug!("failed to mirror user text to realtime conversation: {err}"); } } @@ -624,6 +580,9 @@ pub async fn set_thread_memory_mode(sess: &Arc, sub_id: String, mode: T } async fn shutdown_session_runtime(sess: &Arc) { + if let Some(startup_prewarm) = sess.take_session_startup_prewarm().await { + startup_prewarm.abort().await; + } sess.abort_all_tasks(TurnAbortReason::Interrupted).await; let _ = sess.conversation.shutdown().await; sess.services @@ -633,11 +592,11 @@ async fn shutdown_session_runtime(sess: &Arc) { if let Err(err) = sess.services.code_mode_service.shutdown().await { warn!("failed to shutdown code mode session: {err}"); } - let mcp_shutdown = { - let mut manager = sess.services.mcp_connection_manager.write().await; - manager.begin_shutdown() - }; - mcp_shutdown.await; + sess.services + .mcp_connection_manager + .load_full() + .shutdown() + .await; sess.guardian_review_session.shutdown().await; } diff --git a/codex-rs/core/src/session/mcp.rs b/codex-rs/core/src/session/mcp.rs index cc018343ebe..7f52da219b6 100644 --- a/codex-rs/core/src/session/mcp.rs +++ b/codex-rs/core/src/session/mcp.rs @@ -91,8 +91,7 @@ impl Session { if self .services .mcp_connection_manager - .read() - .await + .load_full() .elicitations_auto_deny() { return McpServerElicitationOutcome { @@ -226,16 +225,11 @@ impl Session { self.services .mcp_connection_manager - .read() - .await + .load_full() .resolve_elicitation(server_name, id, response) .await } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP resource calls are serialized through the session-owned manager guard" - )] pub async fn list_resources( &self, server: &str, @@ -243,16 +237,11 @@ impl Session { ) -> anyhow::Result { self.services .mcp_connection_manager - .read() - .await + .load_full() .list_resources(server, params) .await } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP resource calls are serialized through the session-owned manager guard" - )] pub async fn list_resource_templates( &self, server: &str, @@ -260,16 +249,11 @@ impl Session { ) -> anyhow::Result { self.services .mcp_connection_manager - .read() - .await + .load_full() .list_resource_templates(server, params) .await } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP resource calls are serialized through the session-owned manager guard" - )] pub async fn read_resource( &self, server: &str, @@ -277,16 +261,11 @@ impl Session { ) -> anyhow::Result { self.services .mcp_connection_manager - .read() - .await + .load_full() .read_resource(server, params) .await } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP tool calls are serialized through the session-owned manager guard" - )] pub async fn call_tool( &self, server: &str, @@ -296,8 +275,7 @@ impl Session { ) -> anyhow::Result { self.services .mcp_connection_manager - .read() - .await + .load_full() .call_tool(server, tool, arguments, meta) .await } @@ -311,14 +289,12 @@ impl Session { ) { let auth = self.services.auth_manager.auth().await; let config = self.get_config().await; - let mcp_config = config - .to_mcp_config(self.services.plugins_manager.as_ref()) - .await; - let tool_plugin_provenance = self + let mcp_config = self .services .mcp_manager - .tool_plugin_provenance(config.as_ref()) + .runtime_config(config.as_ref()) .await; + let tool_plugin_provenance = codex_mcp::tool_plugin_provenance(&mcp_config); let mcp_servers = effective_mcp_servers_from_configured(mcp_servers, &mcp_config, auth.as_ref()); let host_owned_codex_apps_enabled = @@ -336,18 +312,21 @@ impl Session { turn_context.cwd.to_path_buf(), ), }; - { + let mcp_startup_cancellation_token = { let mut guard = self.services.mcp_startup_cancellation_token.lock().await; guard.cancel(); - *guard = CancellationToken::new(); - } - let (refreshed_manager, cancel_token) = McpConnectionManager::new( + let cancellation_token = CancellationToken::new(); + *guard = cancellation_token.clone(); + cancellation_token + }; + let refreshed_manager = McpConnectionManager::new( &mcp_servers, store_mode, auth_statuses, &turn_context.approval_policy, turn_context.sub_id.clone(), self.get_tx_event(), + mcp_startup_cancellation_token, turn_context.permission_profile(), mcp_runtime_context, config.codex_home.to_path_buf(), @@ -361,22 +340,12 @@ impl Session { ) .await; { - let current_manager = self.services.mcp_connection_manager.read().await; + let current_manager = self.services.mcp_connection_manager.load_full(); refreshed_manager.set_elicitations_auto_deny(current_manager.elicitations_auto_deny()); } - { - let mut guard = self.services.mcp_startup_cancellation_token.lock().await; - if guard.is_cancelled() { - cancel_token.cancel(); - } - *guard = cancel_token; - } - - let mut old_manager = { - let mut manager = self.services.mcp_connection_manager.write().await; - std::mem::replace(&mut *manager, refreshed_manager) - }; - old_manager.shutdown().await; + self.services + .mcp_connection_manager + .store(Arc::new(refreshed_manager)); } pub(crate) async fn refresh_mcp_servers_if_requested( diff --git a/codex-rs/core/src/session/mod.rs b/codex-rs/core/src/session/mod.rs index 3ea33a6bde3..08c691b9c12 100644 --- a/codex-rs/core/src/session/mod.rs +++ b/codex-rs/core/src/session/mod.rs @@ -1,3 +1,4 @@ +use std::borrow::Cow; use std::collections::BTreeMap; use std::collections::HashMap; use std::collections::HashSet; @@ -13,6 +14,7 @@ use crate::agent::AgentControl; use crate::agent::AgentStatus; use crate::agent::agent_status_from_event; use crate::agent::status::is_final; +use crate::agents_md::LoadedAgentsMd; use crate::attestation::AttestationProvider; use crate::build_available_skills; use crate::compact; @@ -31,8 +33,8 @@ use crate::context::PersonalitySpecInstructions; use crate::default_skill_metadata_budget; use crate::environment_selection::ResolvedTurnEnvironments; use crate::exec_policy::ExecPolicyManager; +use crate::image_preparation::prepare_response_items; use crate::parse_turn_item; -use crate::path_utils::normalize_for_native_workdir; use crate::realtime_conversation::RealtimeConversationManager; use crate::session_prefix::format_subagent_notification_message; use crate::skills::SkillRenderSideEffects; @@ -52,6 +54,8 @@ use codex_config::types::OAuthCredentialsStoreMode; use codex_exec_server::Environment; use codex_exec_server::EnvironmentManager; use codex_exec_server::FileSystemSandboxContext; +use codex_extension_api::ExtensionDataInit; +use codex_extension_api::LoadedUserInstructions; use codex_extension_api::PromptSlot; use codex_features::FEATURES; use codex_features::Feature; @@ -63,6 +67,7 @@ use codex_login::CodexAuth; use codex_login::auth_env_telemetry::collect_auth_env_telemetry; use codex_login::default_client::originator; use codex_mcp::McpConnectionManager; +use codex_mcp::McpResourceClient; use codex_mcp::McpRuntimeContext; use codex_mcp::codex_apps_tools_cache_key; use codex_models_manager::manager::RefreshStrategy; @@ -117,6 +122,7 @@ use codex_protocol::protocol::TurnAbortReason; use codex_protocol::protocol::TurnContextItem; use codex_protocol::protocol::TurnContextNetworkItem; use codex_protocol::protocol::TurnEnvironmentSelection; +use codex_protocol::protocol::TurnEnvironmentSelections; use codex_protocol::protocol::W3cTraceContext; use codex_protocol::request_permissions::PermissionGrantScope; use codex_protocol::request_permissions::RequestPermissionProfile; @@ -182,7 +188,6 @@ use crate::config::PermissionProfileState; use crate::config::StartedNetworkProxy; use crate::config::resolve_web_search_mode_for_turn; use crate::context_manager::ContextManager; -use crate::context_manager::TotalTokenUsageBreakdown; use crate::thread_rollout_truncation::initial_history_has_prior_user_turns; use codex_config::CONFIG_TOML_FILE; use codex_config::ConfigLayerSource; @@ -205,6 +210,7 @@ mod review; mod rollout_reconstruction; #[allow(clippy::module_inception)] pub(crate) mod session; +mod token_budget; pub(crate) mod turn; pub(crate) mod turn_context; use self::config_lock::export_config_lock_if_configured; @@ -273,10 +279,12 @@ impl SteerInputError { /// Conceptually this is the same role that `previous_model` used to fill, but /// it can carry other prior-turn settings that matter when constructing /// sensible state-change diffs or full-context reinjection, such as model -/// switches or detecting a prior `realtime_active -> false` transition. +/// switches, compaction compatibility, or detecting a prior +/// `realtime_active -> false` transition. #[derive(Clone, Debug, PartialEq, Eq)] pub(crate) struct PreviousTurnSettings { pub(crate) model: String, + pub(crate) comp_hash: Option, pub(crate) realtime_active: Option, } @@ -285,7 +293,7 @@ use crate::SkillLoadOutcome; #[cfg(test)] use crate::SkillMetadata; use crate::SkillsManager; -use crate::agents_md::AgentsMdManager; +use crate::agents_md::load_project_instructions; use crate::context::UserInstructions; use crate::exec_policy::ExecPolicyUpdateError; use crate::guardian::GuardianReviewSessionManager; @@ -326,6 +334,7 @@ use codex_protocol::config_types::CollaborationMode; use codex_protocol::config_types::Personality; use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig; use codex_protocol::config_types::WindowsSandboxLevel; +use codex_protocol::models::LocalImagePreparation; use codex_protocol::models::ResponseInputItem; use codex_protocol::models::ResponseItem; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; @@ -359,6 +368,7 @@ use codex_protocol::protocol::ThreadMemoryMode; use codex_protocol::protocol::TokenCountEvent; use codex_protocol::protocol::TokenUsage; use codex_protocol::protocol::TokenUsageInfo; +use codex_protocol::protocol::TurnModerationMetadataEvent; use codex_protocol::protocol::WarningEvent; use codex_protocol::user_input::UserInput; use codex_tools::ToolEnvironmentMode; @@ -391,6 +401,7 @@ pub struct CodexSpawnOk { pub(crate) struct CodexSpawnArgs { pub(crate) config: Config, + pub(crate) user_instructions: LoadedUserInstructions, pub(crate) installation_id: String, pub(crate) auth_manager: Arc, pub(crate) models_manager: SharedModelsManager, @@ -417,6 +428,7 @@ pub(crate) struct CodexSpawnArgs { pub(crate) user_shell_override: Option, pub(crate) parent_trace: Option, pub(crate) environment_selections: ResolvedTurnEnvironments, + pub(crate) thread_extension_init: ExtensionDataInit, pub(crate) analytics_events_client: Option, pub(crate) thread_store: Arc, pub(crate) attestation_provider: Option>, @@ -475,6 +487,7 @@ impl Codex { async fn spawn_internal(args: CodexSpawnArgs) -> CodexResult { let CodexSpawnArgs { mut config, + user_instructions, installation_id, auth_manager, models_manager, @@ -497,6 +510,7 @@ impl Codex { parent_rollout_thread_trace, parent_trace: _, environment_selections, + thread_extension_init, analytics_events_client, thread_store, attestation_provider, @@ -505,15 +519,21 @@ impl Codex { let (tx_sub, rx_sub) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY); let (tx_event, rx_event) = async_channel::unbounded(); + let LoadedUserInstructions { + instructions: user_instructions, + warnings: user_instruction_provider_warnings, + } = user_instructions; + // TODO(anp) pull startup_warnings out of Config + config + .startup_warnings + .extend(user_instruction_provider_warnings); + // TODO(anp) assemble instructions from multiple environments let primary_environment = environment_selections.primary_environment(); - let mut user_instruction_warnings = Vec::new(); - let user_instructions = AgentsMdManager::new(&config) - .user_instructions( - primary_environment.as_deref(), - &mut user_instruction_warnings, - ) - .await; - config.startup_warnings.extend(user_instruction_warnings); + let primary_fs = primary_environment + .as_ref() + .map(|environment| environment.get_filesystem()); + let loaded_agents_md = + load_project_instructions(&mut config, user_instructions, primary_fs.as_deref()).await; let exec_policy = if crate::guardian::is_guardian_reviewer_source(&session_source) { // Guardian review should rely on the built-in shell safety checks, @@ -578,7 +598,7 @@ impl Codex { mode: ModeKind::Default, settings: Settings { model: model.clone(), - reasoning_effort: config.model_reasoning_effort, + reasoning_effort: config.model_reasoning_effort.clone(), developer_instructions: None, }, }; @@ -593,7 +613,7 @@ impl Codex { model_reasoning_summary: config.model_reasoning_summary, service_tier, developer_instructions: config.developer_instructions.clone(), - user_instructions, + loaded_agents_md, personality: config.personality, base_instructions, compact_prompt: config.compact_prompt.clone(), @@ -601,11 +621,13 @@ impl Codex { approvals_reviewer: config.approvals_reviewer, permission_profile_state: session_permission_profile_state_from_config(&config)?, windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new( + config.cwd.clone(), + environment_selections.to_selections(), + ), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: environment_selections.to_selections(), original_config_do_not_use: Arc::clone(&config), metrics_service_name, app_server_client_name: None, @@ -638,6 +660,7 @@ impl Codex { plugins_manager, mcp_manager.clone(), extensions, + thread_extension_init, agent_control, environment_manager, analytics_events_client, @@ -786,7 +809,7 @@ impl Codex { ..Default::default() }) .await?; - let mcp_connection_manager = self.session.services.mcp_connection_manager.read().await; + let mcp_connection_manager = self.session.services.mcp_connection_manager.load_full(); mcp_connection_manager.set_elicitations_auto_deny(mcp_elicitations_auto_deny); Ok(()) } @@ -800,9 +823,23 @@ impl Codex { state.session_configuration.thread_config_snapshot() } + pub(crate) async fn instruction_sources(&self) -> Vec { + let state = self.session.state.lock().await; + state + .session_configuration + .loaded_agents_md + .as_ref() + .map_or_else(Vec::new, |instructions| { + instructions.sources().cloned().collect() + }) + } + pub(crate) async fn thread_environment_selections(&self) -> Vec { let state = self.session.state.lock().await; - state.session_configuration.environments.clone() + state + .session_configuration + .environment_selections() + .to_vec() } pub(crate) fn state_db(&self) -> Option { @@ -1069,6 +1106,7 @@ impl Session { } /// Flush rollout writes and return the final durability-barrier result. + #[instrument(name = "session.flush_rollout", level = "trace", skip_all)] pub(crate) async fn flush_rollout(&self) -> std::io::Result<()> { if let Some(live_thread) = self.live_thread() { live_thread.flush().await.map_err(std::io::Error::other) @@ -1102,7 +1140,6 @@ impl Session { self, self.next_internal_sub_id(), Op::UserInput { - environments: None, items: vec![UserInput::Text { text, text_elements: Vec::new(), @@ -1112,7 +1149,6 @@ impl Session { additional_context: Default::default(), thread_settings: Default::default(), }, - /*mirror_user_text_to_realtime*/ None, /*client_user_message_id*/ None, ) .await; @@ -1128,9 +1164,11 @@ impl Session { state.auto_compact_window_snapshot() } - pub(crate) async fn get_total_token_usage_breakdown(&self) -> TotalTokenUsageBreakdown { + pub(crate) async fn estimated_tokens_after_last_model_generated_item(&self) -> i64 { let state = self.state.lock().await; - state.history.get_total_token_usage_breakdown() + state + .history + .estimated_tokens_after_last_model_generated_item() } pub(crate) async fn total_token_usage(&self) -> Option { @@ -1278,15 +1316,27 @@ impl Session { turn_context: &TurnContext, rollout_items: &[RolloutItem], ) -> Option { - let reconstructed_rollout = self + let rollout_reconstruction::RolloutReconstruction { + mut history, + previous_turn_settings, + reference_context_item, + window_id, + } = self .reconstruct_history_from_rollout(turn_context, rollout_items) .await; - let previous_turn_settings = reconstructed_rollout.previous_turn_settings.clone(); - self.replace_history( - reconstructed_rollout.history, - reconstructed_rollout.reference_context_item, - ) - .await; + if turn_context.features.enabled(Feature::ResizeAllImages) { + // Keep the recorded rollout unchanged. Prepare its reconstructed history before + // installing it, so legacy images are processed once for this resume or fork and + // will be processed again if the rollout is reconstructed in a future session. + // This meets image resizing requirements without modifying persisted rollouts. + prepare_response_items(&mut history); + } + { + let mut state = self.state.lock().await; + state.replace_history(history, reference_context_item); + state.set_auto_compact_window_id(window_id); + state.set_previous_turn_settings(previous_turn_settings.clone()); + } let prefix_tokens = if matches!( turn_context.config.model_auto_compact_token_limit_scope, AutoCompactTokenLimitScope::BodyAfterPrefix @@ -1301,8 +1351,6 @@ impl Session { self.set_auto_compact_window_estimated_prefill_for_scope(turn_context, prefix_tokens) .await; } - self.set_previous_turn_settings(previous_turn_settings.clone()) - .await; previous_turn_settings } @@ -1402,12 +1450,12 @@ impl Session { .then(|| Self::build_effective_session_config(&state.session_configuration)); let new_config = notify_config_contributors.then(|| Self::build_effective_session_config(&updated)); - let previous_cwd = state.session_configuration.cwd.clone(); + let previous_cwd = state.session_configuration.cwd().clone(); let previous_permission_profile = state.session_configuration.permission_profile(); let updated_permission_profile = updated.permission_profile(); let permission_profile_changed = previous_permission_profile != updated_permission_profile; - let next_cwd = updated.cwd.clone(); + let next_cwd = updated.cwd().clone(); let codex_home = updated.codex_home.clone(); let session_source = updated.session_source.clone(); state.session_configuration = updated; @@ -1469,6 +1517,16 @@ impl Session { .clone() } + pub(crate) async fn user_instructions(&self) -> Option { + let state = self.state.lock().await; + state + .session_configuration + .loaded_agents_md + .as_ref() + .and_then(LoadedAgentsMd::user_instructions) + .cloned() + } + pub(crate) async fn provider(&self) -> ModelProviderInfo { let state = self.state.lock().await; state.session_configuration.provider.clone() @@ -1772,9 +1830,7 @@ impl Session { let Some(text) = realtime_text_for_event(msg) else { return; }; - if self.conversation.running_state().await.is_none() - || self.conversation.active_handoff_id().await.is_none() - { + if self.conversation.running_state().await.is_none() { return; } if let Err(err) = self.conversation.handoff_out(text).await { @@ -2561,11 +2617,43 @@ impl Session { /// Records conversation items: append to history, persist to rollout, and /// notify clients observing raw response items. + pub(crate) fn prepare_conversation_items_for_history<'a>( + &self, + turn_context: &TurnContext, + items: &'a [ResponseItem], + ) -> Cow<'a, [ResponseItem]> { + if !turn_context.features.enabled(Feature::ResizeAllImages) { + return Cow::Borrowed(items); + } + + let mut prepared_items = items.to_vec(); + prepare_response_items(&mut prepared_items); + Cow::Owned(prepared_items) + } + + pub(crate) fn response_item_from_user_input( + &self, + turn_context: &TurnContext, + input: Vec, + ) -> ResponseItem { + let local_image_preparation = if turn_context.features.enabled(Feature::ResizeAllImages) { + LocalImagePreparation::Defer + } else { + LocalImagePreparation::Process + }; + ResponseItem::from(ResponseInputItem::from_user_input( + input, + local_image_preparation, + )) + } + pub(crate) async fn record_conversation_items( &self, turn_context: &TurnContext, items: &[ResponseItem], ) { + let items = self.prepare_conversation_items_for_history(turn_context, items); + let items = items.as_ref(); { let mut state = self.state.lock().await; state.record_items(items.iter(), turn_context.truncation_policy); @@ -2625,6 +2713,16 @@ impl Session { .await; } + pub(crate) async fn emit_turn_moderation_metadata( + self: &Arc, + turn_context: &Arc, + metadata: TurnModerationMetadataEvent, + ) { + self.send_event(turn_context, EventMsg::TurnModerationMetadata(metadata)) + .await; + } + + #[cfg(test)] pub(crate) async fn replace_history( &self, items: Vec, @@ -2643,7 +2741,6 @@ impl Session { { let mut state = self.state.lock().await; state.replace_history(items, reference_context_item.clone()); - state.start_next_auto_compact_window(); } self.persist_rollout_items(&[RolloutItem::Compacted(compacted_item)]) @@ -2656,7 +2753,6 @@ impl Session { let mut state = self.state.lock().await; state.queue_pending_session_start_source(codex_hooks::SessionStartSource::Compact); } - self.services.model_client.advance_window_generation(); } async fn persist_rollout_response_items(&self, items: &[ResponseItem]) { @@ -2718,10 +2814,6 @@ impl Session { } } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP app context rendering reads through the session-owned manager guard" - )] pub(crate) async fn build_initial_context( &self, turn_context: &TurnContext, @@ -2735,6 +2827,7 @@ impl Session { collaboration_mode, base_instructions, session_source, + auto_compact_window_id, ) = { let state = self.state.lock().await; ( @@ -2743,6 +2836,7 @@ impl Session { state.session_configuration.collaboration_mode.clone(), state.session_configuration.base_instructions.clone(), state.session_configuration.session_source.clone(), + state.auto_compact_window_id(), ) }; if let Some(model_switch_message) = @@ -2814,7 +2908,7 @@ impl Session { } } if turn_context.config.include_apps_instructions && turn_context.apps_enabled() { - let mcp_connection_manager = self.services.mcp_connection_manager.read().await; + let mcp_connection_manager = self.services.mcp_connection_manager.load_full(); let accessible_and_enabled_connectors = connectors::list_accessible_and_enabled_connectors_from_manager( &mcp_connection_manager, @@ -2892,6 +2986,19 @@ impl Session { .render(), ); } + // This is full-context metadata. Steady-state context diffs should not re-emit it. + if turn_context.features.enabled(Feature::TokenBudget) + && let Some(model_context_window) = turn_context.model_context_window() + { + developer_sections.push( + crate::context::TokenBudgetContext::new( + self.thread_id(), + auto_compact_window_id, + model_context_window, + ) + .render(), + ); + } if turn_context.config.include_environment_context { let shell = self.user_shell(); let subagents = self @@ -2963,6 +3070,56 @@ impl Session { state.clone_history() } + pub(crate) async fn current_window_id(&self) -> String { + let state = self.state.lock().await; + let thread_id = self.thread_id; + let window_id = state.auto_compact_window_id(); + format!("{thread_id}:{window_id}") + } + + pub(crate) async fn advance_auto_compact_window_id(&self) -> u64 { + let mut state = self.state.lock().await; + state.advance_auto_compact_window_id() + } + + pub(crate) async fn request_new_context_window(&self) { + let mut state = self.state.lock().await; + state.request_new_context_window(); + } + + pub(crate) async fn maybe_start_new_context_window( + &self, + turn_context: &TurnContext, + ) -> Option { + let window_id = { + let mut state = self.state.lock().await; + state.start_new_context_window_if_requested() + }; + let window_id = window_id?; + let context_items = self.build_initial_context(turn_context).await; + let turn_context_item = turn_context.to_turn_context_item(); + let replacement_history = context_items; + { + let mut state = self.state.lock().await; + state.replace_history(replacement_history.clone(), Some(turn_context_item.clone())); + }; + self.persist_rollout_items(&[ + RolloutItem::Compacted(CompactedItem { + message: String::new(), + replacement_history: Some(replacement_history), + window_id: Some(window_id), + }), + RolloutItem::TurnContext(turn_context_item), + ]) + .await; + { + let mut state = self.state.lock().await; + state.queue_pending_session_start_source(codex_hooks::SessionStartSource::Compact); + } + self.recompute_token_usage(turn_context).await; + Some(window_id) + } + pub(crate) async fn reference_context_item(&self) -> Option { let state = self.state.lock().await; state.reference_context_item() @@ -2981,6 +3138,7 @@ impl Session { /// Mid-turn compaction is the other path that can re-establish that baseline when it /// reinjects full initial context into replacement history. Other non-regular tasks /// intentionally do not update the baseline. + #[instrument(level = "trace", skip_all)] pub(crate) async fn record_context_updates_and_set_reference_context_item( &self, turn_context: &TurnContext, @@ -3170,7 +3328,7 @@ impl Session { // Persist the user message to history, but emit the turn item from `UserInput` so // UI-only `text_elements` are preserved. `ResponseItem::Message` does not carry // those spans, and `record_response_item_and_emit_turn_item` would drop them. - let response_item = ResponseItem::from(ResponseInputItem::from(input.to_vec())); + let response_item = self.response_item_from_user_input(turn_context, input.to_vec()); self.record_conversation_items(turn_context, std::slice::from_ref(&response_item)) .await; let mut user_message_item = UserMessageItem::new(input); @@ -3364,6 +3522,9 @@ pub(crate) fn emit_subagent_session_started( session_id: session_id.to_string(), thread_id: thread_id.to_string(), parent_thread_id: parent_thread_id.map(|thread_id| thread_id.to_string()), + forked_from_thread_id: thread_config + .forked_from_thread_id + .map(|thread_id| thread_id.to_string()), product_client_id: client_name.clone(), client_name, client_version, diff --git a/codex-rs/core/src/session/review.rs b/codex-rs/core/src/session/review.rs index de864ebb083..9a7dfc82989 100644 --- a/codex-rs/core/src/session/review.rs +++ b/codex-rs/core/src/session/review.rs @@ -26,7 +26,6 @@ pub(super) async fn spawn_review_thread( let _ = review_features.disable(Feature::WebSearchCached); let _ = review_features.disable(Feature::Goals); let review_web_search_mode = WebSearchMode::Disabled; - let goal_tools_supported = !config.ephemeral && parent_turn_context.goal_tools_enabled(); let available_models = sess .services .models_manager @@ -74,7 +73,7 @@ pub(super) async fn spawn_review_thread( let auth_manager_for_context = auth_manager.clone(); let provider_for_context = provider.clone(); let session_telemetry_for_context = session_telemetry.clone(); - let reasoning_effort = per_turn_config.model_reasoning_effort; + let reasoning_effort = per_turn_config.model_reasoning_effort.clone(); let reasoning_summary = per_turn_config .model_reasoning_summary .unwrap_or(model_info.default_reasoning_summary); @@ -92,7 +91,6 @@ pub(super) async fn spawn_review_thread( forked_from_thread_id, parent_turn_context.parent_thread_id, &session_source, - parent_turn_context.thread_source, review_turn_id.clone(), #[allow(deprecated)] parent_turn_context.cwd.clone(), @@ -115,6 +113,7 @@ pub(super) async fn spawn_review_thread( config: per_turn_config, auth_manager: auth_manager_for_context, model_info: model_info.clone(), + comp_hash: model_info.comp_hash.clone(), tool_mode, session_telemetry: session_telemetry_for_context, provider: provider_for_context, @@ -122,11 +121,10 @@ pub(super) async fn spawn_review_thread( reasoning_summary, session_source, parent_thread_id: parent_turn_context.parent_thread_id, - thread_source: parent_turn_context.thread_source, + thread_source: parent_turn_context.thread_source.clone(), environments: parent_turn_context.environments.clone(), available_models, unified_exec_shell_mode, - goal_tools_supported, features: review_features, ghost_snapshot: parent_turn_context.ghost_snapshot.clone(), current_date: parent_turn_context.current_date.clone(), diff --git a/codex-rs/core/src/session/rollout_reconstruction.rs b/codex-rs/core/src/session/rollout_reconstruction.rs index a4c042af0c8..e8866485124 100644 --- a/codex-rs/core/src/session/rollout_reconstruction.rs +++ b/codex-rs/core/src/session/rollout_reconstruction.rs @@ -8,6 +8,7 @@ pub(super) struct RolloutReconstruction { pub(super) history: Vec, pub(super) previous_turn_settings: Option, pub(super) reference_context_item: Option, + pub(super) window_id: u64, } #[derive(Debug, Default)] @@ -33,6 +34,7 @@ struct ActiveReplaySegment<'a> { previous_turn_settings: Option, reference_context_item: TurnReferenceContextItem, base_replacement_history: Option<&'a [ResponseItem]>, + window_id: Option, } fn turn_ids_are_compatible(active_turn_id: Option<&str>, item_turn_id: Option<&str>) -> bool { @@ -45,6 +47,7 @@ fn finalize_active_segment<'a>( base_replacement_history: &mut Option<&'a [ResponseItem]>, previous_turn_settings: &mut Option, reference_context_item: &mut TurnReferenceContextItem, + window_id: &mut Option, pending_rollback_turns: &mut usize, ) { // Thread rollback drops the newest surviving real user-message boundaries. In replay, that @@ -65,6 +68,10 @@ fn finalize_active_segment<'a>( *base_replacement_history = Some(segment_base_replacement_history); } + if window_id.is_none() { + *window_id = active_segment.window_id; + } + // `previous_turn_settings` come from the newest surviving user turn that established them. if previous_turn_settings.is_none() && active_segment.counts_as_user_turn { *previous_turn_settings = active_segment.previous_turn_settings; @@ -97,6 +104,7 @@ impl Session { let mut base_replacement_history: Option<&[ResponseItem]> = None; let mut previous_turn_settings = None; let mut reference_context_item = TurnReferenceContextItem::NeverSet; + let mut window_id = None; // Rollback is "drop the newest N user turns". While scanning in reverse, that becomes // "skip the next N user-turn segments we finalize". let mut pending_rollback_turns = 0usize; @@ -112,6 +120,9 @@ impl Session { RolloutItem::Compacted(compacted) => { let active_segment = active_segment.get_or_insert_with(ActiveReplaySegment::default); + if active_segment.window_id.is_none() { + active_segment.window_id = compacted.window_id; + } // Looking backward, compaction clears any older baseline unless a newer // `TurnContextItem` in this same segment has already re-established it. if matches!( @@ -173,6 +184,7 @@ impl Session { ) { active_segment.previous_turn_settings = Some(PreviousTurnSettings { model: ctx.model.clone(), + comp_hash: ctx.comp_hash.clone(), realtime_active: ctx.realtime_active, }); if matches!( @@ -198,6 +210,7 @@ impl Session { &mut base_replacement_history, &mut previous_turn_settings, &mut reference_context_item, + &mut window_id, &mut pending_rollback_turns, ); } @@ -227,10 +240,19 @@ impl Session { &mut base_replacement_history, &mut previous_turn_settings, &mut reference_context_item, + &mut window_id, &mut pending_rollback_turns, ); } + let fallback_window_id = u64::try_from( + rollout_items + .iter() + .filter(|item| matches!(item, RolloutItem::Compacted(_))) + .count(), + ) + .unwrap_or(u64::MAX); + let mut history = ContextManager::new(); let mut saw_legacy_compaction_without_replacement_history = false; if let Some(base_replacement_history) = base_replacement_history { @@ -296,6 +318,7 @@ impl Session { history: history.raw_items().to_vec(), previous_turn_settings, reference_context_item, + window_id: window_id.unwrap_or(fallback_window_id), } } } diff --git a/codex-rs/core/src/session/rollout_reconstruction_tests.rs b/codex-rs/core/src/session/rollout_reconstruction_tests.rs index 0ca54e55e0c..ca8494168c1 100644 --- a/codex-rs/core/src/session/rollout_reconstruction_tests.rs +++ b/codex-rs/core/src/session/rollout_reconstruction_tests.rs @@ -70,11 +70,12 @@ async fn record_initial_history_resumed_bare_turn_context_does_not_hydrate_previ network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let rollout_items = vec![RolloutItem::TurnContext(previous_context_item)]; @@ -109,11 +110,12 @@ async fn record_initial_history_resumed_hydrates_previous_turn_settings_from_lif network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: Some("comp-hash-a".to_string()), personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let turn_id = previous_context_item @@ -166,6 +168,7 @@ async fn record_initial_history_resumed_hydrates_previous_turn_settings_from_lif session.previous_turn_settings().await, Some(PreviousTurnSettings { model: previous_model.to_string(), + comp_hash: Some("comp-hash-a".to_string()), realtime_active: Some(turn_context.realtime_active), }) ); @@ -271,6 +274,7 @@ async fn reconstruct_history_rollback_keeps_history_and_metadata_in_sync_for_com reconstructed.previous_turn_settings, Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -364,6 +368,7 @@ async fn reconstruct_history_rollback_keeps_history_and_metadata_in_sync_for_inc reconstructed.previous_turn_settings, Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -489,6 +494,7 @@ async fn reconstruct_history_rollback_skips_non_user_turns_for_history_and_metad reconstructed.previous_turn_settings, Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -589,6 +595,7 @@ async fn reconstruct_history_rollback_counts_inter_agent_assistant_turns() { reconstructed.previous_turn_settings, Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -791,6 +798,7 @@ async fn record_initial_history_resumed_rollback_drops_incomplete_user_turn_comp RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(Vec::new()), + window_id: None, }), RolloutItem::EventMsg(EventMsg::ThreadRolledBack( codex_protocol::protocol::ThreadRolledBackEvent { num_turns: 1 }, @@ -809,6 +817,7 @@ async fn record_initial_history_resumed_rollback_drops_incomplete_user_turn_comp session.previous_turn_settings().await, Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -846,6 +855,7 @@ async fn record_initial_history_resumed_does_not_seed_reference_context_item_aft RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(Vec::new()), + window_id: None, }), ]; @@ -871,6 +881,7 @@ async fn reconstruct_history_legacy_compaction_without_replacement_history_does_ RolloutItem::Compacted(CompactedItem { message: "legacy summary".to_string(), replacement_history: None, + window_id: None, }), ]; @@ -902,6 +913,7 @@ async fn reconstruct_history_legacy_compaction_without_replacement_history_clear RolloutItem::Compacted(CompactedItem { message: "legacy summary".to_string(), replacement_history: None, + window_id: None, }), RolloutItem::EventMsg(EventMsg::TurnStarted( codex_protocol::protocol::TurnStartedEvent { @@ -959,11 +971,12 @@ async fn record_initial_history_resumed_turn_context_after_compaction_reestablis network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let previous_turn_id = previous_context_item @@ -994,6 +1007,7 @@ async fn record_initial_history_resumed_turn_context_after_compaction_reestablis RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(Vec::new()), + window_id: None, }), RolloutItem::TurnContext(previous_context_item), RolloutItem::EventMsg(EventMsg::TurnComplete( @@ -1019,6 +1033,7 @@ async fn record_initial_history_resumed_turn_context_after_compaction_reestablis session.previous_turn_settings().await, Some(PreviousTurnSettings { model: previous_model.to_string(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -1038,11 +1053,12 @@ async fn record_initial_history_resumed_turn_context_after_compaction_reestablis network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, })) .expect("serialize expected reference context item") @@ -1067,11 +1083,12 @@ async fn record_initial_history_resumed_aborted_turn_without_id_clears_active_tu network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let previous_turn_id = previous_context_item @@ -1140,6 +1157,7 @@ async fn record_initial_history_resumed_aborted_turn_without_id_clears_active_tu RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(Vec::new()), + window_id: None, }), ]; @@ -1155,6 +1173,7 @@ async fn record_initial_history_resumed_aborted_turn_without_id_clears_active_tu session.previous_turn_settings().await, Some(PreviousTurnSettings { model: previous_model.to_string(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -1186,11 +1205,12 @@ async fn record_initial_history_resumed_unmatched_abort_preserves_active_turn_fo network: None, file_system_sandbox_policy: None, model: current_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; @@ -1275,6 +1295,7 @@ async fn record_initial_history_resumed_unmatched_abort_preserves_active_turn_fo session.previous_turn_settings().await, Some(PreviousTurnSettings { model: current_model.to_string(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -1304,11 +1325,12 @@ async fn record_initial_history_resumed_trailing_incomplete_turn_compaction_clea network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let previous_turn_id = previous_context_item @@ -1369,6 +1391,7 @@ async fn record_initial_history_resumed_trailing_incomplete_turn_compaction_clea RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(Vec::new()), + window_id: None, }), ]; @@ -1384,6 +1407,7 @@ async fn record_initial_history_resumed_trailing_incomplete_turn_compaction_clea session.previous_turn_settings().await, Some(PreviousTurnSettings { model: previous_model.to_string(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -1434,6 +1458,7 @@ async fn record_initial_history_resumed_trailing_incomplete_turn_preserves_turn_ session.previous_turn_settings().await, Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -1463,11 +1488,12 @@ async fn record_initial_history_resumed_replaced_incomplete_compacted_turn_clear network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let previous_turn_id = previous_context_item @@ -1529,6 +1555,7 @@ async fn record_initial_history_resumed_replaced_incomplete_compacted_turn_clear RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(Vec::new()), + window_id: None, }), // A newer TurnStarted replaces the incomplete compacted turn without a matching // completion/abort for the old one. @@ -1555,6 +1582,7 @@ async fn record_initial_history_resumed_replaced_incomplete_compacted_turn_clear session.previous_turn_settings().await, Some(PreviousTurnSettings { model: previous_model.to_string(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); diff --git a/codex-rs/core/src/session/session.rs b/codex-rs/core/src/session/session.rs index 07d249613ac..b8d6d7a1bcb 100644 --- a/codex-rs/core/src/session/session.rs +++ b/codex-rs/core/src/session/session.rs @@ -1,9 +1,10 @@ use super::input_queue::InputQueue; use super::*; +use crate::agents_md::LoadedAgentsMd; use crate::config::ConstraintError; -use crate::goals::GoalRuntimeState; use crate::skills::SkillError; use crate::state::ActiveTurn; +use codex_extension_api::ExtensionDataInit; use codex_protocol::SessionId; use codex_protocol::config_types::SERVICE_TIER_DEFAULT_REQUEST_VALUE; use codex_protocol::config_types::ServiceTier; @@ -12,6 +13,7 @@ use codex_protocol::permissions::FileSystemSpecialPath; use codex_protocol::protocol::MultiAgentVersion; use codex_protocol::protocol::ThreadSource; use codex_protocol::protocol::TurnEnvironmentSelection; +use codex_protocol::protocol::TurnEnvironmentSelections; use std::sync::OnceLock; use tokio::sync::Semaphore; @@ -36,7 +38,6 @@ pub(crate) struct Session { pub(crate) conversation: Arc, pub(crate) active_turn: Mutex>, pub(crate) input_queue: InputQueue, - pub(crate) goal_runtime: GoalRuntimeState, pub(crate) guardian_review_session: GuardianReviewSessionManager, pub(crate) services: SessionServices, pub(super) next_internal_sub_id: AtomicU64, @@ -54,8 +55,9 @@ pub(crate) struct SessionConfiguration { /// Developer instructions that supplement the base instructions. pub(super) developer_instructions: Option, - /// Model instructions that are appended to the base instructions. - pub(super) user_instructions: Option, + /// Model instructions assembled from provider instructions and discovered + /// AGENTS.md files. + pub(super) loaded_agents_md: Option, /// Personality preference for the model. pub(super) personality: Option, @@ -75,11 +77,9 @@ pub(crate) struct SessionConfiguration { pub(super) permission_profile_state: PermissionProfileState, pub(super) windows_sandbox_level: WindowsSandboxLevel, - /// Absolute working directory that should be treated as the *root* of the - /// session. All relative paths supplied by the model as well as the - /// execution sandbox are resolved against this directory **instead** of - /// the process-wide current working directory. - pub(super) cwd: AbsolutePathBuf, + /// Sticky thread-level environment selections plus the legacy cwd used + /// when a turn does not select an environment. + pub(super) environments: TurnEnvironmentSelections, /// Thread-scoped runtime workspace roots for materializing symbolic /// workspace permissions at session runtime. pub(super) workspace_roots: Vec, @@ -87,8 +87,6 @@ pub(crate) struct SessionConfiguration { pub(super) codex_home: AbsolutePathBuf, /// Optional user-facing name for the thread, updated during the session. pub(super) thread_name: Option, - /// Sticky environments for turns that do not provide a turn-local override. - pub(super) environments: Vec, // TODO(pakrym): Remove config from here pub(super) original_config_do_not_use: Arc, @@ -110,6 +108,14 @@ pub(crate) struct SessionConfiguration { } impl SessionConfiguration { + pub(super) fn cwd(&self) -> &AbsolutePathBuf { + &self.environments.legacy_fallback_cwd + } + + pub(super) fn environment_selections(&self) -> &[TurnEnvironmentSelection] { + &self.environments.environments + } + pub(crate) fn codex_home(&self) -> &AbsolutePathBuf { &self.codex_home } @@ -153,7 +159,7 @@ impl SessionConfiguration { let permission_profile = self.permission_profile(); codex_sandboxing::compatibility_sandbox_policy_for_permission_profile( &permission_profile, - &self.cwd, + self.cwd(), ) } @@ -176,7 +182,7 @@ impl SessionConfiguration { approvals_reviewer: self.approvals_reviewer, permission_profile: self.permission_profile(), active_permission_profile: self.active_permission_profile(), - cwd: self.cwd.clone(), + environments: self.environments.clone(), workspace_roots: self.workspace_roots.clone(), profile_workspace_roots: self.profile_workspace_roots().to_vec(), ephemeral: self.original_config_do_not_use.ephemeral, @@ -185,8 +191,9 @@ impl SessionConfiguration { personality: self.personality, collaboration_mode: self.collaboration_mode.clone(), session_source: self.session_source.clone(), + forked_from_thread_id: self.forked_from_thread_id, parent_thread_id: self.parent_thread_id, - thread_source: self.thread_source, + thread_source: self.thread_source.clone(), } } @@ -198,11 +205,11 @@ impl SessionConfiguration { let legacy_file_system_projection = FileSystemSandboxPolicy::from_legacy_sandbox_policy_preserving_deny_entries( ¤t_sandbox_policy, - &self.cwd, + self.cwd(), ¤t_file_system_sandbox_policy, ); let file_system_policy_matches_legacy = current_file_system_sandbox_policy - .is_semantically_equivalent_to(&legacy_file_system_projection, &self.cwd); + .is_semantically_equivalent_to(&legacy_file_system_projection, self.cwd()); let file_system_policy_has_rebindable_project_root_write = current_file_system_sandbox_policy .entries @@ -248,30 +255,21 @@ impl SessionConfiguration { next_configuration.windows_sandbox_level = windows_sandbox_level; } - let absolute_cwd = updates - .cwd - .as_ref() - .map(|cwd| { - AbsolutePathBuf::relative_to_current_dir(normalize_for_native_workdir( - cwd.as_path(), - )) - .unwrap_or_else(|e| { - warn!("failed to normalize update cwd: {cwd:?}: {e}"); - self.cwd.clone() - }) - }) - .unwrap_or_else(|| self.cwd.clone()); - - let cwd_changed = absolute_cwd.as_path() != self.cwd.as_path(); - next_configuration.cwd = absolute_cwd; + let current_cwd = self.cwd().clone(); + let next_environments = updates + .environments + .clone() + .unwrap_or_else(|| self.environments.clone()); + let cwd_changed = next_environments.legacy_fallback_cwd.as_path() != current_cwd.as_path(); + next_configuration.environments = next_environments; if let Some(workspace_roots) = updates.workspace_roots.clone() { next_configuration.workspace_roots = workspace_roots; - } else if cwd_changed && self.workspace_roots.contains(&self.cwd) { + } else if cwd_changed && self.workspace_roots.contains(¤t_cwd) { let mut retargeted_workspace_roots = Vec::with_capacity(next_configuration.workspace_roots.len()); for root in &self.workspace_roots { - let root = if root == &self.cwd { - next_configuration.cwd.clone() + let root = if root == ¤t_cwd { + next_configuration.cwd().clone() } else { root.clone() }; @@ -328,7 +326,7 @@ impl SessionConfiguration { let file_system_sandbox_policy = FileSystemSandboxPolicy::from_legacy_sandbox_policy_preserving_deny_entries( &sandbox_policy, - &next_configuration.cwd, + next_configuration.cwd(), ¤t_file_system_sandbox_policy, ); let network_sandbox_policy = NetworkSandboxPolicy::from(&sandbox_policy); @@ -351,7 +349,7 @@ impl SessionConfiguration { let file_system_sandbox_policy = FileSystemSandboxPolicy::from_legacy_sandbox_policy_preserving_deny_entries( ¤t_sandbox_policy, - &next_configuration.cwd, + next_configuration.cwd(), ¤t_file_system_sandbox_policy, ); next_configuration @@ -412,7 +410,7 @@ impl SessionConfiguration { #[derive(Default, Clone)] pub(crate) struct SessionSettingsUpdate { - pub(crate) cwd: Option, + pub(crate) environments: Option, pub(crate) workspace_roots: Option>, pub(crate) profile_workspace_roots: Option>, pub(crate) approval_policy: Option, @@ -425,10 +423,6 @@ pub(crate) struct SessionSettingsUpdate { pub(crate) reasoning_summary: Option, pub(crate) service_tier: Option>, pub(crate) final_output_json_schema: Option>, - /// Turn-local environment override. `None` inherits the sticky thread - /// environments stored on `SessionConfiguration`; `Some([])` explicitly - /// disables environments for this turn. - pub(crate) environments: Option>, pub(crate) personality: Option, pub(crate) app_server_client_name: Option, pub(crate) app_server_client_version: Option, @@ -475,10 +469,6 @@ impl Session { #[instrument(name = "session_init", level = "info", skip_all)] #[allow(clippy::too_many_arguments)] - #[expect( - clippy::await_holding_invalid_type, - reason = "session initialization must serialize access through session-owned manager guards" - )] pub(crate) async fn new( mut session_configuration: SessionConfiguration, config: Arc, @@ -494,6 +484,7 @@ impl Session { plugins_manager: Arc, mcp_manager: Arc, extensions: Arc>, + thread_extension_init: ExtensionDataInit, agent_control: AgentControl, environment_manager: Arc, analytics_events_client: Option, @@ -524,17 +515,6 @@ impl Session { } InitialHistory::Resumed(resumed_history) => resumed_history.conversation_id, }; - let window_generation = match &initial_history { - InitialHistory::Resumed(resumed_history) => u64::try_from( - resumed_history - .history - .iter() - .filter(|item| matches!(item, RolloutItem::Compacted(_))) - .count(), - ) - .unwrap_or(u64::MAX), - InitialHistory::New | InitialHistory::Cleared | InitialHistory::Forked(_) => 0, - }; // Kick off independent async setup tasks in parallel to reduce startup latency. // // - initialize thread persistence with new or resumed session info @@ -546,52 +526,47 @@ impl Session { } else { let live_thread = match &initial_history { InitialHistory::New | InitialHistory::Cleared | InitialHistory::Forked(_) => { - LiveThread::create( - Arc::clone(&thread_store), - CreateThreadParams { - thread_id, - forked_from_id, - parent_thread_id, - source: session_source, - thread_source: session_configuration.thread_source, - base_instructions: BaseInstructions { - text: session_configuration.base_instructions.clone(), - }, - dynamic_tools: session_configuration.dynamic_tools.clone(), - multi_agent_version: initial_multi_agent_version, - metadata: ThreadPersistenceMetadata { - cwd: Some(config.cwd.to_path_buf()), - model_provider: config.model_provider_id.clone(), - memory_mode: if config.memories.generate_memories { - ThreadMemoryMode::Enabled - } else { - ThreadMemoryMode::Disabled - }, + let params = CreateThreadParams { + thread_id, + extra_config: config.extra_config.clone(), + forked_from_id, + parent_thread_id, + source: session_source, + thread_source: session_configuration.thread_source.clone(), + base_instructions: BaseInstructions { + text: session_configuration.base_instructions.clone(), + }, + dynamic_tools: session_configuration.dynamic_tools.clone(), + multi_agent_version: initial_multi_agent_version, + metadata: ThreadPersistenceMetadata { + cwd: Some(config.cwd.to_path_buf()), + model_provider: config.model_provider_id.clone(), + memory_mode: if config.memories.generate_memories { + ThreadMemoryMode::Enabled + } else { + ThreadMemoryMode::Disabled }, }, - ) - .await? + }; + LiveThread::create(Arc::clone(&thread_store), params).await? } InitialHistory::Resumed(resumed_history) => { - LiveThread::resume( - Arc::clone(&thread_store), - ResumeThreadParams { - thread_id: resumed_history.conversation_id, - rollout_path: resumed_history.rollout_path.clone(), - history: Some(resumed_history.history.clone()), - include_archived: true, - metadata: ThreadPersistenceMetadata { - cwd: Some(config.cwd.to_path_buf()), - model_provider: config.model_provider_id.clone(), - memory_mode: if config.memories.generate_memories { - ThreadMemoryMode::Enabled - } else { - ThreadMemoryMode::Disabled - }, + let params = ResumeThreadParams { + thread_id: resumed_history.conversation_id, + rollout_path: resumed_history.rollout_path.clone(), + history: Some(resumed_history.history.clone()), + include_archived: true, + metadata: ThreadPersistenceMetadata { + cwd: Some(config.cwd.to_path_buf()), + model_provider: config.model_provider_id.clone(), + memory_mode: if config.memories.generate_memories { + ThreadMemoryMode::Enabled + } else { + ThreadMemoryMode::Disabled }, }, - ) - .await? + }; + LiveThread::resume(Arc::clone(&thread_store), params).await? } }; Ok(Some(live_thread)) @@ -624,16 +599,16 @@ impl Session { let mcp_manager_for_mcp = Arc::clone(&mcp_manager); let auth_and_mcp_fut = async move { let auth = auth_manager_clone.auth().await; - let mcp_servers = mcp_manager_for_mcp - .effective_servers(&config_for_mcp, auth.as_ref()) - .await; + let mcp_config = mcp_manager_for_mcp.runtime_config(&config_for_mcp).await; + let mcp_servers = codex_mcp::effective_mcp_servers(&mcp_config, auth.as_ref()); + let tool_plugin_provenance = codex_mcp::tool_plugin_provenance(&mcp_config); let auth_statuses = compute_auth_statuses( mcp_servers.iter(), config_for_mcp.mcp_oauth_credentials_store_mode, auth.as_ref(), ) .await; - (auth, mcp_servers, auth_statuses) + (auth, mcp_servers, auth_statuses, tool_plugin_provenance) } .instrument(info_span!( "session_init.auth_mcp", @@ -645,7 +620,7 @@ impl Session { Arc::clone(&environment_manager), Arc::clone(&plugins_manager), Arc::clone(&skills_manager), - session_configuration.environments.clone(), + session_configuration.environment_selections().to_vec(), ) .instrument(info_span!( "session_init.plugin_skill_warmup", @@ -656,7 +631,7 @@ impl Session { let ( thread_persistence_result, state_db_ctx, - (auth, mcp_servers, auth_statuses), + (auth, mcp_servers, auth_statuses, tool_plugin_provenance), plugin_skill_errors, ) = tokio::join!( thread_persistence_fut, @@ -697,7 +672,7 @@ impl Session { nickname: session_configuration.session_source.get_nickname(), agent_role: session_configuration.session_source.get_agent_role(), session_source: session_configuration.session_source.clone(), - cwd: session_configuration.cwd.to_path_buf(), + cwd: session_configuration.cwd().to_path_buf(), rollout_path: rollout_path.clone(), model: session_configuration.collaboration_mode.model().to_string(), provider_name: config.model_provider_id.clone(), @@ -801,7 +776,7 @@ impl Session { /*inc*/ 1, &[( "is_git", - if get_git_repo_root(&session_configuration.cwd).is_some() { + if get_git_repo_root(session_configuration.cwd()).is_some() { "true" } else { "false" @@ -820,7 +795,7 @@ impl Session { config.permissions.approval_policy.value(), config .permissions - .legacy_sandbox_policy(session_configuration.cwd.as_path()), + .legacy_sandbox_policy(session_configuration.cwd().as_path()), mcp_servers.keys().map(String::as_str).collect(), ); @@ -855,7 +830,7 @@ impl Session { ShellSnapshot::start_snapshotting( config.codex_home.clone(), thread_id, - session_configuration.cwd.clone(), + session_configuration.cwd().clone(), &mut default_shell, session_telemetry.clone(), state_db_ctx.clone(), @@ -959,11 +934,30 @@ impl Session { } else { SessionId::from(thread_id) }; - let agent_control = agent_control.with_session_id(session_id); + let agent_control = agent_control.with_session_id( + session_id, + config + .effective_agent_max_threads(MultiAgentVersion::V2) + .unwrap_or(usize::MAX), + ); + // Keep one stable manager handle for the session so extension resource clients + // automatically observe the manager installed at startup and on later refreshes. + let mcp_connection_manager = Arc::new(arc_swap::ArcSwap::from_pointee( + McpConnectionManager::new_uninitialized_with_permission_profile( + &config.permissions.approval_policy, + config.permissions.permission_profile(), + config.prefix_mcp_tool_names(), + ), + )); let session_extension_data = codex_extension_api::ExtensionData::new(session_id.to_string()); - let thread_extension_data = - codex_extension_api::ExtensionData::new(thread_id.to_string()); + session_extension_data.insert(McpResourceClient::new(Arc::clone( + &mcp_connection_manager, + ))); + let thread_extension_data = codex_extension_api::ExtensionData::new_with_init( + thread_id.to_string(), + thread_extension_init, + ); for contributor in extensions.thread_lifecycle_contributors() { contributor.on_thread_start(codex_extension_api::ThreadStartInput { config: config.as_ref(), @@ -982,13 +976,7 @@ impl Session { // before any MCP-related events. It is reasonable to consider // changing this to use Option or OnceCell, though the current // setup is straightforward enough and performs well. - mcp_connection_manager: Arc::new(RwLock::new( - McpConnectionManager::new_uninitialized_with_permission_profile( - &config.permissions.approval_policy, - config.permissions.permission_profile(), - config.prefix_mcp_tool_names(), - ), - )), + mcp_connection_manager, mcp_startup_cancellation_token: Mutex::new(CancellationToken::new()), unified_exec_manager: UnifiedExecProcessManager::new( config.background_terminal_max_timeout, @@ -1027,12 +1015,9 @@ impl Session { attestation_provider: attestation_provider.clone(), model_client: ModelClient::new( Some(Arc::clone(&auth_manager)), - session_id, thread_id, - installation_id.clone(), session_configuration.provider.clone(), session_configuration.session_source.clone(), - session_configuration.parent_thread_id, config.model_verbosity, config.features.enabled(Feature::EnableRequestCompression), config.features.enabled(Feature::RuntimeMetrics), @@ -1048,9 +1033,6 @@ impl Session { code_mode_service: crate::tools::code_mode::CodeModeService::new(), environment_manager, }; - services - .model_client - .set_window_generation(window_generation); let (out_of_band_elicitation_paused, _out_of_band_elicitation_paused_rx) = watch::channel(false); @@ -1068,7 +1050,6 @@ impl Session { conversation: Arc::new(RealtimeConversationManager::new()), active_turn: Mutex::new(None), input_queue: InputQueue::new(), - goal_runtime: GoalRuntimeState::new(), guardian_review_session: GuardianReviewSessionManager::default(), services, next_internal_sub_id: AtomicU64::new(0), @@ -1087,7 +1068,7 @@ impl Session { thread_id, forked_from_id, parent_thread_id, - thread_source: session_configuration.thread_source, + thread_source: session_configuration.thread_source.clone(), thread_name: session_configuration.thread_name.clone(), model: session_configuration.collaboration_mode.model().to_string(), model_provider_id: config.model_provider_id.clone(), @@ -1096,7 +1077,7 @@ impl Session { approvals_reviewer: session_configuration.approvals_reviewer, permission_profile: session_configuration.permission_profile(), active_permission_profile: session_configuration.active_permission_profile(), - cwd: session_configuration.cwd.clone(), + cwd: session_configuration.cwd().clone(), reasoning_effort: session_configuration.collaboration_mode.reasoning_effort(), initial_messages, network_proxy: session_network_proxy.filter(|_| { @@ -1114,16 +1095,6 @@ impl Session { sess.send_event_raw(event).await; } - let mut required_mcp_servers: Vec = mcp_servers - .iter() - .filter(|(_, server)| server.enabled() && server.required()) - .map(|(name, _)| name.clone()) - .collect(); - required_mcp_servers.sort(); - let enabled_mcp_server_count = - mcp_servers.values().filter(|server| server.enabled()).count(); - let required_mcp_server_count = required_mcp_servers.len(); - let tool_plugin_provenance = mcp_manager.tool_plugin_provenance(config.as_ref()).await; let host_owned_codex_apps_enabled = config .features .apps_enabled_for_auth(auth.as_ref().is_some_and(|auth| auth.uses_codex_backend())); @@ -1135,14 +1106,16 @@ impl Session { } else { ElicitationCapability::default() }; - { + let mcp_startup_cancellation_token = { let mut cancel_guard = sess.services.mcp_startup_cancellation_token.lock().await; cancel_guard.cancel(); - *cancel_guard = CancellationToken::new(); - } + let cancel_token = CancellationToken::new(); + *cancel_guard = cancel_token.clone(); + cancel_token + }; let turn_environment = crate::environment_selection::resolve_environment_selections( sess.services.environment_manager.as_ref(), - &session_configuration.environments, + session_configuration.environment_selections(), ) .map_err(|err| { CodexErr::InvalidRequest(err.to_string().replace( @@ -1159,16 +1132,17 @@ impl Session { ), None => McpRuntimeContext::new( Arc::clone(&sess.services.environment_manager), - session_configuration.cwd.to_path_buf(), + session_configuration.cwd().to_path_buf(), ), }; - let (mcp_connection_manager, cancel_token) = McpConnectionManager::new( + let mcp_connection_manager = McpConnectionManager::new( &mcp_servers, config.mcp_oauth_credentials_store_mode, - auth_statuses.clone(), + auth_statuses, &session_configuration.approval_policy, INITIAL_SUBMIT_ID.to_owned(), tx_event.clone(), + mcp_startup_cancellation_token, session_configuration.permission_profile(), mcp_runtime_context, config.codex_home.to_path_buf(), @@ -1183,43 +1157,11 @@ impl Session { .instrument(info_span!( "session_init.mcp_manager_init", otel.name = "session_init.mcp_manager_init", - session_init.enabled_mcp_server_count = enabled_mcp_server_count, - session_init.required_mcp_server_count = required_mcp_server_count, )) .await; - { - let mut manager_guard = sess.services.mcp_connection_manager.write().await; - *manager_guard = mcp_connection_manager; - } - { - let mut cancel_guard = sess.services.mcp_startup_cancellation_token.lock().await; - if cancel_guard.is_cancelled() { - cancel_token.cancel(); - } - *cancel_guard = cancel_token; - } - if !required_mcp_servers.is_empty() { - let failures = sess - .services - .mcp_connection_manager - .read() - .await - .required_startup_failures(&required_mcp_servers) - .instrument(info_span!( - "session_init.required_mcp_wait", - otel.name = "session_init.required_mcp_wait", - session_init.required_mcp_server_count = required_mcp_server_count, - )) - .await; - if !failures.is_empty() { - let details = failures - .iter() - .map(|failure| format!("{}: {}", failure.server, failure.error)) - .collect::>() - .join("; "); - anyhow::bail!("required MCP servers failed to initialize: {details}"); - } - } + sess.services + .install_mcp_connection_manager(mcp_connection_manager) + .await?; sess.schedule_startup_prewarm(session_configuration.base_instructions.clone()) .await; let session_start_source = match &initial_history { diff --git a/codex-rs/core/src/session/tests.rs b/codex-rs/core/src/session/tests.rs index 16435742069..0dbb13fcd2d 100644 --- a/codex-rs/core/src/session/tests.rs +++ b/codex-rs/core/src/session/tests.rs @@ -22,6 +22,7 @@ use codex_config::RequirementSource; use codex_config::Sourced; use codex_config::loader::project_trust_key; use codex_config::types::ToolSuggestDisabledTool; +use core_test_support::test_codex::local_selections; use codex_features::Feature; use codex_login::CodexAuth; @@ -41,7 +42,9 @@ use codex_protocol::models::ActivePermissionProfile; use codex_protocol::models::BUILT_IN_PERMISSION_PROFILE_WORKSPACE; use codex_protocol::models::FileSystemPermissions; use codex_protocol::models::FunctionCallOutputBody; +use codex_protocol::models::FunctionCallOutputContentItem; use codex_protocol::models::FunctionCallOutputPayload; +use codex_protocol::models::ImageDetail; use codex_protocol::models::PermissionProfile; use codex_protocol::models::SandboxEnforcement; use codex_protocol::openai_models::ModelServiceTier; @@ -53,15 +56,11 @@ use codex_protocol::permissions::FileSystemSpecialPath; use codex_protocol::protocol::NonSteerableTurnKind; use codex_protocol::protocol::SandboxPolicy; use codex_protocol::protocol::TurnEnvironmentSelection; +use codex_protocol::protocol::TurnEnvironmentSelections; use codex_protocol::request_permissions::PermissionGrantScope; use codex_protocol::request_permissions::RequestPermissionProfile; use tracing::Span; -use crate::goals::CreateGoalRequest; -use crate::goals::ExternalGoalPreviousStatus; -use crate::goals::ExternalGoalSet; -use crate::goals::GoalRuntimeEvent; -use crate::goals::SetGoalRequest; use crate::rollout::recorder::RolloutRecorder; use crate::state::ActiveTurn; use crate::state::TaskKind; @@ -72,11 +71,9 @@ use crate::tasks::execute_user_shell_command; use crate::tools::ToolRouter; use crate::tools::context::ToolInvocation; use crate::tools::context::ToolPayload; -use crate::tools::handlers::CreateGoalHandler; use crate::tools::handlers::ExecCommandHandler; use crate::tools::handlers::RequestPermissionsHandler; use crate::tools::handlers::ShellCommandHandler; -use crate::tools::handlers::UpdateGoalHandler; use crate::tools::registry::ToolExecutor; use crate::tools::router::ToolCallSource; use crate::turn_diff_tracker::TurnDiffTracker; @@ -128,7 +125,6 @@ use codex_protocol::protocol::SessionMeta; use codex_protocol::protocol::SessionMetaLine; use codex_protocol::protocol::SkillScope; use codex_protocol::protocol::Submission; -use codex_protocol::protocol::ThreadGoalStatus; use codex_protocol::protocol::ThreadRolledBackEvent; use codex_protocol::protocol::ThreadSettingsOverrides; use codex_protocol::protocol::TokenCountEvent; @@ -139,28 +135,22 @@ use codex_protocol::protocol::TurnCompleteEvent; use codex_protocol::protocol::TurnStartedEvent; use codex_protocol::protocol::UserMessageEvent; use codex_protocol::protocol::W3cTraceContext; -use codex_protocol::request_user_input::RequestUserInputAnswer; -use codex_protocol::request_user_input::RequestUserInputResponse; use codex_rmcp_client::ElicitationAction; use core_test_support::PathBufExt; use core_test_support::PathExt; use core_test_support::context_snapshot; use core_test_support::context_snapshot::ContextSnapshotOptions; use core_test_support::context_snapshot::ContextSnapshotRenderMode; -use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; -use core_test_support::responses::ev_completed_with_tokens; -use core_test_support::responses::ev_function_call; use core_test_support::responses::ev_response_created; use core_test_support::responses::mount_sse_once; -use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; +use core_test_support::test_codex::local; use core_test_support::test_codex::test_codex; use core_test_support::test_path_buf; use core_test_support::tracing::install_test_tracing; use core_test_support::wait_for_event; -use core_test_support::wait_for_event_match; use opentelemetry::trace::TraceContextExt; use opentelemetry::trace::TraceId; use opentelemetry_sdk::metrics::InMemoryMetricExporter; @@ -331,8 +321,7 @@ async fn request_mcp_server_elicitation_auto_accepts_when_auto_deny_is_enabled() session .services .mcp_connection_manager - .read() - .await + .load_full() .set_elicitations_auto_deny(/*auto_deny*/ true); let requested_schema: McpElicitationSchema = serde_json::from_value(json!({ @@ -434,12 +423,9 @@ fn test_model_client_session() -> crate::client::ModelClientSession { .expect("test thread id should be valid"); crate::client::ModelClient::new( /*auth_manager*/ None, - thread_id.into(), thread_id, - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), ModelProviderInfo::create_openai_provider(/* base_url */ /*base_url*/ None), codex_protocol::protocol::SessionSource::Exec, - /*parent_thread_id*/ None, /*model_verbosity*/ None, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, @@ -1598,6 +1584,7 @@ async fn reconstruct_history_matches_live_compactions() { .await; assert_eq!(expected, reconstructed.history); + assert_eq!(2, reconstructed.window_id); } #[tokio::test] @@ -1625,6 +1612,7 @@ async fn reconstruct_history_uses_replacement_history_verbatim() { let rollout_items = vec![RolloutItem::Compacted(CompactedItem { message: String::new(), replacement_history: Some(replacement_history.clone()), + window_id: Some(42), })]; let reconstructed = session @@ -1632,6 +1620,7 @@ async fn reconstruct_history_uses_replacement_history_verbatim() { .await; assert_eq!(reconstructed.history, replacement_history); + assert_eq!(42, reconstructed.window_id); } #[tokio::test] @@ -1651,6 +1640,114 @@ async fn record_initial_history_reconstructs_resumed_transcript() { assert_eq!(expected, history.raw_items()); } +#[tokio::test] +async fn resize_all_images_prepares_failures_before_history_insertion() { + let (session, turn_context, _rx) = make_session_and_context_with_auth_and_config_and_rx( + CodexAuth::from_api_key("Test API Key"), + Vec::new(), + |config| { + let _ = config.features.enable(Feature::ResizeAllImages); + }, + ) + .await; + let item = ResponseItem::FunctionCallOutput { + call_id: "call-1".to_string(), + output: FunctionCallOutputPayload { + body: FunctionCallOutputBody::ContentItems(vec![ + FunctionCallOutputContentItem::InputText { + text: "before".to_string(), + }, + FunctionCallOutputContentItem::InputImage { + image_url: "data:image/png;base64,%%%".to_string(), + detail: Some(ImageDetail::High), + }, + FunctionCallOutputContentItem::InputImage { + image_url: "https://example.com/image.png".to_string(), + detail: Some(ImageDetail::High), + }, + ]), + success: Some(true), + }, + }; + + session + .record_conversation_items(turn_context.as_ref(), std::slice::from_ref(&item)) + .await; + + assert_eq!( + session.state.lock().await.clone_history().raw_items(), + &[ResponseItem::FunctionCallOutput { + call_id: "call-1".to_string(), + output: FunctionCallOutputPayload { + body: FunctionCallOutputBody::ContentItems(vec![ + FunctionCallOutputContentItem::InputText { + text: "before".to_string(), + }, + FunctionCallOutputContentItem::InputText { + text: "image content omitted because it could not be processed".to_string(), + }, + FunctionCallOutputContentItem::InputImage { + image_url: "https://example.com/image.png".to_string(), + detail: Some(ImageDetail::High), + }, + ]), + success: Some(true), + }, + }] + ); +} + +#[tokio::test] +async fn resize_all_images_prepares_resumed_history_before_installing_it() { + let (session, _turn_context, _rx) = make_session_and_context_with_auth_and_config_and_rx( + CodexAuth::from_api_key("Test API Key"), + Vec::new(), + |config| { + let _ = config.features.enable(Feature::ResizeAllImages); + }, + ) + .await; + let resumed_item = ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ + ContentItem::InputImage { + image_url: "data:image/png;base64,%%%".to_string(), + detail: Some(ImageDetail::High), + }, + ContentItem::InputText { + text: "keep me".to_string(), + }, + ], + phase: None, + }; + + session + .record_initial_history(InitialHistory::Resumed(ResumedHistory { + conversation_id: ThreadId::default(), + history: vec![RolloutItem::ResponseItem(resumed_item)], + rollout_path: Some(PathBuf::from("/tmp/resume.jsonl")), + })) + .await; + + assert_eq!( + session.state.lock().await.clone_history().raw_items(), + &[ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ + ContentItem::InputText { + text: "image content omitted because it could not be processed".to_string(), + }, + ContentItem::InputText { + text: "keep me".to_string(), + }, + ], + phase: None, + }] + ); +} + #[test] fn resolve_multi_agent_version_handles_unset_and_legacy_history() { let thread_id = ThreadId::default(); @@ -1934,26 +2031,27 @@ async fn record_token_usage_info_notifies_extension_contributors() { records: Arc>>, } - #[async_trait::async_trait] impl codex_extension_api::TokenUsageContributor for TokenUsageRecorder { - async fn on_token_usage( - &self, - session_store: &codex_extension_api::ExtensionData, - thread_store: &codex_extension_api::ExtensionData, - turn_store: &codex_extension_api::ExtensionData, - token_usage: &TokenUsageInfo, - ) { - self.records - .lock() - .expect("token usage records lock") - .push(RecordedTokenUsage { - session_level_id: session_store.level_id().to_string(), - thread_level_id: thread_store.level_id().to_string(), - turn_level_id: turn_store.level_id().to_string(), - token_usage: token_usage.clone(), - saw_session_store: session_store.get::().is_some(), - saw_thread_store: thread_store.get::().is_some(), - }); + fn on_token_usage<'a>( + &'a self, + session_store: &'a codex_extension_api::ExtensionData, + thread_store: &'a codex_extension_api::ExtensionData, + turn_store: &'a codex_extension_api::ExtensionData, + token_usage: &'a TokenUsageInfo, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + self.records + .lock() + .expect("token usage records lock") + .push(RecordedTokenUsage { + session_level_id: session_store.level_id().to_string(), + thread_level_id: thread_store.level_id().to_string(), + turn_level_id: turn_store.level_id().to_string(), + token_usage: token_usage.clone(), + saw_session_store: session_store.get::().is_some(), + saw_thread_store: thread_store.get::().is_some(), + }); + }) } } @@ -2052,25 +2150,32 @@ async fn turn_start_lifecycle_exposes_turn_metadata_and_token_baseline() { records: Arc>>, } - #[async_trait::async_trait] impl codex_extension_api::TurnLifecycleContributor for TurnStartRecorder { - async fn on_turn_start(&self, input: codex_extension_api::TurnStartInput<'_>) { - self.records - .lock() - .expect("turn start records lock") - .push(RecordedTurnStart { - session_level_id: input.session_store.level_id().to_string(), - thread_level_id: input.thread_store.level_id().to_string(), - turn_level_id: input.turn_store.level_id().to_string(), - turn_id: input.turn_id.to_string(), - collaboration_mode: input.collaboration_mode.clone(), - token_usage_at_turn_start: input.token_usage_at_turn_start.clone(), - saw_session_store: input - .session_store - .get::() - .is_some(), - saw_thread_store: input.thread_store.get::().is_some(), - }); + fn on_turn_start<'a>( + &'a self, + input: codex_extension_api::TurnStartInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + self.records + .lock() + .expect("turn start records lock") + .push(RecordedTurnStart { + session_level_id: input.session_store.level_id().to_string(), + thread_level_id: input.thread_store.level_id().to_string(), + turn_level_id: input.turn_store.level_id().to_string(), + turn_id: input.turn_id.to_string(), + collaboration_mode: input.collaboration_mode.clone(), + token_usage_at_turn_start: input.token_usage_at_turn_start.clone(), + saw_session_store: input + .session_store + .get::() + .is_some(), + saw_thread_store: input + .thread_store + .get::() + .is_some(), + }); + }) } } @@ -2150,24 +2255,31 @@ async fn turn_error_lifecycle_exposes_error_and_stores() { records: Arc>>, } - #[async_trait::async_trait] impl codex_extension_api::TurnLifecycleContributor for TurnErrorRecorder { - async fn on_turn_error(&self, input: codex_extension_api::TurnErrorInput<'_>) { - self.records - .lock() - .expect("turn error records lock") - .push(RecordedTurnError { - session_level_id: input.session_store.level_id().to_string(), - thread_level_id: input.thread_store.level_id().to_string(), - turn_level_id: input.turn_store.level_id().to_string(), - turn_id: input.turn_id.to_string(), - error: input.error, - saw_session_store: input - .session_store - .get::() - .is_some(), - saw_thread_store: input.thread_store.get::().is_some(), - }); + fn on_turn_error<'a>( + &'a self, + input: codex_extension_api::TurnErrorInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + self.records + .lock() + .expect("turn error records lock") + .push(RecordedTurnError { + session_level_id: input.session_store.level_id().to_string(), + thread_level_id: input.thread_store.level_id().to_string(), + turn_level_id: input.turn_store.level_id().to_string(), + turn_id: input.turn_id.to_string(), + error: input.error, + saw_session_store: input + .session_store + .get::() + .is_some(), + saw_thread_store: input + .thread_store + .get::() + .is_some(), + }); + }) } } @@ -2407,7 +2519,8 @@ async fn session_permission_profile_rebinds_runtime_workspace_roots() -> anyhow: ); let mut session_configuration = make_session_configuration_for_tests().await; - session_configuration.cwd = config.cwd.clone(); + session_configuration.environments = + TurnEnvironmentSelections::new(config.cwd.clone(), Vec::new()); session_configuration.workspace_roots = config.workspace_roots.clone(); session_configuration.permission_profile_state = session_permission_profile_state; @@ -2419,8 +2532,8 @@ async fn session_permission_profile_rebinds_runtime_workspace_roots() -> anyhow: ..Default::default() })?; let updated_policy = updated.file_system_sandbox_policy(); - assert!(updated_policy.can_write_path_with_cwd(new_root.as_path(), updated.cwd.as_path())); - assert!(!updated_policy.can_write_path_with_cwd(old_root.as_path(), updated.cwd.as_path())); + assert!(updated_policy.can_write_path_with_cwd(new_root.as_path(), updated.cwd().as_path())); + assert!(!updated_policy.can_write_path_with_cwd(old_root.as_path(), updated.cwd().as_path())); Ok(()) } @@ -2452,7 +2565,6 @@ async fn fork_startup_context_then_first_turn_diff_snapshot() -> anyhow::Result< initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "fork seed".into(), text_elements: Vec::new(), @@ -2498,7 +2610,6 @@ async fn fork_startup_context_then_first_turn_diff_snapshot() -> anyhow::Result< forked .thread .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after fork".into(), text_elements: Vec::new(), @@ -2555,11 +2666,12 @@ async fn record_initial_history_forked_hydrates_previous_turn_settings() { network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: turn_context.personality, collaboration_mode: Some(turn_context.collaboration_mode.clone()), multi_agent_version: None, realtime_active: Some(turn_context.realtime_active), - effort: turn_context.reasoning_effort, + effort: turn_context.reasoning_effort.clone(), summary: codex_protocol::config_types::ReasoningSummary::Auto, }; let turn_id = previous_context_item @@ -2607,6 +2719,7 @@ async fn record_initial_history_forked_hydrates_previous_turn_settings() { session.previous_turn_settings().await, Some(PreviousTurnSettings { model: previous_model.to_string(), + comp_hash: None, realtime_active: Some(turn_context.realtime_active), }) ); @@ -2649,6 +2762,7 @@ async fn thread_rollback_drops_last_turn_from_history() { sess.persist_rollout_items(&rollout_items).await; sess.set_previous_turn_settings(Some(PreviousTurnSettings { model: "stale-model".to_string(), + comp_hash: None, realtime_active: Some(tc.realtime_active), })) .await; @@ -2831,6 +2945,7 @@ async fn thread_rollback_recomputes_previous_turn_settings_and_reference_context .await; sess.set_previous_turn_settings(Some(PreviousTurnSettings { model: "stale-model".to_string(), + comp_hash: None, realtime_active: None, })) .await; @@ -2847,6 +2962,7 @@ async fn thread_rollback_recomputes_previous_turn_settings_and_reference_context sess.previous_turn_settings().await, Some(PreviousTurnSettings { model: tc.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(tc.realtime_active), }) ); @@ -2918,6 +3034,7 @@ async fn thread_rollback_restores_cleared_reference_context_item_after_compactio RolloutItem::Compacted(CompactedItem { message: "summary after compaction".to_string(), replacement_history: Some(compacted_history.clone()), + window_id: Some(7), }), RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent { turn_id: compact_turn_id, @@ -2946,6 +3063,7 @@ async fn thread_rollback_restores_cleared_reference_context_item_after_compactio RolloutItem::TurnContext(TurnContextItem { turn_id: Some(rolled_back_turn_id.clone()), model: "rolled-back-model".to_string(), + comp_hash: None, ..first_context_item.clone() }), RolloutItem::ResponseItem(user_message("turn 2 user")), @@ -2964,6 +3082,10 @@ async fn thread_rollback_restores_cleared_reference_context_item_after_compactio Some(first_context_item), ) .await; + { + let mut state = sess.state.lock().await; + state.set_auto_compact_window_id(/*window_id*/ 99); + } handlers::thread_rollback(&sess, "sub-1".to_string(), /*num_turns*/ 1).await; let rollback_event = wait_for_thread_rolled_back(&rx).await; @@ -2971,6 +3093,7 @@ async fn thread_rollback_restores_cleared_reference_context_item_after_compactio assert_eq!(sess.clone_history().await.raw_items(), compacted_history); assert!(sess.reference_context_item().await.is_none()); + assert!(sess.current_window_id().await.ends_with(":7")); } #[tokio::test] @@ -3146,7 +3269,7 @@ async fn set_rate_limits_retains_previous_credits() { let model = get_model_offline_for_tests(config.model.as_deref()); let model_info = construct_model_info_offline_for_tests(model.as_str(), &config.to_models_manager_config()); - let reasoning_effort = config.model_reasoning_effort; + let reasoning_effort = config.model_reasoning_effort.clone(); let collaboration_mode = CollaborationMode { mode: ModeKind::Default, settings: Settings { @@ -3160,7 +3283,7 @@ async fn set_rate_limits_retains_previous_credits() { collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -3172,11 +3295,10 @@ async fn set_rate_limits_retains_previous_credits() { approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), Vec::new()), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: Vec::new(), original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -3254,7 +3376,7 @@ async fn set_rate_limits_updates_plan_type_when_present() { let model = get_model_offline_for_tests(config.model.as_deref()); let model_info = construct_model_info_offline_for_tests(model.as_str(), &config.to_models_manager_config()); - let reasoning_effort = config.model_reasoning_effort; + let reasoning_effort = config.model_reasoning_effort.clone(); let collaboration_mode = CollaborationMode { mode: ModeKind::Default, settings: Settings { @@ -3268,7 +3390,7 @@ async fn set_rate_limits_updates_plan_type_when_present() { collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -3280,11 +3402,10 @@ async fn set_rate_limits_updates_plan_type_when_present() { approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), Vec::new()), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: Vec::new(), original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -3541,6 +3662,7 @@ async fn attach_thread_persistence(session: &mut Session) -> PathBuf { Arc::clone(&session.services.thread_store), CreateThreadParams { thread_id: session.thread_id, + extra_config: None, forked_from_id: None, parent_thread_id: None, source: SessionSource::Exec, @@ -3785,7 +3907,7 @@ pub(crate) async fn make_session_configuration_for_tests() -> SessionConfigurati let model = get_model_offline_for_tests(config.model.as_deref()); let model_info = construct_model_info_offline_for_tests(model.as_str(), &config.to_models_manager_config()); - let reasoning_effort = config.model_reasoning_effort; + let reasoning_effort = config.model_reasoning_effort.clone(); let collaboration_mode = CollaborationMode { mode: ModeKind::Default, settings: Settings { @@ -3800,7 +3922,7 @@ pub(crate) async fn make_session_configuration_for_tests() -> SessionConfigurati collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -3812,11 +3934,10 @@ pub(crate) async fn make_session_configuration_for_tests() -> SessionConfigurati approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), Vec::new()), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: Vec::new(), original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -3831,6 +3952,85 @@ pub(crate) async fn make_session_configuration_for_tests() -> SessionConfigurati } } +#[tokio::test] +async fn emit_subagent_session_started_includes_fork_lineage_from_session_configuration() { + use wiremock::Mock; + use wiremock::MockServer; + use wiremock::ResponseTemplate; + use wiremock::matchers::method; + use wiremock::matchers::path; + + let server = MockServer::start().await; + Mock::given(method("POST")) + .and(path("/codex/analytics-events/events")) + .respond_with(ResponseTemplate::new(200)) + .mount(&server) + .await; + + let auth_manager = + AuthManager::from_auth_for_testing(CodexAuth::create_dummy_chatgpt_auth_for_testing()); + let analytics_events_client = AnalyticsEventsClient::new( + auth_manager, + server.uri(), + /*analytics_enabled*/ Some(true), + ); + + let parent_thread_id = ThreadId::new(); + let forked_from_thread_id = ThreadId::new(); + let child_thread_id = ThreadId::new(); + let mut session_configuration = make_session_configuration_for_tests().await; + session_configuration.forked_from_thread_id = Some(forked_from_thread_id); + + emit_subagent_session_started( + &analytics_events_client, + AppServerClientMetadata { + client_name: Some("codex-tui".to_string()), + client_version: Some("1.0.0".to_string()), + }, + SessionId::from(child_thread_id), + child_thread_id, + Some(parent_thread_id), + session_configuration.thread_config_snapshot(), + SubAgentSource::ThreadSpawn { + parent_thread_id, + depth: 1, + agent_path: None, + agent_nickname: None, + agent_role: None, + }, + ); + + let event = timeout(Duration::from_secs(1), async { + 'wait_for_event: loop { + if let Some(requests) = server.received_requests().await { + for request in requests { + let payload: serde_json::Value = + serde_json::from_slice(&request.body).expect("valid analytics payload"); + if let Some(event) = payload["events"].as_array().and_then(|events| { + events + .iter() + .find(|event| event["event_type"] == "codex_thread_initialized") + }) { + break 'wait_for_event event.clone(); + } + } + } + tokio::time::sleep(Duration::from_millis(10)).await; + } + }) + .await + .expect("subagent initialization analytics should be emitted"); + + assert_eq!( + event["event_params"]["parent_thread_id"], + parent_thread_id.to_string() + ); + assert_eq!( + event["event_params"]["forked_from_thread_id"], + forked_from_thread_id.to_string() + ); +} + fn turn_environments_for_tests( environment: &Arc, cwd: &codex_utils_absolute_path::AbsolutePathBuf, @@ -3853,9 +4053,11 @@ async fn session_configuration_apply_preserves_profile_file_system_policy_on_cwd let original_cwd = project_root.join("subdir"); let docs_dir = original_cwd.join("docs"); std::fs::create_dir_all(&docs_dir).expect("create docs dir"); + let project_root = project_root.abs(); let docs_dir = docs_dir.abs(); - session_configuration.cwd = original_cwd.abs(); + session_configuration.environments = + TurnEnvironmentSelections::new(original_cwd.abs(), Vec::new()); let sandbox_policy = SandboxPolicy::WorkspaceWrite { writable_roots: Vec::new(), network_access: false, @@ -3889,7 +4091,7 @@ async fn session_configuration_apply_preserves_profile_file_system_policy_on_cwd let updated = session_configuration .apply(&SessionSettingsUpdate { - cwd: Some(project_root), + environments: Some(TurnEnvironmentSelections::new(project_root, Vec::new())), ..Default::default() }) .expect("cwd-only update should succeed"); @@ -3904,7 +4106,8 @@ async fn session_configuration_apply_preserves_profile_file_system_policy_on_cwd async fn session_configuration_apply_permission_profile_preserves_existing_deny_read_entries() { let mut session_configuration = make_session_configuration_for_tests().await; let cwd = tempfile::tempdir().expect("create temp dir"); - session_configuration.cwd = cwd.path().abs(); + session_configuration.environments = + TurnEnvironmentSelections::new(cwd.path().abs(), Vec::new()); let workspace_policy = SandboxPolicy::new_workspace_write_policy(); let deny_entry = FileSystemSandboxEntry { @@ -3916,7 +4119,7 @@ async fn session_configuration_apply_permission_profile_preserves_existing_deny_ let mut existing_file_system_policy = FileSystemSandboxPolicy::from_legacy_sandbox_policy_for_cwd( &workspace_policy, - session_configuration.cwd.as_path(), + session_configuration.cwd().as_path(), ); existing_file_system_policy.glob_scan_max_depth = Some(2); existing_file_system_policy.entries.push(deny_entry.clone()); @@ -3932,7 +4135,7 @@ async fn session_configuration_apply_permission_profile_preserves_existing_deny_ let requested_file_system_policy = FileSystemSandboxPolicy::from_legacy_sandbox_policy_for_cwd( &workspace_policy, - session_configuration.cwd.as_path(), + session_configuration.cwd().as_path(), ); let permission_profile = codex_protocol::models::PermissionProfile::from_runtime_permissions( &requested_file_system_policy, @@ -3959,7 +4162,8 @@ async fn session_configuration_apply_permission_profile_preserves_existing_deny_ async fn session_configuration_apply_permission_profile_accepts_direct_write_roots() { let mut session_configuration = make_session_configuration_for_tests().await; let cwd = tempfile::tempdir().expect("create cwd"); - session_configuration.cwd = cwd.path().abs(); + session_configuration.environments = + TurnEnvironmentSelections::new(cwd.path().abs(), Vec::new()); let external_write_dir = tempfile::tempdir().expect("create external write root"); let external_write_path = AbsolutePathBuf::from_absolute_path( codex_utils_absolute_path::canonicalize_preserving_symlinks(external_write_dir.path()) @@ -4035,8 +4239,8 @@ async fn session_configuration_apply_rebinds_symbolic_profile_to_updated_workspa .expect("permission profile update should succeed"); let updated_policy = updated.file_system_sandbox_policy(); - assert!(updated_policy.can_write_path_with_cwd(new_root.as_path(), updated.cwd.as_path())); - assert!(!updated_policy.can_write_path_with_cwd(old_root.as_path(), updated.cwd.as_path())); + assert!(updated_policy.can_write_path_with_cwd(new_root.as_path(), updated.cwd().as_path())); + assert!(!updated_policy.can_write_path_with_cwd(old_root.as_path(), updated.cwd().as_path())); assert_eq!( updated.active_permission_profile(), Some(ActivePermissionProfile::new("dev")) @@ -4053,7 +4257,8 @@ async fn session_configuration_apply_retargets_implicit_workspace_root_on_cwd_up let old_root = old_root.path().abs(); let new_root = new_root.path().abs(); let extra_root = extra_root.path().abs(); - session_configuration.cwd = old_root.clone(); + session_configuration.environments = + TurnEnvironmentSelections::new(old_root.clone(), Vec::new()); session_configuration.workspace_roots = vec![old_root.clone(), extra_root.clone()]; let file_system_sandbox_policy = @@ -4073,7 +4278,7 @@ async fn session_configuration_apply_retargets_implicit_workspace_root_on_cwd_up let updated = session_configuration .apply(&SessionSettingsUpdate { - cwd: Some(new_root.to_path_buf()), + environments: Some(TurnEnvironmentSelections::new(new_root.clone(), Vec::new())), ..Default::default() }) .expect("cwd-only update should succeed"); @@ -4083,9 +4288,9 @@ async fn session_configuration_apply_retargets_implicit_workspace_root_on_cwd_up vec![new_root.clone(), extra_root.clone()] ); let updated_policy = updated.file_system_sandbox_policy(); - assert!(updated_policy.can_write_path_with_cwd(new_root.as_path(), updated.cwd.as_path())); - assert!(updated_policy.can_write_path_with_cwd(extra_root.as_path(), updated.cwd.as_path())); - assert!(!updated_policy.can_write_path_with_cwd(old_root.as_path(), updated.cwd.as_path())); + assert!(updated_policy.can_write_path_with_cwd(new_root.as_path(), updated.cwd().as_path())); + assert!(updated_policy.can_write_path_with_cwd(extra_root.as_path(), updated.cwd().as_path())); + assert!(!updated_policy.can_write_path_with_cwd(old_root.as_path(), updated.cwd().as_path())); } #[tokio::test] @@ -4288,8 +4493,9 @@ async fn session_configuration_apply_retargets_legacy_workspace_root_on_cwd_upda let workspace = tempfile::tempdir().expect("create temp dir"); let original_cwd = workspace.path().join("repo-a").abs(); let project_root = workspace.path().join("repo-b").abs(); - session_configuration.cwd = original_cwd.clone(); - session_configuration.workspace_roots = vec![session_configuration.cwd.clone()]; + session_configuration.environments = + TurnEnvironmentSelections::new(original_cwd.clone(), Vec::new()); + session_configuration.workspace_roots = vec![session_configuration.cwd().clone()]; let sandbox_policy = SandboxPolicy::WorkspaceWrite { writable_roots: Vec::new(), network_access: false, @@ -4298,7 +4504,7 @@ async fn session_configuration_apply_retargets_legacy_workspace_root_on_cwd_upda }; let file_system_sandbox_policy = FileSystemSandboxPolicy::from_legacy_sandbox_policy_for_cwd( &sandbox_policy, - &session_configuration.cwd, + session_configuration.cwd(), ); session_configuration .set_permission_profile_for_tests( @@ -4312,7 +4518,10 @@ async fn session_configuration_apply_retargets_legacy_workspace_root_on_cwd_upda let updated = session_configuration .apply(&SessionSettingsUpdate { - cwd: Some(project_root.to_path_buf()), + environments: Some(TurnEnvironmentSelections::new( + project_root.clone(), + Vec::new(), + )), ..Default::default() }) .expect("cwd-only update should succeed"); @@ -4321,13 +4530,13 @@ async fn session_configuration_apply_retargets_legacy_workspace_root_on_cwd_upda assert!( updated .file_system_sandbox_policy() - .can_write_path_with_cwd(project_root.as_path(), updated.cwd.as_path()), + .can_write_path_with_cwd(project_root.as_path(), updated.cwd().as_path()), "cwd-only update should keep the new cwd writable" ); assert!( !updated .file_system_sandbox_policy() - .can_write_path_with_cwd(original_cwd.as_path(), updated.cwd.as_path()), + .can_write_path_with_cwd(original_cwd.as_path(), updated.cwd().as_path()), "cwd-only update should not keep the old implicit cwd writable" ); } @@ -4341,8 +4550,10 @@ async fn session_configuration_apply_preserves_absolute_cwd_write_root_on_cwd_up std::fs::create_dir_all(&original_cwd).expect("create original cwd"); std::fs::create_dir_all(&next_cwd).expect("create next cwd"); let original_cwd = original_cwd.abs(); + let next_cwd = next_cwd.abs(); - session_configuration.cwd = original_cwd.clone(); + session_configuration.environments = + TurnEnvironmentSelections::new(original_cwd.clone(), Vec::new()); let file_system_sandbox_policy = FileSystemSandboxPolicy::restricted(vec![ FileSystemSandboxEntry { path: FileSystemPath::Special { @@ -4369,7 +4580,7 @@ async fn session_configuration_apply_preserves_absolute_cwd_write_root_on_cwd_up let updated = session_configuration .apply(&SessionSettingsUpdate { - cwd: Some(next_cwd.clone()), + environments: Some(TurnEnvironmentSelections::new(next_cwd.clone(), Vec::new())), ..Default::default() }) .expect("cwd-only update should succeed"); @@ -4381,13 +4592,13 @@ async fn session_configuration_apply_preserves_absolute_cwd_write_root_on_cwd_up assert!( updated .file_system_sandbox_policy() - .can_write_path_with_cwd(original_cwd.as_path(), updated.cwd.as_path()), + .can_write_path_with_cwd(original_cwd.as_path(), updated.cwd().as_path()), "absolute grant to the old cwd must remain writable" ); assert!( !updated .file_system_sandbox_policy() - .can_write_path_with_cwd(next_cwd.as_path(), updated.cwd.as_path()), + .can_write_path_with_cwd(next_cwd.as_path(), updated.cwd().as_path()), "cwd-only update must not reinterpret an absolute old-cwd grant as :workspace_roots" ); } @@ -4397,11 +4608,21 @@ async fn session_update_settings_does_not_rewrite_sticky_environment_cwds() { let (session, turn_context) = make_session_and_context().await; #[allow(deprecated)] let updated_cwd = turn_context.cwd.join("project"); + let current_environments = { + let state = session.state.lock().await; + state + .session_configuration + .environment_selections() + .to_vec() + }; std::fs::create_dir_all(updated_cwd.as_path()).expect("create project dir"); session .update_settings(SessionSettingsUpdate { - cwd: Some(PathBuf::from("project")), + environments: Some(TurnEnvironmentSelections::new( + updated_cwd.clone(), + current_environments, + )), ..Default::default() }) .await @@ -4409,7 +4630,7 @@ async fn session_update_settings_does_not_rewrite_sticky_environment_cwds() { let session_cwd = { let state = session.state.lock().await; - state.session_configuration.cwd.clone() + state.session_configuration.cwd().clone() }; let config = session.get_config().await; let next_turn = session.new_default_turn().await; @@ -4429,55 +4650,65 @@ async fn relative_cwd_update_without_environments_resolves_under_session_cwd() { let (session, _turn_context) = make_session_and_context().await; let original_cwd = { let mut state = session.state.lock().await; - state.session_configuration.environments = Vec::new(); - state.session_configuration.cwd.clone() + state.session_configuration.environments.environments = Vec::new(); + state.session_configuration.cwd().clone() }; let updated_cwd = original_cwd.join("project"); std::fs::create_dir_all(updated_cwd.as_path()).expect("create project dir"); session .update_settings(SessionSettingsUpdate { - cwd: Some(PathBuf::from("project")), + environments: Some(TurnEnvironmentSelections::new( + updated_cwd.clone(), + Vec::new(), + )), ..Default::default() }) .await .expect("cwd update should succeed"); let state = session.state.lock().await; - assert_eq!(state.session_configuration.cwd, updated_cwd); - assert!(state.session_configuration.environments.is_empty()); + assert_eq!(state.session_configuration.cwd(), &updated_cwd); + assert!( + state + .session_configuration + .environment_selections() + .is_empty() + ); } #[tokio::test] -async fn cwd_update_does_not_rewrite_sticky_environment_cwd() { +async fn cwd_update_rewrites_sticky_environment_cwd() { let (session, _turn_context) = make_session_and_context().await; - let (original_cwd, environment_cwd) = { + let (original_cwd, environment_cwd, environments) = { let mut state = session.state.lock().await; - let original_cwd = state.session_configuration.cwd.clone(); + let original_cwd = state.session_configuration.cwd().clone(); let environment_cwd = original_cwd.join("environment"); - state.session_configuration.environments = vec![TurnEnvironmentSelection { - environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), - cwd: environment_cwd.clone(), - }]; - (original_cwd, environment_cwd) + let environments = vec![local(environment_cwd.clone())]; + state.session_configuration.environments.environments = environments.clone(); + (original_cwd, environment_cwd, environments) }; let updated_cwd = original_cwd.join("project"); std::fs::create_dir_all(updated_cwd.as_path()).expect("create project dir"); session .update_settings(SessionSettingsUpdate { - cwd: Some(PathBuf::from("project")), + environments: Some(TurnEnvironmentSelections::new( + updated_cwd.clone(), + environments, + )), ..Default::default() }) .await .expect("cwd update should succeed"); let state = session.state.lock().await; - assert_eq!(state.session_configuration.cwd, updated_cwd); + assert_eq!(state.session_configuration.cwd(), &updated_cwd); assert_eq!( - state.session_configuration.environments[0].cwd, - environment_cwd + state.session_configuration.environment_selections()[0].cwd, + updated_cwd ); + assert_ne!(environment_cwd, updated_cwd); } #[tokio::test] @@ -4485,7 +4716,7 @@ async fn absolute_cwd_update_with_turn_environment_is_allowed() { let (session, _turn_context, _rx) = make_session_and_context_with_rx().await; let absolute_cwd = { let state = session.state.lock().await; - state.session_configuration.cwd.join("absolute-turn") + state.session_configuration.cwd().join("absolute-turn") }; std::fs::create_dir_all(absolute_cwd.as_path()).expect("create absolute turn dir"); @@ -4493,11 +4724,10 @@ async fn absolute_cwd_update_with_turn_environment_is_allowed() { .new_turn_with_sub_id( "sub-1".to_string(), SessionSettingsUpdate { - cwd: Some(absolute_cwd.to_path_buf()), - environments: Some(vec![TurnEnvironmentSelection { - environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), - cwd: absolute_cwd.clone(), - }]), + environments: Some(TurnEnvironmentSelections::new( + absolute_cwd.clone(), + vec![local(absolute_cwd.clone())], + )), ..Default::default() }, ) @@ -4535,7 +4765,7 @@ async fn session_new_fails_when_zsh_fork_enabled_without_packaged_zsh() { mode: ModeKind::Default, settings: Settings { model, - reasoning_effort: config.model_reasoning_effort, + reasoning_effort: config.model_reasoning_effort.clone(), developer_instructions: None, }, }; @@ -4544,7 +4774,7 @@ async fn session_new_fails_when_zsh_fork_enabled_without_packaged_zsh() { collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -4556,11 +4786,10 @@ async fn session_new_fails_when_zsh_fork_enabled_without_packaged_zsh() { approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), Vec::new()), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: Vec::new(), original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -4597,6 +4826,7 @@ async fn session_new_fails_when_zsh_fork_enabled_without_packaged_zsh() { plugins_manager, mcp_manager, Arc::new(codex_extension_api::ExtensionRegistryBuilder::new().build()), + codex_extension_api::ExtensionDataInit::default(), AgentControl::default(), Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), /*analytics_events_client*/ None, @@ -4637,7 +4867,7 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { let model = get_model_offline_for_tests(config.model.as_deref()); let model_info = construct_model_info_offline_for_tests(model.as_str(), &config.to_models_manager_config()); - let reasoning_effort = config.model_reasoning_effort; + let reasoning_effort = config.model_reasoning_effort.clone(); let collaboration_mode = CollaborationMode { mode: ModeKind::Default, settings: Settings { @@ -4646,16 +4876,13 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { developer_instructions: None, }, }; - let default_environments = vec![TurnEnvironmentSelection { - environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), - cwd: config.cwd.clone(), - }]; + let default_environments = vec![local(config.cwd.clone())]; let session_configuration = SessionConfiguration { provider: config.model_provider.clone(), collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -4667,11 +4894,10 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), default_environments), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: default_environments, original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -4685,7 +4911,7 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { user_shell_override: None, }; let per_turn_config = - Session::build_per_turn_config(&session_configuration, session_configuration.cwd.clone()); + Session::build_per_turn_config(&session_configuration, session_configuration.cwd().clone()); let model_info = construct_model_info_offline_for_tests( session_configuration.collaboration_mode.model(), &per_turn_config.to_models_manager_config(), @@ -4711,7 +4937,7 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { ); let services = SessionServices { - mcp_connection_manager: Arc::new(RwLock::new( + mcp_connection_manager: Arc::new(arc_swap::ArcSwap::from_pointee( McpConnectionManager::new_uninitialized_with_permission_profile( &config.permissions.approval_policy, config.permissions.permission_profile(), @@ -4767,12 +4993,9 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { attestation_provider: None, model_client: ModelClient::new( Some(auth_manager.clone()), - thread_id.into(), thread_id, - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), session_configuration.provider.clone(), session_configuration.session_source.clone(), - session_configuration.parent_thread_id, config.model_verbosity, config.features.enabled(Feature::EnableRequestCompression), config.features.enabled(Feature::RuntimeMetrics), @@ -4797,7 +5020,7 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { .skills_for_config(&skills_input, Some(Arc::clone(&skill_fs))) .await, ); - let turn_environments = turn_environments_for_tests(&environment, &session_configuration.cwd); + let turn_environments = turn_environments_for_tests(&environment, session_configuration.cwd()); let turn_context = Session::make_turn_context( thread_id, SessionId::from(thread_id), @@ -4814,10 +5037,9 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { &models_manager, /*network*/ None, turn_environments, - session_configuration.cwd.clone(), + session_configuration.cwd().clone(), "turn_id".to_string(), skills_outcome, - /*goal_tools_supported*/ true, ); let session = Session { @@ -4834,7 +5056,6 @@ pub(crate) async fn make_session_and_context() -> (Session, TurnContext) { conversation: Arc::new(RealtimeConversationManager::new()), active_turn: Mutex::new(None), input_queue: super::input_queue::InputQueue::new(), - goal_runtime: crate::goals::GoalRuntimeState::new(), guardian_review_session: crate::guardian::GuardianReviewSessionManager::default(), services, next_internal_sub_id: AtomicU64::new(0), @@ -4880,20 +5101,17 @@ async fn make_session_with_config_and_rx( mode: ModeKind::Default, settings: Settings { model, - reasoning_effort: config.model_reasoning_effort, + reasoning_effort: config.model_reasoning_effort.clone(), developer_instructions: None, }, }; - let default_environments = vec![TurnEnvironmentSelection { - environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), - cwd: config.cwd.clone(), - }]; + let default_environments = vec![local(config.cwd.clone())]; let session_configuration = SessionConfiguration { provider: config.model_provider.clone(), collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -4905,11 +5123,10 @@ async fn make_session_with_config_and_rx( approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), default_environments), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: default_environments, original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -4947,6 +5164,7 @@ async fn make_session_with_config_and_rx( plugins_manager, mcp_manager, Arc::new(codex_extension_api::ExtensionRegistryBuilder::new().build()), + codex_extension_api::ExtensionDataInit::default(), AgentControl::default(), Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), /*analytics_events_client*/ None, @@ -4985,20 +5203,17 @@ async fn make_session_with_history_source_and_agent_control_and_rx( mode: ModeKind::Default, settings: Settings { model, - reasoning_effort: config.model_reasoning_effort, + reasoning_effort: config.model_reasoning_effort.clone(), developer_instructions: None, }, }; - let default_environments = vec![TurnEnvironmentSelection { - environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), - cwd: config.cwd.clone(), - }]; + let default_environments = vec![local(config.cwd.clone())]; let session_configuration = SessionConfiguration { provider: config.model_provider.clone(), collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -5010,11 +5225,10 @@ async fn make_session_with_history_source_and_agent_control_and_rx( approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), default_environments), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: default_environments, original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -5052,6 +5266,7 @@ async fn make_session_with_history_source_and_agent_control_and_rx( plugins_manager, mcp_manager, Arc::new(codex_extension_api::ExtensionRegistryBuilder::new().build()), + codex_extension_api::ExtensionDataInit::default(), agent_control, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), /*analytics_events_client*/ None, @@ -5120,7 +5335,7 @@ async fn resumed_subagent_session_keeps_inherited_session_id() { rollout_path: None, }), session_source, - AgentControl::default().with_session_id(parent_session_id), + AgentControl::default().with_session_id(parent_session_id, /*max_threads*/ usize::MAX), ) .await .expect("resume should succeed"); @@ -5873,7 +6088,6 @@ fn submission_dispatch_span_uses_debug_for_realtime_audio() { fn op_kind_for_input_and_context_ops() { assert_eq!( Op::UserInput { - environments: None, items: vec![], final_output_json_schema: None, responsesapi_client_metadata: None, @@ -5905,12 +6119,11 @@ async fn user_turn_updates_approvals_reviewer() { text: "hello".to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(config.cwd.to_path_buf()), + environments: Some(local_selections(config.cwd.clone())), approval_policy: Some(config.permissions.approval_policy.value()), approvals_reviewer: Some(codex_config::types::ApprovalsReviewer::AutoReview), sandbox_policy: Some(config.legacy_sandbox_policy()), @@ -5920,7 +6133,7 @@ async fn user_turn_updates_approvals_reviewer() { mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: turn_context.model_info.slug.clone(), - reasoning_effort: config.model_reasoning_effort, + reasoning_effort: config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -5949,10 +6162,10 @@ async fn turn_environments_set_primary_environment() { .new_turn_with_sub_id( "sub-1".to_string(), SessionSettingsUpdate { - environments: Some(vec![TurnEnvironmentSelection { - environment_id: "local".to_string(), - cwd: selected_cwd.clone(), - }]), + environments: Some(TurnEnvironmentSelections::new( + selected_cwd.clone(), + vec![local(selected_cwd.clone())], + )), ..Default::default() }, ) @@ -5977,7 +6190,7 @@ async fn turn_environments_set_primary_environment() { } #[tokio::test] -async fn default_turn_overlays_session_cwd_onto_stored_thread_environments() { +async fn default_turn_does_not_overlay_legacy_fallback_cwd_onto_stored_thread_environments() { let (session, _turn_context, _rx) = make_session_and_context_with_rx().await; let session_cwd = session.get_config().await.cwd.clone(); let selected_cwd = @@ -5985,10 +6198,7 @@ async fn default_turn_overlays_session_cwd_onto_stored_thread_environments() { { let mut state = session.state.lock().await; - state.session_configuration.environments = vec![TurnEnvironmentSelection { - environment_id: "local".to_string(), - cwd: selected_cwd.clone(), - }]; + state.session_configuration.environments.environments = vec![local(selected_cwd.clone())]; } let turn_context = session.new_default_turn().await; @@ -6005,8 +6215,8 @@ async fn default_turn_overlays_session_cwd_onto_stored_thread_environments() { )); #[allow(deprecated)] let turn_cwd = turn_context.cwd.clone(); - assert_eq!(turn_cwd, session_cwd); - assert_eq!(turn_context.config.cwd, session_cwd); + assert_eq!(turn_cwd, selected_cwd); + assert_eq!(turn_context.config.cwd, selected_cwd); } #[tokio::test] @@ -6016,7 +6226,7 @@ async fn default_turn_honors_empty_stored_thread_environments() { { let mut state = session.state.lock().await; - state.session_configuration.environments = Vec::new(); + state.session_configuration.environments.environments = Vec::new(); } let turn_context = session.new_default_turn().await; @@ -6079,7 +6289,10 @@ async fn empty_turn_environments_clear_primary_environment() { .new_turn_with_sub_id( "sub-1".to_string(), SessionSettingsUpdate { - environments: Some(vec![]), + environments: Some(TurnEnvironmentSelections::new( + session.get_config().await.cwd.clone(), + vec![], + )), ..Default::default() }, ) @@ -6106,10 +6319,13 @@ async fn unknown_turn_environment_returns_error() { .new_turn_with_sub_id( "sub-1".to_string(), SessionSettingsUpdate { - environments: Some(vec![TurnEnvironmentSelection { - environment_id: "missing".to_string(), - cwd: original_configuration.cwd.clone(), - }]), + environments: Some(TurnEnvironmentSelections::new( + original_configuration.cwd().clone(), + vec![TurnEnvironmentSelection { + environment_id: "missing".to_string(), + cwd: original_configuration.cwd().clone(), + }], + )), ..Default::default() }, ) @@ -6122,10 +6338,10 @@ async fn unknown_turn_environment_returns_error() { }; assert!(matches!(err, CodexErr::InvalidRequest(_))); assert!(err.to_string().contains("missing")); - assert_eq!(current_configuration.cwd, original_configuration.cwd); + assert_eq!(current_configuration.cwd(), original_configuration.cwd()); assert_eq!( - current_configuration.environments, - original_configuration.environments + current_configuration.environment_selections(), + original_configuration.environment_selections() ); } @@ -6141,16 +6357,13 @@ async fn duplicate_turn_environment_returns_error_without_mutating_session() { .new_turn_with_sub_id( "sub-1".to_string(), SessionSettingsUpdate { - environments: Some(vec![ - TurnEnvironmentSelection { - environment_id: "local".to_string(), - cwd: original_configuration.cwd.clone(), - }, - TurnEnvironmentSelection { - environment_id: "local".to_string(), - cwd: original_configuration.cwd.join("second"), - }, - ]), + environments: Some(TurnEnvironmentSelections::new( + original_configuration.cwd().clone(), + vec![ + local(original_configuration.cwd().clone()), + local(original_configuration.cwd().join("second")), + ], + )), ..Default::default() }, ) @@ -6163,10 +6376,10 @@ async fn duplicate_turn_environment_returns_error_without_mutating_session() { }; assert!(matches!(err, CodexErr::InvalidRequest(_))); assert!(err.to_string().contains("duplicate")); - assert_eq!(current_configuration.cwd, original_configuration.cwd); + assert_eq!(current_configuration.cwd(), original_configuration.cwd()); assert_eq!( - current_configuration.environments, - original_configuration.environments + current_configuration.environment_selections(), + original_configuration.environment_selections() ); } @@ -6284,6 +6497,7 @@ async fn shutdown_complete_does_not_append_to_thread_store_after_shutdown() { Arc::clone(&thread_store), CreateThreadParams { thread_id: session.thread_id, + extra_config: None, forked_from_id: None, parent_thread_id: None, source: SessionSource::Exec, @@ -6330,16 +6544,20 @@ async fn submission_loop_channel_close_emits_thread_stop_lifecycle() { expected_thread_id: ThreadId, } - #[async_trait::async_trait] impl codex_extension_api::ThreadLifecycleContributor for ThreadStopRecorder { - async fn on_thread_stop(&self, input: codex_extension_api::ThreadStopInput<'_>) { - assert_eq!( - self.expected_thread_id.to_string(), - input.thread_store.level_id() - ); - assert!(input.session_store.get::().is_some()); - assert!(input.thread_store.get::().is_some()); - self.calls.fetch_add(1, std::sync::atomic::Ordering::SeqCst); + fn on_thread_stop<'a>( + &'a self, + input: codex_extension_api::ThreadStopInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + assert_eq!( + self.expected_thread_id.to_string(), + input.thread_store.level_id() + ); + assert!(input.session_store.get::().is_some()); + assert!(input.thread_store.get::().is_some()); + self.calls.fetch_add(1, std::sync::atomic::Ordering::SeqCst); + }) } } @@ -6376,33 +6594,41 @@ async fn submission_loop_channel_close_aborts_active_turn_before_thread_stop_lif expected_turn_id: String, } - #[async_trait::async_trait] impl codex_extension_api::ThreadLifecycleContributor for LifecycleRecorder { - async fn on_thread_stop(&self, input: codex_extension_api::ThreadStopInput<'_>) { - assert_eq!( - self.expected_thread_id.to_string(), - input.thread_store.level_id() - ); - self.calls - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .push("thread_stop"); + fn on_thread_stop<'a>( + &'a self, + input: codex_extension_api::ThreadStopInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + assert_eq!( + self.expected_thread_id.to_string(), + input.thread_store.level_id() + ); + self.calls + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .push("thread_stop"); + }) } } - #[async_trait::async_trait] impl codex_extension_api::TurnLifecycleContributor for LifecycleRecorder { - async fn on_turn_abort(&self, input: codex_extension_api::TurnAbortInput<'_>) { - assert_eq!( - self.expected_thread_id.to_string(), - input.thread_store.level_id() - ); - assert_eq!(self.expected_turn_id, input.turn_store.level_id()); - assert_eq!(TurnAbortReason::Interrupted, input.reason); - self.calls - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .push("turn_abort"); + fn on_turn_abort<'a>( + &'a self, + input: codex_extension_api::TurnAbortInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + assert_eq!( + self.expected_thread_id.to_string(), + input.thread_store.level_id() + ); + assert_eq!(self.expected_turn_id, input.turn_store.level_id()); + assert_eq!(TurnAbortReason::Interrupted, input.reason); + self.calls + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .push("turn_abort"); + }) } } @@ -6701,18 +6927,7 @@ where let (tx_event, rx_event) = async_channel::unbounded(); let mut config = build_test_config(codex_home).await; configure_config(&mut config); - let state_db = if config.features.enabled(Feature::Goals) { - Some( - codex_state::StateRuntime::init( - config.sqlite_home.clone(), - config.model_provider_id.clone(), - ) - .await - .expect("goal tests should initialize sqlite state db"), - ) - } else { - None - }; + let state_db = None; let config = Arc::new(config); let thread_id = ThreadId::default(); let auth_manager = AuthManager::from_auth_for_testing(auth); @@ -6727,7 +6942,7 @@ where let model = get_model_offline_for_tests(config.model.as_deref()); let model_info = construct_model_info_offline_for_tests(model.as_str(), &config.to_models_manager_config()); - let reasoning_effort = config.model_reasoning_effort; + let reasoning_effort = config.model_reasoning_effort.clone(); let collaboration_mode = CollaborationMode { mode: ModeKind::Default, settings: Settings { @@ -6736,16 +6951,13 @@ where developer_instructions: None, }, }; - let default_environments = vec![TurnEnvironmentSelection { - environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), - cwd: config.cwd.clone(), - }]; + let default_environments = vec![local(config.cwd.clone())]; let session_configuration = SessionConfiguration { provider: config.model_provider.clone(), collaboration_mode, model_reasoning_summary: config.model_reasoning_summary, developer_instructions: config.developer_instructions.clone(), - user_instructions: config.user_instructions.clone(), + loaded_agents_md: None, service_tier: None, personality: config.personality, base_instructions: config @@ -6757,11 +6969,10 @@ where approvals_reviewer: config.approvals_reviewer, permission_profile_state: config.permissions.permission_profile_state().clone(), windows_sandbox_level: WindowsSandboxLevel::from_config(&config), - cwd: config.cwd.clone(), + environments: TurnEnvironmentSelections::new(config.cwd.clone(), default_environments), workspace_roots: config.workspace_roots.clone(), codex_home: config.codex_home.clone(), thread_name: None, - environments: default_environments, original_config_do_not_use: Arc::clone(&config), metrics_service_name: None, app_server_client_name: None, @@ -6775,7 +6986,7 @@ where user_shell_override: None, }; let per_turn_config = - Session::build_per_turn_config(&session_configuration, session_configuration.cwd.clone()); + Session::build_per_turn_config(&session_configuration, session_configuration.cwd().clone()); let model_info = construct_model_info_offline_for_tests( session_configuration.collaboration_mode.model(), &per_turn_config.to_models_manager_config(), @@ -6801,7 +7012,7 @@ where ); let services = SessionServices { - mcp_connection_manager: Arc::new(RwLock::new( + mcp_connection_manager: Arc::new(arc_swap::ArcSwap::from_pointee( McpConnectionManager::new_uninitialized_with_permission_profile( &config.permissions.approval_policy, config.permissions.permission_profile(), @@ -6857,12 +7068,9 @@ where attestation_provider: None, model_client: ModelClient::new( Some(Arc::clone(&auth_manager)), - thread_id.into(), thread_id, - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), session_configuration.provider.clone(), session_configuration.session_source.clone(), - session_configuration.parent_thread_id, config.model_verbosity, config.features.enabled(Feature::EnableRequestCompression), config.features.enabled(Feature::RuntimeMetrics), @@ -6887,7 +7095,7 @@ where .skills_for_config(&skills_input, Some(Arc::clone(&skill_fs))) .await, ); - let turn_environments = turn_environments_for_tests(&environment, &session_configuration.cwd); + let turn_environments = turn_environments_for_tests(&environment, session_configuration.cwd()); let turn_context = Arc::new(Session::make_turn_context( thread_id, SessionId::from(thread_id), @@ -6904,10 +7112,9 @@ where &models_manager, /*network*/ None, turn_environments, - session_configuration.cwd.clone(), + session_configuration.cwd().clone(), "turn_id".to_string(), skills_outcome, - /*goal_tools_supported*/ true, )); let session = Arc::new(Session { @@ -6924,7 +7131,6 @@ where conversation: Arc::new(RealtimeConversationManager::new()), active_turn: Mutex::new(None), input_queue: super::input_queue::InputQueue::new(), - goal_runtime: crate::goals::GoalRuntimeState::new(), guardian_review_session: crate::guardian::GuardianReviewSessionManager::default(), services, next_internal_sub_id: AtomicU64::new(0), @@ -6948,52 +7154,6 @@ pub(crate) async fn make_session_and_context_with_dynamic_tools_and_rx( .await } -async fn make_goal_session_and_context_with_rx() -> ( - Arc, - Arc, - async_channel::Receiver, - tempfile::TempDir, -) { - let codex_home = tempfile::tempdir().expect("create temp dir"); - let (session, turn_context, rx) = make_session_and_context_with_auth_config_home_and_rx( - CodexAuth::from_api_key("Test API Key"), - Vec::new(), - codex_home.path(), - |config| { - config - .features - .enable(Feature::Goals) - .expect("goal mode should be enableable in tests"); - }, - ) - .await; - upsert_goal_test_thread(session.as_ref()).await; - (session, turn_context, rx, codex_home) -} - -async fn upsert_goal_test_thread(session: &Session) { - let config = session.get_config().await; - let state_db = session - .state_db() - .expect("goal test session should have a state db"); - let mut builder = codex_state::ThreadMetadataBuilder::new( - session.thread_id, - config - .codex_home - .join("goal-test-rollout.jsonl") - .to_path_buf(), - chrono::Utc::now(), - SessionSource::Cli, - ); - builder.cwd = config.cwd.to_path_buf(); - builder.model_provider = Some(config.model_provider_id.clone()); - let metadata = builder.build(config.model_provider_id.as_str()); - state_db - .upsert_thread(&metadata) - .await - .expect("goal test thread should be upserted"); -} - // Like make_session_and_context, but returns Arc and the event receiver // so tests can assert on emitted events. pub(crate) async fn make_session_and_context_with_rx() -> ( @@ -7294,6 +7454,7 @@ async fn build_settings_update_items_uses_previous_turn_settings_for_realtime_en previous_context_item.realtime_active = None; let previous_turn_settings = PreviousTurnSettings { model: previous_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(true), }; let mut current_context = previous_context @@ -7887,6 +8048,7 @@ async fn build_initial_context_uses_previous_turn_settings_for_realtime_end() { let (session, turn_context) = make_session_and_context().await; let previous_turn_settings = PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(true), }; @@ -7909,6 +8071,7 @@ async fn build_initial_context_restates_realtime_start_when_reference_context_is turn_context.realtime_active = true; let previous_turn_settings = PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(true), }; @@ -7942,6 +8105,18 @@ fn file_system_policy_with_unreadable_glob(turn_context: &TurnContext) -> FileSy policy } +#[tokio::test] +async fn turn_context_item_uses_turn_context_comp_hash_snapshot() { + let (_session, mut turn_context) = make_session_and_context().await; + turn_context.comp_hash = Some("turn-context-hash".to_string()); + turn_context.model_info.comp_hash = Some("model-info-hash".to_string()); + + assert_eq!( + turn_context.to_turn_context_item().comp_hash.as_deref(), + Some("turn-context-hash") + ); +} + #[tokio::test] async fn turn_context_item_omits_legacy_equivalent_file_system_sandbox_policy() { let (_session, turn_context) = make_session_and_context().await; @@ -8133,6 +8308,7 @@ async fn build_initial_context_prepends_model_switch_message() { let (session, turn_context) = make_session_and_context().await; let previous_turn_settings = PreviousTurnSettings { model: "previous-regular-model".to_string(), + comp_hash: None, realtime_active: None, }; @@ -8185,6 +8361,7 @@ async fn record_context_updates_and_set_reference_context_item_persists_full_rei session .set_previous_turn_settings(Some(PreviousTurnSettings { model: previous_context.model_info.slug.clone(), + comp_hash: None, realtime_active: Some(previous_context.realtime_active), })) .await; @@ -8680,15 +8857,19 @@ async fn task_finish_emits_thread_idle_lifecycle_after_active_turn_clears() { expected_thread_id: ThreadId, } - #[async_trait::async_trait] impl codex_extension_api::ThreadLifecycleContributor for ThreadIdleRecorder { - async fn on_thread_idle(&self, input: codex_extension_api::ThreadIdleInput<'_>) { - assert_eq!( - self.expected_thread_id.to_string(), - input.thread_store.level_id() - ); - self.calls.fetch_add(1, std::sync::atomic::Ordering::SeqCst); - self.idle_tx.send(()).await.expect("idle receiver open"); + fn on_thread_idle<'a>( + &'a self, + input: codex_extension_api::ThreadIdleInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + assert_eq!( + self.expected_thread_id.to_string(), + input.thread_store.level_id() + ); + self.calls.fetch_add(1, std::sync::atomic::Ordering::SeqCst); + self.idle_tx.send(()).await.expect("idle receiver open"); + }) } } @@ -8722,10 +8903,14 @@ async fn thread_idle_lifecycle_waits_for_trigger_turn_mailbox_work() { calls: Arc, } - #[async_trait::async_trait] impl codex_extension_api::ThreadLifecycleContributor for ThreadIdleRecorder { - async fn on_thread_idle(&self, _input: codex_extension_api::ThreadIdleInput<'_>) { - self.calls.fetch_add(1, std::sync::atomic::Ordering::SeqCst); + fn on_thread_idle<'a>( + &'a self, + _input: codex_extension_api::ThreadIdleInput<'a>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + self.calls.fetch_add(1, std::sync::atomic::Ordering::SeqCst); + }) } } @@ -9050,908 +9235,95 @@ async fn abort_empty_active_turn_preserves_pending_input() { ); } -#[tokio::test] -async fn interrupt_accounts_active_goal_without_pausing() -> anyhow::Result<()> { - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.set_thread_goal( - tc.as_ref(), - SetGoalRequest { - objective: Some("Keep improving the benchmark".to_string()), - status: None, - token_budget: None, - }, - ) - .await?; +async fn set_total_token_usage(sess: &Session, total_token_usage: TokenUsage) { + let mut state = sess.state.lock().await; + state.set_token_info(Some(TokenUsageInfo { + total_token_usage, + last_token_usage: TokenUsage::default(), + model_context_window: None, + })); +} +#[tokio::test] +async fn queue_only_mailbox_mail_waits_for_next_turn_after_answer_boundary() { + let (sess, tc, _rx) = make_session_and_context_with_rx().await; + let communication = InterAgentCommunication::new( + AgentPath::try_from("/root/worker").expect("worker path should parse"), + AgentPath::root(), + Vec::new(), + "late queue-only update".to_string(), + /*trigger_turn*/ false, + ); sess.spawn_task( Arc::clone(&tc), Vec::new(), NeverEndingTask { kind: TaskKind::Regular, - listen_to_cancellation_token: false, + listen_to_cancellation_token: true, }, ) .await; - set_total_token_usage(&sess, post_goal_token_usage()).await; - sess.abort_all_tasks(TurnAbortReason::Interrupted).await; + sess.input_queue + .defer_mailbox_delivery_to_next_turn(&sess.active_turn, &tc.sub_id) + .await; + sess.input_queue + .enqueue_mailbox_communication(communication.clone()) + .await; - let goal = sess - .get_thread_goal() - .await? - .expect("goal should remain persisted after interrupt"); + assert!( + !sess.input_queue.has_pending_input(&sess.active_turn).await, + "queue-only mailbox mail should stay buffered once the current turn emitted its answer" + ); assert_eq!( - codex_protocol::protocol::ThreadGoalStatus::Active, - goal.status + sess.input_queue.get_pending_input(&sess.active_turn).await, + Vec::new() ); - assert_eq!(70, goal.tokens_used); - assert!(sess.active_turn.lock().await.is_none()); + sess.abort_all_tasks(TurnAbortReason::Replaced).await; - Ok(()) + assert_eq!( + sess.input_queue.get_pending_input(&sess.active_turn).await, + vec![TurnInput::ResponseItem(ResponseItem::from( + communication.to_response_input_item() + ))], + ); } #[tokio::test] -async fn shutdown_without_active_turn_keeps_active_goal_active() -> anyhow::Result<()> { - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.set_thread_goal( - tc.as_ref(), - SetGoalRequest { - objective: Some("Keep improving the benchmark".to_string()), - status: None, - token_budget: None, +async fn trigger_turn_mailbox_mail_waits_for_next_turn_after_answer_boundary() { + let (sess, tc, _rx) = make_session_and_context_with_rx().await; + sess.spawn_task( + Arc::clone(&tc), + Vec::new(), + NeverEndingTask { + kind: TaskKind::Regular, + listen_to_cancellation_token: true, }, ) - .await?; + .await; - assert!(sess.active_turn.lock().await.is_none()); - assert!(handlers::shutdown(&sess, "shutdown".to_string()).await); + sess.input_queue + .defer_mailbox_delivery_to_next_turn(&sess.active_turn, &tc.sub_id) + .await; + sess.input_queue + .enqueue_mailbox_communication(InterAgentCommunication::new( + AgentPath::try_from("/root/worker").expect("worker path should parse"), + AgentPath::root(), + Vec::new(), + "late trigger update".to_string(), + /*trigger_turn*/ true, + )) + .await; - let goal = sess - .get_thread_goal() - .await? - .expect("goal should remain persisted after shutdown"); - assert_eq!( - codex_protocol::protocol::ThreadGoalStatus::Active, - goal.status + assert!( + !sess.input_queue.has_pending_input(&sess.active_turn).await, + "trigger-turn mailbox mail should not extend the current turn after its answer boundary" ); - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn active_goal_continuation_runs_again_after_no_tool_turn() -> anyhow::Result<()> { - let server = start_mock_server().await; - let mut builder = test_codex().with_config(|config| { - config - .features - .enable(Feature::Goals) - .expect("goal mode should be enableable in tests"); - }); - let test = builder.build(&server).await?; - let responses = mount_sse_sequence( - &server, - vec![ - sse(vec![ - ev_response_created("resp-1"), - ev_function_call( - "call-create-goal", - "create_goal", - r#"{"objective":"write a benchmark note"}"#, - ), - ev_completed("resp-1"), - ]), - sse(vec![ - ev_assistant_message("msg-1", "Draft ready."), - ev_completed("resp-2"), - ]), - sse(vec![ - ev_assistant_message("msg-2", "I am still working on the benchmark note."), - ev_completed("resp-3"), - ]), - sse(vec![ - ev_response_created("resp-4"), - ev_function_call( - "call-complete-goal", - "update_goal", - r#"{"status":"complete"}"#, - ), - ev_completed("resp-4"), - ]), - sse(vec![ - ev_assistant_message("msg-3", "Goal complete."), - ev_completed("resp-5"), - ]), - ], - ) - .await; - - test.codex - .submit(Op::UserInput { - environments: None, - items: vec![UserInput::Text { - text: "write a benchmark note".into(), - text_elements: Vec::new(), - }], - final_output_json_schema: None, - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - }) - .await?; - - let mut completed_turns = 0; - tokio::time::timeout(std::time::Duration::from_secs(8), async { - loop { - let event = test.codex.next_event().await?; - if matches!(event.msg, EventMsg::TurnComplete(_)) { - completed_turns += 1; - if completed_turns == 3 { - return anyhow::Ok(()); - } - } - } - }) - .await??; - - let goal_context_text = responses - .requests() - .into_iter() - .flat_map(|request| request.message_input_texts("user")) - .find(|text| text.contains("")) - .expect("goal context message should be present"); - assert!(goal_context_text.contains("Continue working toward the active thread goal.")); - - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn pending_request_user_input_does_not_spawn_extra_goal_continuation() -> anyhow::Result<()> { - let server = start_mock_server().await; - let mut builder = test_codex().with_config(|config| { - config - .features - .enable(Feature::Goals) - .expect("goal mode should be enableable in tests"); - config - .features - .enable(Feature::DefaultModeRequestUserInput) - .expect("default-mode request_user_input should be enableable in tests"); - }); - let test = builder.build(&server).await?; - let responses = mount_sse_sequence( - &server, - vec![ - sse(vec![ - ev_response_created("resp-1"), - ev_function_call( - "call-create-goal", - "create_goal", - r#"{"objective":"write a benchmark note"}"#, - ), - ev_completed("resp-1"), - ]), - sse(vec![ - ev_assistant_message("msg-1", "Draft ready."), - ev_completed("resp-2"), - ]), - sse(vec![ - ev_response_created("resp-3"), - ev_function_call( - "call-ask-user", - "request_user_input", - r#"{"questions":[{"header":"Choice","id":"next_step","question":"Pick one","options":[{"label":"Outline","description":"Start with an outline."},{"label":"Draft","description":"Write a full draft."}]}]}"#, - ), - ev_completed("resp-3"), - ]), - sse(vec![ - ev_response_created("resp-4"), - ev_function_call( - "call-complete-goal", - "update_goal", - r#"{"status":"complete"}"#, - ), - ev_completed("resp-4"), - ]), - sse(vec![ - ev_assistant_message("msg-2", "Goal complete."), - ev_completed("resp-5"), - ]), - ], - ) - .await; - - test.codex - .submit(Op::UserInput { - environments: None, - items: vec![UserInput::Text { - text: "write a benchmark note".into(), - text_elements: Vec::new(), - }], - final_output_json_schema: None, - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - }) - .await?; - - let request_user_input_event = wait_for_event_match(&test.codex, |event| match event { - EventMsg::RequestUserInput(event) => Some(event.clone()), - _ => None, - }) - .await; - assert_eq!(3, responses.requests().len()); - assert!( - timeout(Duration::from_millis(200), test.codex.next_event()) - .await - .is_err(), - "waiting for request_user_input should keep the turn open without emitting more events" - ); - assert_eq!( - 3, - responses.requests().len(), - "waiting for request_user_input should not start another continuation request" - ); - - test.codex - .submit(Op::UserInputAnswer { - id: request_user_input_event.turn_id, - response: RequestUserInputResponse { - answers: std::collections::HashMap::from([( - "next_step".to_string(), - RequestUserInputAnswer { - answers: vec!["Outline".to_string()], - }, - )]), - }, - }) - .await?; - - let mut completed_turns = 0; - timeout(Duration::from_secs(8), async { - loop { - let event = test.codex.next_event().await?; - if matches!(event.msg, EventMsg::TurnComplete(_)) { - completed_turns += 1; - if completed_turns == 1 { - return anyhow::Ok(()); - } - } - } - }) - .await??; - - assert_eq!(5, responses.requests().len()); - - Ok(()) -} - -async fn set_total_token_usage(sess: &Session, total_token_usage: TokenUsage) { - let mut state = sess.state.lock().await; - state.set_token_info(Some(TokenUsageInfo { - total_token_usage, - last_token_usage: TokenUsage::default(), - model_context_window: None, - })); -} - -fn post_goal_token_usage() -> TokenUsage { - TokenUsage { - input_tokens: 50, - cached_input_tokens: 10, - output_tokens: 30, - reasoning_output_tokens: 5, - total_tokens: 75, - } -} - -async fn goal_test_state_db(sess: &Session) -> anyhow::Result { - if let Some(state_db) = sess.state_db() { - return Ok(state_db); - } - let config = sess.get_config().await; - codex_state::StateRuntime::init(config.sqlite_home.clone(), config.model_provider_id.clone()) - .await -} - -#[tokio::test] -async fn create_thread_goal_fills_empty_thread_preview() -> anyhow::Result<()> { - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - let state_db = goal_test_state_db(sess.as_ref()).await?; - - let page = state_db - .list_threads( - /*page_size*/ 10, - codex_state::ThreadFilterOptions { - archived_only: false, - allowed_sources: &[], - model_providers: None, - cwd_filters: None, - anchor: None, - sort_key: codex_state::SortKey::UpdatedAt, - sort_direction: codex_state::SortDirection::Desc, - search_term: None, - }, - ) - .await?; - assert!(page.items.is_empty()); - - sess.create_thread_goal( - tc.as_ref(), - CreateGoalRequest { - objective: "Keep improving the benchmark".to_string(), - token_budget: None, - }, - ) - .await?; - - let page = state_db - .list_threads( - /*page_size*/ 10, - codex_state::ThreadFilterOptions { - archived_only: false, - allowed_sources: &[], - model_providers: None, - cwd_filters: None, - anchor: None, - sort_key: codex_state::SortKey::UpdatedAt, - sort_direction: codex_state::SortDirection::Desc, - search_term: None, - }, - ) - .await?; - let ids = page - .items - .iter() - .map(|thread| thread.id) - .collect::>(); - assert_eq!(vec![sess.thread_id], ids); - assert_eq!( - Some("Keep improving the benchmark"), - page.items[0].preview.as_deref() - ); - - Ok(()) -} - -#[tokio::test] -async fn budget_limited_accounting_steers_active_turn_without_aborting() -> anyhow::Result<()> { - let (sess, tc, rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.set_thread_goal( - tc.as_ref(), - SetGoalRequest { - objective: Some("Keep improving the benchmark".to_string()), - status: None, - token_budget: Some(Some(10)), - }, - ) - .await?; - sess.goal_runtime_apply(GoalRuntimeEvent::TurnStarted { - turn_context: tc.as_ref(), - token_usage: TokenUsage::default(), - }) - .await?; - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: false, - }, - ) - .await; - while rx.try_recv().is_ok() {} - - set_total_token_usage( - &sess, - TokenUsage { - input_tokens: 20, - cached_input_tokens: 0, - output_tokens: 5, - reasoning_output_tokens: 0, - total_tokens: 25, - }, - ) - .await; - - sess.goal_runtime_apply(GoalRuntimeEvent::ToolCompleted { - turn_context: tc.as_ref(), - tool_name: "shell_command", - }) - .await?; - - let pending_input = sess.input_queue.get_pending_input(&sess.active_turn).await; - let [TurnInput::ResponseItem(ResponseItem::Message { role, content, .. })] = - pending_input.as_slice() - else { - panic!("expected one budget-limit steering message, got {pending_input:#?}"); - }; - assert_eq!("user", role); - let [ContentItem::InputText { text }] = content.as_slice() else { - panic!("expected one text span in budget-limit steering message, got {content:#?}"); - }; - assert!(text.starts_with("")); - assert!(text.trim_end().ends_with("")); - assert!(text.contains("budget_limited")); - assert!(text.to_lowercase().contains("wrap up this turn soon")); - assert!(sess.active_turn.lock().await.is_some()); - while let Ok(event) = rx.try_recv() { - assert!( - !matches!(event.msg, EventMsg::TurnAborted(_)), - "budget limit should steer the active turn instead of aborting it" - ); - } - - let state_db = goal_test_state_db(sess.as_ref()).await?; - let goal = state_db - .thread_goals() - .get_thread_goal(sess.thread_id) - .await? - .expect("goal should remain persisted after accounting"); - assert_eq!(codex_state::ThreadGoalStatus::BudgetLimited, goal.status); - assert_eq!(25, goal.tokens_used); - - set_total_token_usage( - &sess, - TokenUsage { - input_tokens: 30, - cached_input_tokens: 0, - output_tokens: 10, - reasoning_output_tokens: 0, - total_tokens: 40, - }, - ) - .await; - sess.goal_runtime_apply(GoalRuntimeEvent::ToolCompletedGoal { - turn_context: tc.as_ref(), - }) - .await?; - - let goal = state_db - .thread_goals() - .get_thread_goal(sess.thread_id) - .await? - .expect("goal should remain persisted after follow-up accounting"); - assert_eq!(codex_state::ThreadGoalStatus::BudgetLimited, goal.status); - assert_eq!(40, goal.tokens_used); - - sess.abort_all_tasks(TurnAbortReason::Interrupted).await; - - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn usage_limit_runtime_stops_active_goal_and_prevents_idle_continuation() -> anyhow::Result<()> -{ - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.set_thread_goal( - tc.as_ref(), - SetGoalRequest { - objective: Some("Keep improving the benchmark".to_string()), - status: None, - token_budget: Some(Some(50)), - }, - ) - .await?; - sess.goal_runtime_apply(GoalRuntimeEvent::TurnStarted { - turn_context: tc.as_ref(), - token_usage: TokenUsage::default(), - }) - .await?; - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: false, - }, - ) - .await; - set_total_token_usage(&sess, post_goal_token_usage()).await; - - sess.goal_runtime_apply(GoalRuntimeEvent::UsageLimitReached { - turn_context: tc.as_ref(), - }) - .await?; - - let state_db = goal_test_state_db(sess.as_ref()).await?; - let goal = state_db - .thread_goals() - .get_thread_goal(sess.thread_id) - .await? - .expect("goal should remain persisted after usage limiting"); - assert_eq!(codex_state::ThreadGoalStatus::UsageLimited, goal.status); - assert_eq!(70, goal.tokens_used); - - sess.abort_all_tasks(TurnAbortReason::Replaced).await; - sess.goal_runtime_apply(GoalRuntimeEvent::MaybeContinueIfIdle) - .await?; - assert!(sess.active_turn.lock().await.is_none()); - - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn external_goal_mutation_accounts_active_turn_before_status_change() -> anyhow::Result<()> { - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.set_thread_goal( - tc.as_ref(), - SetGoalRequest { - objective: Some("Keep improving the benchmark".to_string()), - status: None, - token_budget: None, - }, - ) - .await?; - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: false, - }, - ) - .await; - set_total_token_usage(&sess, post_goal_token_usage()).await; - - sess.goal_runtime_apply(GoalRuntimeEvent::ExternalMutationStarting) - .await?; - - let state_db = goal_test_state_db(sess.as_ref()).await?; - let goal = state_db - .thread_goals() - .get_thread_goal(sess.thread_id) - .await? - .expect("goal should remain persisted"); - assert_eq!(70, goal.tokens_used); - - let previous_goal = goal.clone(); - let goal_id = goal.goal_id.clone(); - let updated_goal = state_db - .thread_goals() - .update_thread_goal( - sess.thread_id, - codex_state::GoalUpdate { - objective: None, - status: Some(codex_state::ThreadGoalStatus::Complete), - token_budget: None, - expected_goal_id: Some(goal_id), - }, - ) - .await? - .expect("goal status update should succeed"); - sess.goal_runtime_apply(GoalRuntimeEvent::ExternalSet { - external_set: ExternalGoalSet { - goal: updated_goal, - previous_status: ExternalGoalPreviousStatus::from(&previous_goal), - }, - }) - .await?; - - assert!(sess.active_turn.lock().await.is_some()); - let goal = state_db - .thread_goals() - .get_thread_goal(sess.thread_id) - .await? - .expect("goal should remain persisted"); - assert_eq!(codex_state::ThreadGoalStatus::Complete, goal.status); - assert_eq!(70, goal.tokens_used); - - sess.abort_all_tasks(TurnAbortReason::Replaced).await; - - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn external_objective_change_steers_active_turn() -> anyhow::Result<()> { - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: false, - }, - ) - .await; - - let state_db = goal_test_state_db(sess.as_ref()).await?; - let old_goal = state_db - .thread_goals() - .replace_thread_goal( - sess.thread_id, - "Keep improving the benchmark", - codex_state::ThreadGoalStatus::Active, - /*token_budget*/ Some(10_000), - ) - .await?; - let new_goal = state_db - .thread_goals() - .replace_thread_goal( - sess.thread_id, - "Write a concise benchmark summary", - codex_state::ThreadGoalStatus::Active, - /*token_budget*/ Some(10_000), - ) - .await?; - - sess.goal_runtime_apply(GoalRuntimeEvent::ExternalSet { - external_set: ExternalGoalSet { - goal: new_goal, - previous_status: ExternalGoalPreviousStatus::from(&old_goal), - }, - }) - .await?; - - let pending_input = sess.input_queue.get_pending_input(&sess.active_turn).await; - assert!( - pending_input.iter().any(|item| { - matches!( - item, - TurnInput::ResponseItem(ResponseItem::Message { role, content, .. }) - if role == "user" - && content.iter().any(|content| matches!( - content, - ContentItem::InputText { text } - if text.starts_with("") - && text.trim_end().ends_with("") - && text.contains("The active thread goal objective was edited") - && text.contains("Write a concise benchmark summary") - )) - ) - }), - "expected objective-updated steering prompt in pending input: {pending_input:?}" - ); - - sess.abort_all_tasks(TurnAbortReason::Replaced).await; - - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn external_active_goal_set_marks_current_turn_for_accounting() -> anyhow::Result<()> { - let (sess, tc, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: false, - }, - ) - .await; - set_total_token_usage(&sess, post_goal_token_usage()).await; - - let state_db = goal_test_state_db(sess.as_ref()).await?; - let goal = state_db - .thread_goals() - .replace_thread_goal( - sess.thread_id, - "Keep improving the benchmark", - codex_state::ThreadGoalStatus::Active, - /*token_budget*/ None, - ) - .await?; - sess.goal_runtime_apply(GoalRuntimeEvent::ExternalSet { - external_set: ExternalGoalSet { - goal, - previous_status: ExternalGoalPreviousStatus::NewGoal, - }, - }) - .await?; - - set_total_token_usage( - &sess, - TokenUsage { - input_tokens: 65, - cached_input_tokens: 10, - output_tokens: 40, - reasoning_output_tokens: 5, - total_tokens: 110, - }, - ) - .await; - sess.goal_runtime_apply(GoalRuntimeEvent::ToolCompleted { - turn_context: tc.as_ref(), - tool_name: "shell_command", - }) - .await?; - - let goal = state_db - .thread_goals() - .get_thread_goal(sess.thread_id) - .await? - .expect("goal should remain persisted"); - assert_eq!(codex_state::ThreadGoalStatus::Active, goal.status); - assert_eq!(25, goal.tokens_used); - - sess.abort_all_tasks(TurnAbortReason::Replaced).await; - - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn completed_goal_accounts_current_turn_tokens_before_tool_response() -> anyhow::Result<()> { - let server = start_mock_server().await; - let mut builder = test_codex().with_config(|config| { - config - .features - .enable(Feature::Goals) - .expect("goal mode should be enableable in tests"); - }); - let test = builder.build(&server).await?; - let responses = mount_sse_sequence( - &server, - vec![ - sse(vec![ - ev_response_created("resp-1"), - ev_function_call( - "call-create-goal", - "create_goal", - r#"{"objective":"write a report","token_budget":500}"#, - ), - ev_completed("resp-1"), - ]), - sse(vec![ - ev_response_created("resp-2"), - ev_function_call( - "call-complete-goal", - "update_goal", - r#"{"status":"complete"}"#, - ), - ev_completed_with_tokens("resp-2", /*total_tokens*/ 580), - ]), - sse(vec![ - ev_assistant_message("msg-1", "Goal complete."), - ev_completed("resp-3"), - ]), - ], - ) - .await; - - test.codex - .submit(Op::UserInput { - environments: None, - items: vec![UserInput::Text { - text: "write a report".into(), - text_elements: Vec::new(), - }], - final_output_json_schema: None, - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - }) - .await?; - - tokio::time::timeout(std::time::Duration::from_secs(8), async { - loop { - let event = test.codex.next_event().await?; - if matches!(event.msg, EventMsg::TurnComplete(_)) { - return anyhow::Ok(()); - } - } - }) - .await??; - - let complete_output = responses - .function_call_output_text("call-complete-goal") - .expect("complete tool output should be sent to the model"); - let complete_output: serde_json::Value = serde_json::from_str(&complete_output)?; - assert_eq!(complete_output["goal"]["tokensUsed"], 580); - assert_eq!(complete_output["goal"]["status"], "complete"); - assert_eq!(complete_output["remainingTokens"], 0); - assert_eq!( - complete_output["completionBudgetReport"], - "Goal achieved. Report final usage from this tool result's structured goal fields. If `goal.tokenBudget` is present, include token usage from `goal.tokensUsed` and `goal.tokenBudget`. If `goal.timeUsedSeconds` is greater than 0, summarize elapsed time in a concise, human-friendly form appropriate to the response language." - ); - let requests = responses.requests(); - let completion_followup_request = requests - .last() - .expect("completion tool output should be sent in a follow-up request"); - assert!( - !completion_followup_request.body_contains_text("budget_limited"), - "completion follow-up should not include budget-limit steering" - ); - - let state_db = codex_state::StateRuntime::init( - test.config.sqlite_home.clone(), - test.config.model_provider_id.clone(), - ) - .await?; - let persisted_goal = state_db - .thread_goals() - .get_thread_goal(test.session_configured.thread_id) - .await? - .expect("goal should be persisted"); - assert_eq!( - codex_state::ThreadGoalStatus::Complete, - persisted_goal.status - ); - assert_eq!(580, persisted_goal.tokens_used); - - Ok(()) -} - -#[tokio::test] -async fn queue_only_mailbox_mail_waits_for_next_turn_after_answer_boundary() { - let (sess, tc, _rx) = make_session_and_context_with_rx().await; - let communication = InterAgentCommunication::new( - AgentPath::try_from("/root/worker").expect("worker path should parse"), - AgentPath::root(), - Vec::new(), - "late queue-only update".to_string(), - /*trigger_turn*/ false, - ); - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: true, - }, - ) - .await; - - sess.input_queue - .defer_mailbox_delivery_to_next_turn(&sess.active_turn, &tc.sub_id) - .await; - sess.input_queue - .enqueue_mailbox_communication(communication.clone()) - .await; - - assert!( - !sess.input_queue.has_pending_input(&sess.active_turn).await, - "queue-only mailbox mail should stay buffered once the current turn emitted its answer" - ); - assert_eq!( - sess.input_queue.get_pending_input(&sess.active_turn).await, - Vec::new() - ); - - sess.abort_all_tasks(TurnAbortReason::Replaced).await; - - assert_eq!( - sess.input_queue.get_pending_input(&sess.active_turn).await, - vec![TurnInput::ResponseItem(ResponseItem::from( - communication.to_response_input_item() - ))], - ); -} - -#[tokio::test] -async fn trigger_turn_mailbox_mail_waits_for_next_turn_after_answer_boundary() { - let (sess, tc, _rx) = make_session_and_context_with_rx().await; - sess.spawn_task( - Arc::clone(&tc), - Vec::new(), - NeverEndingTask { - kind: TaskKind::Regular, - listen_to_cancellation_token: true, - }, - ) - .await; - - sess.input_queue - .defer_mailbox_delivery_to_next_turn(&sess.active_turn, &tc.sub_id) - .await; - sess.input_queue - .enqueue_mailbox_communication(InterAgentCommunication::new( - AgentPath::try_from("/root/worker").expect("worker path should parse"), - AgentPath::root(), - Vec::new(), - "late trigger update".to_string(), - /*trigger_turn*/ true, - )) - .await; - - assert!( - !sess.input_queue.has_pending_input(&sess.active_turn).await, - "trigger-turn mailbox mail should not extend the current turn after its answer boundary" - ); - - sess.abort_all_tasks(TurnAbortReason::Replaced).await; - - assert!(sess.input_queue.has_trigger_turn_mailbox_items().await); + sess.abort_all_tasks(TurnAbortReason::Replaced).await; + + assert!(sess.input_queue.has_trigger_turn_mailbox_items().await); } #[tokio::test] @@ -10200,18 +9572,13 @@ async fn abort_review_task_emits_exited_then_aborted_and_records_history() { } #[tokio::test] -#[expect( - clippy::await_holding_invalid_type, - reason = "test builds a router from session-owned MCP manager state" -)] async fn fatal_tool_error_stops_turn_and_reports_error() { let (session, turn_context, _rx) = make_session_and_context_with_rx().await; let tools = { session .services .mcp_connection_manager - .read() - .await + .load_full() .list_all_tools() .await }; @@ -10347,6 +9714,7 @@ async fn sample_rollout( rollout_items.push(RolloutItem::Compacted(CompactedItem { message: summary1.to_string(), replacement_history: None, + window_id: None, })); let user2 = ResponseItem::Message { @@ -10387,6 +9755,7 @@ async fn sample_rollout( rollout_items.push(RolloutItem::Compacted(CompactedItem { message: summary2.to_string(), replacement_history: None, + window_id: None, })); let user3 = ResponseItem::Message { @@ -10423,297 +9792,6 @@ async fn sample_rollout( ) } -#[tokio::test] -async fn create_goal_tool_rejects_existing_goal() { - let (session, turn_context, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - let tracker = Arc::new(tokio::sync::Mutex::new(TurnDiffTracker::new())); - let handler = CreateGoalHandler; - - handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker: Arc::clone(&tracker), - call_id: "create-goal-1".to_string(), - tool_name: codex_tools::ToolName::plain("create_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "objective": "Keep the watcher alive", - "token_budget": 123, - }) - .to_string(), - }, - }) - .await - .expect("initial create_goal should succeed"); - - let response = handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker, - call_id: "create-goal-2".to_string(), - tool_name: codex_tools::ToolName::plain("create_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "objective": "Replace the watcher", - "token_budget": 456, - }) - .to_string(), - }, - }) - .await; - - let Err(FunctionCallError::RespondToModel(output)) = response else { - panic!("expected create_goal to reject an existing goal"); - }; - assert_eq!( - output, - "cannot create a new goal because this thread already has a goal; use update_goal only when the existing goal is complete" - ); - - let goal = session - .get_thread_goal() - .await - .expect("read thread goal") - .expect("goal should still exist"); - assert_eq!(goal.objective, "Keep the watcher alive"); - assert_eq!(goal.token_budget, Some(123)); -} - -#[tokio::test] -async fn update_goal_tool_rejects_pausing_goal() { - let (session, turn_context, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - let tracker = Arc::new(tokio::sync::Mutex::new(TurnDiffTracker::new())); - let create_handler = CreateGoalHandler; - let update_handler = UpdateGoalHandler; - - create_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker: Arc::clone(&tracker), - call_id: "create-goal".to_string(), - tool_name: codex_tools::ToolName::plain("create_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "objective": "Keep the watcher alive", - "token_budget": 123, - }) - .to_string(), - }, - }) - .await - .expect("initial create_goal should succeed"); - - let response = update_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker, - call_id: "pause-goal".to_string(), - tool_name: codex_tools::ToolName::plain("update_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "status": "paused", - }) - .to_string(), - }, - }) - .await; - - let Err(FunctionCallError::RespondToModel(output)) = response else { - panic!("expected update_goal to reject pausing a goal"); - }; - assert_eq!( - output, - "update_goal can only mark the existing goal complete or blocked; pause, resume, budget-limited, and usage-limited status changes are controlled by the user or system" - ); - - let goal = session - .get_thread_goal() - .await - .expect("read thread goal") - .expect("goal should still exist"); - assert_eq!(goal.status, ThreadGoalStatus::Active); -} - -#[tokio::test] -async fn update_goal_tool_marks_goal_blocked() { - let (session, turn_context, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - let tracker = Arc::new(tokio::sync::Mutex::new(TurnDiffTracker::new())); - let create_handler = CreateGoalHandler; - let update_handler = UpdateGoalHandler; - - create_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker: Arc::clone(&tracker), - call_id: "create-goal".to_string(), - tool_name: codex_tools::ToolName::plain("create_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "objective": "Keep the watcher alive", - "token_budget": 123, - }) - .to_string(), - }, - }) - .await - .expect("initial create_goal should succeed"); - - update_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker, - call_id: "block-goal".to_string(), - tool_name: codex_tools::ToolName::plain("update_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "status": "blocked", - }) - .to_string(), - }, - }) - .await - .expect("update_goal should mark the goal blocked"); - - let goal = session - .get_thread_goal() - .await - .expect("read thread goal") - .expect("goal should still exist"); - assert_eq!(goal.status, ThreadGoalStatus::Blocked); -} - -#[tokio::test] -async fn update_goal_tool_rejects_usage_limited_goal() { - let (session, turn_context, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - let tracker = Arc::new(tokio::sync::Mutex::new(TurnDiffTracker::new())); - let create_handler = CreateGoalHandler; - let update_handler = UpdateGoalHandler; - - create_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker: Arc::clone(&tracker), - call_id: "create-goal".to_string(), - tool_name: codex_tools::ToolName::plain("create_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "objective": "Keep the watcher alive", - }) - .to_string(), - }, - }) - .await - .expect("initial create_goal should succeed"); - - let response = update_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker, - call_id: "usage-limit-goal".to_string(), - tool_name: codex_tools::ToolName::plain("update_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "status": "usageLimited", - }) - .to_string(), - }, - }) - .await; - - let Err(FunctionCallError::RespondToModel(output)) = response else { - panic!("expected update_goal to reject usage-limiting a goal"); - }; - assert_eq!( - output, - "update_goal can only mark the existing goal complete or blocked; pause, resume, budget-limited, and usage-limited status changes are controlled by the user or system" - ); - - let goal = session - .get_thread_goal() - .await - .expect("read thread goal") - .expect("goal should still exist"); - assert_eq!(goal.status, ThreadGoalStatus::Active); -} - -#[tokio::test] -async fn update_goal_tool_marks_goal_complete() { - let (session, turn_context, _rx, _codex_home) = make_goal_session_and_context_with_rx().await; - let tracker = Arc::new(tokio::sync::Mutex::new(TurnDiffTracker::new())); - let create_handler = CreateGoalHandler; - let update_handler = UpdateGoalHandler; - - create_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker: Arc::clone(&tracker), - call_id: "create-goal".to_string(), - tool_name: codex_tools::ToolName::plain("create_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "objective": "Keep the watcher alive", - "token_budget": 123, - }) - .to_string(), - }, - }) - .await - .expect("initial create_goal should succeed"); - - update_handler - .handle(ToolInvocation { - session: Arc::clone(&session), - turn: Arc::clone(&turn_context), - cancellation_token: CancellationToken::new(), - tracker, - call_id: "complete-goal".to_string(), - tool_name: codex_tools::ToolName::plain("update_goal"), - source: ToolCallSource::Direct, - payload: ToolPayload::Function { - arguments: serde_json::json!({ - "status": "complete", - }) - .to_string(), - }, - }) - .await - .expect("update_goal should mark the goal complete"); - - let goal = session - .get_thread_goal() - .await - .expect("read thread goal") - .expect("goal should still exist"); - assert_eq!(goal.status, ThreadGoalStatus::Complete); -} - #[tokio::test] async fn rejects_escalated_permissions_when_policy_not_on_request() { use crate::exec_policy::ExecApprovalRequest; @@ -10789,7 +9867,6 @@ async fn rejects_escalated_permissions_when_policy_not_on_request() { let turn_context_mut = Arc::get_mut(&mut turn_context).expect("unique thread settings Arc"); turn_context_mut.permission_profile = PermissionProfile::Disabled; - let file_system_sandbox_policy = turn_context.file_system_sandbox_policy(); let command = session.user_shell().derive_exec_args( command_script, turn_context.config.permissions.allow_login_shell, @@ -10801,9 +9878,7 @@ async fn rejects_escalated_permissions_when_policy_not_on_request() { command: &command, approval_policy: turn_context.approval_policy.value(), permission_profile: turn_context.permission_profile(), - file_system_sandbox_policy: &file_system_sandbox_policy, - #[allow(deprecated)] - sandbox_cwd: turn_context.cwd.as_path(), + windows_sandbox_level: turn_context.windows_sandbox_level, sandbox_permissions: SandboxPermissions::UseDefault, prefix_rule: None, }) diff --git a/codex-rs/core/src/session/tests/guardian_tests.rs b/codex-rs/core/src/session/tests/guardian_tests.rs index d8b46c99997..0d3c9c033b8 100644 --- a/codex-rs/core/src/session/tests/guardian_tests.rs +++ b/codex-rs/core/src/session/tests/guardian_tests.rs @@ -705,6 +705,7 @@ async fn guardian_subagent_does_not_inherit_parent_exec_policy_rules() { let CodexSpawnOk { codex, .. } = Codex::spawn(CodexSpawnArgs { config, + user_instructions: Default::default(), installation_id: "11111111-1111-4111-8111-111111111111".to_string(), auth_manager, models_manager, @@ -731,6 +732,7 @@ async fn guardian_subagent_does_not_inherit_parent_exec_policy_rules() { environment_selections: ResolvedTurnEnvironments { turn_environments: Vec::new(), }, + thread_extension_init: codex_extension_api::ExtensionDataInit::default(), analytics_events_client: None, thread_store, attestation_provider: None, diff --git a/codex-rs/core/src/session/token_budget.rs b/codex-rs/core/src/session/token_budget.rs new file mode 100644 index 00000000000..b8f9f82fbc0 --- /dev/null +++ b/codex-rs/core/src/session/token_budget.rs @@ -0,0 +1,44 @@ +use super::session::Session; +use super::turn_context::TurnContext; +use crate::context::ContextualUserFragment; +use codex_features::Feature; + +const TOKEN_BUDGET_USAGE_THRESHOLDS: [i64; 3] = [25, 50, 75]; + +pub(super) async fn maybe_record_token_budget_remaining_context( + sess: &Session, + turn_context: &TurnContext, + tokens_before_sampling: i64, + tokens_after_sampling: i64, +) { + if !turn_context.features.enabled(Feature::TokenBudget) { + return; + } + let Some(model_context_window) = turn_context.model_context_window() else { + return; + }; + if model_context_window <= 0 || tokens_after_sampling <= tokens_before_sampling { + return; + } + + let tokens_before_sampling = tokens_before_sampling.max(0); + let tokens_after_sampling = tokens_after_sampling.max(0); + let crossed_threshold = TOKEN_BUDGET_USAGE_THRESHOLDS.iter().any(|threshold| { + tokens_before_sampling.saturating_mul(100) < model_context_window.saturating_mul(*threshold) + && tokens_after_sampling.saturating_mul(100) + >= model_context_window.saturating_mul(*threshold) + }); + if !crossed_threshold { + return; + } + + let tokens_left = model_context_window + .saturating_sub(tokens_after_sampling) + .max(0); + + let response_item = ContextualUserFragment::into( + crate::context::TokenBudgetRemainingContext::new(tokens_left), + ); + sess.record_conversation_items(turn_context, std::slice::from_ref(&response_item)) + .await; +} diff --git a/codex-rs/core/src/session/turn.rs b/codex-rs/core/src/session/turn.rs index 2765de76fb2..da1d825310a 100644 --- a/codex-rs/core/src/session/turn.rs +++ b/codex-rs/core/src/session/turn.rs @@ -1,5 +1,6 @@ use std::collections::HashMap; use std::collections::HashSet; +use std::path::PathBuf; use std::sync::Arc; use std::sync::atomic::Ordering; @@ -17,7 +18,6 @@ use crate::compact_remote_v2::run_inline_remote_auto_compact_task as run_inline_ use crate::connectors; use crate::context::ContextualUserFragment; use crate::feedback_tags; -use crate::goals::GoalRuntimeEvent; use crate::hook_runtime::inspect_pending_input; use crate::hook_runtime::record_additional_contexts; use crate::hook_runtime::record_pending_input; @@ -35,6 +35,8 @@ use crate::mentions::collect_explicit_app_ids; use crate::mentions::collect_explicit_plugin_mentions; use crate::mentions::collect_tool_mentions_from_messages; use crate::plugins::build_plugin_injections; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::responses_metadata::CodexResponsesRequestKind; use crate::responses_retry::ResponsesStreamRequest; use crate::responses_retry::handle_retryable_response_stream_error; use crate::session::PreviousTurnSettings; @@ -73,7 +75,6 @@ use codex_core_skills::injection::InjectedHostSkillPrompts; use codex_extension_api::TurnInputContext; use codex_extension_api::TurnInputEnvironment; use codex_features::Feature; -use codex_git_utils::get_git_repo_root; use codex_git_utils::get_git_repo_root_with_fs; use codex_protocol::config_types::AutoCompactTokenLimitScope; use codex_protocol::config_types::ModeKind; @@ -151,15 +152,6 @@ pub(crate) async fn run_turn( let error = err.to_codex_protocol_error(); sess.emit_turn_error_lifecycle(turn_context.as_ref(), error.clone()) .await; - if error == CodexErrorInfo::UsageLimitExceeded - && let Err(err) = sess - .goal_runtime_apply(GoalRuntimeEvent::UsageLimitReached { - turn_context: turn_context.as_ref(), - }) - .await - { - warn!("failed to usage-limit active goal after usage-limit error: {err}"); - } error!("Failed to run pre-sampling compact"); return None; } @@ -182,6 +174,7 @@ pub(crate) async fn run_turn( .await; sess.set_previous_turn_settings(Some(PreviousTurnSettings { model: turn_context.model_info.slug.clone(), + comp_hash: turn_context.comp_hash.clone(), realtime_active: Some(turn_context.realtime_active), })) .await; @@ -196,21 +189,10 @@ pub(crate) async fn run_turn( let mut stop_hook_active = false; // Although from the perspective of codex.rs, TurnDiffTracker has the lifecycle of a Task which contains // many turns, from the perspective of the user, it is a single turn. - #[allow(deprecated)] - let display_root = match turn_context.environments.primary() { - Some(turn_environment) => get_git_repo_root_with_fs( - turn_environment.environment.get_filesystem().as_ref(), - &turn_environment.cwd, - ) - .await - .unwrap_or_else(|| turn_environment.cwd.clone()) - .into_path_buf(), - None => get_git_repo_root(turn_context.cwd.as_path()) - .unwrap_or_else(|| turn_context.cwd.clone().into_path_buf()), - }; - let turn_diff_tracker = Arc::new(tokio::sync::Mutex::new(TurnDiffTracker::with_display_root( - display_root, - ))); + let display_roots = turn_diff_display_roots(turn_context.as_ref()).await; + let turn_diff_tracker = Arc::new(tokio::sync::Mutex::new( + TurnDiffTracker::with_environment_display_roots(display_roots), + )); // `ModelClientSession` is turn-scoped and caches WebSocket + sticky routing state, so we reuse // one instance across retries within this turn. @@ -234,23 +216,28 @@ pub(crate) async fn run_turn( } // Construct the input that we will send to the model. - let sampling_request_input: Vec = { + let sampling_request_input: Vec = async { sess.clone_history() .await .for_prompt(&turn_context.model_info.input_modalities) - }; + } + .instrument(trace_span!("run_turn.prepare_sampling_request_input")) + .await; - let window_id = sess.services.model_client.current_window_id(); - let turn_metadata_header = turn_context - .turn_metadata_state - .current_header_value_for_model_request(&window_id); + let window_id = sess.current_window_id().await; + let responses_metadata = turn_context.turn_metadata_state.to_responses_metadata( + sess.installation_id.clone(), + window_id, + CodexResponsesRequestKind::Turn, + ); + let tokens_before_sampling = sess.get_total_token_usage().await; match run_sampling_request( Arc::clone(&sess), Arc::clone(&turn_context), Arc::clone(&turn_extension_data), Arc::clone(&turn_diff_tracker), &mut client_session, - turn_metadata_header.as_deref(), + &responses_metadata, sampling_request_input.clone(), cancellation_token.child_token(), ) @@ -262,15 +249,20 @@ pub(crate) async fn run_turn( last_agent_message: sampling_request_last_agent_message, } = sampling_request_output; can_drain_pending_input = true; - let has_pending_input = sess.input_queue.has_pending_input(&sess.active_turn).await; + let (has_pending_input, token_status, estimated_token_count) = async { + let has_pending_input = + sess.input_queue.has_pending_input(&sess.active_turn).await; + let token_status = + auto_compact_token_status(sess.as_ref(), turn_context.as_ref()).await; + let estimated_token_count = + sess.get_estimated_token_count(turn_context.as_ref()).await; + (has_pending_input, token_status, estimated_token_count) + } + .instrument(trace_span!("run_turn.collect_post_sampling_state")) + .await; let needs_follow_up = model_needs_follow_up || has_pending_input; - let token_status = - auto_compact_token_status(sess.as_ref(), turn_context.as_ref()).await; let token_limit_reached = token_status.token_limit_reached; - let estimated_token_count = - sess.get_estimated_token_count(turn_context.as_ref()).await; - trace!( turn_id = %turn_context.sub_id, total_usage_tokens = token_status.active_context_tokens, @@ -278,7 +270,6 @@ pub(crate) async fn run_turn( estimated_token_count = ?estimated_token_count, auto_compact_scope_limit = token_status.auto_compact_scope_limit, auto_compact_limit_scope = ?turn_context.config.model_auto_compact_token_limit_scope, - auto_compact_window_ordinal = ?token_status.auto_compact_window_ordinal, auto_compact_window_prefill_tokens = ?token_status.auto_compact_window_prefill_tokens, full_context_window_limit = ?token_status.full_context_window_limit, full_context_window_limit_reached = token_status.full_context_window_limit_reached, @@ -289,6 +280,24 @@ pub(crate) async fn run_turn( "post sampling token usage" ); + let tokens_after_sampling = token_status.active_context_tokens; + super::token_budget::maybe_record_token_budget_remaining_context( + sess.as_ref(), + turn_context.as_ref(), + tokens_before_sampling, + tokens_after_sampling, + ) + .await; + + let started_new_context_window = sess + .maybe_start_new_context_window(turn_context.as_ref()) + .await + .is_some(); + if started_new_context_window && needs_follow_up { + can_drain_pending_input = !model_needs_follow_up; + continue; + } + // as long as compaction works well in getting us way below the token limit, we shouldn't worry about being in an infinite loop. if token_limit_reached && needs_follow_up { if let Err(err) = run_auto_compact( @@ -304,17 +313,6 @@ pub(crate) async fn run_turn( let error = err.to_codex_protocol_error(); sess.emit_turn_error_lifecycle(turn_context.as_ref(), error.clone()) .await; - if error == CodexErrorInfo::UsageLimitExceeded - && let Err(err) = sess - .goal_runtime_apply(GoalRuntimeEvent::UsageLimitReached { - turn_context: turn_context.as_ref(), - }) - .await - { - warn!( - "failed to usage-limit active goal after usage-limit error: {err}" - ); - } return None; } can_drain_pending_input = !model_needs_follow_up; @@ -400,15 +398,6 @@ pub(crate) async fn run_turn( let error = e.to_codex_protocol_error(); sess.emit_turn_error_lifecycle(turn_context.as_ref(), error.clone()) .await; - if error == CodexErrorInfo::UsageLimitExceeded - && let Err(err) = sess - .goal_runtime_apply(GoalRuntimeEvent::UsageLimitReached { - turn_context: turn_context.as_ref(), - }) - .await - { - warn!("failed to usage-limit active goal after usage-limit error: {err}"); - } sess.track_turn_codex_error(turn_context.as_ref(), &e); let event = EventMsg::Error(e.to_error_event(/*message_prefix*/ None)); sess.send_event(&turn_context, event).await; @@ -421,6 +410,23 @@ pub(crate) async fn run_turn( last_agent_message } +#[instrument(level = "trace", skip_all)] +async fn turn_diff_display_roots(turn_context: &TurnContext) -> Vec<(String, PathBuf)> { + let mut display_roots = Vec::new(); + for turn_environment in &turn_context.environments.turn_environments { + let root = get_git_repo_root_with_fs( + turn_environment.environment.get_filesystem().as_ref(), + &turn_environment.cwd, + ) + .await + .unwrap_or_else(|| turn_environment.cwd.clone()) + .into_path_buf(); + display_roots.push((turn_environment.environment_id.clone(), root)); + } + display_roots +} + +#[instrument(level = "trace", skip_all)] async fn run_hooks_and_record_inputs( sess: &Arc, turn_context: &Arc, @@ -449,10 +455,7 @@ async fn run_hooks_and_record_inputs( blocked_input && !accepted_user_input } -#[expect( - clippy::await_holding_invalid_type, - reason = "MCP tool listing borrows the read guard across cancellation-aware await" -)] +#[instrument(level = "trace", skip_all)] async fn build_skills_and_plugins( sess: &Arc, turn_context: &TurnContext, @@ -489,8 +492,7 @@ async fn build_skills_and_plugins( match sess .services .mcp_connection_manager - .read() - .await + .load_full() .list_all_tools() .or_cancel(cancellation_token) .await @@ -698,7 +700,7 @@ async fn track_turn_resolved_config_analytics( permission_profile: turn_context.permission_profile(), #[allow(deprecated)] permission_profile_cwd: turn_context.cwd.to_path_buf(), - reasoning_effort: turn_context.reasoning_effort, + reasoning_effort: turn_context.reasoning_effort.clone(), reasoning_summary: Some(turn_context.reasoning_summary), service_tier: turn_context .config @@ -723,7 +725,6 @@ struct AutoCompactTokenStatus { auto_compact_scope_tokens: i64, auto_compact_scope_limit: i64, full_context_window_limit: Option, - auto_compact_window_ordinal: Option, auto_compact_window_prefill_tokens: Option, full_context_window_limit_reached: bool, token_limit_reached: bool, @@ -734,7 +735,6 @@ async fn auto_compact_token_status( turn_context: &TurnContext, ) -> AutoCompactTokenStatus { let active_context_tokens = sess.get_total_token_usage().await; - let mut auto_compact_window_ordinal = None; let mut auto_compact_window_prefill_tokens = None; let (auto_compact_scope_tokens, auto_compact_scope_limit, full_context_window_limit) = match turn_context.config.model_auto_compact_token_limit_scope { @@ -748,7 +748,6 @@ async fn auto_compact_token_status( ), AutoCompactTokenLimitScope::BodyAfterPrefix => { let window = sess.auto_compact_window_snapshot().await; - auto_compact_window_ordinal = Some(window.ordinal); auto_compact_window_prefill_tokens = window.prefill_input_tokens; let baseline = window.prefill_input_tokens.unwrap_or(active_context_tokens); ( @@ -774,13 +773,13 @@ async fn auto_compact_token_status( auto_compact_scope_tokens, auto_compact_scope_limit, full_context_window_limit, - auto_compact_window_ordinal, auto_compact_window_prefill_tokens, full_context_window_limit_reached, token_limit_reached, } } +#[instrument(level = "trace", skip_all)] async fn run_pre_sampling_compact( sess: &Arc, turn_context: &Arc, @@ -803,8 +802,16 @@ async fn run_pre_sampling_compact( Ok(()) } -/// Runs pre-sampling compaction against the previous model when switching to a smaller -/// context-window model. +/// Returns true only when both turns declare compaction compatibility hashes and they differ. +/// A missing hash does not provide enough information to trigger compaction. +fn comp_hash_changed(previous: Option<&str>, current: Option<&str>) -> bool { + previous + .zip(current) + .is_some_and(|(previous, current)| previous != current) +} + +/// Runs pre-sampling compaction against the previous model when its compaction compatibility +/// hash changed or when switching to a smaller context-window model. /// /// Returns `Err(_)` only when compaction was attempted and failed. async fn maybe_run_previous_model_inline_compact( @@ -815,12 +822,29 @@ async fn maybe_run_previous_model_inline_compact( let Some(previous_turn_settings) = sess.previous_turn_settings().await else { return Ok(()); }; + let should_compact_for_comp_hash_change = comp_hash_changed( + previous_turn_settings.comp_hash.as_deref(), + turn_context.comp_hash.as_deref(), + ); let previous_model_turn_context = Arc::new( turn_context .with_model(previous_turn_settings.model, &sess.services.models_manager) .await, ); + if should_compact_for_comp_hash_change { + run_auto_compact( + sess, + &previous_model_turn_context, + client_session, + InitialContextInjection::DoNotInject, + CompactionReason::CompHashChanged, + CompactionPhase::PreTurn, + ) + .await?; + return Ok(()); + } + let Some(old_context_window) = previous_model_turn_context.model_context_window() else { return Ok(()); }; @@ -859,6 +883,11 @@ async fn maybe_run_previous_model_inline_compact( Ok(()) } +#[instrument( + level = "trace", + skip_all, + fields(reason = ?reason, phase = ?phase) +)] async fn run_auto_compact( sess: &Arc, turn_context: &Arc, @@ -967,6 +996,7 @@ pub(super) fn collect_explicit_app_ids_from_skill_items( connector_ids } +#[instrument(level = "trace", skip_all)] pub(crate) fn build_prompt( input: Vec, router: &ToolRouter, @@ -1002,7 +1032,7 @@ async fn run_sampling_request( turn_store: Arc, turn_diff_tracker: SharedTurnDiffTracker, client_session: &mut ModelClientSession, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, input: Vec, cancellation_token: CancellationToken, ) -> CodexResult { @@ -1045,7 +1075,7 @@ async fn run_sampling_request( Arc::clone(&turn_context), Arc::clone(&turn_store), client_session, - turn_metadata_header, + responses_metadata, Arc::clone(&turn_diff_tracker), &prompt, cancellation_token.child_token(), @@ -1083,13 +1113,10 @@ async fn run_sampling_request( ResponsesStreamRequest::Sampling, ) .await?; + turn_context.turn_timing_state.record_sampling_retry(); } } -#[expect( - clippy::await_holding_invalid_type, - reason = "tool router construction reads through the session-owned manager guard" -)] #[instrument(level = "trace", skip_all, fields( @@ -1103,22 +1130,17 @@ pub(crate) async fn built_tools( turn_context: &TurnContext, cancellation_token: &CancellationToken, ) -> CodexResult> { - let mcp_connection_manager = sess - .services - .mcp_connection_manager - .read() - .instrument(trace_span!("read_mcp_connection_manager")) - .await; + let mcp_connection_manager = sess.services.mcp_connection_manager.load_full(); let has_mcp_servers = mcp_connection_manager.has_servers(); let all_mcp_tools = mcp_connection_manager .list_all_tools() .or_cancel(cancellation_token) .await?; - drop(mcp_connection_manager); let loaded_plugins = sess .services .plugins_manager .plugins_for_config(&turn_context.config.plugins_config_input()) + .instrument(trace_span!("built_tools.load_plugins")) .await; let apps_enabled = turn_context.apps_enabled(); @@ -1149,35 +1171,39 @@ pub(crate) async fn built_tools( .into_iter() .map(|connector_id| connector_id.0) .collect::>(); - let discoverable_tools = if apps_enabled && tool_suggest_enabled(turn_context) { - if let Some(accessible_connectors) = accessible_connectors_with_enabled_state.as_ref() { - match connectors::list_tool_suggest_discoverable_tools_with_auth( - &turn_context.config, - sess.services.plugins_manager.as_ref(), - auth.as_ref(), - accessible_connectors.as_slice(), - &loaded_plugin_app_connector_ids, - ) - .await - .map(|discoverable_tools| { - filter_request_plugin_install_discoverable_tools_for_client( - discoverable_tools, - turn_context.app_server_client_name.as_deref(), + let discoverable_tools = async { + if apps_enabled && tool_suggest_enabled(turn_context) { + if let Some(accessible_connectors) = accessible_connectors_with_enabled_state.as_ref() { + match connectors::list_tool_suggest_discoverable_tools_with_auth( + &turn_context.config, + sess.services.plugins_manager.as_ref(), + auth.as_ref(), + accessible_connectors.as_slice(), + &loaded_plugin_app_connector_ids, ) - }) { - Ok(discoverable_tools) if discoverable_tools.is_empty() => None, - Ok(discoverable_tools) => Some(discoverable_tools), - Err(err) => { - warn!("failed to load discoverable tool suggestions: {err:#}"); - None + .await + .map(|discoverable_tools| { + filter_request_plugin_install_discoverable_tools_for_client( + discoverable_tools, + turn_context.app_server_client_name.as_deref(), + ) + }) { + Ok(discoverable_tools) if discoverable_tools.is_empty() => None, + Ok(discoverable_tools) => Some(discoverable_tools), + Err(err) => { + warn!("failed to load discoverable tool suggestions: {err:#}"); + None + } } + } else { + None } } else { None } - } else { - None - }; + } + .instrument(trace_span!("built_tools.load_discoverable_tools")) + .await; let mcp_tool_exposure = build_mcp_tool_exposure( &all_mcp_tools, @@ -1392,6 +1418,7 @@ pub(super) fn realtime_text_for_event(msg: &EventMsg) -> Option { | EventMsg::RealtimeConversationClosed(_) | EventMsg::ModelReroute(_) | EventMsg::ModelVerification(_) + | EventMsg::TurnModerationMetadata(_) | EventMsg::ContextCompacted(_) | EventMsg::ThreadRolledBack(_) | EventMsg::TurnStarted(_) @@ -1454,7 +1481,8 @@ pub(super) fn realtime_text_for_event(msg: &EventMsg) -> Option { | EventMsg::CollabCloseBegin(_) | EventMsg::CollabCloseEnd(_) | EventMsg::CollabResumeBegin(_) - | EventMsg::CollabResumeEnd(_) => None, + | EventMsg::CollabResumeEnd(_) + | EventMsg::SubAgentActivity(_) => None, } } @@ -1736,6 +1764,7 @@ async fn handle_assistant_item_done_in_plan_mode( false } +#[instrument(level = "trace", skip_all)] async fn drain_in_flight( in_flight: &mut FuturesOrdered>>, sess: Arc, @@ -1776,7 +1805,7 @@ async fn try_run_sampling_request( turn_context: Arc, turn_store: Arc, client_session: &mut ModelClientSession, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, turn_diff_tracker: SharedTurnDiffTracker, prompt: &Prompt, cancellation_token: CancellationToken, @@ -1794,15 +1823,16 @@ async fn try_run_sampling_request( turn_context.model_info.slug.as_str(), turn_context.provider.info().name.as_str(), ); + let sampling_timing_guard = turn_context.turn_timing_state.begin_sampling(); let mut stream = client_session .stream( prompt, &turn_context.model_info, &turn_context.session_telemetry, - turn_context.reasoning_effort, + turn_context.reasoning_effort.clone(), turn_context.reasoning_summary, turn_context.config.service_tier.clone(), - turn_metadata_header, + responses_metadata, &inference_trace, ) .instrument(trace_span!("stream_request")) @@ -1827,7 +1857,6 @@ async fn try_run_sampling_request( !sess.services.extensions.turn_item_contributors().is_empty(); let mut active_item_is_streaming_to_client = false; let receiving_span = trace_span!("receiving_stream"); - let mut completed_response_id: Option = None; let outcome: CodexResult = loop { let handle_responses = trace_span!( parent: &receiving_span, @@ -1925,6 +1954,7 @@ async fn try_run_sampling_request( role == "assistant" && matches!(phase, Some(MessagePhase::Commentary)) } ResponseItem::Reasoning { .. } => true, + ResponseItem::AgentMessage { .. } => false, ResponseItem::LocalShellCall { .. } | ResponseItem::FunctionCall { .. } | ResponseItem::ToolSearchCall { .. } @@ -2057,6 +2087,10 @@ async fn try_run_sampling_request( .await; } } + ResponseEvent::TurnModerationMetadata(metadata) => { + sess.emit_turn_moderation_metadata(&turn_context, metadata) + .await; + } ResponseEvent::ServerReasoningIncluded(included) => { sess.set_server_reasoning_included(included).await; } @@ -2071,9 +2105,9 @@ async fn try_run_sampling_request( sess.services.models_manager.refresh_if_new_etag(etag).await; } ResponseEvent::Completed { - response_id, token_usage, end_turn, + .. } => { flush_assistant_text_segments_all( &sess, @@ -2089,7 +2123,6 @@ async fn try_run_sampling_request( if let Some(false) = end_turn { needs_follow_up = true; } - completed_response_id = Some(response_id); break Ok(SamplingRequestResult { needs_follow_up, last_agent_message, @@ -2204,6 +2237,7 @@ async fn try_run_sampling_request( } } }; + drop(sampling_timing_guard); flush_assistant_text_segments_all( &sess, @@ -2213,16 +2247,13 @@ async fn try_run_sampling_request( ) .await; - if sess - .features - .enabled(Feature::ResponsesWebsocketResponseProcessed) - && outcome.is_ok() - && let Some(response_id) = completed_response_id.as_deref() - { - client_session.send_response_processed(response_id).await; - } - + let tool_blocking_timing_guard = if in_flight.is_empty() { + None + } else { + Some(turn_context.turn_timing_state.begin_tool_blocking()) + }; drain_in_flight(&mut in_flight, sess.clone(), turn_context.clone()).await?; + drop(tool_blocking_timing_guard); if should_emit_token_count { // A tool call such as request_user_input can intentionally pause the turn. Emit token diff --git a/codex-rs/core/src/session/turn_context.rs b/codex-rs/core/src/session/turn_context.rs index fea422cb4bb..5e5d5b76099 100644 --- a/codex-rs/core/src/session/turn_context.rs +++ b/codex-rs/core/src/session/turn_context.rs @@ -1,5 +1,6 @@ use super::*; use crate::SkillLoadOutcome; +use crate::agents_md::LoadedAgentsMd; use crate::config::GhostSnapshotConfig; use crate::environment_selection::ResolvedTurnEnvironments; use codex_core_skills::HostLoadedSkills; @@ -60,6 +61,7 @@ pub struct TurnContext { pub config: Arc, pub(crate) auth_manager: Option>, pub(crate) model_info: ModelInfo, + pub(crate) comp_hash: Option, pub(crate) tool_mode: ToolMode, pub(crate) session_telemetry: SessionTelemetry, pub(crate) provider: SharedModelProvider, @@ -90,7 +92,6 @@ pub struct TurnContext { pub(crate) shell_environment_policy: ShellEnvironmentPolicy, pub(crate) available_models: Vec, pub(crate) unified_exec_shell_mode: UnifiedExecShellMode, - pub(crate) goal_tools_supported: bool, pub features: ManagedFeatures, pub(crate) ghost_snapshot: GhostSnapshotConfig, pub(crate) final_output_json_schema: Option, @@ -135,7 +136,8 @@ impl TurnContext { pub(crate) fn effective_reasoning_effort(&self) -> Option { if self.model_info.supports_reasoning_summaries { self.reasoning_effort - .or(self.model_info.default_reasoning_level) + .clone() + .or_else(|| self.model_info.default_reasoning_level.clone()) } else { None } @@ -168,10 +170,6 @@ impl TurnContext { ToolEnvironmentMode::from_count(self.environments.turn_environments.len()) } - pub(crate) fn goal_tools_enabled(&self) -> bool { - self.goal_tools_supported && self.features.get().enabled(Feature::Goals) - } - pub(crate) async fn with_model( &self, model: String, @@ -195,28 +193,29 @@ impl TurnContext { let supported_reasoning_levels = model_info .supported_reasoning_levels .iter() - .map(|preset| preset.effort) + .map(|preset| preset.effort.clone()) .collect::>(); - let reasoning_effort = if let Some(current_reasoning_effort) = self.reasoning_effort { + let reasoning_effort = if let Some(current_reasoning_effort) = self.reasoning_effort.clone() + { if supported_reasoning_levels.contains(¤t_reasoning_effort) { Some(current_reasoning_effort) } else { supported_reasoning_levels .get(supported_reasoning_levels.len().saturating_sub(1) / 2) - .copied() - .or(model_info.default_reasoning_level) + .cloned() + .or_else(|| model_info.default_reasoning_level.clone()) } } else { supported_reasoning_levels .get(supported_reasoning_levels.len().saturating_sub(1) / 2) - .copied() - .or(model_info.default_reasoning_level) + .cloned() + .or_else(|| model_info.default_reasoning_level.clone()) }; - config.model_reasoning_effort = reasoning_effort; + config.model_reasoning_effort = reasoning_effort.clone(); let collaboration_mode = self.collaboration_mode.with_updates( Some(model.clone()), - Some(reasoning_effort), + Some(reasoning_effort.clone()), /*developer_instructions*/ None, ); let features = self.features.clone(); @@ -231,6 +230,7 @@ impl TurnContext { config: Arc::new(config), auth_manager: self.auth_manager.clone(), model_info: model_info.clone(), + comp_hash: model_info.comp_hash.clone(), tool_mode, session_telemetry: self .session_telemetry @@ -241,7 +241,7 @@ impl TurnContext { reasoning_summary: self.reasoning_summary, session_source: self.session_source.clone(), parent_thread_id: self.parent_thread_id, - thread_source: self.thread_source, + thread_source: self.thread_source.clone(), environments: self.environments.clone(), #[allow(deprecated)] cwd: self.cwd.clone(), @@ -261,7 +261,6 @@ impl TurnContext { shell_environment_policy: self.shell_environment_policy.clone(), available_models, unified_exec_shell_mode: self.unified_exec_shell_mode.clone(), - goal_tools_supported: self.goal_tools_supported, features, ghost_snapshot: self.ghost_snapshot.clone(), final_output_json_schema: self.final_output_json_schema.clone(), @@ -358,11 +357,12 @@ impl TurnContext { network: self.turn_context_network_item(), file_system_sandbox_policy: self.non_legacy_file_system_sandbox_policy(), model: self.model_info.slug.clone(), + comp_hash: self.comp_hash.clone(), personality: self.personality, collaboration_mode: Some(self.collaboration_mode.clone()), multi_agent_version: Some(self.multi_agent_version), realtime_active: Some(self.realtime_active), - effort: self.reasoning_effort, + effort: self.reasoning_effort.clone(), summary: ReasoningSummaryConfig::Auto, } } @@ -444,7 +444,7 @@ impl Session { session_configuration: &SessionConfiguration, ) -> Config { let mut config = - Self::build_per_turn_config(session_configuration, session_configuration.cwd.clone()); + Self::build_per_turn_config(session_configuration, session_configuration.cwd().clone()); config.model = Some(session_configuration.collaboration_mode.model().to_string()); config.permissions.approval_policy = session_configuration.approval_policy.clone(); config.workspace_roots = session_configuration.workspace_roots.clone(); @@ -474,7 +474,6 @@ impl Session { cwd: AbsolutePathBuf, sub_id: String, skills_outcome: Arc, - goal_tools_supported: bool, ) -> TurnContext { let reasoning_effort = session_configuration.collaboration_mode.reasoning_effort(); let reasoning_summary = session_configuration @@ -518,7 +517,6 @@ impl Session { session_configuration.forked_from_thread_id, session_configuration.parent_thread_id, &session_configuration.session_source, - session_configuration.thread_source, sub_id.clone(), cwd.clone(), &session_configuration.permission_profile(), @@ -535,6 +533,7 @@ impl Session { config: per_turn_config.clone(), auth_manager: auth_manager_for_context, model_info: model_info.clone(), + comp_hash: model_info.comp_hash.clone(), tool_mode, session_telemetry: session_telemetry_for_context, provider: provider_for_context, @@ -542,7 +541,7 @@ impl Session { reasoning_summary, session_source, parent_thread_id: session_configuration.parent_thread_id, - thread_source: session_configuration.thread_source, + thread_source: session_configuration.thread_source.clone(), environments, #[allow(deprecated)] cwd, @@ -551,7 +550,10 @@ impl Session { app_server_client_name: session_configuration.app_server_client_name.clone(), developer_instructions: session_configuration.developer_instructions.clone(), compact_prompt: session_configuration.compact_prompt.clone(), - user_instructions: session_configuration.user_instructions.clone(), + user_instructions: session_configuration + .loaded_agents_md + .as_ref() + .map(LoadedAgentsMd::text), collaboration_mode: session_configuration.collaboration_mode.clone(), multi_agent_version, personality: session_configuration.personality, @@ -562,7 +564,6 @@ impl Session { shell_environment_policy: per_turn_config.permissions.shell_environment_policy.clone(), available_models, unified_exec_shell_mode, - goal_tools_supported, features: per_turn_config.features.clone(), ghost_snapshot: per_turn_config.ghost_snapshot.clone(), final_output_json_schema: None, @@ -589,19 +590,9 @@ impl Session { let mut state = self.state.lock().await; match state.session_configuration.clone().apply(&updates) { Ok(next) => { - let mut effective_environments = updates - .environments - .clone() - .unwrap_or_else(|| next.environments.clone()); - if updates.environments.is_none() { - Self::overlay_runtime_cwd_on_primary_environment( - &mut effective_environments, - &next.cwd, - ); - } let turn_environments = - self.resolve_turn_environments(&effective_environments)?; - let previous_cwd = state.session_configuration.cwd.clone(); + self.resolve_turn_environments(next.environment_selections())?; + let previous_cwd = state.session_configuration.cwd().clone(); let previous_permission_profile = state.session_configuration.permission_profile(); let next_permission_profile = next.permission_profile(); @@ -658,7 +649,7 @@ impl Session { self.emit_config_changed_contributors(previous_config.as_ref(), new_config.as_ref()); self.maybe_refresh_shell_snapshot_for_cwd( &previous_cwd, - &session_configuration.cwd, + session_configuration.cwd(), &codex_home, &session_source, ); @@ -733,10 +724,10 @@ impl Session { let cwd = primary_turn_environment .as_ref() .map(|turn_environment| turn_environment.cwd.clone()) - .unwrap_or_else(|| session_configuration.cwd.clone()); + .unwrap_or_else(|| session_configuration.cwd().clone()); let per_turn_config = Self::build_per_turn_config(&session_configuration, cwd.clone()); { - let mcp_connection_manager = self.services.mcp_connection_manager.read().await; + let mcp_connection_manager = self.services.mcp_connection_manager.load_full(); mcp_connection_manager.set_approval_policy(&session_configuration.approval_policy); mcp_connection_manager .set_permission_profile(session_configuration.permission_profile()); @@ -775,7 +766,6 @@ impl Session { .skills_for_config(&skills_input, fs) .await, ); - let goal_tools_supported = !per_turn_config.ephemeral && self.state_db().is_some(); let mut turn_context: TurnContext = Self::make_turn_context( self.thread_id(), self.session_id(), @@ -804,7 +794,6 @@ impl Session { cwd, sub_id, skills_outcome, - goal_tools_supported, ); turn_context.realtime_active = self.conversation.running_state().await.is_some(); @@ -875,29 +864,14 @@ impl Session { let state = self.state.lock().await; state.session_configuration.clone() }; - let mut effective_environments = session_configuration.environments.clone(); - Self::overlay_runtime_cwd_on_primary_environment( - &mut effective_environments, - &session_configuration.cwd, - ); - let turn_environments = match self.resolve_turn_environments(&effective_environments) { - Ok(turn_environments) => turn_environments, - Err(err) => { - warn!("failed to resolve stored session environments: {err}"); - ResolvedTurnEnvironments::default() - } - }; + let turn_environments = + match self.resolve_turn_environments(session_configuration.environment_selections()) { + Ok(turn_environments) => turn_environments, + Err(err) => { + warn!("failed to resolve stored session environments: {err}"); + ResolvedTurnEnvironments::default() + } + }; (session_configuration, turn_environments) } - - fn overlay_runtime_cwd_on_primary_environment( - environments: &mut [TurnEnvironmentSelection], - runtime_cwd: &AbsolutePathBuf, - ) { - if let Some(turn_environment) = environments.first_mut() - && turn_environment.cwd != *runtime_cwd - { - turn_environment.cwd = runtime_cwd.clone(); - } - } } diff --git a/codex-rs/core/src/session/turn_tests.rs b/codex-rs/core/src/session/turn_tests.rs index 81a43ff5a94..3511c03bda9 100644 --- a/codex-rs/core/src/session/turn_tests.rs +++ b/codex-rs/core/src/session/turn_tests.rs @@ -7,20 +7,21 @@ use std::sync::Arc; struct RewriteAgentMessageContributor; -#[async_trait::async_trait] impl TurnItemContributor for RewriteAgentMessageContributor { - async fn contribute( - &self, - _thread_store: &ExtensionData, - _turn_store: &ExtensionData, - item: &mut TurnItem, - ) -> Result<(), String> { - if let TurnItem::AgentMessage(agent_message) = item { - agent_message.content = vec![AgentMessageContent::Text { - text: "plan contributed assistant text".to_string(), - }]; - } - Ok(()) + fn contribute<'a>( + &'a self, + _thread_store: &'a ExtensionData, + _turn_store: &'a ExtensionData, + item: &'a mut TurnItem, + ) -> codex_extension_api::ExtensionFuture<'a, Result<(), String>> { + Box::pin(async move { + if let TurnItem::AgentMessage(agent_message) = item { + agent_message.content = vec![AgentMessageContent::Text { + text: "plan contributed assistant text".to_string(), + }]; + } + Ok(()) + }) } } diff --git a/codex-rs/core/src/session_startup_prewarm.rs b/codex-rs/core/src/session_startup_prewarm.rs index d620648179f..0474eb87046 100644 --- a/codex-rs/core/src/session_startup_prewarm.rs +++ b/codex-rs/core/src/session_startup_prewarm.rs @@ -4,10 +4,13 @@ use std::time::Instant; use tokio::task::JoinHandle; use tokio_util::sync::CancellationToken; +use tokio_util::task::AbortOnDropHandle; use tracing::info; +use tracing::instrument; use tracing::warn; use crate::client::ModelClientSession; +use crate::responses_metadata::CodexResponsesRequestKind; use crate::session::INITIAL_SUBMIT_ID; use crate::session::session::Session; use crate::session::turn::build_prompt; @@ -19,7 +22,7 @@ use codex_protocol::error::Result as CodexResult; use codex_protocol::models::BaseInstructions; pub(crate) struct SessionStartupPrewarmHandle { - task: JoinHandle>, + task: AbortOnDropHandle>, started_at: Instant, timeout: Duration, } @@ -40,12 +43,18 @@ impl SessionStartupPrewarmHandle { timeout: Duration, ) -> Self { Self { - task, + task: AbortOnDropHandle::new(task), started_at, timeout, } } + pub(crate) async fn abort(self) { + self.task.abort(); + let _ = self.task.await; + } + + #[instrument(name = "startup_prewarm.resolve", level = "trace", skip_all)] async fn resolve( self, session_telemetry: &SessionTelemetry, @@ -260,10 +269,14 @@ async fn schedule_startup_prewarm_inner( build_prompt_started_at.elapsed(), /*status*/ None, ); - let window_id = session.services.model_client.current_window_id(); - let startup_turn_metadata_header = startup_turn_context + let window_id = session.current_window_id().await; + let responses_metadata = startup_turn_context .turn_metadata_state - .current_header_value_for_prewarm(&window_id); + .to_responses_metadata( + session.installation_id.clone(), + window_id, + CodexResponsesRequestKind::Prewarm, + ); let mut client_session = session.services.model_client.new_session(); let websocket_warmup_started_at = Instant::now(); client_session @@ -271,10 +284,10 @@ async fn schedule_startup_prewarm_inner( &startup_prompt, &startup_turn_context.model_info, &startup_turn_context.session_telemetry, - startup_turn_context.reasoning_effort, + startup_turn_context.reasoning_effort.clone(), startup_turn_context.reasoning_summary, startup_turn_context.config.service_tier.clone(), - startup_turn_metadata_header.as_deref(), + &responses_metadata, ) .await?; startup_turn_context.session_telemetry.record_startup_phase( diff --git a/codex-rs/core/src/shell.rs b/codex-rs/core/src/shell.rs index 48c760d6677..9843d4cea58 100644 --- a/codex-rs/core/src/shell.rs +++ b/codex-rs/core/src/shell.rs @@ -1,19 +1,12 @@ -use crate::shell_detect::detect_shell_type; use crate::shell_snapshot::ShellSnapshot; +use codex_shell_command::shell_detect::DetectedShell; use serde::Deserialize; use serde::Serialize; use std::path::PathBuf; use std::sync::Arc; use tokio::sync::watch; -#[derive(Debug, PartialEq, Eq, Clone, Serialize, Deserialize)] -pub enum ShellType { - Zsh, - Bash, - PowerShell, - Sh, - Cmd, -} +pub use codex_shell_command::shell_detect::ShellType; #[derive(Debug, Clone, Serialize, Deserialize)] pub struct Shell { @@ -29,13 +22,7 @@ pub struct Shell { impl Shell { pub fn name(&self) -> &'static str { - match self.shell_type { - ShellType::Zsh => "zsh", - ShellType::Bash => "bash", - ShellType::PowerShell => "powershell", - ShellType::Sh => "sh", - ShellType::Cmd => "cmd", - } + self.shell_type.name() } /// Takes a string of shell and returns the full list of command args to @@ -88,319 +75,36 @@ impl PartialEq for Shell { impl Eq for Shell {} -#[cfg(unix)] -fn get_user_shell_path() -> Option { - let uid = unsafe { libc::getuid() }; - use std::ffi::CStr; - use std::mem::MaybeUninit; - use std::ptr; - - let mut passwd = MaybeUninit::::uninit(); - - // We cannot use getpwuid here: it returns pointers into libc-managed - // storage, which is not safe to read concurrently on all targets (the musl - // static build used by the CLI can segfault when parallel callers race on - // that buffer). getpwuid_r keeps the passwd data in caller-owned memory. - let suggested_buffer_len = unsafe { libc::sysconf(libc::_SC_GETPW_R_SIZE_MAX) }; - let buffer_len = usize::try_from(suggested_buffer_len) - .ok() - .filter(|len| *len > 0) - .unwrap_or(1024); - let mut buffer = vec![0; buffer_len]; - - loop { - let mut result = ptr::null_mut(); - let status = unsafe { - libc::getpwuid_r( - uid, - passwd.as_mut_ptr(), - buffer.as_mut_ptr().cast(), - buffer.len(), - &mut result, - ) - }; - - if status == 0 { - if result.is_null() { - return None; - } - - let passwd = unsafe { passwd.assume_init_ref() }; - if passwd.pw_shell.is_null() { - return None; - } - - let shell_path = unsafe { CStr::from_ptr(passwd.pw_shell) } - .to_string_lossy() - .into_owned(); - return Some(PathBuf::from(shell_path)); - } - - if status != libc::ERANGE { - return None; - } - - // Retry with a larger buffer until libc can materialize the passwd entry. - let new_len = buffer.len().checked_mul(2)?; - if new_len > 1024 * 1024 { - return None; - } - buffer.resize(new_len, 0); - } -} - -#[cfg(not(unix))] -fn get_user_shell_path() -> Option { - None -} - -fn file_exists(path: &PathBuf) -> Option { - if std::fs::metadata(path).is_ok_and(|metadata| metadata.is_file()) { - Some(PathBuf::from(path)) - } else { - None - } -} - -fn get_shell_path( - shell_type: ShellType, - provided_path: Option<&PathBuf>, - binary_name: &str, - fallback_paths: &[&str], -) -> Option { - // If exact provided path exists, use it - if provided_path.and_then(file_exists).is_some() { - return provided_path.cloned(); - } - - // Check if the shell we are trying to load is user's default shell - // if just use it - let default_shell_path = get_user_shell_path(); - if let Some(default_shell_path) = default_shell_path - && detect_shell_type(&default_shell_path) == Some(shell_type) - && file_exists(&default_shell_path).is_some() - { - return Some(default_shell_path); - } - - if let Ok(path) = which::which(binary_name) { - return Some(path); - } - - for path in fallback_paths { - //check exists - if let Some(path) = file_exists(&PathBuf::from(path)) { - return Some(path); +impl From for Shell { + fn from(detected: DetectedShell) -> Self { + Self { + shell_type: detected.shell_type, + shell_path: detected.shell_path, + shell_snapshot: empty_shell_snapshot_receiver(), } } - - None -} - -const ZSH_FALLBACK_PATHS: &[&str] = &["/bin/zsh"]; - -fn get_zsh_shell(path: Option<&PathBuf>) -> Option { - let shell_path = get_shell_path(ShellType::Zsh, path, "zsh", ZSH_FALLBACK_PATHS); - - shell_path.map(|shell_path| Shell { - shell_type: ShellType::Zsh, - shell_path, - shell_snapshot: empty_shell_snapshot_receiver(), - }) -} - -const BASH_FALLBACK_PATHS: &[&str] = &["/bin/bash"]; - -fn get_bash_shell(path: Option<&PathBuf>) -> Option { - let shell_path = get_shell_path(ShellType::Bash, path, "bash", BASH_FALLBACK_PATHS); - - shell_path.map(|shell_path| Shell { - shell_type: ShellType::Bash, - shell_path, - shell_snapshot: empty_shell_snapshot_receiver(), - }) -} - -const SH_FALLBACK_PATHS: &[&str] = &["/bin/sh"]; - -fn get_sh_shell(path: Option<&PathBuf>) -> Option { - let shell_path = get_shell_path(ShellType::Sh, path, "sh", SH_FALLBACK_PATHS); - - shell_path.map(|shell_path| Shell { - shell_type: ShellType::Sh, - shell_path, - shell_snapshot: empty_shell_snapshot_receiver(), - }) -} - -// Note the `pwsh` and `powershell` fallback paths are where the respective -// shells are commonly installed on GitHub Actions Windows runners, but may not -// be present on all Windows machines: -// https://docs.github.com/en/actions/tutorials/build-and-test-code/powershell - -#[cfg(windows)] -const PWSH_FALLBACK_PATHS: &[&str] = &[r#"C:\Program Files\PowerShell\7\pwsh.exe"#]; -#[cfg(not(windows))] -const PWSH_FALLBACK_PATHS: &[&str] = &["/usr/local/bin/pwsh"]; - -#[cfg(windows)] -const POWERSHELL_FALLBACK_PATHS: &[&str] = - &[r#"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"#]; -#[cfg(not(windows))] -const POWERSHELL_FALLBACK_PATHS: &[&str] = &[]; - -fn get_powershell_shell(path: Option<&PathBuf>) -> Option { - let shell_path = get_shell_path(ShellType::PowerShell, path, "pwsh", PWSH_FALLBACK_PATHS) - .or_else(|| { - get_shell_path( - ShellType::PowerShell, - path, - "powershell", - POWERSHELL_FALLBACK_PATHS, - ) - }); - - shell_path.map(|shell_path| Shell { - shell_type: ShellType::PowerShell, - shell_path, - shell_snapshot: empty_shell_snapshot_receiver(), - }) -} - -fn get_cmd_shell(path: Option<&PathBuf>) -> Option { - let shell_path = get_shell_path(ShellType::Cmd, path, "cmd", &[]); - - shell_path.map(|shell_path| Shell { - shell_type: ShellType::Cmd, - shell_path, - shell_snapshot: empty_shell_snapshot_receiver(), - }) } +#[cfg(all(test, unix))] fn ultimate_fallback_shell() -> Shell { - if cfg!(windows) { - Shell { - shell_type: ShellType::Cmd, - shell_path: PathBuf::from("cmd.exe"), - shell_snapshot: empty_shell_snapshot_receiver(), - } - } else { - Shell { - shell_type: ShellType::Sh, - shell_path: PathBuf::from("/bin/sh"), - shell_snapshot: empty_shell_snapshot_receiver(), - } - } + codex_shell_command::shell_detect::ultimate_fallback_shell().into() } pub fn get_shell_by_model_provided_path(shell_path: &PathBuf) -> Shell { - detect_shell_type(shell_path) - .and_then(|shell_type| get_shell(shell_type, Some(shell_path))) - .unwrap_or(ultimate_fallback_shell()) + codex_shell_command::shell_detect::get_shell_by_model_provided_path(shell_path).into() } pub fn get_shell(shell_type: ShellType, path: Option<&PathBuf>) -> Option { - match shell_type { - ShellType::Zsh => get_zsh_shell(path), - ShellType::Bash => get_bash_shell(path), - ShellType::PowerShell => get_powershell_shell(path), - ShellType::Sh => get_sh_shell(path), - ShellType::Cmd => get_cmd_shell(path), - } + codex_shell_command::shell_detect::get_shell(shell_type, path).map(Into::into) } pub fn default_user_shell() -> Shell { - default_user_shell_from_path(get_user_shell_path()) + codex_shell_command::shell_detect::default_user_shell().into() } +#[cfg(all(test, target_os = "macos"))] fn default_user_shell_from_path(user_shell_path: Option) -> Shell { - if cfg!(windows) { - get_shell(ShellType::PowerShell, /*path*/ None).unwrap_or(ultimate_fallback_shell()) - } else { - let user_default_shell = user_shell_path - .and_then(|shell| detect_shell_type(&shell)) - .and_then(|shell_type| get_shell(shell_type, /*path*/ None)); - - let shell_with_fallback = if cfg!(target_os = "macos") { - user_default_shell - .or_else(|| get_shell(ShellType::Zsh, /*path*/ None)) - .or_else(|| get_shell(ShellType::Bash, /*path*/ None)) - } else { - user_default_shell - .or_else(|| get_shell(ShellType::Bash, /*path*/ None)) - .or_else(|| get_shell(ShellType::Zsh, /*path*/ None)) - }; - - shell_with_fallback.unwrap_or(ultimate_fallback_shell()) - } -} - -#[cfg(test)] -mod detect_shell_type_tests { - use super::*; - - #[test] - fn test_detect_shell_type() { - assert_eq!( - detect_shell_type(&PathBuf::from("zsh")), - Some(ShellType::Zsh) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("bash")), - Some(ShellType::Bash) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("pwsh")), - Some(ShellType::PowerShell) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("powershell")), - Some(ShellType::PowerShell) - ); - assert_eq!(detect_shell_type(&PathBuf::from("fish")), None); - assert_eq!(detect_shell_type(&PathBuf::from("other")), None); - assert_eq!( - detect_shell_type(&PathBuf::from("/bin/zsh")), - Some(ShellType::Zsh) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("/bin/bash")), - Some(ShellType::Bash) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("powershell.exe")), - Some(ShellType::PowerShell) - ); - assert_eq!( - detect_shell_type(&PathBuf::from(if cfg!(windows) { - "C:\\windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" - } else { - "/usr/local/bin/pwsh" - })), - Some(ShellType::PowerShell) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("pwsh.exe")), - Some(ShellType::PowerShell) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("/usr/local/bin/pwsh")), - Some(ShellType::PowerShell) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("/bin/sh")), - Some(ShellType::Sh) - ); - assert_eq!(detect_shell_type(&PathBuf::from("sh")), Some(ShellType::Sh)); - assert_eq!( - detect_shell_type(&PathBuf::from("cmd")), - Some(ShellType::Cmd) - ); - assert_eq!( - detect_shell_type(&PathBuf::from("cmd.exe")), - Some(ShellType::Cmd) - ); - } + codex_shell_command::shell_detect::default_user_shell_from_path(user_shell_path).into() } #[cfg(test)] diff --git a/codex-rs/core/src/shell_detect.rs b/codex-rs/core/src/shell_detect.rs deleted file mode 100644 index 3595ab3469b..00000000000 --- a/codex-rs/core/src/shell_detect.rs +++ /dev/null @@ -1,24 +0,0 @@ -use crate::shell::ShellType; -use std::path::Path; -use std::path::PathBuf; - -pub(crate) fn detect_shell_type(shell_path: &PathBuf) -> Option { - match shell_path.as_os_str().to_str() { - Some("zsh") => Some(ShellType::Zsh), - Some("sh") => Some(ShellType::Sh), - Some("cmd") => Some(ShellType::Cmd), - Some("bash") => Some(ShellType::Bash), - Some("pwsh") => Some(ShellType::PowerShell), - Some("powershell") => Some(ShellType::PowerShell), - _ => { - let shell_name = shell_path.file_stem(); - if let Some(shell_name) = shell_name { - let shell_name_path = Path::new(shell_name); - if shell_name_path != Path::new(shell_path) { - return detect_shell_type(&shell_name_path.to_path_buf()); - } - } - None - } - } -} diff --git a/codex-rs/core/src/shell_snapshot.rs b/codex-rs/core/src/shell_snapshot.rs index b328a977d7e..1cbd5386676 100644 --- a/codex-rs/core/src/shell_snapshot.rs +++ b/codex-rs/core/src/shell_snapshot.rs @@ -151,9 +151,7 @@ impl ShellSnapshot { }); // Make the new snapshot. - if let Err(err) = - write_shell_snapshot(shell.shell_type.clone(), &temp_path, session_cwd).await - { + if let Err(err) = write_shell_snapshot(shell.shell_type, &temp_path, session_cwd).await { tracing::warn!( "Failed to create shell snapshot for {}: {err:?}", shell.name() @@ -203,7 +201,7 @@ async fn write_shell_snapshot( if shell_type == ShellType::PowerShell || shell_type == ShellType::Cmd { bail!("Shell snapshot not supported yet for {shell_type:?}"); } - let shell = get_shell(shell_type.clone(), /*path*/ None) + let shell = get_shell(shell_type, /*path*/ None) .with_context(|| format!("No available shell for {shell_type:?}"))?; let raw_snapshot = capture_snapshot(&shell, cwd).await?; @@ -225,7 +223,7 @@ async fn write_shell_snapshot( } async fn capture_snapshot(shell: &Shell, cwd: &AbsolutePathBuf) -> Result { - let shell_type = shell.shell_type.clone(); + let shell_type = shell.shell_type; match shell_type { ShellType::Zsh => run_shell_script(shell, &zsh_snapshot_script(), cwd).await, ShellType::Bash => run_shell_script(shell, &bash_snapshot_script(), cwd).await, diff --git a/codex-rs/core/src/state/auto_compact_window.rs b/codex-rs/core/src/state/auto_compact_window.rs index d1deb3c2882..1e3eceadade 100644 --- a/codex-rs/core/src/state/auto_compact_window.rs +++ b/codex-rs/core/src/state/auto_compact_window.rs @@ -2,7 +2,6 @@ use codex_protocol::protocol::TokenUsage; #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub(crate) struct AutoCompactWindowSnapshot { - pub(crate) ordinal: u64, pub(crate) prefill_input_tokens: Option, } @@ -14,7 +13,8 @@ enum AutoCompactWindowPrefill { #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub(super) struct AutoCompactWindow { - ordinal: u64, + window_id: u64, + new_context_window_requested: bool, /// Absolute input-token baseline for the current compaction window. /// /// `body_after_prefix` subtracts this from later active-context usage. It is @@ -26,7 +26,8 @@ pub(super) struct AutoCompactWindow { impl AutoCompactWindow { pub(super) fn new() -> Self { Self { - ordinal: 1, + window_id: 0, + new_context_window_requested: false, prefill_input_tokens: None, } } @@ -35,9 +36,28 @@ impl AutoCompactWindow { self.prefill_input_tokens = None; } - pub(super) fn start_next(&mut self) { - self.ordinal = self.ordinal.saturating_add(1); - self.clear_prefill(); + pub(super) fn window_id(&self) -> u64 { + self.window_id + } + + pub(super) fn set_window_id(&mut self, window_id: u64) { + self.window_id = window_id; + } + + pub(super) fn advance_window_id(&mut self) -> u64 { + self.window_id = self.window_id.saturating_add(1); + self.new_context_window_requested = false; + self.window_id + } + + pub(super) fn request_new_context_window(&mut self) { + self.new_context_window_requested = true; + } + + pub(super) fn take_new_context_window_request(&mut self) -> bool { + let requested = self.new_context_window_requested; + self.new_context_window_requested = false; + requested } /// Records the request-input side of the first server usage sample. The @@ -74,7 +94,6 @@ impl AutoCompactWindow { None => None, }; AutoCompactWindowSnapshot { - ordinal: self.ordinal, prefill_input_tokens, } } @@ -89,10 +108,20 @@ mod tests { fn tracks_prefill_and_window_boundaries() { let mut window = AutoCompactWindow::new(); + assert_eq!(window.window_id(), 0); + window.set_window_id(/*window_id*/ 3); + assert_eq!(window.window_id(), 3); + window.request_new_context_window(); + assert!(window.take_new_context_window_request()); + assert!(!window.take_new_context_window_request()); + window.request_new_context_window(); + assert_eq!(window.advance_window_id(), 4); + assert_eq!(window.window_id(), 4); + assert!(!window.take_new_context_window_request()); + assert_eq!( window.snapshot(), AutoCompactWindowSnapshot { - ordinal: 1, prefill_input_tokens: None, } ); @@ -101,7 +130,6 @@ mod tests { assert_eq!( window.snapshot(), AutoCompactWindowSnapshot { - ordinal: 1, prefill_input_tokens: Some(150), } ); @@ -114,7 +142,6 @@ mod tests { assert_eq!( window.snapshot(), AutoCompactWindowSnapshot { - ordinal: 1, prefill_input_tokens: Some(120), } ); @@ -128,18 +155,8 @@ mod tests { assert_eq!( window.snapshot(), AutoCompactWindowSnapshot { - ordinal: 1, prefill_input_tokens: Some(120), } ); - - window.start_next(); - assert_eq!( - window.snapshot(), - AutoCompactWindowSnapshot { - ordinal: 2, - prefill_input_tokens: None, - } - ); } } diff --git a/codex-rs/core/src/state/service.rs b/codex-rs/core/src/state/service.rs index 59def9c7aba..d8d91e85a8b 100644 --- a/codex-rs/core/src/state/service.rs +++ b/codex-rs/core/src/state/service.rs @@ -15,6 +15,7 @@ use crate::tools::code_mode::CodeModeService; use crate::tools::network_approval::NetworkApprovalService; use crate::tools::sandboxing::ApprovalStore; use crate::unified_exec::UnifiedExecProcessManager; +use anyhow::Result; use arc_swap::ArcSwap; use arc_swap::ArcSwapOption; use codex_analytics::AnalyticsEventsClient; @@ -34,12 +35,12 @@ use codex_thread_store::ThreadStore; use std::path::PathBuf; use tokio::runtime::Handle; use tokio::sync::Mutex; -use tokio::sync::RwLock; use tokio::sync::watch; use tokio_util::sync::CancellationToken; pub(crate) struct SessionServices { - pub(crate) mcp_connection_manager: Arc>, + /// The latest manager; callers retain an owned handle while performing MCP I/O. + pub(crate) mcp_connection_manager: Arc>, pub(crate) mcp_startup_cancellation_token: Mutex, pub(crate) unified_exec_manager: UnifiedExecProcessManager, #[cfg_attr(not(unix), allow(dead_code))] @@ -82,3 +83,18 @@ pub(crate) struct SessionServices { /// the same manager through child-thread spawn paths without reconstructing it. pub(crate) environment_manager: Arc, } + +impl SessionServices { + /// Installs the manager before validating required servers so startup-time elicitation can + /// resolve through the session's manager while validation waits. + pub(crate) async fn install_mcp_connection_manager( + &self, + manager: McpConnectionManager, + ) -> Result<()> { + self.mcp_connection_manager.store(Arc::new(manager)); + self.mcp_connection_manager + .load_full() + .validate_required_servers() + .await + } +} diff --git a/codex-rs/core/src/state/session.rs b/codex-rs/core/src/state/session.rs index 024f1904cc0..269d3e0f607 100644 --- a/codex-rs/core/src/state/session.rs +++ b/codex-rs/core/src/state/session.rs @@ -140,14 +140,36 @@ impl SessionState { self.auto_compact_window.set_estimated_prefill(tokens); } - pub(crate) fn start_next_auto_compact_window(&mut self) { - self.auto_compact_window.start_next(); - } - pub(crate) fn auto_compact_window_snapshot(&self) -> AutoCompactWindowSnapshot { self.auto_compact_window.snapshot() } + pub(crate) fn auto_compact_window_id(&self) -> u64 { + self.auto_compact_window.window_id() + } + + pub(crate) fn set_auto_compact_window_id(&mut self, window_id: u64) { + self.auto_compact_window.set_window_id(window_id); + } + + pub(crate) fn advance_auto_compact_window_id(&mut self) -> u64 { + self.auto_compact_window.advance_window_id() + } + + pub(crate) fn request_new_context_window(&mut self) { + self.auto_compact_window.request_new_context_window(); + } + + pub(crate) fn start_new_context_window_if_requested(&mut self) -> Option { + if !self.auto_compact_window.take_new_context_window_request() { + return None; + } + + let window_id = self.auto_compact_window.advance_window_id(); + self.auto_compact_window.clear_prefill(); + Some(window_id) + } + pub(crate) fn token_info(&self) -> Option { self.history.token_info() } diff --git a/codex-rs/core/src/state/session_tests.rs b/codex-rs/core/src/state/session_tests.rs index 5f0ae085e76..0fbb92b958f 100644 --- a/codex-rs/core/src/state/session_tests.rs +++ b/codex-rs/core/src/state/session_tests.rs @@ -65,18 +65,16 @@ async fn set_rate_limits_defaults_limit_id_to_codex_when_missing() { } #[tokio::test] -async fn replace_history_clears_auto_compact_window_prefill_without_advancing() { +async fn replace_history_clears_auto_compact_window_prefill() { let session_configuration = make_session_configuration_for_tests().await; let mut state = SessionState::new(session_configuration); - state.start_next_auto_compact_window(); state.set_auto_compact_window_estimated_prefill(/*tokens*/ 100); state.replace_history(Vec::new(), /*reference_context_item*/ None); assert_eq!( state.auto_compact_window_snapshot(), AutoCompactWindowSnapshot { - ordinal: 2, prefill_input_tokens: None, } ); diff --git a/codex-rs/core/src/state/turn.rs b/codex-rs/core/src/state/turn.rs index eaf26ba8532..d1e31b79949 100644 --- a/codex-rs/core/src/state/turn.rs +++ b/codex-rs/core/src/state/turn.rs @@ -18,6 +18,7 @@ use codex_sandboxing::policy_transforms::merge_permission_profiles; use rmcp::model::RequestId; use tokio::sync::oneshot; +use crate::agent::control::AgentExecutionGuard; use crate::session::TurnInputQueue; use crate::session::turn_context::TurnContext; use crate::tasks::AnySessionTask; @@ -76,6 +77,7 @@ pub(crate) struct RunningTask { pub(crate) handle: AbortOnDropHandle<()>, pub(crate) turn_context: Arc, pub(crate) turn_extension_data: Arc, + pub(crate) _agent_execution_guard: Option, // Timer recorded when the task drops to capture the full turn duration. pub(crate) _timer: Option, } diff --git a/codex-rs/core/src/stream_events_utils.rs b/codex-rs/core/src/stream_events_utils.rs index 20fc6787ac1..81beea5be14 100644 --- a/codex-rs/core/src/stream_events_utils.rs +++ b/codex-rs/core/src/stream_events_utils.rs @@ -38,7 +38,8 @@ use tracing::warn; const GENERATED_IMAGE_ARTIFACTS_DIR: &str = "generated_images"; -pub(crate) fn image_generation_artifact_path( +/// Returns the host-owned default artifact path for a generated image. +pub fn image_generation_artifact_path( codex_home: &AbsolutePathBuf, session_id: &str, call_id: &str, diff --git a/codex-rs/core/src/stream_events_utils_tests.rs b/codex-rs/core/src/stream_events_utils_tests.rs index 9c4be945764..c151a46fb35 100644 --- a/codex-rs/core/src/stream_events_utils_tests.rs +++ b/codex-rs/core/src/stream_events_utils_tests.rs @@ -167,41 +167,43 @@ struct TestTurnItemContributor; #[derive(Debug)] struct TurnItemContributorRan; -#[async_trait::async_trait] impl TurnItemContributor for TestTurnItemContributor { - async fn contribute( - &self, - _thread_store: &ExtensionData, - turn_store: &ExtensionData, - item: &mut TurnItem, - ) -> Result<(), String> { - turn_store.insert(TurnItemContributorRan); - if let TurnItem::AgentMessage(agent_message) = item { - agent_message.memory_citation = Some(MemoryCitation { - entries: Vec::new(), - rollout_ids: Vec::new(), - }); - } - Ok(()) + fn contribute<'a>( + &'a self, + _thread_store: &'a ExtensionData, + turn_store: &'a ExtensionData, + item: &'a mut TurnItem, + ) -> codex_extension_api::ExtensionFuture<'a, Result<(), String>> { + Box::pin(async move { + turn_store.insert(TurnItemContributorRan); + if let TurnItem::AgentMessage(agent_message) = item { + agent_message.memory_citation = Some(MemoryCitation { + entries: Vec::new(), + rollout_ids: Vec::new(), + }); + } + Ok(()) + }) } } struct RewriteAgentMessageContributor; -#[async_trait::async_trait] impl TurnItemContributor for RewriteAgentMessageContributor { - async fn contribute( - &self, - _thread_store: &ExtensionData, - _turn_store: &ExtensionData, - item: &mut TurnItem, - ) -> Result<(), String> { - if let TurnItem::AgentMessage(agent_message) = item { - agent_message.content = vec![AgentMessageContent::Text { - text: "contributed assistant text".to_string(), - }]; - } - Ok(()) + fn contribute<'a>( + &'a self, + _thread_store: &'a ExtensionData, + _turn_store: &'a ExtensionData, + item: &'a mut TurnItem, + ) -> codex_extension_api::ExtensionFuture<'a, Result<(), String>> { + Box::pin(async move { + if let TurnItem::AgentMessage(agent_message) = item { + agent_message.content = vec![AgentMessageContent::Text { + text: "contributed assistant text".to_string(), + }]; + } + Ok(()) + }) } } diff --git a/codex-rs/core/src/tasks/mod.rs b/codex-rs/core/src/tasks/mod.rs index ef2ba0f16d1..61f69801568 100644 --- a/codex-rs/core/src/tasks/mod.rs +++ b/codex-rs/core/src/tasks/mod.rs @@ -19,11 +19,12 @@ use tracing::Span; use tracing::field; use tracing::info_span; use tracing::trace; +use tracing::trace_span; use tracing::warn; +use crate::codex_thread::BackgroundTerminalInfo; use crate::config::Config; use crate::context::ContextualUserFragment; -use crate::goals::GoalRuntimeEvent; use crate::hook_runtime::inspect_pending_input; use crate::hook_runtime::record_additional_contexts; use crate::hook_runtime::record_pending_input; @@ -33,6 +34,7 @@ use crate::session::turn_context::TurnContext; use crate::state::ActiveTurn; use crate::state::RunningTask; use crate::state::TaskKind; +use codex_analytics::TurnProfileFact; use codex_analytics::TurnTokenUsageFact; use codex_login::AuthManager; use codex_models_manager::manager::SharedModelsManager; @@ -341,15 +343,6 @@ impl Session { .await .clear_turn(&turn_context.sub_id); - if let Err(err) = self - .goal_runtime_apply(GoalRuntimeEvent::TurnStarted { - turn_context: turn_context.as_ref(), - token_usage: token_usage_at_turn_start.clone(), - }) - .await - { - warn!("failed to apply goal runtime turn-start event: {err}"); - } let pending_items = self.input_queue.get_pending_input(&self.active_turn).await; let turn_state = { let mut active = self.active_turn.lock().await; @@ -368,6 +361,10 @@ impl Session { let mut active = self.active_turn.lock().await; let turn = active.get_or_insert_with(ActiveTurn::default); debug_assert!(turn.task.is_none()); + let agent_execution_guard = self.services.agent_control.execution_guard( + turn_context.multi_agent_version, + &turn_context.session_source, + ); let done_clone = Arc::clone(&done); let session_ctx = Arc::new(SessionTaskContext::new( Arc::clone(self), @@ -404,6 +401,7 @@ impl Session { task_input, task_cancellation_token.child_token(), ) + .instrument(trace_span!("session_task.run")) .await; let sess = session_ctx.clone_session(); if let Err(err) = sess.flush_rollout().await { @@ -439,6 +437,7 @@ impl Session { cancellation_token, turn_context: Arc::clone(&turn_context), turn_extension_data, + _agent_execution_guard: agent_execution_guard, _timer: timer, }; turn.task = Some(running_task); @@ -503,15 +502,6 @@ impl Session { self.emit_turn_abort_lifecycle(reason.clone(), turn_context.extension_data.as_ref()) .await; } - if (aborted_turn || reason == TurnAbortReason::Interrupted) - && let Err(err) = self - .goal_runtime_apply(GoalRuntimeEvent::TaskAborted { - turn_context: turn_context.as_deref(), - }) - .await - { - warn!("failed to apply goal runtime abort event: {err}"); - } if let Some(active_turn) = active_turn_to_clear { // Let interrupted tasks observe cancellation before dropping pending approvals, or an // in-flight approval wait can surface as a model-visible rejection before TurnAborted. @@ -552,14 +542,6 @@ impl Session { self.emit_turn_abort_lifecycle(reason.clone(), turn_context.extension_data.as_ref()) .await; } - if let Err(err) = self - .goal_runtime_apply(GoalRuntimeEvent::TaskAborted { - turn_context: turn_context.as_deref(), - }) - .await - { - warn!("failed to apply goal runtime abort event: {err}"); - } // Let interrupted tasks observe cancellation before dropping pending approvals, or an // in-flight approval wait can surface as a model-visible rejection before TurnAborted. self.input_queue.clear_pending(&active_turn).await; @@ -751,17 +733,14 @@ impl Session { .turn_timing_state .time_to_first_token_ms() .await; + self.services + .analytics_events_client + .track_turn_profile(TurnProfileFact { + turn_id: turn_context.sub_id.clone(), + profile: turn_context.turn_timing_state.complete_profile(), + }); self.emit_turn_stop_lifecycle(turn_context.extension_data.as_ref()) .await; - if let Err(err) = self - .goal_runtime_apply(GoalRuntimeEvent::TurnFinished { - turn_context: turn_context.as_ref(), - turn_completed: true, - }) - .await - { - warn!("failed to apply goal runtime turn-finished event: {err}"); - } let event = EventMsg::TurnComplete(TurnCompleteEvent { turn_id: turn_context.sub_id.clone(), last_agent_message, @@ -791,12 +770,6 @@ impl Session { if !cleared_active_turn { return; } - if let Err(err) = self - .goal_runtime_apply(GoalRuntimeEvent::MaybeContinueIfIdle) - .await - { - warn!("failed to apply goal runtime maybe-continue event: {err}"); - } self.emit_thread_idle_lifecycle_if_idle().await; } @@ -812,6 +785,17 @@ impl Session { .await; } + pub(crate) async fn list_background_terminals(&self) -> Vec { + self.services.unified_exec_manager.list_processes().await + } + + pub(crate) async fn terminate_background_terminal(&self, process_id: i32) -> bool { + self.services + .unified_exec_manager + .terminate_process(process_id) + .await + } + async fn handle_task_abort(self: &Arc, task: RunningTask, reason: TurnAbortReason) { let sub_id = task.turn_context.sub_id.clone(); if task.cancellation_token.is_cancelled() { @@ -868,6 +852,12 @@ impl Session { .turn_timing_state .completed_at_and_duration_ms() .await; + self.services + .analytics_events_client + .track_turn_profile(TurnProfileFact { + turn_id: task.turn_context.sub_id.clone(), + profile: task.turn_context.turn_timing_state.complete_profile(), + }); let event = EventMsg::TurnAborted(TurnAbortedEvent { turn_id: Some(task.turn_context.sub_id.clone()), reason, diff --git a/codex-rs/core/src/tasks/regular.rs b/codex-rs/core/src/tasks/regular.rs index c01cae91455..c5cc2da31d4 100644 --- a/codex-rs/core/src/tasks/regular.rs +++ b/codex-rs/core/src/tasks/regular.rs @@ -45,19 +45,22 @@ impl SessionTask for RegularTask { let run_turn_span = trace_span!("run_turn"); // Regular turns emit `TurnStarted` inline so first-turn lifecycle does // not wait on startup prewarm resolution. - let event = EventMsg::TurnStarted(TurnStartedEvent { - turn_id: ctx.sub_id.clone(), - trace_id: ctx.trace_id.clone(), - started_at: ctx.turn_timing_state.started_at_unix_secs().await, - model_context_window: ctx.model_context_window(), - collaboration_mode_kind: ctx.collaboration_mode.mode, - }); - sess.send_event(ctx.as_ref(), event).await; - sess.set_server_reasoning_included(/*included*/ false).await; - let prewarmed_client_session = match sess - .consume_startup_prewarm_for_regular_turn(&cancellation_token) - .await - { + let prewarmed_client_session = async { + let event = EventMsg::TurnStarted(TurnStartedEvent { + turn_id: ctx.sub_id.clone(), + trace_id: ctx.trace_id.clone(), + started_at: ctx.turn_timing_state.started_at_unix_secs().await, + model_context_window: ctx.model_context_window(), + collaboration_mode_kind: ctx.collaboration_mode.mode, + }); + sess.send_event(ctx.as_ref(), event).await; + sess.set_server_reasoning_included(/*included*/ false).await; + sess.consume_startup_prewarm_for_regular_turn(&cancellation_token) + .await + } + .instrument(trace_span!("regular_task.prepare_run_turn")) + .await; + let prewarmed_client_session = match prewarmed_client_session { SessionStartupPrewarmResolution::Cancelled => return None, SessionStartupPrewarmResolution::Unavailable { .. } => None, SessionStartupPrewarmResolution::Ready(prewarmed_client_session) => { diff --git a/codex-rs/core/src/test_support.rs b/codex-rs/core/src/test_support.rs index e491ca74138..60e80ca290f 100644 --- a/codex-rs/core/src/test_support.rs +++ b/codex-rs/core/src/test_support.rs @@ -8,6 +8,9 @@ use std::path::PathBuf; use std::sync::Arc; use codex_exec_server::EnvironmentManager; +use codex_extension_api::LoadUserInstructionsFuture; +use codex_extension_api::LoadedUserInstructions; +use codex_extension_api::UserInstructionsProvider; use codex_login::AuthManager; use codex_login::CodexAuth; use codex_model_provider::create_model_provider; @@ -17,13 +20,19 @@ use codex_models_manager::collaboration_mode_presets; use codex_models_manager::manager::SharedModelsManager; use codex_models_manager::test_support::construct_model_info_offline_for_tests; use codex_models_manager::test_support::get_model_offline_for_tests; +use codex_protocol::ThreadId; use codex_protocol::config_types::CollaborationModeMask; use codex_protocol::openai_models::ModelInfo; use codex_protocol::openai_models::ModelPreset; +use codex_protocol::protocol::SessionSource; use once_cell::sync::Lazy; use crate::ThreadManager; use crate::config::Config; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::responses_metadata::CodexResponsesRequestKind; +use crate::responses_metadata::subagent_header_value; +use crate::responses_metadata::subagent_metadata_kind; use crate::thread_manager; use crate::unified_exec; @@ -36,6 +45,16 @@ static TEST_MODEL_PRESETS: Lazy> = Lazy::new(|| { presets }); +/// Test-only provider that supplies no user instructions. +#[derive(Debug, Default)] +pub struct EmptyUserInstructionsProvider; + +impl UserInstructionsProvider for EmptyUserInstructionsProvider { + fn load_user_instructions(&self) -> LoadUserInstructionsFuture<'_> { + Box::pin(async { LoadedUserInstructions::default() }) + } +} + pub fn set_thread_manager_test_mode(enabled: bool) { thread_manager::set_thread_manager_test_mode_for_tests(enabled); } @@ -133,6 +152,44 @@ pub fn construct_model_info_offline(model: &str, config: &Config) -> ModelInfo { construct_model_info_offline_for_tests(model, &config.to_models_manager_config()) } +#[derive(Clone, Copy)] +pub enum TestCodexResponsesRequestKind { + Turn, + Prewarm, + WebsocketConnection, +} + +#[allow(clippy::too_many_arguments)] +pub fn responses_metadata( + installation_id: &str, + session_id: &str, + thread_id: &str, + turn_id: Option<&str>, + window_id: String, + session_source: &SessionSource, + parent_thread_id: Option, + request_kind: TestCodexResponsesRequestKind, +) -> CodexResponsesMetadata { + let request_kind = match request_kind { + TestCodexResponsesRequestKind::Turn => Some(CodexResponsesRequestKind::Turn), + TestCodexResponsesRequestKind::Prewarm => Some(CodexResponsesRequestKind::Prewarm), + TestCodexResponsesRequestKind::WebsocketConnection => None, + }; + CodexResponsesMetadata { + turn_id: request_kind.and(turn_id.map(ToString::to_string)), + request_kind, + parent_thread_id, + subagent_header: subagent_header_value(session_source), + subagent_kind: request_kind.and_then(|_| subagent_metadata_kind(session_source)), + ..CodexResponsesMetadata::new( + installation_id.to_string(), + session_id.to_string(), + thread_id.to_string(), + window_id, + ) + } +} + pub fn all_model_presets() -> &'static Vec { &TEST_MODEL_PRESETS } diff --git a/codex-rs/core/src/thread_manager.rs b/codex-rs/core/src/thread_manager.rs index d130a358158..b82e63947e5 100644 --- a/codex-rs/core/src/thread_manager.rs +++ b/codex-rs/core/src/thread_manager.rs @@ -21,7 +21,10 @@ use codex_app_server_protocol::ThreadHistoryBuilder; use codex_app_server_protocol::TurnStatus; use codex_core_plugins::PluginsManager; use codex_exec_server::EnvironmentManager; +use codex_extension_api::ExtensionDataInit; use codex_extension_api::ExtensionRegistry; +use codex_extension_api::LoadedUserInstructions; +use codex_extension_api::UserInstructionsProvider; use codex_extension_api::empty_extension_registry; use codex_features::Feature; use codex_login::AuthManager; @@ -182,6 +185,7 @@ pub struct StartThreadOptions { pub metrics_service_name: Option, pub parent_trace: Option, pub environments: Vec, + pub thread_extension_init: ExtensionDataInit, } pub(crate) struct ResumeThreadWithHistoryOptions { @@ -207,6 +211,7 @@ pub(crate) struct ThreadManagerState { plugins_manager: Arc, mcp_manager: Arc, extensions: Arc>, + user_instructions_provider: Arc, thread_store: Arc, attestation_provider: Option>, session_source: SessionSource, @@ -257,6 +262,7 @@ impl ThreadManager { session_source: SessionSource, environment_manager: Arc, extensions: Arc>, + user_instructions_provider: Arc, analytics_events_client: Option, thread_store: Arc, state_db: Option, @@ -270,7 +276,11 @@ impl ThreadManager { codex_home.to_path_buf(), restriction_product, )); - let mcp_manager = Arc::new(McpManager::new(Arc::clone(&plugins_manager))); + plugins_manager.set_auth_mode(auth_manager.get_api_auth_mode()); + let mcp_manager = Arc::new(McpManager::new_with_extensions( + Arc::clone(&plugins_manager), + Arc::clone(&extensions), + )); let skills_manager = Arc::new(SkillsManager::new_with_restriction_product( codex_home, config.bundled_skills_enabled(), @@ -286,6 +296,7 @@ impl ThreadManager { plugins_manager, mcp_manager, extensions, + user_instructions_provider, thread_store, attestation_provider, auth_manager, @@ -360,6 +371,7 @@ impl ThreadManager { codex_home.clone(), restriction_product, )); + plugins_manager.set_auth_mode(auth_manager.get_api_auth_mode()); let mcp_manager = Arc::new(McpManager::new(Arc::clone(&plugins_manager))); let skills_manager = Arc::new(SkillsManager::new_with_restriction_product( skills_codex_home, @@ -387,6 +399,9 @@ impl ThreadManager { plugins_manager, mcp_manager, extensions: empty_extension_registry(), + user_instructions_provider: Arc::new( + crate::test_support::EmptyUserInstructionsProvider, + ), thread_store, attestation_provider: None, auth_manager, @@ -510,14 +525,12 @@ impl ThreadManager { &self, thread_id: ThreadId, ) -> CodexResult> { - let thread = self.state.get_thread(thread_id).await?; - let mut subtree_thread_ids = Vec::new(); let mut seen_thread_ids = HashSet::new(); subtree_thread_ids.push(thread_id); seen_thread_ids.insert(thread_id); - if let Some(state_db_ctx) = thread.state_db() { + if let Some(state_db_ctx) = self.state.state_db() { for status in [ DirectionalThreadSpawnEdgeStatus::Open, DirectionalThreadSpawnEdgeStatus::Closed, @@ -536,11 +549,8 @@ impl ThreadManager { } } - for descendant_id in thread - .codex - .session - .services - .agent_control + for descendant_id in self + .agent_control() .list_live_agent_subtree_thread_ids(thread_id) .await? { @@ -576,6 +586,7 @@ impl ThreadManager { metrics_service_name: None, parent_trace: None, environments, + thread_extension_init: ExtensionDataInit::default(), })) .await } @@ -614,6 +625,7 @@ impl ThreadManager { /*inherited_exec_policy*/ None, options.parent_trace, options.environments, + options.thread_extension_init, /*user_shell_override*/ None, )) .await @@ -702,6 +714,7 @@ impl ThreadManager { /*inherited_exec_policy*/ None, parent_trace, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ None, )) .await @@ -728,6 +741,7 @@ impl ThreadManager { /*metrics_service_name*/ None, /*parent_trace*/ None, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ Some(user_shell_override), )) .await @@ -763,6 +777,7 @@ impl ThreadManager { /*inherited_exec_policy*/ None, /*parent_trace*/ None, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ Some(user_shell_override), )) .await @@ -931,6 +946,7 @@ impl ThreadManager { /*metrics_service_name*/ None, parent_trace, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ None, )) .await @@ -1083,6 +1099,56 @@ impl ThreadManagerState { resolve_multi_agent_version(initial_history, inherited_multi_agent_version) } + /// Resolves the provider snapshot for a newly spawned runtime. + /// + /// Loads a fresh provider snapshot for: + /// - fresh root threads; + /// - cold resumes; + /// - root forks. + /// + /// Uses an existing snapshot for: + /// - subagents, which inherit from their parent without invoking the + /// provider; + /// - running resumes and compaction paths, which retain the live session. + /// + /// Provider warnings only apply to fresh loads. If a parent runtime is no + /// longer available, its child starts without provider instructions rather + /// than loading independently. + async fn user_instructions_for_spawn( + &self, + session_source: &SessionSource, + parent_thread_id: Option, + forked_from_thread_id: Option, + ) -> LoadedUserInstructions { + let is_root_agent = !session_source.is_non_root_agent(); + if is_root_agent { + return self + .user_instructions_provider + .load_user_instructions() + .await; + } + + let inherited_thread_id = match session_source { + SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, .. + }) => Some(*parent_thread_id), + _ => parent_thread_id.or(forked_from_thread_id), + }; + let instructions = match inherited_thread_id { + // The spawn path retains only thread IDs, so look up the live + // runtime again here to inherit its user instructions. + Some(thread_id) => match self.get_thread(thread_id).await { + Ok(thread) => thread.codex.session.user_instructions().await, + Err(_) => None, + }, + None => None, + }; + LoadedUserInstructions { + instructions, + warnings: Vec::new(), + } + } + /// Spawn a new thread with no history using a provided config. pub(crate) async fn spawn_new_thread( &self, @@ -1136,6 +1202,7 @@ impl ThreadManagerState { inherited_exec_policy, /*parent_trace*/ None, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ None, )) .await @@ -1172,6 +1239,7 @@ impl ThreadManagerState { inherited_exec_policy, /*parent_trace*/ None, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ None, )) .await @@ -1209,6 +1277,7 @@ impl ThreadManagerState { inherited_exec_policy, /*parent_trace*/ None, environments, + /*thread_extension_init*/ ExtensionDataInit::default(), /*user_shell_override*/ None, )) .await @@ -1229,6 +1298,7 @@ impl ThreadManagerState { metrics_service_name: Option, parent_trace: Option, environments: Vec, + thread_extension_init: ExtensionDataInit, user_shell_override: Option, ) -> CodexResult { Box::pin(self.spawn_thread_with_source( @@ -1246,6 +1316,7 @@ impl ThreadManagerState { /*inherited_exec_policy*/ None, parent_trace, environments, + thread_extension_init, user_shell_override, )) .await @@ -1268,6 +1339,7 @@ impl ThreadManagerState { inherited_exec_policy: Option>, parent_trace: Option, environments: Vec, + thread_extension_init: ExtensionDataInit, user_shell_override: Option, ) -> CodexResult { let is_resumed_thread = matches!(&initial_history, InitialHistory::Resumed(_)); @@ -1294,6 +1366,9 @@ impl ThreadManagerState { } let environment_selections = resolve_environment_selections(self.environment_manager.as_ref(), &environments)?; + let user_instructions = self + .user_instructions_for_spawn(&session_source, parent_thread_id, forked_from_thread_id) + .await; let parent_rollout_thread_trace = self .parent_rollout_thread_trace_for_source(&session_source, &initial_history) .await; @@ -1310,6 +1385,7 @@ impl ThreadManagerState { codex, thread_id, .. } = Box::pin(Codex::spawn(CodexSpawnArgs { config, + user_instructions, installation_id: self.installation_id.clone(), auth_manager, models_manager: Arc::clone(&self.models_manager), @@ -1332,6 +1408,7 @@ impl ThreadManagerState { user_shell_override, parent_trace, environment_selections, + thread_extension_init, analytics_events_client: self.analytics_events_client.clone(), thread_store: Arc::clone(&self.thread_store), attestation_provider: self.attestation_provider.clone(), @@ -1343,9 +1420,6 @@ impl ThreadManagerState { .await?; if is_resumed_thread { new_thread.thread.emit_thread_resume_lifecycle().await; - if let Err(err) = new_thread.thread.apply_goal_resume_runtime_effects().await { - warn!("failed to apply goal resume runtime effects: {err}"); - } } Ok(new_thread) } diff --git a/codex-rs/core/src/thread_manager_tests.rs b/codex-rs/core/src/thread_manager_tests.rs index 52a0f8eb3bd..d7afebfb331 100644 --- a/codex-rs/core/src/thread_manager_tests.rs +++ b/codex-rs/core/src/thread_manager_tests.rs @@ -8,7 +8,6 @@ use crate::session::tests::make_session_and_context; use crate::tasks::InterruptedTurnHistoryMarker; use crate::tasks::interrupted_turn_history_marker; use codex_extension_api::empty_extension_registry; -use codex_features::Feature; use codex_models_manager::manager::RefreshStrategy; use codex_protocol::models::ContentItem; use codex_protocol::models::ReasoningItemReasoningSummary; @@ -22,7 +21,6 @@ use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::ThreadSource; use codex_protocol::protocol::TurnStartedEvent; use codex_protocol::protocol::UserMessageEvent; -use codex_protocol::user_input::UserInput; use core_test_support::PathBufExt; use core_test_support::PathExt; use core_test_support::responses::mount_models_once; @@ -333,6 +331,7 @@ async fn start_thread_rejects_explicit_local_environment_when_default_provider_i environment_id: "local".to_string(), cwd: config.cwd.clone(), }], + thread_extension_init: Default::default(), }) .await; let err = match result { @@ -344,99 +343,6 @@ async fn start_thread_rejects_explicit_local_environment_when_default_provider_i assert!(manager.list_thread_ids().await.is_empty()); } -#[tokio::test] -async fn start_thread_uses_all_default_environments_from_codex_home() { - let temp_dir = tempdir().expect("tempdir"); - let mut config = test_config().await; - config.codex_home = temp_dir.path().join("codex-home").abs(); - config.cwd = config.codex_home.abs(); - std::fs::create_dir_all(&config.codex_home).expect("create codex home"); - std::fs::write( - config.codex_home.join("environments.toml"), - r#" -default = "dev" - -[[environments]] -id = "dev" -program = "ssh" -args = ["dev", "cd /tmp && true"] -"#, - ) - .expect("write environments.toml"); - - let runtime_paths = codex_exec_server::ExecServerRuntimePaths::new( - std::env::current_exe().expect("current exe path"), - /*codex_linux_sandbox_exe*/ None, - ) - .expect("runtime paths"); - let environment_manager = Arc::new( - codex_exec_server::EnvironmentManager::from_codex_home( - config.codex_home.clone(), - Some(runtime_paths), - ) - .await - .expect("environment manager"), - ); - assert_eq!( - environment_manager.default_environment_ids(), - vec!["dev".to_string(), "local".to_string()] - ); - - let manager = ThreadManager::with_models_provider_and_home_for_tests( - CodexAuth::from_api_key("dummy"), - config.model_provider.clone(), - config.codex_home.to_path_buf(), - environment_manager, - ); - - let thread = manager - .start_thread(config) - .await - .expect("thread should start"); - - let prompt_items = crate::prompt_debug::build_prompt_input_from_session( - thread.thread.codex.session.as_ref(), - Vec::::new(), - ) - .await - .expect("prompt input"); - let environment_context = prompt_items - .iter() - .filter_map(|item| match item { - ResponseItem::Message { content, .. } => Some(content), - _ => None, - }) - .flatten() - .find_map(|content| match content { - ContentItem::InputText { text } if text.contains("") => { - Some(text.as_str()) - } - _ => None, - }) - .expect("environment context prompt item"); - assert!(environment_context.contains("")); - let cwd = thread.session_configured.cwd.display().to_string(); - let dev_entry = format!( - r#" - {cwd} - "# - ); - let local_entry = format!( - r#" - {cwd} - "# - ); - let dev_position = environment_context - .find(&dev_entry) - .expect("dev environment entry"); - let local_position = environment_context - .find(&local_entry) - .expect("local environment entry"); - assert!(dev_position < local_position); - assert!(!environment_context.contains("\n ")); - assert!(!environment_context.contains("\n ")); -} - #[tokio::test] async fn start_thread_keeps_internal_threads_hidden_from_normal_lookups() { let temp_dir = tempdir().expect("tempdir"); @@ -463,6 +369,7 @@ async fn start_thread_keeps_internal_threads_hidden_from_normal_lookups() { metrics_service_name: None, parent_trace: None, environments: Vec::new(), + thread_extension_init: Default::default(), }) .await .expect("internal thread should start"); @@ -479,6 +386,86 @@ async fn start_thread_keeps_internal_threads_hidden_from_normal_lookups() { assert!(manager.list_thread_ids().await.is_empty()); } +#[tokio::test] +async fn start_thread_seeds_extension_data_before_lifecycle_contributors_run() { + struct InitialMarker(&'static str); + + struct InitialDataRecorder { + observed: Arc>>, + } + + impl codex_extension_api::ThreadLifecycleContributor for InitialDataRecorder { + fn on_thread_start<'a>( + &'a self, + input: codex_extension_api::ThreadStartInput<'a, Config>, + ) -> codex_extension_api::ExtensionFuture<'a, ()> { + Box::pin(async move { + let marker = input + .thread_store + .get::() + .expect("initial extension data should be available"); + *self + .observed + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) = Some(( + input.thread_store.level_id().to_string(), + marker.0.to_string(), + )); + }) + } + } + + let temp_dir = tempdir().expect("tempdir"); + let mut config = test_config().await; + config.codex_home = temp_dir.path().join("codex-home").abs(); + config.cwd = config.codex_home.abs(); + std::fs::create_dir_all(&config.codex_home).expect("create codex home"); + + let observed = Arc::new(std::sync::Mutex::new(None)); + let mut extensions = codex_extension_api::ExtensionRegistryBuilder::new(); + extensions.thread_lifecycle_contributor(Arc::new(InitialDataRecorder { + observed: Arc::clone(&observed), + })); + let manager = ThreadManager::new( + &config, + AuthManager::from_auth_for_testing(CodexAuth::create_dummy_chatgpt_auth_for_testing()), + SessionSource::Exec, + Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), + Arc::new(extensions.build()), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), + /*analytics_events_client*/ None, + thread_store_from_config(&config, /*state_db*/ None), + /*state_db*/ None, + TEST_INSTALLATION_ID.to_string(), + /*attestation_provider*/ None, + ); + let mut thread_extension_init = codex_extension_api::ExtensionDataInit::new(); + thread_extension_init.insert(InitialMarker("seeded")); + + let thread = manager + .start_thread_with_options(StartThreadOptions { + config, + initial_history: InitialHistory::New, + session_source: None, + thread_source: None, + dynamic_tools: Vec::new(), + metrics_service_name: None, + parent_trace: None, + environments: Vec::new(), + thread_extension_init, + }) + .await + .expect("start thread"); + + assert_eq!( + observed + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .clone(), + Some((thread.thread_id.to_string(), "seeded".to_string())) + ); +} + #[tokio::test] async fn resume_and_fork_do_not_restore_thread_environments_from_rollout() { let temp_dir = tempdir().expect("tempdir"); @@ -495,6 +482,7 @@ async fn resume_and_fork_do_not_restore_thread_environments_from_rollout() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, /*state_db*/ None), /*state_db*/ None, @@ -518,6 +506,7 @@ async fn resume_and_fork_do_not_restore_thread_environments_from_rollout() { metrics_service_name: None, parent_trace: None, environments: environments.clone(), + thread_extension_init: Default::default(), }) .await .expect("start source thread"); @@ -611,6 +600,7 @@ async fn explicit_installation_id_skips_codex_home_file() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store, state_db.clone(), @@ -650,6 +640,7 @@ async fn resume_active_thread_from_rollout_returns_running_thread() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, /*state_db*/ None), /*state_db*/ None, @@ -707,6 +698,7 @@ async fn resume_stopped_thread_from_rollout_spawns_new_thread() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, /*state_db*/ None), /*state_db*/ None, @@ -771,6 +763,7 @@ async fn resume_stopped_thread_from_rollout_preserves_thread_source() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store, state_db.clone(), @@ -788,6 +781,7 @@ async fn resume_stopped_thread_from_rollout_preserves_thread_source() { metrics_service_name: None, parent_trace: None, environments: Vec::new(), + thread_extension_init: Default::default(), }) .await .expect("start source thread"); @@ -860,6 +854,7 @@ async fn rollout_path_resume_and_fork_read_history_through_thread_store() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store.clone(), state_db, @@ -961,6 +956,7 @@ async fn new_uses_active_provider_for_model_refresh() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, /*state_db*/ None), /*state_db*/ None, @@ -1181,6 +1177,7 @@ async fn interrupted_fork_snapshot_does_not_synthesize_turn_id_for_legacy_histor SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, state_db.clone()), state_db.clone(), @@ -1287,6 +1284,7 @@ async fn interrupted_fork_snapshot_preserves_explicit_turn_id() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, state_db.clone()), state_db.clone(), @@ -1383,6 +1381,7 @@ async fn interrupted_fork_snapshot_uses_persisted_mid_turn_history_without_live_ SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, state_db.clone()), state_db.clone(), @@ -1501,103 +1500,3 @@ async fn interrupted_fork_snapshot_uses_persisted_mid_turn_history_without_live_ 1, ); } - -#[tokio::test] -async fn resumed_thread_keeps_paused_goal_paused() -> anyhow::Result<()> { - let temp_dir = tempdir().expect("tempdir"); - let mut config = test_config().await; - config.codex_home = temp_dir.path().join("codex-home").abs(); - config.cwd = config.codex_home.abs(); - config - .features - .enable(Feature::Goals) - .expect("goals should be enableable in tests"); - std::fs::create_dir_all(&config.codex_home).expect("create codex home"); - - let auth_manager = - AuthManager::from_auth_for_testing(CodexAuth::create_dummy_chatgpt_auth_for_testing()); - let state_db = init_state_db(&config).await; - let manager = ThreadManager::new( - &config, - auth_manager.clone(), - SessionSource::Exec, - Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), - empty_extension_registry(), - /*analytics_events_client*/ None, - thread_store_from_config(&config, state_db.clone()), - state_db.clone(), - TEST_INSTALLATION_ID.to_string(), - /*attestation_provider*/ None, - ); - - let source = manager - .resume_thread_with_history( - config.clone(), - InitialHistory::Forked(vec![RolloutItem::ResponseItem(user_msg("keep working"))]), - auth_manager.clone(), - /*parent_trace*/ None, - ) - .await - .expect("create source thread"); - let source_path = source - .thread - .rollout_path() - .expect("source rollout path should exist"); - source.thread.flush_rollout().await?; - let state_db = source - .thread - .state_db() - .expect("source thread should have a state db"); - state_db - .thread_goals() - .replace_thread_goal( - source.thread_id, - "Keep working until the task is done", - codex_state::ThreadGoalStatus::Paused, - /*token_budget*/ None, - ) - .await?; - source.thread.shutdown_and_wait().await?; - manager.remove_thread(&source.thread_id).await; - - let resumed = manager - .resume_thread_from_rollout( - config.clone(), - source_path, - auth_manager, - /*parent_trace*/ None, - ) - .await - .expect("resume source thread"); - let goal = state_db - .thread_goals() - .get_thread_goal(resumed.thread_id) - .await? - .expect("goal should still exist after resume"); - assert_eq!(codex_state::ThreadGoalStatus::Paused, goal.status); - assert!( - resumed - .thread - .codex - .session - .active_turn - .lock() - .await - .is_none() - ); - - resumed.thread.continue_active_goal_if_idle().await?; - assert!( - resumed - .thread - .codex - .session - .active_turn - .lock() - .await - .is_none() - ); - - resumed.thread.shutdown_and_wait().await?; - Ok(()) -} diff --git a/codex-rs/core/src/tools/code_mode/execute_handler.rs b/codex-rs/core/src/tools/code_mode/execute_handler.rs index 1d69c8f4cc4..2e46c1bd6b9 100644 --- a/codex-rs/core/src/tools/code_mode/execute_handler.rs +++ b/codex-rs/core/src/tools/code_mode/execute_handler.rs @@ -91,7 +91,6 @@ impl CodeModeExecuteHandler { } } -#[async_trait::async_trait] impl ToolExecutor for CodeModeExecuteHandler { fn tool_name(&self) -> ToolName { ToolName::plain(PUBLIC_TOOL_NAME) @@ -101,7 +100,13 @@ impl ToolExecutor for CodeModeExecuteHandler { self.spec.clone() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl CodeModeExecuteHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/code_mode/wait_handler.rs b/codex-rs/core/src/tools/code_mode/wait_handler.rs index 74cc314a7bd..953391a573c 100644 --- a/codex-rs/core/src/tools/code_mode/wait_handler.rs +++ b/codex-rs/core/src/tools/code_mode/wait_handler.rs @@ -44,7 +44,6 @@ where }) } -#[async_trait::async_trait] impl ToolExecutor for CodeModeWaitHandler { fn tool_name(&self) -> ToolName { ToolName::plain(WAIT_TOOL_NAME) @@ -54,7 +53,13 @@ impl ToolExecutor for CodeModeWaitHandler { create_wait_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl CodeModeWaitHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/events.rs b/codex-rs/core/src/tools/events.rs index 747143ff69a..2751780d585 100644 --- a/codex-rs/core/src/tools/events.rs +++ b/codex-rs/core/src/tools/events.rs @@ -70,16 +70,25 @@ pub(crate) enum ToolEventFailure<'a> { } enum TurnDiffTrackerUpdate<'a> { - Track(&'a AppliedPatchDelta), + Track { + environment_id: Option, + delta: &'a AppliedPatchDelta, + }, Invalidate, None, } -fn tracker_update_for_known_delta(delta: &AppliedPatchDelta) -> TurnDiffTrackerUpdate<'_> { +fn tracker_update_for_known_delta<'a>( + environment_id: Option<&str>, + delta: &'a AppliedPatchDelta, +) -> TurnDiffTrackerUpdate<'a> { if delta.is_exact() && delta.is_empty() { TurnDiffTrackerUpdate::None } else { - TurnDiffTrackerUpdate::Track(delta) + TurnDiffTrackerUpdate::Track { + environment_id: environment_id.map(str::to_string), + delta, + } } } @@ -120,6 +129,7 @@ pub(crate) enum ToolEmitter { ApplyPatch { changes: HashMap, auto_approved: bool, + environment_id: Option, }, UnifiedExec { command: Vec, @@ -141,10 +151,15 @@ impl ToolEmitter { } } - pub fn apply_patch(changes: HashMap, auto_approved: bool) -> Self { + pub fn apply_patch_for_environment( + changes: HashMap, + auto_approved: bool, + environment_id: String, + ) -> Self { Self::ApplyPatch { changes, auto_approved, + environment_id: Some(environment_id), } } @@ -210,7 +225,11 @@ impl ToolEmitter { .await; } ( - Self::ApplyPatch { changes, .. }, + Self::ApplyPatch { + changes, + environment_id, + .. + }, ToolEventStage::Success { output, applied_patch_delta, @@ -222,7 +241,7 @@ impl ToolEmitter { PatchApplyStatus::Failed }; let tracker_update = applied_patch_delta - .map(tracker_update_for_known_delta) + .map(|delta| tracker_update_for_known_delta(environment_id.as_deref(), delta)) .unwrap_or(TurnDiffTrackerUpdate::Invalidate); emit_patch_end( ctx, @@ -267,7 +286,11 @@ impl ToolEmitter { .await; } ( - Self::ApplyPatch { changes, .. }, + Self::ApplyPatch { + changes, + environment_id, + .. + }, ToolEventStage::Failure(ToolEventFailure::Rejected { message, applied_patch_delta, @@ -280,7 +303,9 @@ impl ToolEmitter { (*message).to_string(), PatchApplyStatus::Declined, applied_patch_delta - .map(tracker_update_for_known_delta) + .map(|delta| { + tracker_update_for_known_delta(environment_id.as_deref(), delta) + }) .unwrap_or(TurnDiffTrackerUpdate::None), ) .await; @@ -563,10 +588,13 @@ async fn emit_patch_end( if let Some(tracker) = ctx.turn_diff_tracker { let (should_emit_turn_diff, unified_diff) = { let mut guard = tracker.lock().await; - let previous_diff = guard.get_unified_diff(); + let had_unified_diff = guard.has_unified_diff(); let tracker_changed = match tracker_update { - TurnDiffTrackerUpdate::Track(delta) => { - guard.track_delta(delta); + TurnDiffTrackerUpdate::Track { + environment_id, + delta, + } => { + guard.track_delta(environment_id.as_deref().unwrap_or_default(), delta); true } TurnDiffTrackerUpdate::Invalidate => { @@ -577,7 +605,7 @@ async fn emit_patch_end( }; let unified_diff = guard.get_unified_diff(); ( - tracker_changed && (previous_diff.is_some() || unified_diff.is_some()), + tracker_changed && (had_unified_diff || unified_diff.is_some()), unified_diff.unwrap_or_default(), ) }; @@ -627,14 +655,18 @@ mod tests { .await .expect("apply patch"); - ToolEmitter::apply_patch(HashMap::new(), /*auto_approved*/ false) - .finish( - ToolEventCtx::new(session.as_ref(), turn.as_ref(), "call-id", Some(&tracker)), - out, - Some(&delta), - ) - .await - .expect_err("failed patch"); + ToolEmitter::ApplyPatch { + changes: HashMap::new(), + auto_approved: false, + environment_id: None, + } + .finish( + ToolEventCtx::new(session.as_ref(), turn.as_ref(), "call-id", Some(&tracker)), + out, + Some(&delta), + ) + .await + .expect_err("failed patch"); let completed = rx_event.recv().await.expect("item completed event"); assert!(matches!( @@ -686,4 +718,98 @@ mod tests { ) .await; } + + #[tokio::test] + async fn net_zero_patch_emits_empty_turn_diff() { + let (session, turn, rx_event) = + make_session_and_context_with_dynamic_tools_and_rx(Vec::new()).await; + let tracker = Arc::new(Mutex::new(TurnDiffTracker::new())); + let dir = tempdir().expect("tempdir"); + let cwd = AbsolutePathBuf::from_absolute_path(dir.path()).expect("absolute cwd"); + + for patch in [ + "*** Begin Patch\n*** Add File: a.txt\n+one\n*** End Patch", + "*** Begin Patch\n*** Delete File: a.txt\n*** End Patch", + ] { + let mut stdout = Vec::new(); + let mut stderr = Vec::new(); + let delta = codex_apply_patch::apply_patch( + patch, + &cwd, + &mut stdout, + &mut stderr, + LOCAL_FS.as_ref(), + /*sandbox*/ None, + ) + .await + .expect("apply patch"); + + emit_patch_end( + ToolEventCtx::new(session.as_ref(), turn.as_ref(), "call-id", Some(&tracker)), + HashMap::new(), + String::new(), + String::new(), + PatchApplyStatus::Completed, + TurnDiffTrackerUpdate::Track { + environment_id: None, + delta: &delta, + }, + ) + .await; + + rx_event.recv().await.expect("item completed event"); + let unified_diff = loop { + let event = rx_event.recv().await.expect("turn diff event"); + if let EventMsg::TurnDiff(TurnDiffEvent { unified_diff }) = event.msg { + break unified_diff; + } + }; + if patch.contains("Delete File") { + assert_eq!(unified_diff, ""); + } else { + assert!(unified_diff.contains("+one")); + } + } + } + + #[tokio::test] + async fn invalidation_emits_empty_turn_diff() { + let (session, turn, rx_event) = + make_session_and_context_with_dynamic_tools_and_rx(Vec::new()).await; + let tracker = Arc::new(Mutex::new(TurnDiffTracker::new())); + let dir = tempdir().expect("tempdir"); + let cwd = AbsolutePathBuf::from_absolute_path(dir.path()).expect("absolute cwd"); + let mut stdout = Vec::new(); + let mut stderr = Vec::new(); + let delta = codex_apply_patch::apply_patch( + "*** Begin Patch\n*** Add File: a.txt\n+one\n*** End Patch", + &cwd, + &mut stdout, + &mut stderr, + LOCAL_FS.as_ref(), + /*sandbox*/ None, + ) + .await + .expect("apply patch"); + tracker.lock().await.track_delta("", &delta); + + emit_patch_end( + ToolEventCtx::new(session.as_ref(), turn.as_ref(), "call-id", Some(&tracker)), + HashMap::new(), + String::new(), + String::new(), + PatchApplyStatus::Completed, + TurnDiffTrackerUpdate::Invalidate, + ) + .await; + + rx_event.recv().await.expect("item completed event"); + loop { + let event = rx_event.recv().await.expect("turn diff event"); + if let EventMsg::TurnDiff(TurnDiffEvent { unified_diff }) = event.msg { + assert_eq!(unified_diff, ""); + break; + } + } + } } diff --git a/codex-rs/core/src/tools/handlers/agent_jobs/report_agent_job_result.rs b/codex-rs/core/src/tools/handlers/agent_jobs/report_agent_job_result.rs index c7adb27610a..579cc25ffb7 100644 --- a/codex-rs/core/src/tools/handlers/agent_jobs/report_agent_job_result.rs +++ b/codex-rs/core/src/tools/handlers/agent_jobs/report_agent_job_result.rs @@ -13,7 +13,6 @@ use super::*; pub struct ReportAgentJobResultHandler; -#[async_trait::async_trait] impl ToolExecutor for ReportAgentJobResultHandler { fn tool_name(&self) -> ToolName { ToolName::plain("report_agent_job_result") @@ -23,7 +22,13 @@ impl ToolExecutor for ReportAgentJobResultHandler { create_report_agent_job_result_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ReportAgentJobResultHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/agent_jobs/spawn_agents_on_csv.rs b/codex-rs/core/src/tools/handlers/agent_jobs/spawn_agents_on_csv.rs index 26438ca7ba4..6da517b9cc5 100644 --- a/codex-rs/core/src/tools/handlers/agent_jobs/spawn_agents_on_csv.rs +++ b/codex-rs/core/src/tools/handlers/agent_jobs/spawn_agents_on_csv.rs @@ -14,7 +14,6 @@ use super::*; pub struct SpawnAgentsOnCsvHandler; -#[async_trait::async_trait] impl ToolExecutor for SpawnAgentsOnCsvHandler { fn tool_name(&self) -> ToolName { ToolName::plain("spawn_agents_on_csv") @@ -24,7 +23,13 @@ impl ToolExecutor for SpawnAgentsOnCsvHandler { create_spawn_agents_on_csv_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl SpawnAgentsOnCsvHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/apply_patch.rs b/codex-rs/core/src/tools/handlers/apply_patch.rs index c12ba0517ed..70452b6657e 100644 --- a/codex-rs/core/src/tools/handlers/apply_patch.rs +++ b/codex-rs/core/src/tools/handlers/apply_patch.rs @@ -305,7 +305,6 @@ async fn effective_patch_permissions( ) } -#[async_trait::async_trait] impl ToolExecutor for ApplyPatchHandler { fn tool_name(&self) -> ToolName { ToolName::plain("apply_patch") @@ -315,7 +314,13 @@ impl ToolExecutor for ApplyPatchHandler { create_apply_patch_freeform_tool(self.multi_environment) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ApplyPatchHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -378,8 +383,11 @@ impl ToolExecutor for ApplyPatchHandler { } InternalApplyPatchInvocation::DelegateToRuntime(apply) => { let changes = convert_apply_patch_to_protocol(&apply.action); - let emitter = - ToolEmitter::apply_patch(changes.clone(), apply.auto_approved); + let emitter = ToolEmitter::apply_patch_for_environment( + changes.clone(), + apply.auto_approved, + turn_environment.environment_id.clone(), + ); let event_ctx = ToolEventCtx::new( session.as_ref(), turn.as_ref(), @@ -537,7 +545,11 @@ pub(crate) async fn intercept_apply_patch( } InternalApplyPatchInvocation::DelegateToRuntime(apply) => { let changes = convert_apply_patch_to_protocol(&apply.action); - let emitter = ToolEmitter::apply_patch(changes.clone(), apply.auto_approved); + let emitter = ToolEmitter::apply_patch_for_environment( + changes.clone(), + apply.auto_approved, + turn_environment.environment_id.clone(), + ); let event_ctx = ToolEventCtx::new( session.as_ref(), turn.as_ref(), diff --git a/codex-rs/core/src/tools/handlers/dynamic.rs b/codex-rs/core/src/tools/handlers/dynamic.rs index a74f44fd6d2..62eef88c30d 100644 --- a/codex-rs/core/src/tools/handlers/dynamic.rs +++ b/codex-rs/core/src/tools/handlers/dynamic.rs @@ -33,7 +33,6 @@ pub struct DynamicToolHandler { tool_name: ToolName, spec: ToolSpec, exposure: ToolExposure, - search_text: String, } impl DynamicToolHandler { @@ -56,12 +55,10 @@ impl DynamicToolHandler { } else { ToolExposure::Direct }, - search_text: build_dynamic_search_text(tool), }) } } -#[async_trait::async_trait] impl ToolExecutor for DynamicToolHandler { fn tool_name(&self) -> ToolName { self.tool_name.clone() @@ -76,8 +73,7 @@ impl ToolExecutor for DynamicToolHandler { } fn search_info(&self) -> Option { - ToolSearchInfo::from_spec( - self.search_text.clone(), + ToolSearchInfo::from_tool_spec( self.spec(), Some(ToolSearchSourceInfo { name: "Dynamic tools".to_string(), @@ -86,7 +82,13 @@ impl ToolExecutor for DynamicToolHandler { ) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl DynamicToolHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -212,27 +214,3 @@ async fn request_dynamic_tool( response } - -fn build_dynamic_search_text(tool: &DynamicToolSpec) -> String { - let mut schema_properties = tool - .input_schema - .get("properties") - .and_then(serde_json::Value::as_object) - .map(|map| map.keys().cloned().collect::>()) - .unwrap_or_default(); - schema_properties.sort(); - let mut parts = vec![ - tool.name.clone(), - tool.name.replace('_', " "), - tool.description.clone(), - ]; - if let Some(namespace) = &tool.namespace { - parts.push(namespace.clone()); - } - parts.extend(schema_properties); - parts.join(" ") -} - -#[cfg(test)] -#[path = "dynamic_tests.rs"] -mod tests; diff --git a/codex-rs/core/src/tools/handlers/dynamic_tests.rs b/codex-rs/core/src/tools/handlers/dynamic_tests.rs deleted file mode 100644 index 201ef458555..00000000000 --- a/codex-rs/core/src/tools/handlers/dynamic_tests.rs +++ /dev/null @@ -1,36 +0,0 @@ -use super::*; -use codex_tools::ToolSearchSourceInfo; -use pretty_assertions::assert_eq; -use serde_json::json; - -#[test] -fn search_info_uses_dynamic_tool_metadata_and_parameter_names() { - let handler = DynamicToolHandler::new(&DynamicToolSpec { - namespace: Some("codex_app".to_string()), - name: "automation_update".to_string(), - description: "Create or update automations.".to_string(), - input_schema: json!({ - "type": "object", - "properties": { - "timezone": { "type": "string" }, - "mode": { "type": "string" } - } - }), - defer_loading: true, - }) - .expect("dynamic handler should be created"); - - let search_info = handler.search_info().expect("dynamic search info"); - - assert_eq!( - search_info.entry.search_text, - "automation_update automation update Create or update automations. codex_app mode timezone" - ); - assert_eq!( - search_info.source_info, - Some(ToolSearchSourceInfo { - name: "Dynamic tools".to_string(), - description: Some("Tools provided by the current Codex thread.".to_string()), - }) - ); -} diff --git a/codex-rs/core/src/tools/handlers/extension_tools.rs b/codex-rs/core/src/tools/handlers/extension_tools.rs index ecbf772e90d..2da47fc7be0 100644 --- a/codex-rs/core/src/tools/handlers/extension_tools.rs +++ b/codex-rs/core/src/tools/handlers/extension_tools.rs @@ -5,20 +5,21 @@ use codex_protocol::items::TurnItem; use codex_tools::ConversationHistory; use codex_tools::ExtensionTurnItem; use codex_tools::ToolCall as ExtensionToolCall; +use codex_tools::ToolEnvironment; use codex_tools::ToolName; use codex_tools::ToolSearchInfo; use codex_tools::ToolSpec; use codex_tools::TurnItemEmissionFuture; use codex_tools::TurnItemEmitter; -use crate::function_tool::FunctionCallError; +use crate::sandboxing::SandboxPermissions; use crate::session::session::Session; use crate::session::turn_context::TurnContext; use crate::stream_events_utils::TurnItemContributorPolicy; use crate::stream_events_utils::finalize_turn_item; use crate::tools::context::ToolInvocation; -use crate::tools::context::ToolOutput; use crate::tools::context::ToolPayload; +use crate::tools::handlers::apply_granted_turn_permissions; use crate::tools::registry::CoreToolRuntime; use crate::tools::registry::ToolExecutor; @@ -30,7 +31,6 @@ impl ExtensionToolAdapter { } } -#[async_trait::async_trait] impl ToolExecutor for ExtensionToolAdapter { fn tool_name(&self) -> ToolName { self.0.tool_name() @@ -52,11 +52,8 @@ impl ToolExecutor for ExtensionToolAdapter { self.0.search_info() } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - self.0.handle(to_extension_call(&invocation).await).await + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { self.0.handle(to_extension_call(&invocation).await).await }) } } @@ -115,6 +112,26 @@ impl TurnItemEmitter for CoreTurnItemEmitter { async fn to_extension_call(invocation: &ToolInvocation) -> ExtensionToolCall { let conversation_history = ConversationHistory::new(invocation.session.clone_history().await.into_raw_items()); + let mut environments = Vec::with_capacity(invocation.turn.environments.turn_environments.len()); + for environment in &invocation.turn.environments.turn_environments { + let additional_permissions = apply_granted_turn_permissions( + invocation.session.as_ref(), + &environment.environment_id, + environment.cwd.as_path(), + SandboxPermissions::UseDefault, + /*additional_permissions*/ None, + ) + .await + .additional_permissions; + environments.push(ToolEnvironment { + environment_id: environment.environment_id.clone(), + cwd: environment.cwd.clone(), + file_system: environment.environment.get_filesystem(), + file_system_sandbox_context: invocation + .turn + .file_system_sandbox_context(additional_permissions, &environment.cwd), + }); + } ExtensionToolCall { turn_id: invocation.turn.sub_id.clone(), call_id: invocation.call_id.clone(), @@ -126,6 +143,7 @@ async fn to_extension_call(invocation: &ToolInvocation) -> ExtensionToolCall { session: Arc::downgrade(&invocation.session), turn: Arc::downgrade(&invocation.turn), }), + environments, payload: invocation.payload.clone(), } } @@ -162,7 +180,6 @@ mod tests { struct StubExtensionExecutor; - #[async_trait::async_trait] impl codex_extension_api::ToolExecutor for StubExtensionExecutor { fn tool_name(&self) -> codex_tools::ToolName { codex_tools::ToolName::plain("extension_echo") @@ -187,13 +204,13 @@ mod tests { }) } - async fn handle( - &self, - _call: codex_tools::ToolCall, - ) -> Result, codex_tools::FunctionCallError> { - Ok(Box::new(codex_tools::JsonToolOutput::new( - json!({ "ok": true }), - ))) + fn handle(&self, _call: codex_tools::ToolCall) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async { + Ok( + Box::new(codex_tools::JsonToolOutput::new(json!({ "ok": true }))) + as Box, + ) + }) } } @@ -201,7 +218,6 @@ mod tests { captured_call: Arc>>, } - #[async_trait::async_trait] impl codex_extension_api::ToolExecutor for CapturingExtensionExecutor { fn tool_name(&self) -> codex_tools::ToolName { codex_tools::ToolName::plain("extension_echo") @@ -218,7 +234,13 @@ mod tests { }) } - async fn handle( + fn handle(&self, call: codex_tools::ToolCall) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } + } + + impl CapturingExtensionExecutor { + async fn handle_call( &self, call: codex_tools::ToolCall, ) -> Result, codex_tools::FunctionCallError> { @@ -233,9 +255,10 @@ mod tests { call.turn_item_emitter.emit_started(item.clone()).await; call.turn_item_emitter.emit_completed(item).await; *self.captured_call.lock().await = Some(call); - Ok(Box::new(codex_tools::JsonToolOutput::new( - json!({ "ok": true }), - ))) + Ok( + Box::new(codex_tools::JsonToolOutput::new(json!({ "ok": true }))) + as Box, + ) } } @@ -388,16 +411,17 @@ mod tests { struct RecordExtensionTurnItemContributor; - #[async_trait::async_trait] impl TurnItemContributor for RecordExtensionTurnItemContributor { - async fn contribute( - &self, - _thread_store: &ExtensionData, - turn_store: &ExtensionData, - _item: &mut TurnItem, - ) -> Result<(), String> { - turn_store.insert(ExtensionTurnItemContributorRan); - Ok(()) + fn contribute<'a>( + &'a self, + _thread_store: &'a ExtensionData, + turn_store: &'a ExtensionData, + _item: &'a mut TurnItem, + ) -> codex_extension_api::ExtensionFuture<'a, Result<(), String>> { + Box::pin(async move { + turn_store.insert(ExtensionTurnItemContributorRan); + Ok(()) + }) } } @@ -431,7 +455,6 @@ mod tests { ); } - #[async_trait::async_trait] impl codex_extension_api::ToolExecutor for ImageGenerationExtensionExecutor { fn tool_name(&self) -> codex_tools::ToolName { codex_tools::ToolName::namespaced("image_gen", "imagegen") @@ -448,7 +471,13 @@ mod tests { }) } - async fn handle( + fn handle(&self, call: codex_tools::ToolCall) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } + } + + impl ImageGenerationExtensionExecutor { + async fn handle_call( &self, call: codex_tools::ToolCall, ) -> Result, codex_tools::FunctionCallError> { @@ -474,9 +503,10 @@ mod tests { }, )) .await; - Ok(Box::new(codex_tools::JsonToolOutput::new( - json!({ "ok": true }), - ))) + Ok( + Box::new(codex_tools::JsonToolOutput::new(json!({ "ok": true }))) + as Box, + ) } } diff --git a/codex-rs/core/src/tools/handlers/get_context_remaining.rs b/codex-rs/core/src/tools/handlers/get_context_remaining.rs new file mode 100644 index 00000000000..b9a3d73ca8a --- /dev/null +++ b/codex-rs/core/src/tools/handlers/get_context_remaining.rs @@ -0,0 +1,95 @@ +use crate::context::ContextualUserFragment; +use crate::function_tool::FunctionCallError; +use crate::tools::context::FunctionToolOutput; +use crate::tools::context::ToolInvocation; +use crate::tools::context::ToolOutput; +use crate::tools::context::ToolPayload; +use crate::tools::context::boxed_tool_output; +use crate::tools::handlers::get_context_remaining_spec::GET_CONTEXT_REMAINING_TOOL_NAME; +use crate::tools::handlers::get_context_remaining_spec::create_get_context_remaining_tool; +use crate::tools::registry::CoreToolRuntime; +use crate::tools::registry::ToolExecutor; +use codex_protocol::models::ResponseInputItem; +use codex_tools::ToolName; +use codex_tools::ToolSpec; +use serde_json::Value as JsonValue; +use serde_json::json; + +#[derive(Debug, Clone)] +struct GetContextRemainingOutput { + tokens_left: Option, +} + +impl GetContextRemainingOutput { + fn new(tokens_left: Option) -> Self { + Self { tokens_left } + } + + fn fragment(&self) -> String { + match self.tokens_left { + Some(tokens_left) => { + crate::context::TokenBudgetRemainingContext::new(tokens_left).render() + } + None => crate::context::TokenBudgetRemainingContext::unknown().render(), + } + } +} + +impl ToolOutput for GetContextRemainingOutput { + fn log_preview(&self) -> String { + self.fragment() + } + + fn success_for_logging(&self) -> bool { + true + } + + fn to_response_item(&self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem { + FunctionToolOutput::from_text(self.fragment(), Some(true)) + .to_response_item(call_id, payload) + } + + fn code_mode_result(&self, _payload: &ToolPayload) -> JsonValue { + json!({ + "tokens_left": self.tokens_left, + }) + } +} + +pub struct GetContextRemainingHandler; + +impl ToolExecutor for GetContextRemainingHandler { + fn tool_name(&self) -> ToolName { + ToolName::plain(GET_CONTEXT_REMAINING_TOOL_NAME) + } + + fn spec(&self) -> ToolSpec { + create_get_context_remaining_tool() + } + + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { + if !matches!(invocation.payload, ToolPayload::Function { .. }) { + return Err(FunctionCallError::RespondToModel( + "get_context_remaining handler received unsupported payload".to_string(), + )); + } + + let Some(model_context_window) = invocation.turn.model_context_window() else { + return Ok(boxed_tool_output(GetContextRemainingOutput::new( + /*tokens_left*/ None, + ))); + }; + let active_context_tokens = invocation.session.get_total_token_usage().await.max(0); + let tokens_left = model_context_window + .saturating_sub(active_context_tokens) + .max(0); + + Ok(boxed_tool_output(GetContextRemainingOutput::new(Some( + tokens_left, + )))) + }) + } +} + +impl CoreToolRuntime for GetContextRemainingHandler {} diff --git a/codex-rs/core/src/tools/handlers/get_context_remaining_spec.rs b/codex-rs/core/src/tools/handlers/get_context_remaining_spec.rs new file mode 100644 index 00000000000..4ff54243f19 --- /dev/null +++ b/codex-rs/core/src/tools/handlers/get_context_remaining_spec.rs @@ -0,0 +1,36 @@ +use codex_tools::JsonSchema; +use codex_tools::ResponsesApiTool; +use codex_tools::ToolSpec; +use serde_json::Value; +use serde_json::json; +use std::collections::BTreeMap; + +pub(crate) const GET_CONTEXT_REMAINING_TOOL_NAME: &str = "get_context_remaining"; + +pub fn create_get_context_remaining_tool() -> ToolSpec { + ToolSpec::Function(ResponsesApiTool { + name: GET_CONTEXT_REMAINING_TOOL_NAME.to_string(), + description: "Get the remaining tokens in the current context window.".to_string(), + strict: false, + defer_loading: None, + parameters: JsonSchema::object(BTreeMap::new(), /*required*/ None, Some(false.into())), + output_schema: Some(get_context_remaining_output_schema()), + }) +} + +fn get_context_remaining_output_schema() -> Value { + json!({ + "type": "object", + "properties": { + "tokens_left": { + "anyOf": [ + { "type": "integer" }, + { "type": "null" } + ], + "description": "Remaining tokens in the current context window, or null when unavailable." + } + }, + "required": ["tokens_left"], + "additionalProperties": false + }) +} diff --git a/codex-rs/core/src/tools/handlers/goal.rs b/codex-rs/core/src/tools/handlers/goal.rs deleted file mode 100644 index 694eafca658..00000000000 --- a/codex-rs/core/src/tools/handlers/goal.rs +++ /dev/null @@ -1,158 +0,0 @@ -//! Built-in model tool handlers for persisted thread goals. -//! -//! The public tool contract intentionally splits goal creation from stopped -//! status updates: `create_goal` starts an active objective, while -//! `update_goal` can only mark the existing goal complete or blocked. - -use crate::function_tool::FunctionCallError; -use crate::tools::context::FunctionToolOutput; -use codex_protocol::protocol::ThreadGoal; -use codex_protocol::protocol::ThreadGoalStatus; -use serde::Deserialize; -use serde::Serialize; -use std::fmt::Write as _; - -mod create_goal; -mod get_goal; -mod update_goal; - -pub use create_goal::CreateGoalHandler; -pub use get_goal::GetGoalHandler; -pub use update_goal::UpdateGoalHandler; - -#[derive(Debug, Deserialize)] -#[serde(rename_all = "snake_case")] -struct CreateGoalArgs { - objective: String, - token_budget: Option, -} - -#[derive(Debug, Deserialize)] -#[serde(rename_all = "snake_case")] -struct UpdateGoalArgs { - status: ThreadGoalStatus, -} - -#[derive(Debug, PartialEq, Serialize)] -#[serde(rename_all = "camelCase")] -struct GoalToolResponse { - goal: Option, - remaining_tokens: Option, - completion_budget_report: Option, -} - -#[derive(Clone, Copy)] -enum CompletionBudgetReport { - Include, - Omit, -} - -impl GoalToolResponse { - fn new(goal: Option, report_mode: CompletionBudgetReport) -> Self { - let remaining_tokens = goal.as_ref().and_then(|goal| { - goal.token_budget - .map(|budget| (budget - goal.tokens_used).max(0)) - }); - let completion_budget_report = match report_mode { - CompletionBudgetReport::Include => goal - .as_ref() - .filter(|goal| goal.status == ThreadGoalStatus::Complete) - .and_then(completion_budget_report), - CompletionBudgetReport::Omit => None, - }; - Self { - goal, - remaining_tokens, - completion_budget_report, - } - } -} - -fn format_goal_error(err: anyhow::Error) -> String { - let mut message = err.to_string(); - for cause in err.chain().skip(1) { - let _ = write!(message, ": {cause}"); - } - message -} - -fn goal_response( - goal: Option, - completion_budget_report: CompletionBudgetReport, -) -> Result { - let response = - serde_json::to_string_pretty(&GoalToolResponse::new(goal, completion_budget_report)) - .map_err(|err| FunctionCallError::Fatal(err.to_string()))?; - Ok(FunctionToolOutput::from_text(response, Some(true))) -} - -fn completion_budget_report(goal: &ThreadGoal) -> Option { - if goal.token_budget.is_none() && goal.time_used_seconds <= 0 { - None - } else { - Some( - "Goal achieved. Report final usage from this tool result's structured goal fields. If `goal.tokenBudget` is present, include token usage from `goal.tokensUsed` and `goal.tokenBudget`. If `goal.timeUsedSeconds` is greater than 0, summarize elapsed time in a concise, human-friendly form appropriate to the response language." - .to_string(), - ) - } -} - -#[cfg(test)] -mod tests { - use super::*; - use codex_protocol::ThreadId; - use pretty_assertions::assert_eq; - - #[test] - fn completed_budgeted_goal_response_reports_final_usage() { - let goal = ThreadGoal { - thread_id: ThreadId::new(), - objective: "Keep optimizing".to_string(), - status: ThreadGoalStatus::Complete, - token_budget: Some(10_000), - tokens_used: 3_250, - time_used_seconds: 75, - created_at: 1, - updated_at: 2, - }; - - let response = GoalToolResponse::new(Some(goal.clone()), CompletionBudgetReport::Include); - - assert_eq!( - response, - GoalToolResponse { - goal: Some(goal), - remaining_tokens: Some(6_750), - completion_budget_report: Some( - "Goal achieved. Report final usage from this tool result's structured goal fields. If `goal.tokenBudget` is present, include token usage from `goal.tokensUsed` and `goal.tokenBudget`. If `goal.timeUsedSeconds` is greater than 0, summarize elapsed time in a concise, human-friendly form appropriate to the response language." - .to_string() - ), - } - ); - } - - #[test] - fn completed_unbudgeted_goal_response_omits_budget_report() { - let goal = ThreadGoal { - thread_id: ThreadId::new(), - objective: "Write a poem".to_string(), - status: ThreadGoalStatus::Complete, - token_budget: None, - tokens_used: 120, - time_used_seconds: 0, - created_at: 1, - updated_at: 2, - }; - - let response = GoalToolResponse::new(Some(goal.clone()), CompletionBudgetReport::Include); - - assert_eq!( - response, - GoalToolResponse { - goal: Some(goal), - remaining_tokens: None, - completion_budget_report: None, - } - ); - } -} diff --git a/codex-rs/core/src/tools/handlers/goal/create_goal.rs b/codex-rs/core/src/tools/handlers/goal/create_goal.rs deleted file mode 100644 index 1791a5e85f9..00000000000 --- a/codex-rs/core/src/tools/handlers/goal/create_goal.rs +++ /dev/null @@ -1,78 +0,0 @@ -use crate::function_tool::FunctionCallError; -use crate::goals::CreateGoalRequest; -use crate::tools::context::ToolInvocation; -use crate::tools::context::ToolPayload; -use crate::tools::context::boxed_tool_output; -use crate::tools::handlers::goal_spec::CREATE_GOAL_TOOL_NAME; -use crate::tools::handlers::goal_spec::create_create_goal_tool; -use crate::tools::handlers::parse_arguments; -use crate::tools::registry::CoreToolRuntime; -use crate::tools::registry::ToolExecutor; -use codex_tools::ToolName; -use codex_tools::ToolSpec; - -use super::CompletionBudgetReport; -use super::CreateGoalArgs; -use super::format_goal_error; -use super::goal_response; - -pub struct CreateGoalHandler; - -#[async_trait::async_trait] -impl ToolExecutor for CreateGoalHandler { - fn tool_name(&self) -> ToolName { - ToolName::plain(CREATE_GOAL_TOOL_NAME) - } - - fn spec(&self) -> ToolSpec { - create_create_goal_tool() - } - - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - let ToolInvocation { - session, - turn, - payload, - .. - } = invocation; - - let arguments = match payload { - ToolPayload::Function { arguments } => arguments, - _ => { - return Err(FunctionCallError::RespondToModel( - "goal handler received unsupported payload".to_string(), - )); - } - }; - - let args: CreateGoalArgs = parse_arguments(&arguments)?; - let goal = session - .create_thread_goal( - turn.as_ref(), - CreateGoalRequest { - objective: args.objective, - token_budget: args.token_budget, - }, - ) - .await - .map_err(|err| { - if err - .chain() - .any(|cause| cause.to_string().contains("already has a goal")) - { - FunctionCallError::RespondToModel( - "cannot create a new goal because this thread already has a goal; use update_goal only when the existing goal is complete" - .to_string(), - ) - } else { - FunctionCallError::RespondToModel(format_goal_error(err)) - } - })?; - goal_response(Some(goal), CompletionBudgetReport::Omit).map(boxed_tool_output) - } -} - -impl CoreToolRuntime for CreateGoalHandler {} diff --git a/codex-rs/core/src/tools/handlers/goal/get_goal.rs b/codex-rs/core/src/tools/handlers/goal/get_goal.rs deleted file mode 100644 index ff460706759..00000000000 --- a/codex-rs/core/src/tools/handlers/goal/get_goal.rs +++ /dev/null @@ -1,51 +0,0 @@ -use crate::function_tool::FunctionCallError; -use crate::tools::context::ToolInvocation; -use crate::tools::context::ToolPayload; -use crate::tools::context::boxed_tool_output; -use crate::tools::handlers::goal_spec::GET_GOAL_TOOL_NAME; -use crate::tools::handlers::goal_spec::create_get_goal_tool; -use crate::tools::registry::CoreToolRuntime; -use crate::tools::registry::ToolExecutor; -use codex_tools::ToolName; -use codex_tools::ToolSpec; - -use super::CompletionBudgetReport; -use super::format_goal_error; -use super::goal_response; - -pub struct GetGoalHandler; - -#[async_trait::async_trait] -impl ToolExecutor for GetGoalHandler { - fn tool_name(&self) -> ToolName { - ToolName::plain(GET_GOAL_TOOL_NAME) - } - - fn spec(&self) -> ToolSpec { - create_get_goal_tool() - } - - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - let ToolInvocation { - session, payload, .. - } = invocation; - - match payload { - ToolPayload::Function { .. } => { - let goal = session - .get_thread_goal() - .await - .map_err(|err| FunctionCallError::RespondToModel(format_goal_error(err)))?; - goal_response(goal, CompletionBudgetReport::Omit).map(boxed_tool_output) - } - _ => Err(FunctionCallError::RespondToModel( - "get_goal handler received unsupported payload".to_string(), - )), - } - } -} - -impl CoreToolRuntime for GetGoalHandler {} diff --git a/codex-rs/core/src/tools/handlers/goal/update_goal.rs b/codex-rs/core/src/tools/handlers/goal/update_goal.rs deleted file mode 100644 index 373c849fc2a..00000000000 --- a/codex-rs/core/src/tools/handlers/goal/update_goal.rs +++ /dev/null @@ -1,89 +0,0 @@ -use crate::function_tool::FunctionCallError; -use crate::goals::GoalRuntimeEvent; -use crate::goals::SetGoalRequest; -use crate::tools::context::ToolInvocation; -use crate::tools::context::ToolPayload; -use crate::tools::context::boxed_tool_output; -use crate::tools::handlers::goal_spec::UPDATE_GOAL_TOOL_NAME; -use crate::tools::handlers::goal_spec::create_update_goal_tool; -use crate::tools::handlers::parse_arguments; -use crate::tools::registry::CoreToolRuntime; -use crate::tools::registry::ToolExecutor; -use codex_protocol::protocol::ThreadGoalStatus; -use codex_tools::ToolName; -use codex_tools::ToolSpec; - -use super::CompletionBudgetReport; -use super::UpdateGoalArgs; -use super::format_goal_error; -use super::goal_response; - -pub struct UpdateGoalHandler; - -#[async_trait::async_trait] -impl ToolExecutor for UpdateGoalHandler { - fn tool_name(&self) -> ToolName { - ToolName::plain(UPDATE_GOAL_TOOL_NAME) - } - - fn spec(&self) -> ToolSpec { - create_update_goal_tool() - } - - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - let ToolInvocation { - session, - turn, - payload, - .. - } = invocation; - - let arguments = match payload { - ToolPayload::Function { arguments } => arguments, - _ => { - return Err(FunctionCallError::RespondToModel( - "update_goal handler received unsupported payload".to_string(), - )); - } - }; - - let args: UpdateGoalArgs = parse_arguments(&arguments)?; - if !matches!( - args.status, - ThreadGoalStatus::Complete | ThreadGoalStatus::Blocked - ) { - return Err(FunctionCallError::RespondToModel( - "update_goal can only mark the existing goal complete or blocked; pause, resume, budget-limited, and usage-limited status changes are controlled by the user or system" - .to_string(), - )); - } - session - .goal_runtime_apply(GoalRuntimeEvent::ToolCompletedGoal { - turn_context: turn.as_ref(), - }) - .await - .map_err(|err| FunctionCallError::RespondToModel(format_goal_error(err)))?; - let goal = session - .set_thread_goal( - turn.as_ref(), - SetGoalRequest { - objective: None, - status: Some(args.status), - token_budget: None, - }, - ) - .await - .map_err(|err| FunctionCallError::RespondToModel(format_goal_error(err)))?; - let completion_budget_report = if args.status == ThreadGoalStatus::Complete { - CompletionBudgetReport::Include - } else { - CompletionBudgetReport::Omit - }; - goal_response(Some(goal), completion_budget_report).map(boxed_tool_output) - } -} - -impl CoreToolRuntime for UpdateGoalHandler {} diff --git a/codex-rs/core/src/tools/handlers/goal_spec.rs b/codex-rs/core/src/tools/handlers/goal_spec.rs deleted file mode 100644 index da8e23d3053..00000000000 --- a/codex-rs/core/src/tools/handlers/goal_spec.rs +++ /dev/null @@ -1,120 +0,0 @@ -//! Responses API tool definitions for persisted thread goals. -//! -//! These specs expose goal read/update primitives to the model while keeping -//! usage accounting system-managed. - -use codex_tools::JsonSchema; -use codex_tools::ResponsesApiTool; -use codex_tools::ToolSpec; -use serde_json::json; -use std::collections::BTreeMap; - -pub const GET_GOAL_TOOL_NAME: &str = "get_goal"; -pub const CREATE_GOAL_TOOL_NAME: &str = "create_goal"; -pub const UPDATE_GOAL_TOOL_NAME: &str = "update_goal"; - -pub fn create_get_goal_tool() -> ToolSpec { - ToolSpec::Function(ResponsesApiTool { - name: GET_GOAL_TOOL_NAME.to_string(), - description: "Get the current goal for this thread, including status, budgets, token and elapsed-time usage, and remaining token budget." - .to_string(), - strict: false, - defer_loading: None, - parameters: JsonSchema::object(BTreeMap::new(), Some(Vec::new()), Some(false.into())), - output_schema: None, - }) -} - -pub fn create_create_goal_tool() -> ToolSpec { - let properties = BTreeMap::from([ - ( - "objective".to_string(), - JsonSchema::string(Some( - "Required. The concrete objective to start pursuing. This starts a new active goal only when no goal is currently defined; if a goal already exists, this tool fails." - .to_string(), - )), - ), - ( - "token_budget".to_string(), - JsonSchema::integer(Some( - "Positive token budget for the new goal. Omit unless explicitly requested." - .to_string(), - )), - ), - ]); - - ToolSpec::Function(ResponsesApiTool { - name: CREATE_GOAL_TOOL_NAME.to_string(), - description: format!( - r#"Create a goal only when explicitly requested by the user or system/developer instructions; do not infer goals from ordinary tasks. -Set token_budget only when an explicit token budget is requested. Fails if a goal exists; use {UPDATE_GOAL_TOOL_NAME} only for status."# - ), - strict: false, - defer_loading: None, - parameters: JsonSchema::object( - properties, - /*required*/ Some(vec!["objective".to_string()]), - Some(false.into()), - ), - output_schema: None, - }) -} - -pub fn create_update_goal_tool() -> ToolSpec { - let properties = BTreeMap::from([( - "status".to_string(), - JsonSchema::string_enum( - vec![json!("complete"), json!("blocked")], - Some( - "Required. Set to `complete` only when the objective is achieved and no required work remains. Set to `blocked` only after the same blocking condition has recurred for at least three consecutive goal turns and the agent is at an impasse. After a previously blocked goal is resumed, the resumed run starts a fresh blocked audit." - .to_string(), - ), - ), - )]); - - ToolSpec::Function(ResponsesApiTool { - name: UPDATE_GOAL_TOOL_NAME.to_string(), - description: r#"Update the existing goal. -Use this tool only to mark the goal achieved or genuinely blocked. -Set status to `complete` only when the objective has actually been achieved and no required work remains. -Set status to `blocked` only when the same blocking condition has repeated for at least three consecutive goal turns, counting the original/user-triggered turn and any automatic continuations, and the agent cannot make meaningful progress without user input or an external-state change. -If the user resumes a goal that was previously marked `blocked`, treat the resumed run as a fresh blocked audit. If the same blocking condition then repeats for at least three consecutive resumed goal turns, set status to `blocked` again. -Once the blocked threshold is satisfied, do not keep reporting that you are still blocked while leaving the goal active; set status to `blocked`. -Do not use `blocked` merely because the work is hard, slow, uncertain, incomplete, or would benefit from clarification. -Do not mark a goal complete merely because its budget is nearly exhausted or because you are stopping work. -You cannot use this tool to pause, resume, budget-limit, or usage-limit a goal; those status changes are controlled by the user or system. -When marking a budgeted goal achieved with status `complete`, report the final token usage from the tool result to the user."# - .to_string(), - strict: false, - defer_loading: None, - parameters: JsonSchema::object( - properties, - /*required*/ Some(vec!["status".to_string()]), - Some(false.into()), - ), - output_schema: None, - }) -} - -#[cfg(test)] -mod tests { - use super::*; - - #[test] - fn update_goal_tool_exposes_complete_and_blocked_statuses() { - let ToolSpec::Function(tool) = create_update_goal_tool() else { - panic!("update_goal should be a function tool"); - }; - let status = tool - .parameters - .properties - .as_ref() - .and_then(|properties| properties.get("status")) - .expect("status property should exist"); - - assert_eq!( - status.enum_values, - Some(vec![json!("complete"), json!("blocked")]) - ); - } -} diff --git a/codex-rs/core/src/tools/handlers/list_available_plugins_to_install.rs b/codex-rs/core/src/tools/handlers/list_available_plugins_to_install.rs index d18a1ca36e1..766b0e9b753 100644 --- a/codex-rs/core/src/tools/handlers/list_available_plugins_to_install.rs +++ b/codex-rs/core/src/tools/handlers/list_available_plugins_to_install.rs @@ -54,7 +54,6 @@ impl ListAvailablePluginsToInstallHandler { } } -#[async_trait::async_trait] impl ToolExecutor for ListAvailablePluginsToInstallHandler { fn tool_name(&self) -> ToolName { ToolName::plain(LIST_AVAILABLE_PLUGINS_TO_INSTALL_TOOL_NAME) @@ -68,7 +67,13 @@ impl ToolExecutor for ListAvailablePluginsToInstallHandler { false } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ListAvailablePluginsToInstallHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/mcp.rs b/codex-rs/core/src/tools/handlers/mcp.rs index 77ff3c14a3c..efb32aab945 100644 --- a/codex-rs/core/src/tools/handlers/mcp.rs +++ b/codex-rs/core/src/tools/handlers/mcp.rs @@ -64,7 +64,6 @@ fn ensure_mcp_prefix(name: &str) -> String { } } -#[async_trait::async_trait] impl ToolExecutor for McpHandler { fn tool_name(&self) -> ToolName { self.tool_info.canonical_tool_name() @@ -113,7 +112,13 @@ impl ToolExecutor for McpHandler { ) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl McpHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/mcp_resource.rs b/codex-rs/core/src/tools/handlers/mcp_resource.rs index 9357a9722d6..e2f83859b69 100644 --- a/codex-rs/core/src/tools/handlers/mcp_resource.rs +++ b/codex-rs/core/src/tools/handlers/mcp_resource.rs @@ -7,6 +7,8 @@ use codex_protocol::items::McpToolCallItem; use codex_protocol::items::McpToolCallStatus; use codex_protocol::items::TurnItem; use codex_protocol::mcp::CallToolResult; +use codex_protocol::protocol::TruncationPolicy; +use codex_utils_output_truncation::truncate_text; use rmcp::model::ListResourceTemplatesResult; use rmcp::model::ListResourcesResult; use rmcp::model::ReadResourceResult; @@ -270,7 +272,10 @@ fn normalize_required_string(field: &str, value: String) -> Result(payload: T) -> Result +fn serialize_function_output( + payload: T, + truncation_policy: TruncationPolicy, +) -> Result where T: Serialize, { @@ -279,6 +284,9 @@ where "failed to serialize MCP resource response: {err}" )) })?; + // Match regular MCP tool outputs by bounding the copy persisted to the + // rollout and injected into model context. + let content = truncate_text(&content, truncation_policy * 1.2); Ok(FunctionToolOutput::from_text(content, Some(true))) } diff --git a/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resource_templates.rs b/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resource_templates.rs index b1e82aa8a6d..80b183dabab 100644 --- a/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resource_templates.rs +++ b/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resource_templates.rs @@ -26,7 +26,6 @@ use super::serialize_function_output; pub struct ListMcpResourceTemplatesHandler; -#[async_trait::async_trait] impl ToolExecutor for ListMcpResourceTemplatesHandler { fn tool_name(&self) -> ToolName { ToolName::plain("list_mcp_resource_templates") @@ -40,11 +39,13 @@ impl ToolExecutor for ListMcpResourceTemplatesHandler { true } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP resource template listing reads through the session-owned manager guard" - )] - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ListMcpResourceTemplatesHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -107,8 +108,7 @@ impl ToolExecutor for ListMcpResourceTemplatesHandler { let templates = session .services .mcp_connection_manager - .read() - .await + .load_full() .list_all_resource_templates() .await; Ok(ListResourceTemplatesPayload::from_all_servers(templates)) @@ -117,7 +117,7 @@ impl ToolExecutor for ListMcpResourceTemplatesHandler { .await; match payload_result { - Ok(payload) => match serialize_function_output(payload) { + Ok(payload) => match serialize_function_output(payload, turn.truncation_policy) { Ok(output) => { let content = function_call_output_content_items_to_text(&output.body) .unwrap_or_default(); diff --git a/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resources.rs b/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resources.rs index c2cdec8b157..a77d617b942 100644 --- a/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resources.rs +++ b/codex-rs/core/src/tools/handlers/mcp_resource/list_mcp_resources.rs @@ -26,7 +26,6 @@ use super::serialize_function_output; pub struct ListMcpResourcesHandler; -#[async_trait::async_trait] impl ToolExecutor for ListMcpResourcesHandler { fn tool_name(&self) -> ToolName { ToolName::plain("list_mcp_resources") @@ -40,11 +39,13 @@ impl ToolExecutor for ListMcpResourcesHandler { true } - #[expect( - clippy::await_holding_invalid_type, - reason = "MCP resource listing reads through the session-owned manager guard" - )] - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ListMcpResourcesHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -105,8 +106,7 @@ impl ToolExecutor for ListMcpResourcesHandler { let resources = session .services .mcp_connection_manager - .read() - .await + .load_full() .list_all_resources() .await; Ok(ListResourcesPayload::from_all_servers(resources)) @@ -115,7 +115,7 @@ impl ToolExecutor for ListMcpResourcesHandler { .await; match payload_result { - Ok(payload) => match serialize_function_output(payload) { + Ok(payload) => match serialize_function_output(payload, turn.truncation_policy) { Ok(output) => { let content = function_call_output_content_items_to_text(&output.body) .unwrap_or_default(); diff --git a/codex-rs/core/src/tools/handlers/mcp_resource/read_mcp_resource.rs b/codex-rs/core/src/tools/handlers/mcp_resource/read_mcp_resource.rs index 126c5d85e80..9ca15718a0c 100644 --- a/codex-rs/core/src/tools/handlers/mcp_resource/read_mcp_resource.rs +++ b/codex-rs/core/src/tools/handlers/mcp_resource/read_mcp_resource.rs @@ -26,7 +26,6 @@ use super::serialize_function_output; pub struct ReadMcpResourceHandler; -#[async_trait::async_trait] impl ToolExecutor for ReadMcpResourceHandler { fn tool_name(&self) -> ToolName { ToolName::plain("read_mcp_resource") @@ -40,7 +39,13 @@ impl ToolExecutor for ReadMcpResourceHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ReadMcpResourceHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -93,7 +98,7 @@ impl ToolExecutor for ReadMcpResourceHandler { .await; match payload_result { - Ok(payload) => match serialize_function_output(payload) { + Ok(payload) => match serialize_function_output(payload, turn.truncation_policy) { Ok(output) => { let content = function_call_output_content_items_to_text(&output.body) .unwrap_or_default(); diff --git a/codex-rs/core/src/tools/handlers/mcp_resource_tests.rs b/codex-rs/core/src/tools/handlers/mcp_resource_tests.rs index 8a8410b0bd5..b52ab1681ab 100644 --- a/codex-rs/core/src/tools/handlers/mcp_resource_tests.rs +++ b/codex-rs/core/src/tools/handlers/mcp_resource_tests.rs @@ -1,6 +1,7 @@ use super::*; use pretty_assertions::assert_eq; use rmcp::model::AnnotateAble; +use rmcp::model::ResourceContents; use serde_json::json; fn resource(uri: &str, name: &str) -> Resource { @@ -123,3 +124,39 @@ fn template_with_server_serializes_server_field() { }) ); } + +#[test] +fn serialize_function_output_preserves_small_payload() { + let payload = json!({"server": "hosted", "resources": []}); + let expected = serde_json::to_string(&payload).expect("serialize payload"); + + let output = serialize_function_output(payload, TruncationPolicy::Bytes(1_024)) + .expect("serialize function output") + .into_text(); + + assert_eq!(output, expected); +} + +#[test] +fn serialize_function_output_caps_read_resource_payload() { + let truncation_policy = TruncationPolicy::Bytes(8_000); + let payload = ReadResourcePayload { + server: "hosted".to_string(), + uri: "skill://large/SKILL.md".to_string(), + result: ReadResourceResult::new(vec![ResourceContents::TextResourceContents { + uri: "skill://large/SKILL.md".to_string(), + mime_type: Some("text/markdown".to_string()), + text: "x".repeat(16_000), + meta: None, + }]), + }; + let serialized = serde_json::to_string(&payload).expect("serialize payload"); + let expected = truncate_text(&serialized, truncation_policy * 1.2); + + let output = serialize_function_output(payload, truncation_policy) + .expect("serialize bounded function output") + .into_text(); + + assert_ne!(output, serialized); + assert_eq!(output, expected); +} diff --git a/codex-rs/core/src/tools/handlers/mod.rs b/codex-rs/core/src/tools/handlers/mod.rs index d6963f07617..258c9914ddd 100644 --- a/codex-rs/core/src/tools/handlers/mod.rs +++ b/codex-rs/core/src/tools/handlers/mod.rs @@ -4,8 +4,8 @@ pub(crate) mod apply_patch; pub(crate) mod apply_patch_spec; mod dynamic; pub(crate) mod extension_tools; -mod goal; -pub(crate) mod goal_spec; +mod get_context_remaining; +pub(crate) mod get_context_remaining_spec; mod list_available_plugins_to_install; pub(crate) mod list_available_plugins_to_install_spec; mod mcp; @@ -15,6 +15,8 @@ pub(crate) mod multi_agents; pub(crate) mod multi_agents_common; pub(crate) mod multi_agents_spec; pub(crate) mod multi_agents_v2; +mod new_context_window; +pub(crate) mod new_context_window_spec; mod plan; pub(crate) mod plan_spec; mod request_permissions; @@ -53,14 +55,13 @@ pub use apply_patch::ApplyPatchHandler; use codex_protocol::models::AdditionalPermissionProfile; use codex_protocol::protocol::AskForApproval; pub use dynamic::DynamicToolHandler; -pub use goal::CreateGoalHandler; -pub use goal::GetGoalHandler; -pub use goal::UpdateGoalHandler; +pub use get_context_remaining::GetContextRemainingHandler; pub use list_available_plugins_to_install::ListAvailablePluginsToInstallHandler; pub use mcp::McpHandler; pub use mcp_resource::ListMcpResourceTemplatesHandler; pub use mcp_resource::ListMcpResourcesHandler; pub use mcp_resource::ReadMcpResourceHandler; +pub use new_context_window::NewContextWindowHandler; pub use plan::PlanHandler; pub use request_permissions::RequestPermissionsHandler; pub use request_plugin_install::RequestPluginInstallHandler; diff --git a/codex-rs/core/src/tools/handlers/multi_agents/close_agent.rs b/codex-rs/core/src/tools/handlers/multi_agents/close_agent.rs index 0d4e17447dc..d1017adb65c 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents/close_agent.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents/close_agent.rs @@ -6,7 +6,6 @@ use codex_tools::ToolSpec; pub(crate) struct Handler; -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::namespaced(MULTI_AGENT_V1_NAMESPACE, "close_agent") @@ -23,11 +22,8 @@ impl ToolExecutor for Handler { ) } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - handle_close_agent(invocation).await.map(boxed_tool_output) + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { handle_close_agent(invocation).await.map(boxed_tool_output) }) } } diff --git a/codex-rs/core/src/tools/handlers/multi_agents/resume_agent.rs b/codex-rs/core/src/tools/handlers/multi_agents/resume_agent.rs index 8f95abe4e31..fa464ddbbb2 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents/resume_agent.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents/resume_agent.rs @@ -7,7 +7,6 @@ use std::sync::Arc; pub(crate) struct Handler; -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::namespaced(MULTI_AGENT_V1_NAMESPACE, "resume_agent") @@ -24,11 +23,8 @@ impl ToolExecutor for Handler { ) } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - handle_resume_agent(invocation).await.map(boxed_tool_output) + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { handle_resume_agent(invocation).await.map(boxed_tool_output) }) } } diff --git a/codex-rs/core/src/tools/handlers/multi_agents/send_input.rs b/codex-rs/core/src/tools/handlers/multi_agents/send_input.rs index 1b7018939e3..375bb50ac7c 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents/send_input.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents/send_input.rs @@ -6,7 +6,6 @@ use codex_tools::ToolSpec; pub(crate) struct Handler; -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::namespaced(MULTI_AGENT_V1_NAMESPACE, "send_input") @@ -23,7 +22,13 @@ impl ToolExecutor for Handler { ) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl Handler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -42,8 +47,17 @@ impl ToolExecutor for Handler { let receiver_agent = session .services .agent_control - .get_agent_metadata(receiver_thread_id) - .unwrap_or_default(); + .get_agent_metadata(receiver_thread_id); + if receiver_agent.is_some() { + let resume_config = build_agent_resume_config(turn.as_ref())?; + session + .services + .agent_control + .ensure_v2_agent_loaded(resume_config, receiver_thread_id) + .await + .map_err(|err| collab_agent_error(receiver_thread_id, err))?; + } + let receiver_agent = receiver_agent.unwrap_or_default(); if args.interrupt { session .services diff --git a/codex-rs/core/src/tools/handlers/multi_agents/spawn.rs b/codex-rs/core/src/tools/handlers/multi_agents/spawn.rs index 004dc973b76..204385934e2 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents/spawn.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents/spawn.rs @@ -22,7 +22,6 @@ impl Handler { } } -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::namespaced(MULTI_AGENT_V1_NAMESPACE, "spawn_agent") @@ -39,11 +38,8 @@ impl ToolExecutor for Handler { ) } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - handle_spawn_agent(invocation).await.map(boxed_tool_output) + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { handle_spawn_agent(invocation).await.map(boxed_tool_output) }) } } @@ -83,7 +79,7 @@ async fn handle_spawn_agent( sender_thread_id: session.thread_id, prompt: prompt.clone(), model: args.model.clone().unwrap_or_default(), - reasoning_effort: args.reasoning_effort.unwrap_or_default(), + reasoning_effort: args.reasoning_effort.clone().unwrap_or_default(), } .into(), ) @@ -94,14 +90,18 @@ async fn handle_spawn_agent( config.service_tier = Some(service_tier.clone()); } if args.fork_context { - reject_full_fork_spawn_overrides(role_name, args.model.as_deref(), args.reasoning_effort)?; + reject_full_fork_spawn_overrides( + role_name, + args.model.as_deref(), + args.reasoning_effort.clone(), + )?; } else { apply_requested_spawn_agent_model_overrides( &session, turn.as_ref(), &mut config, args.model.as_deref(), - args.reasoning_effort, + args.reasoning_effort.clone(), ) .await?; apply_role_to_config(&mut config, role_name) @@ -174,7 +174,7 @@ async fn handle_spawn_agent( .unwrap_or_else(|| args.model.clone().unwrap_or_default()); let effective_reasoning_effort = agent_snapshot .as_ref() - .and_then(|snapshot| snapshot.reasoning_effort) + .and_then(|snapshot| snapshot.reasoning_effort.clone()) .unwrap_or(args.reasoning_effort.unwrap_or_default()); let nickname = new_agent_nickname.clone(); session @@ -200,7 +200,7 @@ async fn handle_spawn_agent( turn.session_telemetry.counter( "codex.multi_agent.spawn", /*inc*/ 1, - &[("role", role_tag)], + &[("role", role_tag), ("version", "v1")], ); Ok(SpawnAgentResult { diff --git a/codex-rs/core/src/tools/handlers/multi_agents/wait.rs b/codex-rs/core/src/tools/handlers/multi_agents/wait.rs index 525ee7f2ed3..be22b369082 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents/wait.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents/wait.rs @@ -27,7 +27,6 @@ impl Handler { } } -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::namespaced(MULTI_AGENT_V1_NAMESPACE, "wait_agent") @@ -44,7 +43,13 @@ impl ToolExecutor for Handler { ) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl Handler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/multi_agents_common.rs b/codex-rs/core/src/tools/handlers/multi_agents_common.rs index 8a4edbff35d..59588921524 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_common.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_common.rs @@ -224,7 +224,8 @@ fn build_agent_shared_config(turn: &TurnContext) -> Result Result<(), FunctionCallError> { if supported_reasoning_levels .iter() - .any(|preset| preset.effort == requested_reasoning_effort) + .any(|preset| &preset.effort == requested_reasoning_effort) { return Ok(()); } diff --git a/codex-rs/core/src/tools/handlers/multi_agents_spec.rs b/codex-rs/core/src/tools/handlers/multi_agents_spec.rs index e80f63e35d2..5fa2cea70a6 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_spec.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_spec.rs @@ -17,6 +17,7 @@ const SPAWN_AGENT_MODEL_OVERRIDE_DESCRIPTION: &str = const SPAWN_AGENT_SERVICE_TIER_OVERRIDE_DESCRIPTION: &str = "Service tier override for the new agent. Omit unless explicitly requested."; const MAX_MODEL_OVERRIDES_IN_SPAWN_AGENT_DESCRIPTION: usize = 5; +const MAX_REASONING_EFFORT_CHARS_IN_SPAWN_AGENT_DESCRIPTION: usize = 64; #[derive(Debug, Clone, Default)] pub struct SpawnAgentToolOptions { @@ -25,7 +26,6 @@ pub struct SpawnAgentToolOptions { pub hide_agent_type_model_reasoning: bool, pub include_usage_hint: bool, pub usage_hint_text: Option, - pub max_concurrent_threads_per_session: Option, } #[derive(Debug, Clone, Copy, PartialEq, Eq)] @@ -101,7 +101,6 @@ pub fn create_spawn_agent_tool_v2(options: SpawnAgentToolOptions) -> ToolSpec { inherited_model_guidance, options.include_usage_hint, options.usage_hint_text, - options.max_concurrent_threads_per_session, ), strict: false, defer_loading: None, @@ -166,7 +165,8 @@ pub fn create_send_message_tool() -> ToolSpec { "message".to_string(), JsonSchema::string(Some( "Message text to queue on the target agent.".to_string(), - )), + )) + .with_encrypted(), ), ]); @@ -198,13 +198,14 @@ pub fn create_followup_task_tool() -> ToolSpec { "message".to_string(), JsonSchema::string(Some( "Message text to send to the target agent.".to_string(), - )), + )) + .with_encrypted(), ), ]); ToolSpec::Function(ResponsesApiTool { name: "followup_task".to_string(), - description: "Send a follow-up task to an existing non-root target agent and trigger a turn in that target. If the target is currently mid-turn, the message is queued and will be used to start the target's next turn, after the current turn completes." + description: "Send a follow-up task to an existing non-root target agent and trigger a turn if it is idle. If the target is already running, deliver the task promptly at message boundaries while sampling, or after the pending tool call completes." .to_string(), strict: false, defer_loading: None, @@ -299,26 +300,30 @@ pub fn create_close_agent_tool_v1() -> ToolSpec { strict: false, defer_loading: None, parameters: JsonSchema::object(properties, Some(vec!["target".to_string()]), Some(false.into())), - output_schema: Some(close_agent_output_schema()), + output_schema: Some(agent_previous_status_output_schema( + "The agent status observed before shutdown was requested.", + )), })], }) } -pub fn create_close_agent_tool_v2() -> ToolSpec { +pub fn create_interrupt_agent_tool_v2() -> ToolSpec { let properties = BTreeMap::from([( "target".to_string(), JsonSchema::string(Some( - "Agent id or canonical task name to close (from spawn_agent).".to_string(), + "Agent id or canonical task name to interrupt (from spawn_agent).".to_string(), )), )]); ToolSpec::Function(ResponsesApiTool { - name: "close_agent".to_string(), - description: "Close an agent and any open descendants when they are no longer needed, and return the target agent's previous status before shutdown was requested. Completed agents remain open and count toward the concurrency limit until closed. Don't keep agents open for too long if they are not needed anymore.".to_string(), + name: "interrupt_agent".to_string(), + description: "Interrupt an agent's current turn, if any, and return its previous status. The agent remains available for messages and follow-up tasks.".to_string(), strict: false, defer_loading: None, parameters: JsonSchema::object(properties, Some(vec!["target".to_string()]), Some(false.into())), - output_schema: Some(close_agent_output_schema()), + output_schema: Some(agent_previous_status_output_schema( + "The agent status observed before the interrupt request was handled.", + )), }) } @@ -498,12 +503,12 @@ fn wait_output_schema_v2() -> Value { }) } -fn close_agent_output_schema() -> Value { +fn agent_previous_status_output_schema(previous_status_description: &str) -> Value { json!({ "type": "object", "properties": { "previous_status": { - "description": "The agent status observed before shutdown was requested.", + "description": previous_status_description, "allOf": [agent_status_output_schema()] } }, @@ -594,7 +599,10 @@ fn spawn_agent_common_properties_v2(agent_type_description: &str) -> BTreeMap, include_usage_hint: bool, usage_hint_text: Option, - max_concurrent_threads_per_session: Option, ) -> String { let agent_role_guidance = available_models_description.unwrap_or_default(); let inherited_model_guidance = inherited_model_guidance.unwrap_or_default(); - let concurrency_guidance = max_concurrent_threads_per_session - .map(|limit| { - format!( - "This session is configured with `max_concurrent_threads_per_session = {limit}` for concurrently open agent threads." - ) - }) - .unwrap_or_default(); let tool_description = format!( r#" @@ -731,9 +731,9 @@ fn spawn_agent_tool_description_v2( You are then able to refer to this agent as `task_3` or `/root/task1/task_3` interchangeably. However an agent `/root/task2/task_3` would only be able to communicate with this agent via its canonical name `/root/task1/task_3`. The spawned agent will have the same tools as you and the ability to spawn its own subagents. {inherited_model_guidance} +Only call this tool for a concrete, bounded subtask that can run independently alongside useful local work; otherwise continue locally. It will be able to send you and other running agents messages, and its final answer will be provided to you when it finishes. -The new agent's canonical task name will be provided to it along with the message. -{concurrency_guidance}"# +The new agent's canonical task name will be provided to it along with the message."# ); if !include_usage_hint { @@ -762,13 +762,20 @@ fn spawn_agent_models_description(models: &[ModelPreset]) -> String { let model_descriptions = visible_models .into_iter() .map(|model| { - let default_reasoning_effort = model.default_reasoning_effort; + let default_reasoning_effort = &model.default_reasoning_effort; let efforts = model .supported_reasoning_efforts .iter() .map(|preset| { - let effort = preset.effort; - if effort == default_reasoning_effort { + let effort = preset.effort.as_str(); + let effort = match effort + .char_indices() + .nth(MAX_REASONING_EFFORT_CHARS_IN_SPAWN_AGENT_DESCRIPTION) + { + Some((index, _)) => &effort[..index], + None => effort, + }; + if &preset.effort == default_reasoning_effort { format!("{effort} (default)") } else { effort.to_string() diff --git a/codex-rs/core/src/tools/handlers/multi_agents_spec_tests.rs b/codex-rs/core/src/tools/handlers/multi_agents_spec_tests.rs index 5f4a66a75cc..1ef93b77f03 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_spec_tests.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_spec_tests.rs @@ -47,7 +47,6 @@ fn spawn_agent_tool_v2_requires_task_name_and_lists_visible_models() { hide_agent_type_model_reasoning: false, include_usage_hint: true, usage_hint_text: None, - max_concurrent_threads_per_session: Some(4), }); let ToolSpec::Function(ResponsesApiTool { @@ -69,7 +68,7 @@ fn spawn_agent_tool_v2_requires_task_name_and_lists_visible_models() { .expect("spawn_agent should use object params"); assert!(description.contains("Spawns an agent to work on the specified task.")); assert!(description.contains("The spawned agent will have the same tools as you")); - assert!(description.contains("`max_concurrent_threads_per_session = 4`")); + assert!(!description.contains("max_concurrent_threads_per_session")); assert!(description.contains(SPAWN_AGENT_INHERITED_MODEL_GUIDANCE)); assert!( description @@ -81,6 +80,12 @@ fn spawn_agent_tool_v2_requires_task_name_and_lists_visible_models() { assert!(!description.contains("hidden-model")); assert!(properties.contains_key("task_name")); assert!(properties.contains_key("message")); + assert_eq!( + properties + .get("message") + .and_then(|schema| schema.encrypted), + Some(true) + ); assert!(properties.contains_key("fork_turns")); assert!(!properties.contains_key("items")); assert!(!properties.contains_key("fork_context")); @@ -118,7 +123,6 @@ fn spawn_agent_tool_v1_keeps_legacy_fork_context_field() { hide_agent_type_model_reasoning: false, include_usage_hint: true, usage_hint_text: None, - max_concurrent_threads_per_session: None, }); let ToolSpec::Namespace(namespace) = tool else { @@ -141,6 +145,12 @@ fn spawn_agent_tool_v1_keeps_legacy_fork_context_field() { assert!(properties.contains_key("fork_context")); assert!(!properties.contains_key("fork_turns")); + assert_eq!( + properties + .get("message") + .and_then(|schema| schema.encrypted), + None + ); assert_eq!( properties .get("model") @@ -170,7 +180,6 @@ fn spawn_agent_tool_caps_visible_model_summaries() { hide_agent_type_model_reasoning: false, include_usage_hint: true, usage_hint_text: None, - max_concurrent_threads_per_session: Some(4), }); let ToolSpec::Function(ResponsesApiTool { description, .. }) = tool else { @@ -186,6 +195,27 @@ fn spawn_agent_tool_caps_visible_model_summaries() { assert!(!description.contains("`sixth-model`")); } +#[test] +fn spawn_agent_tool_caps_reasoning_effort_value_length() { + let mut model = model_preset("visible", /*show_in_picker*/ true); + let custom_effort = ReasoningEffort::Custom( + "é".repeat(MAX_REASONING_EFFORT_CHARS_IN_SPAWN_AGENT_DESCRIPTION + 1), + ); + model.default_reasoning_effort = custom_effort.clone(); + model.supported_reasoning_efforts = vec![ReasoningEffortPreset { + effort: custom_effort, + description: "Model-defined".to_string(), + }]; + + assert_eq!( + spawn_agent_models_description(&[model]), + format!( + "Available model overrides (optional; inherited parent model is preferred):\n- `visible-model`: visible description Reasoning efforts: {} (default). Service tiers: priority.", + "é".repeat(MAX_REASONING_EFFORT_CHARS_IN_SPAWN_AGENT_DESCRIPTION) + ) + ); +} + #[test] fn spawn_agent_tool_hides_service_tier_with_spawn_metadata() { let tool = create_spawn_agent_tool_v2(SpawnAgentToolOptions { @@ -194,7 +224,6 @@ fn spawn_agent_tool_hides_service_tier_with_spawn_metadata() { hide_agent_type_model_reasoning: true, include_usage_hint: true, usage_hint_text: None, - max_concurrent_threads_per_session: Some(4), }); let ToolSpec::Function(ResponsesApiTool { @@ -238,6 +267,12 @@ fn send_message_tool_requires_message_and_has_no_output_schema() { .expect("send_message should use object params"); assert!(properties.contains_key("target")); assert!(properties.contains_key("message")); + assert_eq!( + properties + .get("message") + .and_then(|schema| schema.encrypted), + Some(true) + ); assert!(!properties.contains_key("interrupt")); assert!(!properties.contains_key("items")); assert_eq!( @@ -257,6 +292,7 @@ fn send_message_tool_requires_message_and_has_no_output_schema() { fn followup_task_tool_requires_message_and_has_no_output_schema() { let ToolSpec::Function(ResponsesApiTool { name, + description, parameters, output_schema, .. @@ -265,6 +301,10 @@ fn followup_task_tool_requires_message_and_has_no_output_schema() { panic!("followup_task should be a function tool"); }; assert_eq!(name, "followup_task"); + assert_eq!( + description, + "Send a follow-up task to an existing non-root target agent and trigger a turn if it is idle. If the target is already running, deliver the task promptly at message boundaries while sampling, or after the pending tool call completes." + ); assert_eq!( parameters.schema_type, Some(JsonSchemaType::Single(JsonSchemaPrimitiveType::Object)) @@ -275,6 +315,12 @@ fn followup_task_tool_requires_message_and_has_no_output_schema() { .expect("followup_task should use object params"); assert!(properties.contains_key("target")); assert!(properties.contains_key("message")); + assert_eq!( + properties + .get("message") + .and_then(|schema| schema.encrypted), + Some(true) + ); assert!(!properties.contains_key("items")); assert_eq!( parameters.required.as_ref(), diff --git a/codex-rs/core/src/tools/handlers/multi_agents_tests.rs b/codex-rs/core/src/tools/handlers/multi_agents_tests.rs index d32bd5dd62b..88a8f07dcb0 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_tests.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_tests.rs @@ -8,8 +8,8 @@ use crate::session::tests::make_session_and_context; use crate::session_prefix::format_subagent_notification_message; use crate::thread_manager::thread_store_from_config; use crate::tools::context::ToolOutput; -use crate::tools::handlers::multi_agents_v2::CloseAgentHandler as CloseAgentHandlerV2; use crate::tools::handlers::multi_agents_v2::FollowupTaskHandler as FollowupTaskHandlerV2; +use crate::tools::handlers::multi_agents_v2::InterruptAgentHandler; use crate::tools::handlers::multi_agents_v2::ListAgentsHandler as ListAgentsHandlerV2; use crate::tools::handlers::multi_agents_v2::SendMessageHandler as SendMessageHandlerV2; use crate::tools::handlers::multi_agents_v2::SpawnAgentHandler as SpawnAgentHandlerV2; @@ -23,6 +23,7 @@ use codex_model_provider::create_model_provider; use codex_model_provider_info::built_in_model_providers; use codex_protocol::AgentPath; use codex_protocol::ThreadId; +use codex_protocol::config_types::ApprovalsReviewer; use codex_protocol::config_types::ServiceTier; use codex_protocol::config_types::ShellEnvironmentPolicy; use codex_protocol::models::BaseInstructions; @@ -177,6 +178,11 @@ struct ListedAgentResult { last_task_message: Option, } +#[derive(Debug, Deserialize)] +struct InterruptAgentResult { + previous_status: AgentStatus, +} + #[tokio::test] async fn handler_rejects_non_function_payloads() { let (session, turn) = make_session_and_context().await; @@ -1151,7 +1157,7 @@ async fn multi_agent_v2_spawn_returns_path_and_send_message_accepts_relative_pat turn.clone(), "spawn_agent", function_payload(json!({ - "message": "inspect this repo", + "message": "encrypted-spawn-message", "task_name": "test_process" })), )) @@ -1187,7 +1193,8 @@ async fn multi_agent_v2_spawn_returns_path_and_send_message_accepts_relative_pat if communication.author == AgentPath::root() && communication.recipient.as_str() == "/root/test_process" && communication.other_recipients.is_empty() - && communication.content == "inspect this repo" + && communication.content.is_empty() + && communication.encrypted_content.as_deref() == Some("encrypted-spawn-message") && communication.trigger_turn ) })); @@ -1199,7 +1206,7 @@ async fn multi_agent_v2_spawn_returns_path_and_send_message_accepts_relative_pat "send_message", function_payload(json!({ "target": "test_process", - "message": "continue" + "message": "encrypted-send-message" })), )) .await @@ -1213,7 +1220,8 @@ async fn multi_agent_v2_spawn_returns_path_and_send_message_accepts_relative_pat if communication.author == AgentPath::root() && communication.recipient.as_str() == "/root/test_process" && communication.other_recipients.is_empty() - && communication.content == "continue" + && communication.content.is_empty() + && communication.encrypted_content.as_deref() == Some("encrypted-send-message") && !communication.trigger_turn ) })); @@ -1395,7 +1403,7 @@ async fn multi_agent_v2_send_message_accepts_root_target_from_child() { "send_message", function_payload(json!({ "target": "/root", - "message": "done" + "message": "encrypted-done" })), )) .await @@ -1409,7 +1417,8 @@ async fn multi_agent_v2_send_message_accepts_root_target_from_child() { if communication.author == child_path && communication.recipient == AgentPath::root() && communication.other_recipients.is_empty() - && communication.content == "done" + && communication.content.is_empty() + && communication.encrypted_content.as_deref() == Some("encrypted-done") && !communication.trigger_turn ) })); @@ -1499,7 +1508,7 @@ async fn multi_agent_v2_followup_task_rejects_root_target_from_child() { } #[tokio::test] -async fn multi_agent_v2_list_agents_returns_completed_status_and_last_task_message() { +async fn multi_agent_v2_list_agents_returns_completed_status_without_encrypted_spawn_preview() { let (mut session, mut turn) = make_session_and_context().await; let manager = thread_manager(); let root = manager @@ -1585,10 +1594,7 @@ async fn multi_agent_v2_list_agents_returns_completed_status_and_last_task_messa .find(|agent| agent.agent_name == "/root/worker") .expect("worker agent should be listed"); assert_eq!(worker.agent_status, json!({"completed": "done"})); - assert_eq!( - worker.last_task_message.as_deref(), - Some("inspect this repo") - ); + assert_eq!(worker.last_task_message, None); assert_eq!(success, Some(true)); } @@ -1743,6 +1749,82 @@ async fn multi_agent_v2_list_agents_omits_closed_agents() { ); } +#[tokio::test] +async fn multi_agent_v2_list_agents_keeps_interrupted_resident_agents() { + let (mut session, mut turn) = make_session_and_context().await; + let manager = thread_manager(); + let root = manager + .start_thread((*turn.config).clone()) + .await + .expect("root thread should start"); + session.services.agent_control = manager.agent_control(); + session.thread_id = root.thread_id; + let mut config = (*turn.config).clone(); + let _ = config.features.enable(Feature::MultiAgentV2); + set_turn_config(&mut turn, config); + + let session = Arc::new(session); + let turn = Arc::new(turn); + let spawn_output = SpawnAgentHandlerV2::default() + .handle(invocation( + session.clone(), + turn.clone(), + "spawn_agent", + function_payload(json!({ + "message": "inspect this repo", + "task_name": "worker" + })), + )) + .await + .expect("spawn_agent should succeed"); + let _ = expect_text_output(spawn_output); + + let agent_id = session + .services + .agent_control + .resolve_agent_reference(session.thread_id, &turn.session_source, "worker") + .await + .expect("worker path should resolve"); + let agent_path = session + .services + .agent_control + .get_agent_metadata(agent_id) + .expect("worker metadata should exist") + .agent_path + .expect("worker path should exist"); + let interrupt_output = InterruptAgentHandler + .handle(invocation( + session.clone(), + turn.clone(), + "interrupt_agent", + function_payload(json!({"target": "worker"})), + )) + .await + .expect("interrupt_agent should succeed"); + let _ = expect_text_output(interrupt_output); + + let output = ListAgentsHandlerV2 + .handle(invocation( + session, + turn, + "list_agents", + function_payload(json!({})), + )) + .await + .expect("list_agents should succeed"); + let (content, _) = expect_text_output(output); + let result: ListAgentsResult = + serde_json::from_str(&content).expect("list_agents result should be json"); + + assert_eq!(result.agents.len(), 2); + assert_eq!(result.agents[0].agent_name, "/root"); + assert_eq!( + result.agents[0].last_task_message.as_deref(), + Some("Main thread") + ); + assert_eq!(result.agents[1].agent_name, agent_path.as_str()); +} + #[tokio::test] async fn multi_agent_v2_send_message_rejects_legacy_items_field() { let (mut session, mut turn) = make_session_and_context().await; @@ -1867,7 +1949,8 @@ async fn multi_agent_v2_send_message_rejects_interrupt_parameter() { if communication.author == AgentPath::root() && communication.recipient.as_str() == "/root/worker" && communication.other_recipients.is_empty() - && communication.content == "continue" + && communication.content.is_empty() + && communication.encrypted_content.as_deref() == Some("continue") && !communication.trigger_turn ))); } @@ -2248,6 +2331,9 @@ async fn spawn_agent_reapplies_runtime_sandbox_after_role_config() { turn.approval_policy .set(AskForApproval::OnRequest) .expect("approval policy should be set"); + let mut config = (*turn.config).clone(); + config.approvals_reviewer = ApprovalsReviewer::AutoReview; + set_turn_config(&mut turn, config); turn.permission_profile = expected_permission_profile.clone(); assert_ne!( expected_permission_profile, @@ -2287,6 +2373,7 @@ async fn spawn_agent_reapplies_runtime_sandbox_after_role_config() { .await; assert_eq!(snapshot.sandbox_policy(), expected_sandbox); assert_eq!(snapshot.approval_policy, AskForApproval::OnRequest); + assert_eq!(snapshot.approvals_reviewer, ApprovalsReviewer::AutoReview); assert_eq!(snapshot.permission_profile, expected_permission_profile); let child_thread = manager .get_thread(agent_id) @@ -2588,7 +2675,6 @@ async fn send_input_accepts_structured_items() { .expect("send_input should succeed"); let expected = Op::UserInput { - environments: None, items: vec![ UserInput::Mention { name: "drive".to_string(), @@ -3697,7 +3783,7 @@ async fn multi_agent_v2_wait_agent_does_not_return_completed_content() { } #[tokio::test] -async fn multi_agent_v2_close_agent_accepts_task_name_target() { +async fn multi_agent_v2_interrupt_agent_accepts_task_name_target() { let (mut session, mut turn) = make_session_and_context().await; let manager = thread_manager(); let root = manager @@ -3734,29 +3820,77 @@ async fn multi_agent_v2_close_agent_accepts_task_name_target() { .resolve_agent_reference(session.thread_id, &turn.session_source, "worker") .await .expect("worker path should resolve"); + let worker_thread = manager + .get_thread(agent_id) + .await + .expect("worker thread should be resident"); + let worker_session = worker_thread.codex.session.clone(); + SpawnAgentHandlerV2::default() + .handle(invocation( + worker_session.clone(), + worker_session.new_default_turn().await, + "spawn_agent", + function_payload(json!({ + "message": "inspect a child task", + "task_name": "child" + })), + )) + .await + .expect("child spawn should succeed"); + let child_id = session + .services + .agent_control + .resolve_agent_reference(session.thread_id, &turn.session_source, "worker/child") + .await + .expect("child path should resolve"); - let output = CloseAgentHandlerV2 + let output = InterruptAgentHandler .handle(invocation( - session, - turn, - "close_agent", + session.clone(), + turn.clone(), + "interrupt_agent", function_payload(json!({"target": "worker"})), )) .await - .expect("close_agent should succeed for v2 task names"); + .expect("interrupt_agent should succeed for v2 task names"); let (content, success) = expect_text_output(output); - let result: close_agent::CloseAgentResult = - serde_json::from_str(&content).expect("close_agent result should be json"); + let result: InterruptAgentResult = + serde_json::from_str(&content).expect("interrupt_agent result should be json"); assert_ne!(result.previous_status, AgentStatus::NotFound); assert_eq!(success, Some(true)); assert_eq!( - manager.agent_control().get_status(agent_id).await, - AgentStatus::NotFound + session + .services + .agent_control + .resolve_agent_reference(session.thread_id, &turn.session_source, "worker") + .await + .expect("worker path should remain resolvable"), + agent_id + ); + manager + .get_thread(agent_id) + .await + .expect("worker should remain resident"); + manager + .get_thread(child_id) + .await + .expect("child should remain resident"); + let ops = manager.captured_ops(); + assert!( + ops.iter() + .any(|(thread_id, op)| *thread_id == agent_id && matches!(op, Op::Interrupt)) + ); + assert!(!ops.iter().any(|(thread_id, op)| { + (*thread_id == agent_id || *thread_id == child_id) && matches!(op, Op::Shutdown) + })); + assert!( + !ops.iter() + .any(|(thread_id, op)| *thread_id == child_id && matches!(op, Op::Interrupt)) ); } #[tokio::test] -async fn multi_agent_v2_close_agent_reaps_stale_task_name_target() { +async fn multi_agent_v2_interrupt_agent_accepts_unloaded_task_name_target() { let (mut session, mut turn) = make_session_and_context().await; let mut config = (*turn.config).clone(); config.multi_agent_v2.max_concurrent_threads_per_session = 2; @@ -3817,18 +3951,18 @@ async fn multi_agent_v2_close_agent_reaps_stale_task_name_target() { .expect("removed worker thread should still accept shutdown"); stale_thread.wait_until_terminated().await; - let output = CloseAgentHandlerV2 + let output = InterruptAgentHandler .handle(invocation( session.clone(), turn.clone(), - "close_agent", + "interrupt_agent", function_payload(json!({"target": "worker"})), )) .await - .expect("close_agent should reap stale v2 task names"); + .expect("interrupt_agent should accept unloaded v2 task names"); let (content, success) = expect_text_output(output); - let result: close_agent::CloseAgentResult = - serde_json::from_str(&content).expect("close_agent result should be json"); + let result: InterruptAgentResult = + serde_json::from_str(&content).expect("interrupt_agent result should be json"); assert_eq!(result.previous_status, AgentStatus::NotFound); assert_eq!(success, Some(true)); @@ -3839,7 +3973,7 @@ async fn multi_agent_v2_close_agent_reaps_stale_task_name_target() { ) .await .expect("open children should load"); - assert_eq!(open_children, Vec::::new()); + assert_eq!(open_children, vec![agent_id]); let closed_children = state_db .list_thread_spawn_children_with_status( root.thread_id, @@ -3847,36 +3981,26 @@ async fn multi_agent_v2_close_agent_reaps_stale_task_name_target() { ) .await .expect("closed children should load"); - assert_eq!(closed_children, vec![agent_id]); + assert_eq!(closed_children, Vec::::new()); - SpawnAgentHandlerV2::default() + let output = ListAgentsHandlerV2 .handle(invocation( session.clone(), turn.clone(), - "spawn_agent", - function_payload(json!({ - "message": "inspect this repo again", - "task_name": "replacement" - })), + "list_agents", + function_payload(json!({})), )) .await - .expect("spawn_agent should succeed after stale close releases the slot"); - let replacement_id = session - .services - .agent_control - .resolve_agent_reference(session.thread_id, &turn.session_source, "replacement") - .await - .expect("replacement path should resolve"); - let _ = session - .services - .agent_control - .shutdown_live_agent(replacement_id) - .await - .expect("replacement should shut down"); + .expect("list_agents should succeed"); + let (content, _) = expect_text_output(output); + let result: ListAgentsResult = + serde_json::from_str(&content).expect("list_agents result should be json"); + assert_eq!(result.agents.len(), 1); + assert_eq!(result.agents[0].agent_name, "/root"); } #[tokio::test] -async fn multi_agent_v2_close_agent_rejects_root_target_and_id() { +async fn multi_agent_v2_interrupt_agent_rejects_root_target_and_id() { let (mut session, mut turn) = make_session_and_context().await; let manager = thread_manager(); let root = manager @@ -3894,31 +4018,31 @@ async fn multi_agent_v2_close_agent_rejects_root_target_and_id() { let session = Arc::new(session); let turn = Arc::new(turn); - let root_path_error = CloseAgentHandlerV2 + let root_path_error = InterruptAgentHandler .handle(invocation( session.clone(), turn.clone(), - "close_agent", + "interrupt_agent", function_payload(json!({"target": "/root"})), )) .await .err() - .expect("close_agent should reject the root path"); + .expect("interrupt_agent should reject the root path"); assert_eq!( root_path_error, FunctionCallError::RespondToModel("root is not a spawned agent".to_string()) ); - let root_id_error = CloseAgentHandlerV2 + let root_id_error = InterruptAgentHandler .handle(invocation( session, turn, - "close_agent", + "interrupt_agent", function_payload(json!({"target": root.thread_id.to_string()})), )) .await .err() - .expect("close_agent should reject the root thread id"); + .expect("interrupt_agent should reject the root thread id"); assert_eq!( root_id_error, FunctionCallError::RespondToModel("root is not a spawned agent".to_string()) @@ -3926,7 +4050,7 @@ async fn multi_agent_v2_close_agent_rejects_root_target_and_id() { } #[tokio::test] -async fn multi_agent_v2_close_agent_rejects_self_target_by_id() { +async fn multi_agent_v2_interrupt_agent_rejects_self_target_by_id() { let (mut session, mut turn) = make_session_and_context().await; let manager = thread_manager(); let mut config = (*turn.config).clone(); @@ -3974,27 +4098,27 @@ async fn multi_agent_v2_close_agent_rejects_self_target_by_id() { agent_role: None, }); - let err = CloseAgentHandlerV2 + let err = InterruptAgentHandler .handle(invocation( Arc::new(session), Arc::new(turn), - "close_agent", + "interrupt_agent", function_payload(json!({"target": child_thread_id.to_string()})), )) .await .err() - .expect("close_agent should reject self-target by id"); + .expect("interrupt_agent should reject self-target by id"); assert_eq!( err, FunctionCallError::RespondToModel( - "an agent cannot close itself; return your result and let the parent close you if needed" + "an agent cannot interrupt itself; return your result and let the parent interrupt you if needed" .to_string() ) ); } #[tokio::test] -async fn multi_agent_v2_close_agent_rejects_self_target_by_task_name() { +async fn multi_agent_v2_interrupt_agent_rejects_self_target_by_task_name() { let (mut session, mut turn) = make_session_and_context().await; let manager = thread_manager(); let mut config = (*turn.config).clone(); @@ -4042,20 +4166,20 @@ async fn multi_agent_v2_close_agent_rejects_self_target_by_task_name() { agent_role: None, }); - let err = CloseAgentHandlerV2 + let err = InterruptAgentHandler .handle(invocation( Arc::new(session), Arc::new(turn), - "close_agent", + "interrupt_agent", function_payload(json!({"target": child_path.to_string()})), )) .await .err() - .expect("close_agent should reject self-target by task name"); + .expect("interrupt_agent should reject self-target by task name"); assert_eq!( err, FunctionCallError::RespondToModel( - "an agent cannot close itself; return your result and let the parent close you if needed" + "an agent cannot interrupt itself; return your result and let the parent interrupt you if needed" .to_string() ) ); @@ -4116,6 +4240,7 @@ async fn tool_handlers_cascade_close_and_resume_and_keep_explicitly_closed_subtr SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(crate::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, state_db.clone()), state_db.clone(), @@ -4373,7 +4498,7 @@ async fn build_agent_spawn_config_uses_turn_context_values() { expected.base_instructions = Some(base_instructions.text); expected.model = Some(turn.model_info.slug.clone()); expected.model_provider = turn.provider.info().clone(); - expected.model_reasoning_effort = turn.reasoning_effort; + expected.model_reasoning_effort = turn.reasoning_effort.clone(); expected.model_reasoning_summary = Some(turn.reasoning_summary); expected.developer_instructions = turn.developer_instructions.clone(); expected.compact_prompt = turn.compact_prompt.clone(); @@ -4395,22 +4520,6 @@ async fn build_agent_spawn_config_uses_turn_context_values() { assert_eq!(config, expected); } -#[tokio::test] -async fn build_agent_spawn_config_preserves_base_user_instructions() { - let (_session, mut turn) = make_session_and_context().await; - let mut base_config = (*turn.config).clone(); - base_config.user_instructions = Some("base-user".to_string()); - turn.user_instructions = Some("resolved-user".to_string()); - turn.config = Arc::new(base_config.clone()); - let base_instructions = BaseInstructions { - text: "base".to_string(), - }; - - let config = build_agent_spawn_config(&base_instructions, &turn).expect("spawn config"); - - assert_eq!(config.user_instructions, base_config.user_instructions); -} - #[tokio::test] async fn build_agent_resume_config_clears_base_instructions() { let (_session, mut turn) = make_session_and_context().await; @@ -4427,7 +4536,7 @@ async fn build_agent_resume_config_clears_base_instructions() { expected.base_instructions = None; expected.model = Some(turn.model_info.slug.clone()); expected.model_provider = turn.provider.info().clone(); - expected.model_reasoning_effort = turn.reasoning_effort; + expected.model_reasoning_effort = turn.reasoning_effort.clone(); expected.model_reasoning_summary = Some(turn.reasoning_summary); expected.developer_instructions = turn.developer_instructions.clone(); expected.compact_prompt = turn.compact_prompt.clone(); diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2.rs index 068f393379f..cae3497a131 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2.rs @@ -14,31 +14,42 @@ use crate::tools::registry::ToolExecutor; use codex_protocol::AgentPath; use codex_protocol::models::ResponseInputItem; use codex_protocol::openai_models::ReasoningEffort; -use codex_protocol::protocol::CollabAgentInteractionBeginEvent; -use codex_protocol::protocol::CollabAgentInteractionEndEvent; -use codex_protocol::protocol::CollabAgentSpawnBeginEvent; -use codex_protocol::protocol::CollabAgentSpawnEndEvent; -use codex_protocol::protocol::CollabCloseBeginEvent; -use codex_protocol::protocol::CollabCloseEndEvent; use codex_protocol::protocol::CollabWaitingBeginEvent; use codex_protocol::protocol::CollabWaitingEndEvent; +use codex_protocol::protocol::InterAgentCommunication; +use codex_protocol::protocol::SubAgentActivityEvent; +use codex_protocol::protocol::SubAgentActivityKind; use codex_protocol::user_input::UserInput; use codex_tools::ToolName; use serde::Deserialize; use serde::Serialize; use serde_json::Value as JsonValue; -pub(crate) use close_agent::Handler as CloseAgentHandler; pub(crate) use followup_task::Handler as FollowupTaskHandler; +pub(crate) use interrupt_agent::Handler as InterruptAgentHandler; pub(crate) use list_agents::Handler as ListAgentsHandler; pub(crate) use send_message::Handler as SendMessageHandler; pub(crate) use spawn::Handler as SpawnAgentHandler; pub(crate) use wait::Handler as WaitAgentHandler; -mod close_agent; mod followup_task; +mod interrupt_agent; mod list_agents; mod message_tool; mod send_message; mod spawn; pub(crate) mod wait; + +pub(super) fn communication_from_tool_message( + author: AgentPath, + recipient: AgentPath, + message: String, +) -> InterAgentCommunication { + InterAgentCommunication::new_encrypted( + author, + recipient, + Vec::new(), + message, + /*trigger_turn*/ true, + ) +} diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/close_agent.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/close_agent.rs deleted file mode 100644 index 7b3f8d776e2..00000000000 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/close_agent.rs +++ /dev/null @@ -1,162 +0,0 @@ -use super::*; -use crate::tools::handlers::multi_agents_spec::create_close_agent_tool_v2; -use crate::turn_timing::now_unix_timestamp_ms; -use codex_protocol::error::CodexErr; -use codex_tools::ToolSpec; - -pub(crate) struct Handler; - -#[async_trait::async_trait] -impl ToolExecutor for Handler { - fn tool_name(&self) -> ToolName { - ToolName::plain("close_agent") - } - - fn spec(&self) -> ToolSpec { - create_close_agent_tool_v2() - } - - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - handle_close_agent(invocation).await.map(boxed_tool_output) - } -} - -async fn handle_close_agent( - invocation: ToolInvocation, -) -> Result { - let ToolInvocation { - session, - turn, - payload, - call_id, - .. - } = invocation; - let arguments = function_arguments(payload)?; - let args: CloseAgentArgs = parse_arguments(&arguments)?; - let agent_id = resolve_agent_target(&session, &turn, &args.target).await?; - let receiver_agent = session.services.agent_control.get_agent_metadata(agent_id); - let known_agent = receiver_agent.is_some(); - let receiver_agent = receiver_agent.unwrap_or_default(); - if receiver_agent - .agent_path - .as_ref() - .is_some_and(AgentPath::is_root) - { - return Err(FunctionCallError::RespondToModel( - "root is not a spawned agent".to_string(), - )); - } - if agent_id == session.thread_id { - return Err(FunctionCallError::RespondToModel( - "an agent cannot close itself; return your result and let the parent close you if needed" - .to_string(), - )); - } - session - .send_event( - &turn, - CollabCloseBeginEvent { - call_id: call_id.clone(), - started_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - receiver_thread_id: agent_id, - } - .into(), - ) - .await; - let status = match session - .services - .agent_control - .subscribe_status(agent_id) - .await - { - Ok(mut status_rx) => status_rx.borrow_and_update().clone(), - Err(CodexErr::ThreadNotFound(_)) if known_agent => { - session.services.agent_control.get_status(agent_id).await - } - Err(err) => { - let status = session.services.agent_control.get_status(agent_id).await; - session - .send_event( - &turn, - CollabCloseEndEvent { - call_id: call_id.clone(), - completed_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - receiver_thread_id: agent_id, - receiver_agent_nickname: receiver_agent.agent_nickname.clone(), - receiver_agent_role: receiver_agent.agent_role.clone(), - status, - } - .into(), - ) - .await; - return Err(collab_agent_error(agent_id, err)); - } - }; - let result = session - .services - .agent_control - .close_agent(agent_id) - .await - .map_err(|err| collab_agent_error(agent_id, err)) - .map(|_| ()); - session - .send_event( - &turn, - CollabCloseEndEvent { - call_id, - completed_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - receiver_thread_id: agent_id, - receiver_agent_nickname: receiver_agent.agent_nickname, - receiver_agent_role: receiver_agent.agent_role, - status: status.clone(), - } - .into(), - ) - .await; - result?; - - Ok(CloseAgentResult { - previous_status: status, - }) -} - -impl CoreToolRuntime for Handler { - fn matches_kind(&self, payload: &ToolPayload) -> bool { - matches!(payload, ToolPayload::Function { .. }) - } -} - -#[derive(Debug, Deserialize)] -#[serde(deny_unknown_fields)] -struct CloseAgentArgs { - target: String, -} - -#[derive(Debug, Deserialize, Serialize)] -pub(crate) struct CloseAgentResult { - pub(crate) previous_status: AgentStatus, -} - -impl ToolOutput for CloseAgentResult { - fn log_preview(&self) -> String { - tool_output_json_text(self, "close_agent") - } - - fn success_for_logging(&self) -> bool { - true - } - - fn to_response_item(&self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem { - tool_output_response_item(call_id, payload, self, Some(true), "close_agent") - } - - fn code_mode_result(&self, _payload: &ToolPayload) -> JsonValue { - tool_output_code_mode_result(self, "close_agent") - } -} diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/followup_task.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/followup_task.rs index 2fe09f5f217..bd4dafe7c26 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/followup_task.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/followup_task.rs @@ -7,7 +7,6 @@ use codex_tools::ToolSpec; pub(crate) struct Handler; -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::plain("followup_task") @@ -17,7 +16,13 @@ impl ToolExecutor for Handler { create_followup_task_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl Handler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/interrupt_agent.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/interrupt_agent.rs new file mode 100644 index 00000000000..aeed055b4ef --- /dev/null +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/interrupt_agent.rs @@ -0,0 +1,126 @@ +use super::*; +use crate::tools::handlers::multi_agents_spec::create_interrupt_agent_tool_v2; +use crate::turn_timing::now_unix_timestamp_ms; +use codex_protocol::error::CodexErr; +use codex_tools::ToolSpec; + +pub(crate) struct Handler; + +impl ToolExecutor for Handler { + fn tool_name(&self) -> ToolName { + ToolName::plain("interrupt_agent") + } + + fn spec(&self) -> ToolSpec { + create_interrupt_agent_tool_v2() + } + + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { + handle_interrupt_agent(invocation) + .await + .map(boxed_tool_output) + }) + } +} + +async fn handle_interrupt_agent( + invocation: ToolInvocation, +) -> Result { + let ToolInvocation { + session, + turn, + payload, + call_id, + .. + } = invocation; + let arguments = function_arguments(payload)?; + let args: InterruptAgentArgs = parse_arguments(&arguments)?; + let agent_id = resolve_agent_target(&session, &turn, &args.target).await?; + let receiver_agent = session + .services + .agent_control + .ensure_agent_known(agent_id) + .map_err(|err| collab_agent_error(agent_id, err))?; + if receiver_agent + .agent_path + .as_ref() + .is_some_and(AgentPath::is_root) + { + return Err(FunctionCallError::RespondToModel( + "root is not a spawned agent".to_string(), + )); + } + if agent_id == session.thread_id { + return Err(FunctionCallError::RespondToModel( + "an agent cannot interrupt itself; return your result and let the parent interrupt you if needed" + .to_string(), + )); + } + let receiver_agent_path = receiver_agent.agent_path.clone().ok_or_else(|| { + FunctionCallError::RespondToModel("target agent is missing an agent_path".to_string()) + })?; + let status = session.services.agent_control.get_status(agent_id).await; + let result = match session + .services + .agent_control + .interrupt_agent(agent_id) + .await + { + Ok(_) | Err(CodexErr::ThreadNotFound(_)) | Err(CodexErr::InternalAgentDied) => Ok(()), + Err(err) => Err(collab_agent_error(agent_id, err)), + }; + result?; + session + .send_event( + &turn, + SubAgentActivityEvent { + event_id: call_id, + occurred_at_ms: now_unix_timestamp_ms(), + agent_thread_id: agent_id, + agent_path: receiver_agent_path, + kind: SubAgentActivityKind::Interrupted, + } + .into(), + ) + .await; + + Ok(InterruptAgentResult { + previous_status: status, + }) +} + +impl CoreToolRuntime for Handler { + fn matches_kind(&self, payload: &ToolPayload) -> bool { + matches!(payload, ToolPayload::Function { .. }) + } +} + +#[derive(Debug, Deserialize)] +#[serde(deny_unknown_fields)] +struct InterruptAgentArgs { + target: String, +} + +#[derive(Debug, Deserialize, Serialize)] +pub(crate) struct InterruptAgentResult { + pub(crate) previous_status: AgentStatus, +} + +impl ToolOutput for InterruptAgentResult { + fn log_preview(&self) -> String { + tool_output_json_text(self, "interrupt_agent") + } + + fn success_for_logging(&self) -> bool { + true + } + + fn to_response_item(&self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem { + tool_output_response_item(call_id, payload, self, Some(true), "interrupt_agent") + } + + fn code_mode_result(&self, _payload: &ToolPayload) -> JsonValue { + tool_output_code_mode_result(self, "interrupt_agent") + } +} diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/list_agents.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/list_agents.rs index 46b29bdf10c..99e54e1ce91 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/list_agents.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/list_agents.rs @@ -5,7 +5,6 @@ use codex_tools::ToolSpec; pub(crate) struct Handler; -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::plain("list_agents") @@ -15,7 +14,13 @@ impl ToolExecutor for Handler { create_list_agents_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl Handler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/message_tool.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/message_tool.rs index 258d80c85b2..7fdb80e8bcb 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/message_tool.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/message_tool.rs @@ -1,4 +1,4 @@ -//! Shared argument parsing and dispatch for the v2 text-only agent messaging tools. +//! Shared argument parsing and dispatch for the v2 agent messaging tools. //! //! `send_message` and `followup_task` share the same submission path and differ only in whether the //! resulting `InterAgentCommunication` should wake the target immediately. @@ -55,14 +55,14 @@ fn message_content(message: String) -> Result { Ok(message) } -/// Handles the shared MultiAgentV2 plain-text message flow for both `send_message` and `followup_task`. +/// Handles the shared MultiAgentV2 message flow for both `send_message` and `followup_task`. pub(crate) async fn handle_message_string_tool( invocation: ToolInvocation, mode: MessageDeliveryMode, target: String, message: String, ) -> Result { - let prompt = message_content(message)?; + let message = message_content(message)?; let ToolInvocation { session, turn, @@ -73,8 +73,8 @@ pub(crate) async fn handle_message_string_tool( let receiver_agent = session .services .agent_control - .get_agent_metadata(receiver_thread_id) - .unwrap_or_default(); + .ensure_agent_known(receiver_thread_id) + .map_err(|err| collab_agent_error(receiver_thread_id, err))?; if mode == MessageDeliveryMode::TriggerTurn && receiver_agent .agent_path @@ -85,59 +85,42 @@ pub(crate) async fn handle_message_string_tool( "Follow-up tasks can't target the root agent".to_string(), )); } - session - .send_event( - &turn, - CollabAgentInteractionBeginEvent { - call_id: call_id.clone(), - started_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - receiver_thread_id, - prompt: prompt.clone(), - } - .into(), - ) - .await; let receiver_agent_path = receiver_agent.agent_path.clone().ok_or_else(|| { FunctionCallError::RespondToModel("target agent is missing an agent_path".to_string()) })?; - let communication = InterAgentCommunication::new( - turn.session_source - .get_agent_path() - .unwrap_or_else(AgentPath::root), - receiver_agent_path, - Vec::new(), - prompt.clone(), - /*trigger_turn*/ true, - ); + let resume_config = build_agent_resume_config(turn.as_ref())?; + session + .services + .agent_control + .ensure_v2_agent_loaded(resume_config, receiver_thread_id) + .await + .map_err(|err| collab_agent_error(receiver_thread_id, err))?; + let author = turn + .session_source + .get_agent_path() + .unwrap_or_else(AgentPath::root); + let communication = + communication_from_tool_message(author, receiver_agent_path.clone(), message); let result = session .services .agent_control .send_inter_agent_communication(receiver_thread_id, mode.apply(communication)) .await .map_err(|err| collab_agent_error(receiver_thread_id, err)); - let status = session - .services - .agent_control - .get_status(receiver_thread_id) - .await; + result?; session .send_event( &turn, - CollabAgentInteractionEndEvent { - call_id, - completed_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - receiver_thread_id, - receiver_agent_nickname: receiver_agent.agent_nickname, - receiver_agent_role: receiver_agent.agent_role, - prompt, - status, + SubAgentActivityEvent { + event_id: call_id, + occurred_at_ms: now_unix_timestamp_ms(), + agent_thread_id: receiver_thread_id, + agent_path: receiver_agent_path, + kind: SubAgentActivityKind::Interacted, } .into(), ) .await; - result?; Ok(FunctionToolOutput::from_text(String::new(), Some(true))) } diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/send_message.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/send_message.rs index a8e3605840e..717e3bc9203 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/send_message.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/send_message.rs @@ -7,7 +7,6 @@ use codex_tools::ToolSpec; pub(crate) struct Handler; -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::plain("send_message") @@ -17,7 +16,13 @@ impl ToolExecutor for Handler { create_send_message_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl Handler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/spawn.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/spawn.rs index d0fb6c515e5..2186a4a6d60 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/spawn.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/spawn.rs @@ -1,7 +1,6 @@ use super::*; use crate::agent::control::SpawnAgentForkMode; use crate::agent::control::SpawnAgentOptions; -use crate::agent::control::render_input_preview; use crate::agent::next_thread_spawn_depth; use crate::agent::role::DEFAULT_ROLE_NAME; use crate::agent::role::apply_role_to_config; @@ -9,7 +8,6 @@ use crate::tools::handlers::multi_agents_spec::SpawnAgentToolOptions; use crate::tools::handlers::multi_agents_spec::create_spawn_agent_tool_v2; use crate::turn_timing::now_unix_timestamp_ms; use codex_protocol::AgentPath; -use codex_protocol::protocol::InterAgentCommunication; use codex_protocol::protocol::Op; use codex_tools::ToolSpec; @@ -24,7 +22,6 @@ impl Handler { } } -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::plain("spawn_agent") @@ -34,11 +31,8 @@ impl ToolExecutor for Handler { create_spawn_agent_tool_v2(self.options.clone()) } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - handle_spawn_agent(invocation).await.map(boxed_tool_output) + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { handle_spawn_agent(invocation).await.map(boxed_tool_output) }) } } @@ -61,39 +55,28 @@ async fn handle_spawn_agent( .map(str::trim) .filter(|role| !role.is_empty()); + let message = args.message.clone(); let initial_operation = parse_collab_input(Some(args.message), /*items*/ None)?; - let prompt = render_input_preview(&initial_operation); - let session_source = turn.session_source.clone(); let child_depth = next_thread_spawn_depth(&session_source); - session - .send_event( - &turn, - CollabAgentSpawnBeginEvent { - call_id: call_id.clone(), - started_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - prompt: prompt.clone(), - model: args.model.clone().unwrap_or_default(), - reasoning_effort: args.reasoning_effort.unwrap_or_default(), - } - .into(), - ) - .await; let mut config = build_agent_spawn_config(&session.get_base_instructions().await, turn.as_ref())?; if let Some(service_tier) = args.service_tier.as_ref() { config.service_tier = Some(service_tier.clone()); } if matches!(fork_mode, Some(SpawnAgentForkMode::FullHistory)) { - reject_full_fork_spawn_overrides(role_name, args.model.as_deref(), args.reasoning_effort)?; + reject_full_fork_spawn_overrides( + role_name, + args.model.as_deref(), + args.reasoning_effort.clone(), + )?; } else { apply_requested_spawn_agent_model_overrides( &session, turn.as_ref(), &mut config, args.model.as_deref(), - args.reasoning_effort, + args.reasoning_effort.clone(), ) .await?; apply_role_to_config(&mut config, role_name) @@ -116,28 +99,29 @@ async fn handle_spawn_agent( role_name, Some(args.task_name.clone()), )?; - let result = Box::pin( + let new_agent_path = spawn_source.get_agent_path().ok_or_else(|| { + FunctionCallError::RespondToModel( + "spawned agent is missing a canonical task name".to_string(), + ) + })?; + let spawned_agent = Box::pin( session.services.agent_control.spawn_agent_with_metadata( config, - match (spawn_source.get_agent_path(), initial_operation) { - (Some(recipient), Op::UserInput { items, .. }) + match initial_operation { + Op::UserInput { items, .. } if items .iter() .all(|item| matches!(item, UserInput::Text { .. })) => { - Op::InterAgentCommunication { - communication: InterAgentCommunication::new( - turn.session_source - .get_agent_path() - .unwrap_or_else(AgentPath::root), - recipient, - Vec::new(), - prompt.clone(), - /*trigger_turn*/ true, - ), - } + let author = turn + .session_source + .get_agent_path() + .unwrap_or_else(AgentPath::root); + let communication = + communication_from_tool_message(author, new_agent_path.clone(), message); + Op::InterAgentCommunication { communication } } - (_, initial_operation) => initial_operation, + initial_operation => initial_operation, }, Some(spawn_source), SpawnAgentOptions { @@ -149,78 +133,37 @@ async fn handle_spawn_agent( ), ) .await - .map_err(collab_spawn_error); - let (new_thread_id, new_agent_metadata, status) = match &result { - Ok(spawned_agent) => ( - Some(spawned_agent.thread_id), - Some(spawned_agent.metadata.clone()), - spawned_agent.status.clone(), - ), - Err(_) => (None, None, AgentStatus::NotFound), - }; - let agent_snapshot = match new_thread_id { - Some(thread_id) => { - session - .services - .agent_control - .get_agent_config_snapshot(thread_id) - .await - } - None => None, - }; - let (new_agent_path, new_agent_nickname, new_agent_role) = - match (&agent_snapshot, new_agent_metadata) { - (Some(snapshot), _) => ( - snapshot.session_source.get_agent_path().map(String::from), - snapshot.session_source.get_nickname(), - snapshot.session_source.get_agent_role(), - ), - (None, Some(metadata)) => ( - metadata.agent_path.map(String::from), - metadata.agent_nickname, - metadata.agent_role, - ), - (None, None) => (None, None, None), - }; - let effective_model = agent_snapshot - .as_ref() - .map(|snapshot| snapshot.model.clone()) - .unwrap_or_else(|| args.model.clone().unwrap_or_default()); - let effective_reasoning_effort = agent_snapshot + .map_err(collab_spawn_error)?; + let new_thread_id = spawned_agent.thread_id; + let agent_snapshot = session + .services + .agent_control + .get_agent_config_snapshot(new_thread_id) + .await; + let nickname = agent_snapshot .as_ref() - .and_then(|snapshot| snapshot.reasoning_effort) - .unwrap_or(args.reasoning_effort.unwrap_or_default()); - let nickname = new_agent_nickname.clone(); + .and_then(|snapshot| snapshot.session_source.get_nickname()) + .or(spawned_agent.metadata.agent_nickname); session .send_event( &turn, - CollabAgentSpawnEndEvent { - call_id, - completed_at_ms: now_unix_timestamp_ms(), - sender_thread_id: session.thread_id, - new_thread_id, - new_agent_nickname, - new_agent_role, - prompt, - model: effective_model, - reasoning_effort: effective_reasoning_effort, - status, + SubAgentActivityEvent { + event_id: call_id, + occurred_at_ms: now_unix_timestamp_ms(), + agent_thread_id: new_thread_id, + agent_path: new_agent_path.clone(), + kind: SubAgentActivityKind::Started, } .into(), ) .await; - let _ = result?; let role_tag = role_name.unwrap_or(DEFAULT_ROLE_NAME); turn.session_telemetry.counter( "codex.multi_agent.spawn", /*inc*/ 1, - &[("role", role_tag)], + &[("role", role_tag), ("version", "v2")], ); - let task_name = new_agent_path.ok_or_else(|| { - FunctionCallError::RespondToModel( - "spawned agent is missing a canonical task name".to_string(), - ) - })?; + let task_name = String::from(new_agent_path); let hide_agent_metadata = turn.config.multi_agent_v2.hide_spawn_agent_metadata; if hide_agent_metadata { diff --git a/codex-rs/core/src/tools/handlers/multi_agents_v2/wait.rs b/codex-rs/core/src/tools/handlers/multi_agents_v2/wait.rs index 5e37725b779..36e5aa24f68 100644 --- a/codex-rs/core/src/tools/handlers/multi_agents_v2/wait.rs +++ b/codex-rs/core/src/tools/handlers/multi_agents_v2/wait.rs @@ -19,7 +19,6 @@ impl Handler { } } -#[async_trait::async_trait] impl ToolExecutor for Handler { fn tool_name(&self) -> ToolName { ToolName::plain("wait_agent") @@ -29,7 +28,13 @@ impl ToolExecutor for Handler { create_wait_agent_tool_v2(self.options) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl Handler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/new_context_window.rs b/codex-rs/core/src/tools/handlers/new_context_window.rs new file mode 100644 index 00000000000..e1cd6563990 --- /dev/null +++ b/codex-rs/core/src/tools/handlers/new_context_window.rs @@ -0,0 +1,45 @@ +use crate::function_tool::FunctionCallError; +use crate::tools::context::FunctionToolOutput; +use crate::tools::context::ToolInvocation; +use crate::tools::context::ToolPayload; +use crate::tools::context::boxed_tool_output; +use crate::tools::handlers::new_context_window_spec::NEW_CONTEXT_WINDOW_TOOL_NAME; +use crate::tools::handlers::new_context_window_spec::create_new_context_window_tool; +use crate::tools::registry::CoreToolRuntime; +use crate::tools::registry::ToolExecutor; +use codex_tools::ToolName; +use codex_tools::ToolSpec; + +pub(crate) const NEW_CONTEXT_WINDOW_MESSAGE: &str = + "A new context window will start without summarizing conversation history."; + +pub struct NewContextWindowHandler; + +impl ToolExecutor for NewContextWindowHandler { + fn tool_name(&self) -> ToolName { + ToolName::plain(NEW_CONTEXT_WINDOW_TOOL_NAME) + } + + fn spec(&self) -> ToolSpec { + create_new_context_window_tool() + } + + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async move { + if !matches!(invocation.payload, ToolPayload::Function { .. }) { + return Err(FunctionCallError::RespondToModel( + "new_context handler received unsupported payload".to_string(), + )); + } + + invocation.session.request_new_context_window().await; + + Ok(boxed_tool_output(FunctionToolOutput::from_text( + NEW_CONTEXT_WINDOW_MESSAGE.to_string(), + Some(true), + ))) + }) + } +} + +impl CoreToolRuntime for NewContextWindowHandler {} diff --git a/codex-rs/core/src/tools/handlers/new_context_window_spec.rs b/codex-rs/core/src/tools/handlers/new_context_window_spec.rs new file mode 100644 index 00000000000..f58b66e589c --- /dev/null +++ b/codex-rs/core/src/tools/handlers/new_context_window_spec.rs @@ -0,0 +1,17 @@ +use codex_tools::JsonSchema; +use codex_tools::ResponsesApiTool; +use codex_tools::ToolSpec; +use std::collections::BTreeMap; + +pub(crate) const NEW_CONTEXT_WINDOW_TOOL_NAME: &str = "new_context"; + +pub fn create_new_context_window_tool() -> ToolSpec { + ToolSpec::Function(ResponsesApiTool { + name: NEW_CONTEXT_WINDOW_TOOL_NAME.to_string(), + description: "Start a new context window.".to_string(), + strict: false, + defer_loading: None, + parameters: JsonSchema::object(BTreeMap::new(), /*required*/ None, Some(false.into())), + output_schema: None, + }) +} diff --git a/codex-rs/core/src/tools/handlers/plan.rs b/codex-rs/core/src/tools/handlers/plan.rs index bd1060b3d79..1b30c281ce2 100644 --- a/codex-rs/core/src/tools/handlers/plan.rs +++ b/codex-rs/core/src/tools/handlers/plan.rs @@ -45,7 +45,6 @@ impl ToolOutput for PlanToolOutput { } } -#[async_trait::async_trait] impl ToolExecutor for PlanHandler { fn tool_name(&self) -> ToolName { ToolName::plain("update_plan") @@ -55,7 +54,13 @@ impl ToolExecutor for PlanHandler { create_update_plan_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl PlanHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/request_permissions.rs b/codex-rs/core/src/tools/handlers/request_permissions.rs index a20ff2b6654..4faf9d328b3 100644 --- a/codex-rs/core/src/tools/handlers/request_permissions.rs +++ b/codex-rs/core/src/tools/handlers/request_permissions.rs @@ -25,7 +25,6 @@ struct RequestPermissionsEnvironmentArgs { environment_id: Option, } -#[async_trait::async_trait] impl ToolExecutor for RequestPermissionsHandler { fn tool_name(&self) -> ToolName { ToolName::plain("request_permissions") @@ -35,7 +34,13 @@ impl ToolExecutor for RequestPermissionsHandler { create_request_permissions_tool(request_permissions_tool_description()) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl RequestPermissionsHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/request_plugin_install.rs b/codex-rs/core/src/tools/handlers/request_plugin_install.rs index 3f7bd92d25e..55906185abb 100644 --- a/codex-rs/core/src/tools/handlers/request_plugin_install.rs +++ b/codex-rs/core/src/tools/handlers/request_plugin_install.rs @@ -48,7 +48,6 @@ impl RequestPluginInstallHandler { } } -#[async_trait::async_trait] impl ToolExecutor for RequestPluginInstallHandler { fn tool_name(&self) -> ToolName { ToolName::plain(REQUEST_PLUGIN_INSTALL_TOOL_NAME) @@ -62,7 +61,13 @@ impl ToolExecutor for RequestPluginInstallHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl RequestPluginInstallHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -304,10 +309,6 @@ fn is_remote_plugin_install_suggestion(plugin_id: &str) -> bool { .is_some_and(|(_, marketplace_name)| marketplace_name == REMOTE_GLOBAL_MARKETPLACE_NAME) } -#[expect( - clippy::await_holding_invalid_type, - reason = "connector cache refresh reads through the session-owned manager guard" -)] async fn refresh_missing_requested_connectors( session: &crate::session::session::Session, turn: &crate::session::turn_context::TurnContext, @@ -319,7 +320,7 @@ async fn refresh_missing_requested_connectors( return Some(Vec::new()); } - let manager = session.services.mcp_connection_manager.read().await; + let manager = session.services.mcp_connection_manager.load_full(); let mcp_tools = manager.list_all_tools().await; let accessible_connectors = connectors::with_app_enabled_state( connectors::accessible_connectors_from_mcp_tools(&mcp_tools), @@ -358,7 +359,7 @@ fn verified_plugin_install_completed( ) -> bool { let plugins_input = config.plugins_config_input(); plugins_manager - .list_marketplaces_for_config(&plugins_input, &[]) + .list_marketplaces_for_config(&plugins_input, &[], /*include_openai_curated*/ true) .ok() .into_iter() .flat_map(|outcome| outcome.marketplaces) diff --git a/codex-rs/core/src/tools/handlers/request_plugin_install_tests.rs b/codex-rs/core/src/tools/handlers/request_plugin_install_tests.rs index 830e9d408ef..cacc25ff957 100644 --- a/codex-rs/core/src/tools/handlers/request_plugin_install_tests.rs +++ b/codex-rs/core/src/tools/handlers/request_plugin_install_tests.rs @@ -130,6 +130,7 @@ async fn persist_disabled_install_request_writes_plugin_config() { let codex_home = tempdir().expect("tempdir should succeed"); let tool = DiscoverableTool::Plugin(Box::new(DiscoverablePluginInfo { id: "slack@openai-curated".to_string(), + remote_plugin_id: None, name: "Slack".to_string(), description: None, has_skills: true, diff --git a/codex-rs/core/src/tools/handlers/request_user_input.rs b/codex-rs/core/src/tools/handlers/request_user_input.rs index 0aa4b4f6f84..4f26865a687 100644 --- a/codex-rs/core/src/tools/handlers/request_user_input.rs +++ b/codex-rs/core/src/tools/handlers/request_user_input.rs @@ -20,7 +20,6 @@ pub struct RequestUserInputHandler { pub available_modes: Vec, } -#[async_trait::async_trait] impl ToolExecutor for RequestUserInputHandler { fn tool_name(&self) -> ToolName { ToolName::plain(REQUEST_USER_INPUT_TOOL_NAME) @@ -30,7 +29,13 @@ impl ToolExecutor for RequestUserInputHandler { create_request_user_input_tool(request_user_input_tool_description(&self.available_modes)) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl RequestUserInputHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/shell.rs b/codex-rs/core/src/tools/handlers/shell.rs index 504653cf767..b978a2f577a 100644 --- a/codex-rs/core/src/tools/handlers/shell.rs +++ b/codex-rs/core/src/tools/handlers/shell.rs @@ -160,7 +160,6 @@ async fn run_exec_like(args: RunExecLikeArgs) -> Result Result for ShellCommandHandler { } } -#[async_trait::async_trait] impl ToolExecutor for ShellCommandHandler { fn tool_name(&self) -> ToolName { ToolName::plain("shell_command") @@ -141,7 +140,13 @@ impl ToolExecutor for ShellCommandHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ShellCommandHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -182,7 +187,7 @@ impl ToolExecutor for ShellCommandHandler { session.thread_id, turn.config.permissions.allow_login_shell, )?; - let shell_type = Some(session.user_shell().shell_type.clone()); + let shell_type = Some(session.user_shell().shell_type); run_exec_like(RunExecLikeArgs { tool_name, exec_params, diff --git a/codex-rs/core/src/tools/handlers/test_sync.rs b/codex-rs/core/src/tools/handlers/test_sync.rs index 0e5fe894ad1..08d983b6160 100644 --- a/codex-rs/core/src/tools/handlers/test_sync.rs +++ b/codex-rs/core/src/tools/handlers/test_sync.rs @@ -57,7 +57,6 @@ fn barrier_map() -> &'static tokio::sync::Mutex> { BARRIERS.get_or_init(|| tokio::sync::Mutex::new(HashMap::new())) } -#[async_trait::async_trait] impl ToolExecutor for TestSyncHandler { fn tool_name(&self) -> ToolName { ToolName::plain("test_sync_tool") @@ -71,7 +70,13 @@ impl ToolExecutor for TestSyncHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl TestSyncHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/tool_search.rs b/codex-rs/core/src/tools/handlers/tool_search.rs index 2de1e20dd40..9254f4bee07 100644 --- a/codex-rs/core/src/tools/handlers/tool_search.rs +++ b/codex-rs/core/src/tools/handlers/tool_search.rs @@ -53,7 +53,6 @@ impl ToolSearchHandler { } } -#[async_trait::async_trait] impl ToolExecutor for ToolSearchHandler { fn tool_name(&self) -> ToolName { ToolName::plain(TOOL_SEARCH_TOOL_NAME) @@ -67,7 +66,13 @@ impl ToolExecutor for ToolSearchHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ToolSearchHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/unified_exec.rs b/codex-rs/core/src/tools/handlers/unified_exec.rs index 6fa2e40685b..ca6b2a4b3e4 100644 --- a/codex-rs/core/src/tools/handlers/unified_exec.rs +++ b/codex-rs/core/src/tools/handlers/unified_exec.rs @@ -122,7 +122,7 @@ pub(crate) fn get_command( let shell = model_shell.as_ref().unwrap_or(session_shell.as_ref()); Ok(ResolvedCommand { command: shell.derive_exec_args(&args.cmd, use_login_shell), - shell_type: shell.shell_type.clone(), + shell_type: shell.shell_type, }) } UnifiedExecShellMode::ZshFork(zsh_fork_config) => { diff --git a/codex-rs/core/src/tools/handlers/unified_exec/exec_command.rs b/codex-rs/core/src/tools/handlers/unified_exec/exec_command.rs index ba69f0d0391..7c914deb4f5 100644 --- a/codex-rs/core/src/tools/handlers/unified_exec/exec_command.rs +++ b/codex-rs/core/src/tools/handlers/unified_exec/exec_command.rs @@ -71,7 +71,6 @@ impl ExecCommandHandler { } } -#[async_trait::async_trait] impl ToolExecutor for ExecCommandHandler { fn tool_name(&self) -> ToolName { ToolName::plain("exec_command") @@ -92,7 +91,13 @@ impl ToolExecutor for ExecCommandHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ExecCommandHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/unified_exec/write_stdin.rs b/codex-rs/core/src/tools/handlers/unified_exec/write_stdin.rs index a639ea00651..8ddce658402 100644 --- a/codex-rs/core/src/tools/handlers/unified_exec/write_stdin.rs +++ b/codex-rs/core/src/tools/handlers/unified_exec/write_stdin.rs @@ -31,7 +31,6 @@ struct WriteStdinArgs { pub struct WriteStdinHandler; -#[async_trait::async_trait] impl ToolExecutor for WriteStdinHandler { fn tool_name(&self) -> ToolName { ToolName::plain("write_stdin") @@ -41,7 +40,13 @@ impl ToolExecutor for WriteStdinHandler { create_write_stdin_tool() } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl WriteStdinHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { diff --git a/codex-rs/core/src/tools/handlers/view_image.rs b/codex-rs/core/src/tools/handlers/view_image.rs index 5a67db1a660..17708564bbf 100644 --- a/codex-rs/core/src/tools/handlers/view_image.rs +++ b/codex-rs/core/src/tools/handlers/view_image.rs @@ -1,3 +1,4 @@ +use codex_features::Feature; use codex_protocol::items::ImageViewItem; use codex_protocol::items::TurnItem; use codex_protocol::models::DEFAULT_IMAGE_DETAIL; @@ -8,6 +9,7 @@ use codex_protocol::models::ImageDetail; use codex_protocol::models::ResponseInputItem; use codex_protocol::openai_models::InputModality; use codex_utils_image::PromptImageMode; +use codex_utils_image::data_url_from_bytes; use codex_utils_image::load_for_prompt_bytes; use serde::Deserialize; @@ -25,6 +27,7 @@ use crate::tools::registry::CoreToolRuntime; use crate::tools::registry::ToolExecutor; use codex_tools::ToolName; use codex_tools::ToolSpec; +use codex_utils_path_uri::PathUri; pub struct ViewImageHandler { options: ViewImageToolOptions, @@ -64,7 +67,6 @@ enum ViewImageDetail { Original, } -#[async_trait::async_trait] impl ToolExecutor for ViewImageHandler { fn tool_name(&self) -> ToolName { ToolName::plain("view_image") @@ -78,7 +80,13 @@ impl ToolExecutor for ViewImageHandler { true } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } +} + +impl ViewImageHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -139,9 +147,15 @@ impl ToolExecutor for ViewImageHandler { let abs_path = cwd.join(path); let sandbox = turn.file_system_sandbox_context(/*additional_permissions*/ None, &cwd); let fs = turn_environment.environment.get_filesystem(); + let path_uri = PathUri::from_abs_path(&abs_path).map_err(|error| { + FunctionCallError::RespondToModel(format!( + "unable to locate image at `{}`: {error}", + abs_path.display() + )) + })?; let metadata = fs - .get_metadata(&abs_path, Some(&sandbox)) + .get_metadata(&path_uri, Some(&sandbox)) .await .map_err(|error| { FunctionCallError::RespondToModel(format!( @@ -157,7 +171,7 @@ impl ToolExecutor for ViewImageHandler { ))); } let file_bytes = fs - .read_file(&abs_path, Some(&sandbox)) + .read_file(&path_uri, Some(&sandbox)) .await .map_err(|error| { FunctionCallError::RespondToModel(format!( @@ -170,25 +184,30 @@ impl ToolExecutor for ViewImageHandler { let can_request_original_detail = can_request_original_image_detail(&turn.model_info); let use_original_detail = can_request_original_detail && matches!(detail, Some(ViewImageDetail::Original)); - let image_mode = if use_original_detail { - PromptImageMode::Original - } else { - PromptImageMode::ResizeToFit - }; let image_detail = if use_original_detail { ImageDetail::Original } else { DEFAULT_IMAGE_DETAIL }; - let image = - load_for_prompt_bytes(abs_path.as_path(), file_bytes, image_mode).map_err(|error| { - FunctionCallError::RespondToModel(format!( - "unable to process image at `{}`: {error}", - abs_path.display() - )) - })?; - let image_url = image.into_data_url(); + let image_url = if turn.features.enabled(Feature::ResizeAllImages) { + // The history insertion path owns image decoding and resizing when this is enabled. + data_url_from_bytes("application/octet-stream", &file_bytes) + } else { + let image_mode = if use_original_detail { + PromptImageMode::Original + } else { + PromptImageMode::ResizeToFit + }; + load_for_prompt_bytes(abs_path.as_path(), file_bytes, image_mode) + .map_err(|error| { + FunctionCallError::RespondToModel(format!( + "unable to process image at `{}`: {error}", + abs_path.display() + )) + })? + .into_data_url() + }; let item = TurnItem::ImageView(ImageViewItem { id: call_id, @@ -213,7 +232,7 @@ pub struct ViewImageOutput { impl ToolOutput for ViewImageOutput { fn log_preview(&self) -> String { - self.image_url.clone() + format!("", self.image_url.len()) } fn success_for_logging(&self) -> bool { @@ -259,6 +278,16 @@ mod tests { use std::sync::Arc; use tokio::sync::Mutex; + #[test] + fn log_preview_omits_image_data() { + let output = ViewImageOutput { + image_url: "data:image/png;base64,AAA".to_string(), + image_detail: DEFAULT_IMAGE_DETAIL, + }; + + assert_eq!(output.log_preview(), ""); + } + #[test] fn code_mode_result_returns_image_url_object() { let output = ViewImageOutput { diff --git a/codex-rs/core/src/tools/orchestrator.rs b/codex-rs/core/src/tools/orchestrator.rs index 235f8c4e96a..77cbffde328 100644 --- a/codex-rs/core/src/tools/orchestrator.rs +++ b/codex-rs/core/src/tools/orchestrator.rs @@ -39,6 +39,7 @@ use codex_protocol::protocol::NetworkPolicyRuleAction; use codex_protocol::protocol::ReviewDecision; use codex_sandboxing::SandboxManager; use codex_sandboxing::SandboxType; +use std::time::Instant; pub(crate) struct ToolOrchestrator { sandbox: SandboxManager, @@ -256,6 +257,7 @@ impl ToolOrchestrator { network_denial_cancellation_token: None, }; + let initial_attempt_start = Instant::now(); let (first_result, first_deferred_network_approval) = Self::run_attempt( tool, req, @@ -264,6 +266,7 @@ impl ToolOrchestrator { managed_network_active, ) .await; + let initial_duration = initial_attempt_start.elapsed(); match first_result { Ok(out) => { // We have a successful initial result @@ -284,12 +287,26 @@ impl ToolOrchestrator { None }; if network_policy_decision.is_some() && network_approval_context.is_none() { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + "denied", + initial_duration, + /*escalated_duration*/ None, + ); return Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output, network_policy_decision, }))); } if !tool.escalate_on_failure() { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + "denied", + initial_duration, + /*escalated_duration*/ None, + ); return Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output, network_policy_decision, @@ -312,6 +329,13 @@ impl ToolOrchestrator { ExecApprovalRequirement::NeedsApproval { .. } ); if !allow_on_request_network_prompt { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + "denied", + initial_duration, + /*escalated_duration*/ None, + ); return Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output, network_policy_decision, @@ -319,6 +343,13 @@ impl ToolOrchestrator { } } if !unsandboxed_allowed && network_approval_context.is_none() { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + "denied", + initial_duration, + /*escalated_duration*/ None, + ); return Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output, network_policy_decision, @@ -400,15 +431,51 @@ impl ToolOrchestrator { }; // Second attempt. + let escalated_attempt_start = Instant::now(); let (retry_result, retry_deferred_network_approval) = Self::run_attempt(tool, req, tool_ctx, &retry_attempt, managed_network_active) .await; - retry_result.map(|output| OrchestratorRunResult { - output, - deferred_network_approval: retry_deferred_network_approval, - }) + let escalated_duration = escalated_attempt_start.elapsed(); + match retry_result { + Ok(output) => { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + "escalated", + initial_duration, + Some(escalated_duration), + ); + Ok(OrchestratorRunResult { + output, + deferred_network_approval: retry_deferred_network_approval, + }) + } + Err(err) => { + if let Some(outcome) = sandbox_outcome_from_tool_error(&err) { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + outcome, + initial_duration, + Some(escalated_duration), + ); + } + Err(err) + } + } + } + Err(err) => { + if let Some(outcome) = sandbox_outcome_from_tool_error(&err) { + otel.sandbox_outcome( + &otel_tn, + otel_ci, + outcome, + initial_duration, + /*escalated_duration*/ None, + ); + } + Err(err) } - Err(err) => Err(err), } } @@ -509,6 +576,15 @@ impl ToolOrchestrator { } } +fn sandbox_outcome_from_tool_error(err: &ToolError) -> Option<&'static str> { + match err { + ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { .. })) => Some("denied"), + ToolError::Codex(CodexErr::Sandbox(SandboxErr::Timeout { .. })) => Some("timed_out"), + ToolError::Codex(CodexErr::Sandbox(SandboxErr::Signal(_))) => Some("signal"), + ToolError::Rejected(_) | ToolError::Codex(_) => None, + } +} + fn build_denial_reason_from_output(_output: &ExecToolCallOutput) -> String { // Keep approval reason terse and stable for UX/tests, but accept the // output so we can evolve heuristics later without touching call sites. diff --git a/codex-rs/core/src/tools/parallel.rs b/codex-rs/core/src/tools/parallel.rs index 7db1ec96436..c40886b56cb 100644 --- a/codex-rs/core/src/tools/parallel.rs +++ b/codex-rs/core/src/tools/parallel.rs @@ -257,7 +257,6 @@ mod tests { tool_name: codex_tools::ToolName, } - #[async_trait::async_trait] impl ToolExecutor for ImmediateHandler { fn tool_name(&self) -> codex_tools::ToolName { self.tool_name.clone() @@ -274,14 +273,13 @@ mod tests { }) } - async fn handle( - &self, - _invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - Ok(Box::new(FunctionToolOutput::from_text( - "ok".to_string(), - Some(true), - ))) + fn handle(&self, _invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async { + Ok( + Box::new(FunctionToolOutput::from_text("ok".to_string(), Some(true))) + as Box, + ) + }) } } @@ -294,7 +292,6 @@ mod tests { allow_cleanup: Arc, } - #[async_trait::async_trait] impl ToolExecutor for CancellationCleanupHandler { fn tool_name(&self) -> codex_tools::ToolName { self.tool_name.clone() @@ -311,7 +308,13 @@ mod tests { }) } - async fn handle( + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(invocation)) + } + } + + impl CancellationCleanupHandler { + async fn handle_call( &self, invocation: ToolInvocation, ) -> Result, FunctionCallError> { @@ -336,7 +339,7 @@ mod tests { Ok(Box::new(FunctionToolOutput::from_text( "cleanup complete".to_string(), Some(false), - ))) + )) as Box) } } diff --git a/codex-rs/core/src/tools/registry.rs b/codex-rs/core/src/tools/registry.rs index b2a0b7704ad..76e3f5f3414 100644 --- a/codex-rs/core/src/tools/registry.rs +++ b/codex-rs/core/src/tools/registry.rs @@ -5,7 +5,6 @@ use std::sync::atomic::Ordering; use std::time::Duration; use crate::function_tool::FunctionCallError; -use crate::goals::GoalRuntimeEvent; use crate::hook_runtime::PreToolUseHookResult; use crate::hook_runtime::record_additional_contexts; use crate::hook_runtime::run_post_tool_use_hooks; @@ -29,12 +28,12 @@ use codex_extension_api::ToolCallOutcome; use codex_protocol::models::FunctionCallOutputPayload; use codex_protocol::models::ResponseInputItem; use codex_protocol::protocol::EventMsg; +use codex_rollout::state_db; use codex_tools::ToolName; use codex_tools::ToolSearchInfo; use codex_tools::ToolSpec; use futures::future::BoxFuture; use serde_json::Value; -use tracing::warn; pub(crate) type ToolTelemetryTags = Vec<(&'static str, String)>; @@ -251,7 +250,6 @@ struct ExposureOverride { exposure: ToolExposure, } -#[async_trait::async_trait] impl ToolExecutor for ExposureOverride { fn tool_name(&self) -> ToolName { self.handler.tool_name() @@ -273,11 +271,8 @@ impl ToolExecutor for ExposureOverride { self.handler.search_info() } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - self.handler.handle(invocation).await + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + self.handler.handle(invocation) } } @@ -649,25 +644,13 @@ impl ToolRegistry { handler_executed: true, }, }; - let finished = notify_tool_finish_if_unclaimed( + notify_tool_finish_if_unclaimed( &invocation, terminal_outcome_reached.as_deref(), lifecycle_outcome, ) .await; - if finished - && let Err(err) = invocation - .session - .goal_runtime_apply(GoalRuntimeEvent::ToolCompleted { - turn_context: invocation.turn.as_ref(), - tool_name: tool_name.name.as_str(), - }) - .await - { - warn!("failed to account thread goal progress after tool call: {err}"); - } - match result { Ok(_) => { let mut guard = response_cell.lock().await; @@ -710,6 +693,16 @@ async fn handle_any_tool( let call_id = invocation.call_id.clone(); let payload = invocation.payload.clone(); let output = tool.handle(invocation.clone()).await?; + if output.contains_external_context() + && invocation.turn.config.memories.disable_on_external_context + { + state_db::mark_thread_memory_mode_polluted( + invocation.session.services.state_db.as_deref(), + invocation.session.thread_id, + "tool_output", + ) + .await; + } let post_tool_use_payload = CoreToolRuntime::post_tool_use_payload(tool, &invocation, output.as_ref()); Ok(AnyToolResult { diff --git a/codex-rs/core/src/tools/registry_tests.rs b/codex-rs/core/src/tools/registry_tests.rs index f2566251c58..67613f1d081 100644 --- a/codex-rs/core/src/tools/registry_tests.rs +++ b/codex-rs/core/src/tools/registry_tests.rs @@ -5,7 +5,6 @@ struct TestHandler { tool_name: codex_tools::ToolName, } -#[async_trait::async_trait] impl ToolExecutor for TestHandler { fn tool_name(&self) -> codex_tools::ToolName { self.tool_name.clone() @@ -15,13 +14,15 @@ impl ToolExecutor for TestHandler { test_spec(&self.tool_name) } - async fn handle( - &self, - _invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - Ok(Box::new( - crate::tools::context::FunctionToolOutput::from_text("ok".to_string(), Some(true)), - )) + fn handle(&self, _invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async { + Ok( + Box::new(crate::tools::context::FunctionToolOutput::from_text( + "ok".to_string(), + Some(true), + )) as Box, + ) + }) } } @@ -38,7 +39,6 @@ struct LifecycleTestHandler { result: LifecycleTestResult, } -#[async_trait::async_trait] impl ToolExecutor for LifecycleTestHandler { fn tool_name(&self) -> codex_tools::ToolName { self.tool_name.clone() @@ -48,9 +48,14 @@ impl ToolExecutor for LifecycleTestHandler { test_spec(&self.tool_name) } - async fn handle( + fn handle(&self, _invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call()) + } +} + +impl LifecycleTestHandler { + async fn handle_call( &self, - _invocation: ToolInvocation, ) -> Result, FunctionCallError> { match self.result.clone() { LifecycleTestResult::Ok { success } => Ok(Box::new( @@ -58,7 +63,8 @@ impl ToolExecutor for LifecycleTestHandler { "ok".to_string(), Some(success), ), - )), + ) + as Box), LifecycleTestResult::Err => Err(FunctionCallError::RespondToModel( "handler failed".to_string(), )), diff --git a/codex-rs/core/src/tools/router_tests.rs b/codex-rs/core/src/tools/router_tests.rs index cece7fc1713..4024cb61f73 100644 --- a/codex-rs/core/src/tools/router_tests.rs +++ b/codex-rs/core/src/tools/router_tests.rs @@ -44,7 +44,6 @@ impl codex_extension_api::ToolContributor for ExtensionEchoContributor { struct ExtensionEchoExecutor; -#[async_trait::async_trait] impl ToolExecutor for ExtensionEchoExecutor { fn tool_name(&self) -> ToolName { ToolName::namespaced("extension/", "echo") @@ -73,7 +72,13 @@ impl ToolExecutor for ExtensionEchoExecutor { }) } - async fn handle( + fn handle(&self, call: ExtensionToolCall) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl ExtensionEchoExecutor { + async fn handle_call( &self, call: ExtensionToolCall, ) -> Result, codex_tools::FunctionCallError> { @@ -84,7 +89,7 @@ impl ToolExecutor for ExtensionEchoExecutor { "callId": call.call_id, "conversationHistory": call.conversation_history.items(), "ok": true, - })))) + }))) as Box) } } @@ -95,17 +100,12 @@ fn extension_tool_test_registry() -> Arc> { } #[tokio::test] -#[expect( - clippy::await_holding_invalid_type, - reason = "test builds a router from session-owned MCP manager state" -)] async fn parallel_support_does_not_match_namespaced_local_tool_names() -> anyhow::Result<()> { let (session, turn) = make_session_and_context().await; let mcp_tools = session .services .mcp_connection_manager - .read() - .await + .load_full() .list_all_tools() .await; let router = ToolRouter::from_turn_context( diff --git a/codex-rs/core/src/tools/runtimes/mod_tests.rs b/codex-rs/core/src/tools/runtimes/mod_tests.rs index 011da46b3d4..99cece3e920 100644 --- a/codex-rs/core/src/tools/runtimes/mod_tests.rs +++ b/codex-rs/core/src/tools/runtimes/mod_tests.rs @@ -10,6 +10,7 @@ use crate::tools::sandboxing::managed_network_for_sandbox_permissions; use codex_network_proxy::CODEX_PROXY_GIT_SSH_COMMAND_MARKER; use codex_network_proxy::CUSTOM_CA_ENV_KEYS; use codex_network_proxy::ConfigReloader; +use codex_network_proxy::ConfigReloaderFuture; use codex_network_proxy::ConfigState; use codex_network_proxy::NetworkProxy; use codex_network_proxy::NetworkProxyConfig; @@ -35,18 +36,17 @@ use tokio::sync::watch; struct StaticReloader; -#[async_trait::async_trait] impl ConfigReloader for StaticReloader { fn source_label(&self) -> String { "test config state".to_string() } - async fn maybe_reload(&self) -> anyhow::Result> { - Ok(None) + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(async { Ok(None) }) } - async fn reload_now(&self) -> anyhow::Result { - Err(anyhow::anyhow!("force reload is not supported in tests")) + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(async { Err(anyhow::anyhow!("force reload is not supported in tests")) }) } } diff --git a/codex-rs/core/src/tools/runtimes/shell/unix_escalation.rs b/codex-rs/core/src/tools/runtimes/shell/unix_escalation.rs index 2017718f7da..960e1d3943a 100644 --- a/codex-rs/core/src/tools/runtimes/shell/unix_escalation.rs +++ b/codex-rs/core/src/tools/runtimes/shell/unix_escalation.rs @@ -56,16 +56,17 @@ use codex_shell_escalation::EscalationDecision; use codex_shell_escalation::EscalationExecution; use codex_shell_escalation::EscalationPermissions; use codex_shell_escalation::EscalationPolicy; +use codex_shell_escalation::EscalationPolicyFuture; use codex_shell_escalation::EscalationSession; use codex_shell_escalation::ExecParams; use codex_shell_escalation::ExecResult; use codex_shell_escalation::PreparedExec; use codex_shell_escalation::ResolvedPermissionProfile; use codex_shell_escalation::ShellCommandExecutor; +use codex_shell_escalation::ShellCommandExecutorFuture; use codex_shell_escalation::Stopwatch; use codex_utils_absolute_path::AbsolutePathBuf; use std::collections::HashMap; -use std::path::Path; use std::path::PathBuf; use std::sync::Arc; use std::time::Duration; @@ -224,7 +225,6 @@ pub(super) async fn try_run_zsh_fork( approval_policy: ctx.turn.approval_policy.value(), permission_profile: command_executor.permission_profile.clone(), file_system_sandbox_policy: command_executor.file_system_sandbox_policy.clone(), - sandbox_policy_cwd: command_executor.sandbox_policy_cwd.clone(), sandbox_permissions: req.sandbox_permissions, approval_sandbox_permissions, prompt_permissions: req.additional_permissions.clone(), @@ -297,7 +297,6 @@ pub(crate) async fn prepare_unified_exec_zsh_fork( approval_policy: ctx.turn.approval_policy.value(), permission_profile: exec_request.permission_profile.clone(), file_system_sandbox_policy: exec_request.file_system_sandbox_policy.clone(), - sandbox_policy_cwd: exec_request.windows_sandbox_policy_cwd.clone(), sandbox_permissions: req.sandbox_permissions, approval_sandbox_permissions: approval_sandbox_permissions( req.sandbox_permissions, @@ -332,7 +331,6 @@ struct CoreShellActionProvider { approval_policy: AskForApproval, permission_profile: PermissionProfile, file_system_sandbox_policy: FileSystemSandboxPolicy, - sandbox_policy_cwd: AbsolutePathBuf, sandbox_permissions: SandboxPermissions, approval_sandbox_permissions: SandboxPermissions, prompt_permissions: Option, @@ -601,8 +599,7 @@ impl CoreShellActionProvider { // execve interception. const ENABLE_INTERCEPTED_EXEC_POLICY_SHELL_WRAPPER_PARSING: bool = false; -#[async_trait::async_trait] -impl EscalationPolicy for CoreShellActionProvider { +impl CoreShellActionProvider { async fn determine_action( &self, program: &AbsolutePathBuf, @@ -622,8 +619,7 @@ impl EscalationPolicy for CoreShellActionProvider { InterceptedExecPolicyContext { approval_policy: self.approval_policy, permission_profile: self.permission_profile.clone(), - file_system_sandbox_policy: &self.file_system_sandbox_policy, - sandbox_cwd: self.sandbox_policy_cwd.as_path(), + windows_sandbox_level: self.turn.windows_sandbox_level, sandbox_permissions: self.approval_sandbox_permissions, enable_shell_wrapper_parsing: ENABLE_INTERCEPTED_EXEC_POLICY_SHELL_WRAPPER_PARSING, @@ -635,9 +631,11 @@ impl EscalationPolicy for CoreShellActionProvider { let decision_driven_by_policy = Self::decision_driven_by_policy(&evaluation.matched_rules, evaluation.decision); let unsandboxed_allowed = unsandboxed_execution_allowed(&self.file_system_sandbox_policy); - let needs_escalation = unsandboxed_allowed - && (self.sandbox_permissions.requires_escalated_permissions() - || decision_driven_by_policy); + let needs_escalation = match self.sandbox_permissions { + SandboxPermissions::UseDefault => unsandboxed_allowed && decision_driven_by_policy, + SandboxPermissions::RequireEscalated => unsandboxed_allowed, + SandboxPermissions::WithAdditionalPermissions => true, + }; let decision_source = if decision_driven_by_policy { DecisionSource::PrefixRule @@ -668,17 +666,29 @@ impl EscalationPolicy for CoreShellActionProvider { } } +impl EscalationPolicy for CoreShellActionProvider { + fn determine_action<'a>( + &'a self, + program: &'a AbsolutePathBuf, + argv: &'a [String], + workdir: &'a AbsolutePathBuf, + ) -> EscalationPolicyFuture<'a> { + Box::pin(CoreShellActionProvider::determine_action( + self, program, argv, workdir, + )) + } +} + fn evaluate_intercepted_exec_policy( policy: &Policy, program: &AbsolutePathBuf, argv: &[String], - context: InterceptedExecPolicyContext<'_>, + context: InterceptedExecPolicyContext, ) -> Evaluation { let InterceptedExecPolicyContext { approval_policy, permission_profile, - file_system_sandbox_policy, - sandbox_cwd, + windows_sandbox_level, sandbox_permissions, enable_shell_wrapper_parsing, } = context; @@ -705,8 +715,7 @@ fn evaluate_intercepted_exec_policy( crate::exec_policy::UnmatchedCommandContext { approval_policy, permission_profile: &permission_profile, - file_system_sandbox_policy, - sandbox_cwd, + windows_sandbox_level, sandbox_permissions, used_complex_parsing, command_origin: crate::exec_policy::ExecPolicyCommandOrigin::Generic, @@ -724,11 +733,10 @@ fn evaluate_intercepted_exec_policy( } #[derive(Clone)] -struct InterceptedExecPolicyContext<'a> { +struct InterceptedExecPolicyContext { approval_policy: AskForApproval, permission_profile: PermissionProfile, - file_system_sandbox_policy: &'a FileSystemSandboxPolicy, - sandbox_cwd: &'a Path, + windows_sandbox_level: WindowsSandboxLevel, sandbox_permissions: SandboxPermissions, enable_shell_wrapper_parsing: bool, } @@ -793,15 +801,43 @@ struct PrepareSandboxedExecParams<'a> { additional_permissions: Option, } -#[async_trait::async_trait] impl ShellCommandExecutor for CoreShellCommandExecutor { - async fn run( + fn run( &self, _command: Vec, _cwd: PathBuf, env_overlay: HashMap, cancel_rx: CancellationToken, after_spawn: Option>, + ) -> ShellCommandExecutorFuture<'_, ExecResult> { + Box::pin(CoreShellCommandExecutor::run( + self, + env_overlay, + cancel_rx, + after_spawn, + )) + } + + fn prepare_escalated_exec<'a>( + &'a self, + program: &'a AbsolutePathBuf, + argv: &'a [String], + workdir: &'a AbsolutePathBuf, + env: HashMap, + execution: EscalationExecution, + ) -> ShellCommandExecutorFuture<'a, PreparedExec> { + Box::pin(CoreShellCommandExecutor::prepare_escalated_exec( + self, program, argv, workdir, env, execution, + )) + } +} + +impl CoreShellCommandExecutor { + async fn run( + &self, + env_overlay: HashMap, + cancel_rx: CancellationToken, + after_spawn: Option>, ) -> anyhow::Result { let mut exec_env = self.env.clone(); // `env_overlay` comes from `EscalationSession::env()`, so merge only the @@ -866,7 +902,7 @@ impl ShellCommandExecutor for CoreShellCommandExecutor { EscalationExecution::Unsandboxed => PreparedExec { command, cwd: workdir.to_path_buf(), - env, + env: exec_env_for_sandbox_permissions(&env, SandboxPermissions::RequireEscalated), arg0: Some(first_arg.clone()), }, EscalationExecution::TurnDefault => { @@ -906,9 +942,7 @@ impl ShellCommandExecutor for CoreShellCommandExecutor { Ok(prepared) } -} -impl CoreShellCommandExecutor { #[allow(clippy::too_many_arguments)] fn prepare_sandboxed_exec( &self, diff --git a/codex-rs/core/src/tools/runtimes/shell/unix_escalation_tests.rs b/codex-rs/core/src/tools/runtimes/shell/unix_escalation_tests.rs index 6e7a1ced546..6d42e7c84dc 100644 --- a/codex-rs/core/src/tools/runtimes/shell/unix_escalation_tests.rs +++ b/codex-rs/core/src/tools/runtimes/shell/unix_escalation_tests.rs @@ -1,4 +1,5 @@ use super::CoreShellActionProvider; +use super::CoreShellCommandExecutor; use super::InterceptedExecPolicyContext; use super::ParsedShellCommand; use super::commands_for_intercepted_exec_policy; @@ -16,6 +17,9 @@ use codex_execpolicy::PolicyParser; use codex_execpolicy::RuleMatch; use codex_hooks::Hooks; use codex_hooks::HooksConfig; +use codex_network_proxy::PROXY_ACTIVE_ENV_KEY; +use codex_network_proxy::PROXY_ENV_KEYS; +use codex_protocol::config_types::WindowsSandboxLevel; use codex_protocol::models::AdditionalPermissionProfile; use codex_protocol::models::FileSystemPermissions; use codex_protocol::models::PermissionProfile; @@ -29,6 +33,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::GranularApprovalConfig; use codex_protocol::protocol::GuardianCommandSource; use codex_sandboxing::SandboxType; +use codex_sandboxing::policy_transforms::effective_permission_profile; use codex_shell_escalation::EscalationExecution; use codex_shell_escalation::EscalationPermissions; use codex_shell_escalation::ExecResult; @@ -36,6 +41,7 @@ use codex_shell_escalation::ResolvedPermissionProfile; use codex_utils_absolute_path::AbsolutePathBuf; use pretty_assertions::assert_eq; use serde_json::Value; +use std::collections::HashMap; use std::path::PathBuf; use std::sync::Arc; use std::time::Duration; @@ -348,6 +354,108 @@ fn shell_request_escalation_execution_is_explicit() { ); } +#[tokio::test] +async fn unsandboxed_intercepted_exec_strips_managed_network_env() -> anyhow::Result<()> { + let workdir = test_sandbox_cwd(); + let executor = CoreShellCommandExecutor { + command: Vec::new(), + cwd: workdir.clone(), + permission_profile: PermissionProfile::workspace_write(), + file_system_sandbox_policy: read_only_file_system_sandbox_policy(), + network_sandbox_policy: NetworkSandboxPolicy::Restricted, + sandbox: SandboxType::None, + env: HashMap::new(), + network: None, + windows_sandbox_level: WindowsSandboxLevel::Disabled, + arg0: None, + sandbox_policy_cwd: workdir.clone(), + windows_sandbox_workspace_roots: vec![workdir.clone()], + codex_linux_sandbox_exe: None, + use_legacy_landlock: false, + }; + let mut env = HashMap::new(); + env.insert(PROXY_ACTIVE_ENV_KEY.to_string(), "1".to_string()); + for key in PROXY_ENV_KEYS { + env.insert((*key).to_string(), format!("proxy-{key}")); + } + + let prepared = executor + .prepare_escalated_exec( + &AbsolutePathBuf::from_absolute_path("/usr/bin/curl")?, + &["curl".to_string(), "example.com".to_string()], + &workdir, + env, + EscalationExecution::Unsandboxed, + ) + .await?; + + assert!( + !prepared.env.contains_key(PROXY_ACTIVE_ENV_KEY), + "unsandboxed intercepted exec should strip the managed-network active marker" + ); + for key in PROXY_ENV_KEYS { + assert!( + !prepared.env.contains_key(*key), + "unsandboxed intercepted exec should strip managed-network proxy env var {key}" + ); + } + + Ok(()) +} + +#[tokio::test] +async fn preapproved_additional_permissions_escalate_intercepted_exec() -> anyhow::Result<()> { + let (session, turn_context) = make_session_and_context().await; + let requested_permissions = AdditionalPermissionProfile { + file_system: Some(FileSystemPermissions::from_read_write_roots( + /*read*/ None, + Some(vec![ + AbsolutePathBuf::from_absolute_path("/tmp/output").unwrap(), + ]), + )), + ..Default::default() + }; + let workdir = test_sandbox_cwd(); + let permission_profile = effective_permission_profile( + &PermissionProfile::workspace_write(), + Some(&requested_permissions), + ); + let provider = CoreShellActionProvider { + policy: Arc::new(RwLock::new(codex_execpolicy::Policy::empty())), + session: Arc::new(session), + turn: Arc::new(turn_context), + call_id: "preapproved-additional-permissions".to_string(), + tool_name: GuardianCommandSource::Shell, + approval_policy: AskForApproval::OnRequest, + permission_profile: permission_profile.clone(), + file_system_sandbox_policy: read_only_file_system_sandbox_policy(), + sandbox_permissions: SandboxPermissions::WithAdditionalPermissions, + approval_sandbox_permissions: SandboxPermissions::UseDefault, + prompt_permissions: Some(requested_permissions), + stopwatch: codex_shell_escalation::Stopwatch::new(Duration::from_secs(1)), + }; + + let action = codex_shell_escalation::EscalationPolicy::determine_action( + &provider, + &AbsolutePathBuf::from_absolute_path("/usr/bin/printf")?, + &["printf".to_string(), "hello".to_string()], + &workdir, + ) + .await?; + + let expected = codex_shell_escalation::EscalationDecision::Escalate( + EscalationExecution::Permissions(EscalationPermissions::ResolvedPermissionProfile( + ResolvedPermissionProfile { permission_profile }, + )), + ); + assert_eq!( + action, expected, + "preapproved with_additional_permissions should escalate through the resolved permission profile" + ); + + Ok(()) +} + #[tokio::test(flavor = "current_thread")] async fn execve_permission_request_hook_short_circuits_prompt() -> anyhow::Result<()> { let (session, mut turn_context) = make_session_and_context().await; @@ -456,7 +564,6 @@ async fn execve_permission_request_hook_short_circuits_prompt() -> anyhow::Resul approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), file_system_sandbox_policy: read_only_file_system_sandbox_policy(), - sandbox_policy_cwd: workdir.clone(), sandbox_permissions: SandboxPermissions::RequireEscalated, approval_sandbox_permissions: SandboxPermissions::RequireEscalated, prompt_permissions: None, @@ -508,7 +615,6 @@ fn evaluate_intercepted_exec_policy_uses_wrapper_command_when_shell_wrapper_pars parser.parse("test.rules", policy_src).unwrap(); let policy = parser.build(); let program = AbsolutePathBuf::try_from(host_absolute_path(&["bin", "zsh"])).unwrap(); - let sandbox_cwd = test_sandbox_cwd(); let enable_intercepted_exec_policy_shell_wrapper_parsing = false; let evaluation = evaluate_intercepted_exec_policy( @@ -522,8 +628,7 @@ fn evaluate_intercepted_exec_policy_uses_wrapper_command_when_shell_wrapper_pars InterceptedExecPolicyContext { approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: sandbox_cwd.as_path(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, enable_shell_wrapper_parsing: enable_intercepted_exec_policy_shell_wrapper_parsing, }, @@ -561,7 +666,6 @@ fn evaluate_intercepted_exec_policy_matches_inner_shell_commands_when_enabled() parser.parse("test.rules", policy_src).unwrap(); let policy = parser.build(); let program = AbsolutePathBuf::try_from(host_absolute_path(&["bin", "bash"])).unwrap(); - let sandbox_cwd = test_sandbox_cwd(); let enable_intercepted_exec_policy_shell_wrapper_parsing = true; let evaluation = evaluate_intercepted_exec_policy( @@ -575,8 +679,7 @@ fn evaluate_intercepted_exec_policy_matches_inner_shell_commands_when_enabled() InterceptedExecPolicyContext { approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: sandbox_cwd.as_path(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, enable_shell_wrapper_parsing: enable_intercepted_exec_policy_shell_wrapper_parsing, }, @@ -610,7 +713,6 @@ host_executable(name = "git", paths = ["{git_path_literal}"]) parser.parse("test.rules", &policy_src).unwrap(); let policy = parser.build(); let program = AbsolutePathBuf::try_from(git_path).unwrap(); - let sandbox_cwd = test_sandbox_cwd(); let evaluation = evaluate_intercepted_exec_policy( &policy, @@ -619,8 +721,7 @@ host_executable(name = "git", paths = ["{git_path_literal}"]) InterceptedExecPolicyContext { approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: sandbox_cwd.as_path(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, enable_shell_wrapper_parsing: false, }, @@ -673,7 +774,6 @@ prefix_rule(pattern = ["{cat_path_literal}"], decision = "allow") approval_policy: AskForApproval::OnRequest, permission_profile, file_system_sandbox_policy, - sandbox_policy_cwd: workdir.clone(), sandbox_permissions: SandboxPermissions::UseDefault, approval_sandbox_permissions: SandboxPermissions::UseDefault, prompt_permissions: None, @@ -716,7 +816,6 @@ async fn denied_reads_keep_granular_sandbox_rejection_for_escalation() -> anyhow }), permission_profile, file_system_sandbox_policy, - sandbox_policy_cwd: workdir.clone(), sandbox_permissions: SandboxPermissions::RequireEscalated, approval_sandbox_permissions: SandboxPermissions::RequireEscalated, prompt_permissions: None, @@ -747,8 +846,6 @@ fn intercepted_exec_policy_treats_preapproved_additional_permissions_as_default( let argv = ["printf".to_string(), "hello".to_string()]; let approval_policy = AskForApproval::OnRequest; let permission_profile = PermissionProfile::workspace_write(); - let file_system_sandbox_policy = read_only_file_system_sandbox_policy(); - let sandbox_cwd = test_sandbox_cwd(); let preapproved = evaluate_intercepted_exec_policy( &policy, @@ -757,8 +854,7 @@ fn intercepted_exec_policy_treats_preapproved_additional_permissions_as_default( InterceptedExecPolicyContext { approval_policy, permission_profile: permission_profile.clone(), - file_system_sandbox_policy: &file_system_sandbox_policy, - sandbox_cwd: sandbox_cwd.as_path(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: super::approval_sandbox_permissions( SandboxPermissions::WithAdditionalPermissions, /*additional_permissions_preapproved*/ true, @@ -773,8 +869,7 @@ fn intercepted_exec_policy_treats_preapproved_additional_permissions_as_default( InterceptedExecPolicyContext { approval_policy, permission_profile, - file_system_sandbox_policy: &file_system_sandbox_policy, - sandbox_cwd: sandbox_cwd.as_path(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::WithAdditionalPermissions, enable_shell_wrapper_parsing: false, }, @@ -799,7 +894,6 @@ host_executable(name = "git", paths = ["{allowed_git_literal}"]) parser.parse("test.rules", &policy_src).unwrap(); let policy = parser.build(); let program = AbsolutePathBuf::try_from(other_git.clone()).unwrap(); - let sandbox_cwd = test_sandbox_cwd(); let evaluation = evaluate_intercepted_exec_policy( &policy, @@ -808,8 +902,7 @@ host_executable(name = "git", paths = ["{allowed_git_literal}"]) InterceptedExecPolicyContext { approval_policy: AskForApproval::OnRequest, permission_profile: PermissionProfile::read_only(), - file_system_sandbox_policy: &read_only_file_system_sandbox_policy(), - sandbox_cwd: sandbox_cwd.as_path(), + windows_sandbox_level: WindowsSandboxLevel::Disabled, sandbox_permissions: SandboxPermissions::UseDefault, enable_shell_wrapper_parsing: false, }, diff --git a/codex-rs/core/src/tools/runtimes/unified_exec.rs b/codex-rs/core/src/tools/runtimes/unified_exec.rs index bf04a6fe35b..250965b67c0 100644 --- a/codex-rs/core/src/tools/runtimes/unified_exec.rs +++ b/codex-rs/core/src/tools/runtimes/unified_exec.rs @@ -265,17 +265,15 @@ impl<'a> ToolRuntime for UnifiedExecRunt let base_command = &req.command; let session_shell = ctx.session.user_shell(); let (file_system_sandbox_policy, _) = attempt.permissions.to_runtime_permissions(); - let sandbox_permissions = sandbox_permissions_preserving_denied_reads( + let launch_sandbox_permissions = sandbox_permissions_preserving_denied_reads( req.sandbox_permissions, &file_system_sandbox_policy, ); - let req = &UnifiedExecRequest { - sandbox_permissions, - ..req.clone() - }; - let managed_network = - managed_network_for_sandbox_permissions(req.network.as_ref(), req.sandbox_permissions); - let mut env = exec_env_for_sandbox_permissions(&req.env, req.sandbox_permissions); + let managed_network = managed_network_for_sandbox_permissions( + req.network.as_ref(), + launch_sandbox_permissions, + ); + let mut env = exec_env_for_sandbox_permissions(&req.env, launch_sandbox_permissions); if let Some(network) = managed_network { network.apply_to_env(&mut env); } @@ -412,6 +410,7 @@ mod tests { use crate::exec::DEFAULT_EXEC_COMMAND_TIMEOUT_MS; use crate::tools::sandboxing::ToolRuntime; use codex_exec_server::Environment; + use codex_tools::ZshForkConfig; use std::time::Duration; use tempfile::tempdir; @@ -473,4 +472,107 @@ mod tests { assert_eq!(runtime.sandbox_cwd(&request), Some(&sandbox_cwd)); } + + #[tokio::test] + async fn zsh_fork_first_attempt_preserves_parent_sandbox_override() { + let manager = UnifiedExecProcessManager::default(); + let request = test_request( + SandboxPermissions::RequireEscalated, + ExecApprovalRequirement::NeedsApproval { + reason: None, + proposed_execpolicy_amendment: None, + }, + ); + let direct_runtime = UnifiedExecRuntime::new(&manager, UnifiedExecShellMode::Direct); + let zsh_fork_runtime = UnifiedExecRuntime::new(&manager, zsh_fork_mode()); + + assert_eq!( + direct_runtime.sandbox_permissions(&request), + SandboxPermissions::RequireEscalated, + "direct unified exec should preserve a parent require_escalated request" + ); + assert_eq!( + zsh_fork_runtime.sandbox_permissions(&request), + SandboxPermissions::RequireEscalated, + "zsh-fork unified exec should preserve the same parent require_escalated request" + ); + } + + #[tokio::test] + async fn zsh_fork_first_attempt_preserves_additional_permissions_request() { + let manager = UnifiedExecProcessManager::default(); + let request = test_request( + SandboxPermissions::WithAdditionalPermissions, + ExecApprovalRequirement::NeedsApproval { + reason: None, + proposed_execpolicy_amendment: None, + }, + ); + let zsh_fork_runtime = UnifiedExecRuntime::new(&manager, zsh_fork_mode()); + + assert_eq!( + zsh_fork_runtime.sandbox_permissions(&request), + SandboxPermissions::WithAdditionalPermissions, + "zsh-fork unified exec should keep bounded additional-permissions requests sandboxed" + ); + } + + #[tokio::test] + async fn zsh_fork_execpolicy_allow_preserves_parent_sandbox_override() { + let manager = UnifiedExecProcessManager::default(); + let request = test_request( + SandboxPermissions::UseDefault, + ExecApprovalRequirement::Skip { + bypass_sandbox: true, + proposed_execpolicy_amendment: None, + }, + ); + let runtime = UnifiedExecRuntime::new(&manager, zsh_fork_mode()); + + assert_eq!( + runtime.exec_approval_requirement(&request), + Some(ExecApprovalRequirement::Skip { + bypass_sandbox: true, + proposed_execpolicy_amendment: None, + }), + "zsh-fork unified exec should preserve exec-policy allow decisions that bypass the sandbox" + ); + } + + fn test_request( + sandbox_permissions: SandboxPermissions, + exec_approval_requirement: ExecApprovalRequirement, + ) -> UnifiedExecRequest { + let cwd = AbsolutePathBuf::try_from(std::env::current_dir().unwrap()) + .expect("current dir is absolute"); + UnifiedExecRequest { + command: vec!["zsh".to_string(), "-c".to_string(), "echo hi".to_string()], + shell_type: ShellType::Zsh, + hook_command: "echo hi".to_string(), + process_id: 1000, + cwd: cwd.clone(), + sandbox_cwd: cwd, + environment: Arc::new(Environment::default_for_tests()), + env: HashMap::new(), + exec_server_env_config: None, + explicit_env_overrides: HashMap::new(), + network: None, + tty: false, + sandbox_permissions, + additional_permissions: None, + #[cfg(unix)] + additional_permissions_preapproved: false, + justification: None, + exec_approval_requirement, + } + } + + fn zsh_fork_mode() -> UnifiedExecShellMode { + let cwd = std::env::current_dir().expect("read current dir"); + UnifiedExecShellMode::ZshFork(ZshForkConfig { + shell_zsh_path: AbsolutePathBuf::try_from(cwd.join("zsh")).expect("absolute zsh path"), + main_execve_wrapper_exe: AbsolutePathBuf::try_from(cwd.join("execve-wrapper")) + .expect("absolute wrapper path"), + }) + } } diff --git a/codex-rs/core/src/tools/spec_plan.rs b/codex-rs/core/src/tools/spec_plan.rs index 48111fb578f..79c86b94d1f 100644 --- a/codex-rs/core/src/tools/spec_plan.rs +++ b/codex-rs/core/src/tools/spec_plan.rs @@ -6,15 +6,15 @@ use crate::tools::context::ToolInvocation; use crate::tools::handlers::ApplyPatchHandler; use crate::tools::handlers::CodeModeExecuteHandler; use crate::tools::handlers::CodeModeWaitHandler; -use crate::tools::handlers::CreateGoalHandler; use crate::tools::handlers::DynamicToolHandler; use crate::tools::handlers::ExecCommandHandler; use crate::tools::handlers::ExecCommandHandlerOptions; -use crate::tools::handlers::GetGoalHandler; +use crate::tools::handlers::GetContextRemainingHandler; use crate::tools::handlers::ListAvailablePluginsToInstallHandler; use crate::tools::handlers::ListMcpResourceTemplatesHandler; use crate::tools::handlers::ListMcpResourcesHandler; use crate::tools::handlers::McpHandler; +use crate::tools::handlers::NewContextWindowHandler; use crate::tools::handlers::PlanHandler; use crate::tools::handlers::ReadMcpResourceHandler; use crate::tools::handlers::RequestPermissionsHandler; @@ -24,7 +24,6 @@ use crate::tools::handlers::ShellCommandHandler; use crate::tools::handlers::ShellCommandHandlerOptions; use crate::tools::handlers::TestSyncHandler; use crate::tools::handlers::ToolSearchHandler; -use crate::tools::handlers::UpdateGoalHandler; use crate::tools::handlers::ViewImageHandler; use crate::tools::handlers::WriteStdinHandler; use crate::tools::handlers::agent_jobs::ReportAgentJobResultHandler; @@ -40,8 +39,8 @@ use crate::tools::handlers::multi_agents_common::MAX_WAIT_TIMEOUT_MS; use crate::tools::handlers::multi_agents_common::MIN_WAIT_TIMEOUT_MS; use crate::tools::handlers::multi_agents_spec::SpawnAgentToolOptions; use crate::tools::handlers::multi_agents_spec::WaitAgentTimeoutOptions; -use crate::tools::handlers::multi_agents_v2::CloseAgentHandler as CloseAgentHandlerV2; use crate::tools::handlers::multi_agents_v2::FollowupTaskHandler as FollowupTaskHandlerV2; +use crate::tools::handlers::multi_agents_v2::InterruptAgentHandler; use crate::tools::handlers::multi_agents_v2::ListAgentsHandler as ListAgentsHandlerV2; use crate::tools::handlers::multi_agents_v2::SendMessageHandler as SendMessageHandlerV2; use crate::tools::handlers::multi_agents_v2::SpawnAgentHandler as SpawnAgentHandlerV2; @@ -59,6 +58,7 @@ use crate::tools::router::ToolRouterParams; use codex_features::Feature; use codex_login::AuthManager; use codex_mcp::ToolInfo; +use codex_protocol::config_types::WebSearchMode; use codex_protocol::dynamic_tools::DynamicToolSpec; use codex_protocol::openai_models::ConfigShellToolType; use codex_protocol::openai_models::InputModality; @@ -74,7 +74,6 @@ use codex_tools::ToolCall as ExtensionToolCall; use codex_tools::ToolEnvironmentMode; use codex_tools::ToolExecutor; use codex_tools::ToolName; -use codex_tools::ToolOutput; use codex_tools::ToolSearchInfo; use codex_tools::ToolSpec; use codex_tools::UnifiedExecShellMode; @@ -88,6 +87,7 @@ use codex_tools::shell_type_for_model_and_features; use std::collections::BTreeMap; use std::collections::HashSet; use std::sync::Arc; +use tracing::instrument; use tracing::warn; const MULTI_AGENT_V2_NAMESPACE_DESCRIPTION: &str = "Tools for spawning and managing sub-agents."; @@ -150,6 +150,7 @@ struct CoreToolPlanContext<'a> { wait_agent_timeouts: WaitAgentTimeoutOptions, } +#[instrument(level = "trace", skip_all)] pub(crate) fn build_tool_router( turn_context: &TurnContext, params: ToolRouterParams<'_>, @@ -158,6 +159,7 @@ pub(crate) fn build_tool_router( ToolRouter::from_parts(registry, model_visible_specs) } +#[instrument(level = "trace", skip_all)] fn build_tool_specs_and_registry( turn_context: &TurnContext, params: ToolRouterParams<'_>, @@ -188,6 +190,7 @@ fn build_tool_specs_and_registry( build_model_visible_specs_and_registry(turn_context, planned_tools) } +#[instrument(level = "trace", skip_all)] fn build_model_visible_specs_and_registry( turn_context: &TurnContext, planned_tools: PlannedTools, @@ -207,7 +210,12 @@ fn build_model_visible_specs_and_registry( if exposure.is_direct() && !is_hidden_by_code_mode_only(turn_context, &tool_name, exposure) { let spec = runtime.spec(); - specs.push(spec_for_model_request(turn_context, exposure, spec)); + specs.push(spec_for_model_request( + turn_context, + exposure, + &tool_name, + spec, + )); } } specs.extend(hosted_specs); @@ -226,12 +234,14 @@ fn build_model_visible_specs_and_registry( fn spec_for_model_request( turn_context: &TurnContext, exposure: ToolExposure, + tool_name: &ToolName, spec: ToolSpec, ) -> ToolSpec { if matches!( turn_context.tool_mode, ToolMode::CodeMode | ToolMode::CodeModeOnly ) && exposure != ToolExposure::DirectModelOnly + && !is_excluded_from_code_mode(turn_context, tool_name) && codex_code_mode::is_code_mode_nested_tool(spec.name()) { codex_tools::augment_tool_spec_for_code_mode(spec) @@ -242,22 +252,31 @@ fn spec_for_model_request( fn hosted_model_tool_specs(context: &CoreToolPlanContext<'_>) -> Vec { let turn_context = context.turn_context; + // Responses Lite accepts schemas for client-executed tools, not hosted Responses tools. + if turn_context.model_info.use_responses_lite { + return Vec::new(); + } + let mut specs = Vec::new(); - let provider_capabilities = turn_context.provider.capabilities(); - let web_search_mode = (!standalone_web_run_available(context.extension_tool_executors) - && provider_capabilities.web_search) + let standalone_web_search_available = standalone_web_search_enabled(turn_context) + && context + .extension_tool_executors + .iter() + .any(|executor| executor.tool_name() == ToolName::namespaced("web", "run")); + // `Some(Cached/Live/Disabled)` are the options for mode when standalone search is unavailable + // and the provider supports hosted search. `None` prevents emitting a hosted search tool. + let web_search_mode = (!standalone_web_search_available + && turn_context.provider.capabilities().web_search) .then_some(turn_context.config.web_search_mode.value()); - let web_search_config = if provider_capabilities.web_search { - turn_context.config.web_search_config.as_ref() - } else { - None - }; - if let Some(web_search_tool) = create_web_search_tool(WebSearchToolOptions { + let web_search_config = web_search_mode + .as_ref() + .and(turn_context.config.web_search_config.as_ref()); + if let Some(hosted_web_search_tool) = create_web_search_tool(WebSearchToolOptions { web_search_mode, web_search_config, web_search_tool_type: turn_context.model_info.web_search_tool_type, }) { - specs.push(web_search_tool); + specs.push(hosted_web_search_tool); } // TODO: Remove hosted image generation once the standalone extension is ready. if image_generation_tool_enabled(turn_context) @@ -298,14 +317,6 @@ fn collab_tools_enabled(turn_context: &TurnContext) -> bool { } } -fn goal_tools_enabled(turn_context: &TurnContext) -> bool { - turn_context.goal_tools_enabled() - && !matches!( - turn_context.session_source, - SessionSource::SubAgent(SubAgentSource::Review) - ) -} - fn agent_jobs_tools_enabled(turn_context: &TurnContext) -> bool { turn_context.features.get().enabled(Feature::SpawnCsv) && collab_tools_enabled(turn_context) } @@ -340,9 +351,15 @@ fn image_generation_runtime_enabled(turn_context: &TurnContext) -> bool { } fn standalone_image_generation_model_visible(turn_context: &TurnContext) -> bool { - image_generation_runtime_enabled(turn_context) - && turn_context.features.get().enabled(Feature::ImageGenExt) - && namespace_tools_enabled(turn_context) + if !image_generation_runtime_enabled(turn_context) || !namespace_tools_enabled(turn_context) { + return false; + } + + if turn_context.model_info.use_responses_lite { + return true; + } + + turn_context.features.get().enabled(Feature::ImageGenExt) } fn standalone_image_generation_available( @@ -371,15 +388,6 @@ fn wait_agent_timeout_options(turn_context: &TurnContext) -> WaitAgentTimeoutOpt } } -fn max_concurrent_threads_per_session(turn_context: &TurnContext) -> Option { - multi_agent_v2_enabled(turn_context).then_some( - turn_context - .config - .multi_agent_v2 - .max_concurrent_threads_per_session, - ) -} - fn agent_type_description( turn_context: &TurnContext, default_agent_type_description: &str, @@ -405,10 +413,19 @@ fn is_hidden_by_code_mode_only( )) } +fn is_excluded_from_code_mode(turn_context: &TurnContext, tool_name: &ToolName) -> bool { + tool_name.namespace.as_ref().is_some_and(|namespace| { + turn_context + .config + .code_mode + .excluded_tool_namespaces + .contains(namespace) + }) +} + fn build_code_mode_executors( turn_context: &TurnContext, executors: &[Arc], - deferred_tools_available: bool, ) -> Vec> { if !matches!( turn_context.tool_mode, @@ -419,6 +436,8 @@ fn build_code_mode_executors( let mut code_mode_nested_tool_specs = Vec::new(); let mut exec_prompt_tool_specs = Vec::new(); + let mut deferred_tools_available = false; + let deferred_tools_guidance_enabled = search_tool_enabled(turn_context); for executor in executors { let exposure = executor.exposure(); if exposure == ToolExposure::DirectModelOnly { @@ -428,9 +447,19 @@ fn build_code_mode_executors( if exposure == ToolExposure::Hidden { continue; } + + if is_excluded_from_code_mode(turn_context, &executor.tool_name()) { + continue; + } + let spec = executor.spec(); - if exposure != ToolExposure::Deferred { + if exposure == ToolExposure::Deferred { + // Only show deferred-tool guidance when supported and an included spec is usable by code mode. + deferred_tools_available |= deferred_tools_guidance_enabled + && !collect_code_mode_exec_prompt_tool_definitions(std::iter::once(&spec)) + .is_empty(); + } else { exec_prompt_tool_specs.push(spec.clone()); } code_mode_nested_tool_specs.push(spec); @@ -524,26 +553,27 @@ fn code_mode_namespace_descriptions( namespace_descriptions } +#[instrument(level = "trace", skip_all)] fn add_tool_sources(context: &CoreToolPlanContext<'_>, planned_tools: &mut PlannedTools) { add_shell_tools(context, planned_tools); add_mcp_resource_tools(context, planned_tools); add_core_utility_tools(context, planned_tools); add_collaboration_tools(context, planned_tools); add_mcp_runtime_tools(context, planned_tools); - add_dynamic_tools(context, planned_tools); add_extension_tools(context, planned_tools); + add_dynamic_tools(context, planned_tools); for spec in hosted_model_tool_specs(context) { planned_tools.add_hosted_spec(spec); } } -fn standalone_web_run_available( - extension_tools: &[Arc>], -) -> bool { - let web_run = ToolName::namespaced("web", "run"); - extension_tools - .iter() - .any(|executor| executor.tool_name() == web_run) +fn standalone_web_search_enabled(turn_context: &TurnContext) -> bool { + namespace_tools_enabled(turn_context) + && (turn_context.model_info.use_responses_lite + || turn_context + .features + .get() + .enabled(Feature::StandaloneWebSearch)) } fn add_shell_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mut PlannedTools) { @@ -611,11 +641,6 @@ fn add_core_utility_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mut let environment_mode = turn_context.tool_environment_mode(); planned_tools.add(PlanHandler); - if goal_tools_enabled(turn_context) { - planned_tools.add(GetGoalHandler); - planned_tools.add(CreateGoalHandler); - planned_tools.add(UpdateGoalHandler); - } if turn_context.config.experimental_request_user_input_enabled { planned_tools.add(RequestUserInputHandler { @@ -627,6 +652,11 @@ fn add_core_utility_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mut planned_tools.add(RequestPermissionsHandler); } + if features.enabled(Feature::TokenBudget) { + planned_tools.add_with_exposure(NewContextWindowHandler, ToolExposure::DirectModelOnly); + planned_tools.add(GetContextRemainingHandler); + } + if tool_suggest_enabled(turn_context) && let Some(discoverable_tools) = context.discoverable_tools.filter(|tools| !tools.is_empty()) @@ -690,9 +720,6 @@ fn add_collaboration_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mu .hide_spawn_agent_metadata, include_usage_hint: turn_context.config.multi_agent_v2.usage_hint_enabled, usage_hint_text: turn_context.config.multi_agent_v2.usage_hint_text.clone(), - max_concurrent_threads_per_session: max_concurrent_threads_per_session( - turn_context, - ), }), tool_namespace, ), @@ -714,7 +741,7 @@ fn add_collaboration_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mu exposure, )); planned_tools.add_arc(override_tool_exposure( - multi_agent_v2_handler(CloseAgentHandlerV2, tool_namespace), + multi_agent_v2_handler(InterruptAgentHandler, tool_namespace), exposure, )); planned_tools.add_arc(override_tool_exposure( @@ -734,15 +761,9 @@ fn add_collaboration_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mu SpawnAgentHandler::new(SpawnAgentToolOptions { available_models: turn_context.available_models.clone(), agent_type_description, - hide_agent_type_model_reasoning: turn_context - .config - .multi_agent_v2 - .hide_spawn_agent_metadata, + hide_agent_type_model_reasoning: false, include_usage_hint: turn_context.config.multi_agent_v2.usage_hint_enabled, usage_hint_text: turn_context.config.multi_agent_v2.usage_hint_text.clone(), - max_concurrent_threads_per_session: max_concurrent_threads_per_session( - turn_context, - ), }), exposure, ); @@ -812,6 +833,7 @@ fn add_extension_tools(context: &CoreToolPlanContext<'_>, planned_tools: &mut Pl ); } +#[instrument(level = "trace", skip_all)] fn append_tool_search_executor( context: &CoreToolPlanContext<'_>, planned_tools: &mut PlannedTools, @@ -839,16 +861,7 @@ fn prepend_code_mode_executors( planned_tools: &mut PlannedTools, ) { let turn_context = context.turn_context; - let deferred_tools_available = search_tool_enabled(turn_context) - && planned_tools - .runtimes() - .iter() - .any(|executor| executor.exposure() == ToolExposure::Deferred); - let code_mode_executors = build_code_mode_executors( - turn_context, - planned_tools.runtimes(), - deferred_tools_available, - ); + let code_mode_executors = build_code_mode_executors(turn_context, planned_tools.runtimes()); planned_tools.runtimes.splice(0..0, code_mode_executors); } @@ -883,8 +896,16 @@ fn append_extension_tool_executors( reserved_tool_names.insert(ToolName::plain(TOOL_SEARCH_TOOL_NAME)); } + let standalone_web_search_enabled = standalone_web_search_enabled(turn_context); + let web_search_mode_on = turn_context.config.web_search_mode.value() != WebSearchMode::Disabled; + for executor in executors.iter().cloned() { let tool_name = executor.tool_name(); + if tool_name == ToolName::namespaced("web", "run") + && (!standalone_web_search_enabled || !web_search_mode_on) + { + continue; + } if tool_name == ToolName::namespaced(IMAGE_GEN_NAMESPACE, IMAGEGEN_TOOL_NAME) && !standalone_image_generation_model_visible(turn_context) { @@ -916,7 +937,6 @@ struct MultiAgentV2NamespaceOverride { namespace: String, } -#[async_trait::async_trait] impl ToolExecutor for MultiAgentV2NamespaceOverride { fn tool_name(&self) -> ToolName { ToolName::namespaced(self.namespace.clone(), self.handler.tool_name().name) @@ -945,11 +965,8 @@ impl ToolExecutor for MultiAgentV2NamespaceOverride { self.handler.search_info() } - async fn handle( - &self, - invocation: ToolInvocation, - ) -> Result, codex_tools::FunctionCallError> { - self.handler.handle(invocation).await + fn handle(&self, invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + self.handler.handle(invocation) } } diff --git a/codex-rs/core/src/tools/spec_plan_tests.rs b/codex-rs/core/src/tools/spec_plan_tests.rs index 02a7a21f637..2f7f23947b4 100644 --- a/codex-rs/core/src/tools/spec_plan_tests.rs +++ b/codex-rs/core/src/tools/spec_plan_tests.rs @@ -285,7 +285,6 @@ fn use_bedrock_provider(turn: &mut TurnContext) { struct WebRunExtensionTool; -#[async_trait::async_trait] impl ToolExecutor for WebRunExtensionTool { fn tool_name(&self) -> ToolName { ToolName::namespaced("web", "run") @@ -306,17 +305,15 @@ impl ToolExecutor for WebRunExtensionTool { }) } - async fn handle( - &self, - _call: ExtensionToolCall, - ) -> Result, codex_tools::FunctionCallError> { - Ok(Box::new(codex_tools::JsonToolOutput::new(json!({})))) + fn handle(&self, _call: ExtensionToolCall) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async { + Ok(Box::new(codex_tools::JsonToolOutput::new(json!({}))) as Box) + }) } } struct DeferredExtensionTool; -#[async_trait::async_trait] impl ToolExecutor for DeferredExtensionTool { fn tool_name(&self) -> ToolName { ToolName::plain("extension_echo") @@ -344,11 +341,8 @@ impl ToolExecutor for DeferredExtensionTool { ToolExposure::Deferred } - async fn handle( - &self, - _call: ExtensionToolCall, - ) -> Result, codex_tools::FunctionCallError> { - panic!("spec planning should not execute extension tools") + fn handle(&self, _call: ExtensionToolCall) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async { panic!("spec planning should not execute extension tools") }) } } @@ -406,6 +400,7 @@ fn dynamic_tool(namespace: Option<&str>, name: &str, defer_loading: bool) -> Dyn fn discoverable_plugin(id: &str, name: &str) -> DiscoverableTool { DiscoverablePluginInfo { id: id.to_string(), + remote_plugin_id: None, name: name.to_string(), description: Some(format!("{name} plugin")), has_skills: false, @@ -619,36 +614,7 @@ async fn environment_count_controls_environment_backed_tools() { } #[tokio::test] -async fn host_context_gates_goal_and_agent_job_tools() { - let feature_disabled = probe(|turn| { - set_feature(turn, Feature::Goals, /*enabled*/ false); - turn.goal_tools_supported = true; - }) - .await; - feature_disabled.assert_visible_lacks(&["get_goal", "create_goal", "update_goal"]); - - let host_disabled = probe(|turn| { - set_feature(turn, Feature::Goals, /*enabled*/ true); - turn.goal_tools_supported = false; - }) - .await; - host_disabled.assert_visible_lacks(&["get_goal", "create_goal", "update_goal"]); - - let enabled = probe(|turn| { - set_feature(turn, Feature::Goals, /*enabled*/ true); - turn.goal_tools_supported = true; - }) - .await; - enabled.assert_visible_contains(&["get_goal", "create_goal", "update_goal"]); - - let review_thread = probe(|turn| { - set_feature(turn, Feature::Goals, /*enabled*/ true); - turn.goal_tools_supported = true; - turn.session_source = SessionSource::SubAgent(SubAgentSource::Review); - }) - .await; - review_thread.assert_visible_lacks(&["get_goal", "create_goal", "update_goal"]); - +async fn host_context_gates_agent_job_tools() { let normal_agent_job = probe(|turn| { set_feature(turn, Feature::SpawnCsv, /*enabled*/ true); }) @@ -938,6 +904,42 @@ async fn code_mode_only_exposes_code_executor_and_hides_nested_tools() { ); } +#[tokio::test] +async fn excluded_deferred_namespaces_do_not_enable_nested_tool_guidance() { + let plan = probe_with( + |turn| { + set_features(turn, &[Feature::CodeMode, Feature::CodeModeOnly]); + set_feature(turn, Feature::Collab, /*enabled*/ false); + turn.model_info.supports_search_tool = true; + update_config(turn, |config| { + config.code_mode.excluded_tool_namespaces = vec!["excluded".to_string()]; + }); + }, + ToolPlanInputs { + dynamic_tools: vec![dynamic_tool( + Some("excluded"), + "lookup", + /*defer_loading*/ true, + )], + ..ToolPlanInputs::default() + }, + ) + .await; + + let ToolSpec::Freeform(exec) = plan.visible_spec(codex_code_mode::PUBLIC_TOOL_NAME) else { + panic!("expected code mode exec tool"); + }; + assert!( + !exec + .description + .contains("Some deferred nested tools may be omitted") + ); + plan.assert_registered_contains(&[ + &ToolName::namespaced("excluded", "lookup").to_string(), + "tool_search", + ]); +} + #[tokio::test] async fn multi_agent_feature_selects_one_agent_tool_family() { let v1 = probe(|turn| { @@ -952,6 +954,7 @@ async fn multi_agent_feature_selects_one_agent_tool_family() { "resume_agent", "wait_agent", "close_agent", + "interrupt_agent", "send_message", "followup_task", "assign_task", @@ -967,6 +970,30 @@ async fn multi_agent_feature_selects_one_agent_tool_family() { "wait_agent".to_string(), ] ); + let ToolSpec::Namespace(namespace) = v1.visible_spec(MULTI_AGENT_V1_NAMESPACE) else { + panic!("expected v1 multi-agent namespace"); + }; + let Some(ResponsesApiNamespaceTool::Function(spawn_agent)) = + namespace.tools.iter().find(|tool| { + matches!( + tool, + ResponsesApiNamespaceTool::Function(tool) if tool.name == "spawn_agent" + ) + }) + else { + panic!("expected v1 spawn_agent function"); + }; + let properties = spawn_agent + .parameters + .properties + .as_ref() + .expect("spawn_agent should use object params"); + for property in ["agent_type", "model", "reasoning_effort", "service_tier"] { + assert!( + properties.contains_key(property), + "expected v1 spawn_agent to expose `{property}`" + ); + } let v2 = probe(|turn| { set_feature(turn, Feature::MultiAgentV2, /*enabled*/ true); @@ -980,15 +1007,15 @@ async fn multi_agent_feature_selects_one_agent_tool_family() { "send_message", "followup_task", "wait_agent", - "close_agent", + "interrupt_agent", "list_agents", ]); - v2.assert_visible_lacks(&["send_input", "resume_agent", "assign_task"]); + v2.assert_visible_lacks(&["send_input", "resume_agent", "assign_task", "close_agent"]); let spawn_agent_description = match v2.visible_spec("spawn_agent") { ToolSpec::Function(tool) => tool.description.as_str(), other => panic!("expected spawn_agent function spec, got {other:?}"), }; - assert!(spawn_agent_description.contains("max_concurrent_threads_per_session = 17")); + assert!(!spawn_agent_description.contains("max_concurrent_threads_per_session")); let direct_model_only = probe(|turn| { set_features( @@ -1011,6 +1038,30 @@ async fn multi_agent_feature_selects_one_agent_tool_family() { ); } +#[tokio::test] +async fn multi_agent_v2_message_schemas_are_encrypted() { + let plan = probe(|turn| { + set_feature(turn, Feature::MultiAgentV2, /*enabled*/ true); + }) + .await; + for tool_name in ["spawn_agent", "send_message", "followup_task"] { + let ToolSpec::Function(tool) = plan.visible_spec(tool_name) else { + panic!("expected {tool_name} function spec"); + }; + let properties = tool + .parameters + .properties + .as_ref() + .expect("tool should use object params"); + assert_eq!( + properties + .get("message") + .and_then(|schema| schema.encrypted), + Some(true) + ); + } +} + #[tokio::test] async fn tool_mode_selector_overrides_feature_flags() { let direct = probe(|turn| { @@ -1041,6 +1092,7 @@ async fn v1_multi_agent_tools_defer_when_tool_search_available() { "resume_agent", "wait_agent", "close_agent", + "interrupt_agent", ]); for tool_name in [ "spawn_agent", @@ -1099,7 +1151,7 @@ async fn multi_agent_v2_can_use_configured_tool_namespace() { "send_message", "followup_task", "wait_agent", - "close_agent", + "interrupt_agent", "list_agents", ] { namespaced.assert_visible_lacks(&[tool_name]); @@ -1189,7 +1241,7 @@ async fn code_mode_only_can_expose_namespaced_multi_agent_v2_as_normal_tools() { "send_message", "followup_task", "wait_agent", - "close_agent", + "interrupt_agent", "list_agents", ] { assert!( @@ -1262,7 +1314,7 @@ async fn hosted_tools_follow_provider_auth_model_and_config_gates() { "send_message", "followup_task", "wait_agent", - "close_agent", + "interrupt_agent", "list_agents", // Hosted Responses tools. "web_search", diff --git a/codex-rs/core/src/tools/tool_dispatch_trace_tests.rs b/codex-rs/core/src/tools/tool_dispatch_trace_tests.rs index 69dc8ab5803..b09996872ea 100644 --- a/codex-rs/core/src/tools/tool_dispatch_trace_tests.rs +++ b/codex-rs/core/src/tools/tool_dispatch_trace_tests.rs @@ -30,7 +30,6 @@ struct TestHandler { tool_name: codex_tools::ToolName, } -#[async_trait::async_trait] impl ToolExecutor for TestHandler { fn tool_name(&self) -> codex_tools::ToolName { self.tool_name.clone() @@ -47,14 +46,13 @@ impl ToolExecutor for TestHandler { }) } - async fn handle( - &self, - _invocation: ToolInvocation, - ) -> Result, FunctionCallError> { - Ok(Box::new(FunctionToolOutput::from_text( - "ok".to_string(), - Some(true), - ))) + fn handle(&self, _invocation: ToolInvocation) -> codex_tools::ToolExecutorFuture<'_> { + Box::pin(async { + Ok( + Box::new(FunctionToolOutput::from_text("ok".to_string(), Some(true))) + as Box, + ) + }) } } diff --git a/codex-rs/core/src/turn_diff_tracker.rs b/codex-rs/core/src/turn_diff_tracker.rs index 3835ae23459..ed8e9684ad6 100644 --- a/codex-rs/core/src/turn_diff_tracker.rs +++ b/codex-rs/core/src/turn_diff_tracker.rs @@ -2,6 +2,7 @@ use std::collections::HashMap; use std::collections::HashSet; use std::path::Path; use std::path::PathBuf; +use std::time::Duration; use sha1::digest::Output; @@ -12,25 +13,66 @@ use codex_apply_patch::AppliedPatchFileChange; const ZERO_OID: &str = "0000000000000000000000000000000000000000"; const DEV_NULL: &str = "/dev/null"; const REGULAR_FILE_MODE: &str = "100644"; +// Normal edits finish well within 100 ms; pathological inputs fall back to a coarse, +// content-exact diff without stalling tool completion. +const DIFF_TIMEOUT: Duration = Duration::from_millis(100); + +struct TrackedContent { + content: String, + revision: u64, +} + +#[derive(Clone, Debug, Eq, Hash, PartialEq)] +struct TrackedPath { + environment_id: String, + path: PathBuf, +} + +impl TrackedPath { + fn new(environment_id: &str, path: &Path) -> Self { + Self { + environment_id: environment_id.to_string(), + path: path.to_path_buf(), + } + } +} + +#[derive(Eq, Hash, PartialEq)] +struct DiffCacheKey { + left_path: TrackedPath, + left_revision: Option, + right_path: TrackedPath, + right_revision: Option, +} /// Tracks the net text diff for the current turn from committed apply_patch /// mutations, without rereading the workspace filesystem. pub struct TurnDiffTracker { valid: bool, - display_root: Option, - baseline_by_path: HashMap, - current_by_path: HashMap, - origin_by_current_path: HashMap, + display_roots_by_environment: HashMap, + baseline_by_path: HashMap, + current_by_path: HashMap, + origin_by_current_path: HashMap, + next_revision: u64, + rendered_diffs: HashMap>, + unified_diff: Option, + #[cfg(test)] + rendered_diff_count: std::cell::Cell, } impl Default for TurnDiffTracker { fn default() -> Self { Self { valid: true, - display_root: None, + display_roots_by_environment: HashMap::new(), baseline_by_path: HashMap::new(), current_by_path: HashMap::new(), origin_by_current_path: HashMap::new(), + next_revision: 0, + rendered_diffs: HashMap::new(), + unified_diff: None, + #[cfg(test)] + rendered_diff_count: std::cell::Cell::new(0), } } } @@ -40,32 +82,45 @@ impl TurnDiffTracker { Self::default() } - pub fn with_display_root(display_root: PathBuf) -> Self { + pub fn with_environment_display_roots( + display_roots: impl IntoIterator, + ) -> Self { let mut tracker = Self::new(); - tracker.display_root = Some(display_root); + tracker.display_roots_by_environment = display_roots.into_iter().collect(); tracker } - pub fn track_delta(&mut self, delta: &AppliedPatchDelta) { + pub fn track_delta(&mut self, environment_id: &str, delta: &AppliedPatchDelta) { + if !self.valid { + return; + } + if !delta.is_exact() { self.invalidate(); return; } for change in delta.changes() { - self.apply_change(change); + self.apply_change(environment_id, change); } + self.refresh_unified_diff(); } pub fn invalidate(&mut self) { self.valid = false; + self.rendered_diffs.clear(); + self.unified_diff = None; } pub fn get_unified_diff(&self) -> Option { - if !self.valid { - return None; - } + self.unified_diff.clone() + } + pub(crate) fn has_unified_diff(&self) -> bool { + self.unified_diff.is_some() + } + + fn refresh_unified_diff(&mut self) { let rename_pairs = self.rename_pairs(); let paired_destinations = rename_pairs.values().cloned().collect::>(); let mut handled = HashSet::new(); @@ -78,6 +133,8 @@ impl TurnDiffTracker { paths.sort_by_key(|path| self.display_path(path)); paths.dedup(); + let mut previous_diffs = std::mem::take(&mut self.rendered_diffs); + let mut rendered_diffs = HashMap::new(); let mut aggregated = String::new(); for path in paths { if !handled.insert(path.clone()) { @@ -88,26 +145,45 @@ impl TurnDiffTracker { continue; } - let diff = if let Some(dest) = rename_pairs.get(&path) { + let (left_path, right_path) = if let Some(dest) = rename_pairs.get(&path) { handled.insert(dest.clone()); - self.render_rename_diff(&path, dest) + (&path, dest) } else { - self.render_path_diff(&path) + (&path, &path) }; - if let Some(diff) = diff { - aggregated.push_str(&diff); + let left_content = self.baseline_by_path.get(left_path); + let right_content = self.current_by_path.get(right_path); + let key = DiffCacheKey { + left_path: left_path.clone(), + left_revision: left_content.map(|content| content.revision), + right_path: right_path.clone(), + right_revision: right_content.map(|content| content.revision), + }; + let rendered = previous_diffs.remove(&key).unwrap_or_else(|| { + self.render_diff( + left_path, + left_content.map(|content| content.content.as_str()), + right_path, + right_content.map(|content| content.content.as_str()), + ) + }); + + if let Some(diff) = rendered.as_deref() { + aggregated.push_str(diff); if !aggregated.ends_with('\n') { aggregated.push('\n'); } } + rendered_diffs.insert(key, rendered); } - (!aggregated.is_empty()).then_some(aggregated) + self.rendered_diffs = rendered_diffs; + self.unified_diff = (!aggregated.is_empty()).then_some(aggregated); } - fn apply_change(&mut self, change: &AppliedPatchChange) { - let source_path = change.path.as_path(); + fn apply_change(&mut self, environment_id: &str, change: &AppliedPatchChange) { + let source_path = TrackedPath::new(environment_id, change.path.as_path()); match &change.change { AppliedPatchFileChange::Add { content, @@ -119,85 +195,100 @@ impl TurnDiffTracker { old_content, overwritten_move_content, new_content, - } => self.apply_update( - source_path, - move_path.as_deref(), - old_content, - overwritten_move_content.as_deref(), - new_content, - ), + } => { + let move_path = move_path + .as_deref() + .map(|path| TrackedPath::new(environment_id, path)); + self.apply_update( + source_path, + move_path, + old_content, + overwritten_move_content.as_deref(), + new_content, + ) + } } } - fn apply_add(&mut self, path: &Path, content: &str, overwritten_content: Option<&str>) { - self.origin_by_current_path.remove(path); - if !self.current_by_path.contains_key(path) - && !self.baseline_by_path.contains_key(path) + fn apply_add(&mut self, path: TrackedPath, content: &str, overwritten_content: Option<&str>) { + self.origin_by_current_path.remove(&path); + if !self.current_by_path.contains_key(&path) + && !self.baseline_by_path.contains_key(&path) && let Some(overwritten_content) = overwritten_content { + let overwritten_content = self.tracked_content(overwritten_content); self.baseline_by_path - .insert(path.to_path_buf(), overwritten_content.to_string()); + .insert(path.clone(), overwritten_content); } - self.current_by_path - .insert(path.to_path_buf(), content.to_string()); + let content = self.tracked_content(content); + self.current_by_path.insert(path, content); } - fn apply_delete(&mut self, path: &Path, content: &str) { - if self.current_by_path.remove(path).is_none() && !self.baseline_by_path.contains_key(path) + fn apply_delete(&mut self, path: TrackedPath, content: &str) { + if self.current_by_path.remove(&path).is_none() + && !self.baseline_by_path.contains_key(&path) { - self.baseline_by_path - .insert(path.to_path_buf(), content.to_string()); + let content = self.tracked_content(content); + self.baseline_by_path.insert(path.clone(), content); } - self.origin_by_current_path.remove(path); + self.origin_by_current_path.remove(&path); } fn apply_update( &mut self, - source_path: &Path, - move_path: Option<&Path>, + source_path: TrackedPath, + move_path: Option, old_content: &str, overwritten_move_content: Option<&str>, new_content: &str, ) { - if !self.current_by_path.contains_key(source_path) - && !self.baseline_by_path.contains_key(source_path) + if !self.current_by_path.contains_key(&source_path) + && !self.baseline_by_path.contains_key(&source_path) { + let old_content = self.tracked_content(old_content); self.baseline_by_path - .insert(source_path.to_path_buf(), old_content.to_string()); + .insert(source_path.clone(), old_content); } match move_path { Some(dest_path) => { - if !self.current_by_path.contains_key(dest_path) - && !self.baseline_by_path.contains_key(dest_path) + if !self.current_by_path.contains_key(&dest_path) + && !self.baseline_by_path.contains_key(&dest_path) && let Some(overwritten_move_content) = overwritten_move_content { - self.baseline_by_path.insert( - dest_path.to_path_buf(), - overwritten_move_content.to_string(), - ); + let overwritten_move_content = self.tracked_content(overwritten_move_content); + self.baseline_by_path + .insert(dest_path.clone(), overwritten_move_content); } let origin = self .origin_by_current_path - .remove(source_path) - .unwrap_or_else(|| source_path.to_path_buf()); - self.current_by_path.remove(source_path); - self.current_by_path - .insert(dest_path.to_path_buf(), new_content.to_string()); - self.origin_by_current_path.remove(dest_path); - if dest_path != origin.as_path() { - self.origin_by_current_path - .insert(dest_path.to_path_buf(), origin); + .remove(&source_path) + .unwrap_or_else(|| source_path.clone()); + self.current_by_path.remove(&source_path); + let new_content = self.tracked_content(new_content); + self.current_by_path.insert(dest_path.clone(), new_content); + self.origin_by_current_path.remove(&dest_path); + if dest_path != origin { + self.origin_by_current_path.insert(dest_path, origin); } } None => { - self.current_by_path - .insert(source_path.to_path_buf(), new_content.to_string()); + let new_content = self.tracked_content(new_content); + self.current_by_path.insert(source_path, new_content); } } } - fn rename_pairs(&self) -> HashMap { + fn tracked_content(&mut self, content: &str) -> TrackedContent { + let revision = self.next_revision; + self.next_revision += 1; + TrackedContent { + content: content.to_string(), + revision, + } + } + + fn rename_pairs(&self) -> HashMap { self.origin_by_current_path .iter() .filter_map(|(dest_path, origin_path)| { @@ -215,35 +306,21 @@ impl TurnDiffTracker { .collect() } - fn render_path_diff(&self, path: &Path) -> Option { - self.render_diff( - path, - self.baseline_by_path.get(path).map(String::as_str), - path, - self.current_by_path.get(path).map(String::as_str), - ) - } - - fn render_rename_diff(&self, source_path: &Path, dest_path: &Path) -> Option { - self.render_diff( - source_path, - self.baseline_by_path.get(source_path).map(String::as_str), - dest_path, - self.current_by_path.get(dest_path).map(String::as_str), - ) - } - fn render_diff( &self, - left_path: &Path, + left_path: &TrackedPath, left_content: Option<&str>, - right_path: &Path, + right_path: &TrackedPath, right_content: Option<&str>, ) -> Option { if left_content == right_content { return None; } + #[cfg(test)] + self.rendered_diff_count + .set(self.rendered_diff_count.get() + 1); + let left_display = self.display_path(left_path); let right_display = self.display_path(right_path); let left_oid = left_content.map_or_else( @@ -276,23 +353,35 @@ impl TurnDiffTracker { DEV_NULL.to_string() }; - let unified = - similar::TextDiff::from_lines(left_content.unwrap_or(""), right_content.unwrap_or("")) - .unified_diff() - .context_radius(3) - .header(&old_header, &new_header) - .to_string(); + let mut config = similar::TextDiff::configure(); + config.timeout(DIFF_TIMEOUT); + let unified = config + .diff_lines(left_content.unwrap_or(""), right_content.unwrap_or("")) + .unified_diff() + .context_radius(3) + .header(&old_header, &new_header) + .to_string(); diff.push_str(&unified); Some(diff) } - fn display_path(&self, path: &Path) -> String { + #[cfg(test)] + fn rendered_diff_count(&self) -> usize { + self.rendered_diff_count.get() + } + + fn display_path(&self, path: &TrackedPath) -> String { let display = self - .display_root - .as_deref() - .and_then(|root| path.strip_prefix(root).ok()) - .unwrap_or(path); - display.display().to_string().replace('\\', "/") + .display_roots_by_environment + .get(&path.environment_id) + .and_then(|root| path.path.strip_prefix(root).ok()) + .unwrap_or(path.path.as_path()); + let display = display.display().to_string().replace('\\', "/"); + if self.display_roots_by_environment.len() > 1 && !path.environment_id.is_empty() { + format!("{}/{display}", path.environment_id) + } else { + display + } } } diff --git a/codex-rs/core/src/turn_diff_tracker_tests.rs b/codex-rs/core/src/turn_diff_tracker_tests.rs index d25fec2aadd..a7be3d2b0c3 100644 --- a/codex-rs/core/src/turn_diff_tracker_tests.rs +++ b/codex-rs/core/src/turn_diff_tracker_tests.rs @@ -2,10 +2,15 @@ use super::*; use codex_apply_patch::AppliedPatchDelta; use codex_apply_patch::MaybeApplyPatchVerified; use codex_exec_server::LOCAL_FS; +use codex_git_utils::ApplyGitRequest; +use codex_git_utils::apply_git_patch; use codex_utils_absolute_path::AbsolutePathBuf; use pretty_assertions::assert_eq; use std::fs; use std::path::Path; +use std::process::Command; +use std::time::Duration; +use std::time::Instant; use tempfile::tempdir; fn git_blob_sha1_hex(data: &str) -> String { @@ -41,24 +46,28 @@ async fn apply_verified_patch(root: &Path, patch: &str) -> AppliedPatchDelta { .expect("patch should apply") } +fn tracker_with_root(root: &Path) -> TurnDiffTracker { + TurnDiffTracker::with_environment_display_roots([("".to_string(), root.to_path_buf())]) +} + #[tokio::test] async fn accumulates_add_then_update_as_single_add() { let dir = tempdir().expect("tempdir"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let add = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Add File: a.txt\n+foo\n*** End Patch", ) .await; - tracker.track_delta(&add); + tracker.track_delta("", &add); let update = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Update File: a.txt\n@@\n foo\n+bar\n*** End Patch", ) .await; - tracker.track_delta(&update); + tracker.track_delta("", &update); let right_oid = git_blob_sha1_hex("foo\nbar\n"); let expected = format!( @@ -78,32 +87,69 @@ index {ZERO_OID}..{right_oid} #[tokio::test] async fn invalidated_tracker_suppresses_existing_diff() { let dir = tempdir().expect("tempdir"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let add = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Add File: a.txt\n+foo\n*** End Patch", ) .await; - tracker.track_delta(&add); + tracker.track_delta("", &add); tracker.invalidate(); assert_eq!(tracker.get_unified_diff(), None); } +#[tokio::test] +async fn tracks_same_absolute_path_across_multiple_environments() { + let dir = tempdir().expect("tempdir"); + let add = apply_verified_patch( + dir.path(), + "*** Begin Patch\n*** Add File: shared.txt\n+content\n*** End Patch", + ) + .await; + + let mut tracker = TurnDiffTracker::with_environment_display_roots([ + ("local".to_string(), dir.path().to_path_buf()), + ("remote".to_string(), dir.path().to_path_buf()), + ]); + tracker.track_delta("remote", &add); + tracker.track_delta("local", &add); + + let right_oid = git_blob_sha1_hex("content\n"); + let expected = format!( + r#"diff --git a/local/shared.txt b/local/shared.txt +new file mode {REGULAR_FILE_MODE} +index {ZERO_OID}..{right_oid} +--- {DEV_NULL} ++++ b/local/shared.txt +@@ -0,0 +1 @@ ++content +diff --git a/remote/shared.txt b/remote/shared.txt +new file mode {REGULAR_FILE_MODE} +index {ZERO_OID}..{right_oid} +--- {DEV_NULL} ++++ b/remote/shared.txt +@@ -0,0 +1 @@ ++content +"#, + ); + assert_eq!(tracker.get_unified_diff(), Some(expected)); +} + #[tokio::test] async fn accumulates_delete() { let dir = tempdir().expect("tempdir"); fs::write(dir.path().join("b.txt"), "x\n").expect("seed file"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let delete = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Delete File: b.txt\n*** End Patch", ) .await; - tracker.track_delta(&delete); + tracker.track_delta("", &delete); let left_oid = git_blob_sha1_hex("x\n"); let expected = format!( @@ -124,13 +170,13 @@ async fn accumulates_move_and_update() { let dir = tempdir().expect("tempdir"); fs::write(dir.path().join("src.txt"), "line\n").expect("seed file"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let update = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Update File: src.txt\n*** Move to: dst.txt\n@@\n-line\n+line2\n*** End Patch", ) .await; - tracker.track_delta(&update); + tracker.track_delta("", &update); let left_oid = git_blob_sha1_hex("line\n"); let right_oid = git_blob_sha1_hex("line2\n"); @@ -152,13 +198,13 @@ async fn pure_rename_yields_no_diff() { let dir = tempdir().expect("tempdir"); fs::write(dir.path().join("old.txt"), "same\n").expect("seed file"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let rename = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Update File: old.txt\n*** Move to: new.txt\n@@\n same\n*** End Patch", ) .await; - tracker.track_delta(&rename); + tracker.track_delta("", &rename); assert_eq!(tracker.get_unified_diff(), None); } @@ -168,13 +214,13 @@ async fn add_over_existing_file_becomes_update() { let dir = tempdir().expect("tempdir"); fs::write(dir.path().join("dup.txt"), "before\n").expect("seed file"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let add = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Add File: dup.txt\n+after\n*** End Patch", ) .await; - tracker.track_delta(&add); + tracker.track_delta("", &add); let left_oid = git_blob_sha1_hex("before\n"); let right_oid = git_blob_sha1_hex("after\n"); @@ -196,20 +242,20 @@ async fn delete_then_readd_same_path_becomes_update() { let dir = tempdir().expect("tempdir"); fs::write(dir.path().join("cycle.txt"), "before\n").expect("seed file"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let delete = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Delete File: cycle.txt\n*** End Patch", ) .await; - tracker.track_delta(&delete); + tracker.track_delta("", &delete); let add = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Add File: cycle.txt\n+after\n*** End Patch", ) .await; - tracker.track_delta(&add); + tracker.track_delta("", &add); let left_oid = git_blob_sha1_hex("before\n"); let right_oid = git_blob_sha1_hex("after\n"); @@ -232,13 +278,13 @@ async fn move_over_existing_destination_without_content_change_deletes_source_on fs::write(dir.path().join("a.txt"), "same\n").expect("seed source"); fs::write(dir.path().join("b.txt"), "same\n").expect("seed destination"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let move_overwrite = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Update File: a.txt\n*** Move to: b.txt\n@@\n same\n*** End Patch", ) .await; - tracker.track_delta(&move_overwrite); + tracker.track_delta("", &move_overwrite); let left_oid = git_blob_sha1_hex("same\n"); let expected = format!( @@ -261,13 +307,13 @@ async fn move_over_existing_destination_with_content_change_deletes_source_and_u fs::write(dir.path().join("a.txt"), "from\n").expect("seed source"); fs::write(dir.path().join("b.txt"), "existing\n").expect("seed destination"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let move_overwrite = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Update File: a.txt\n*** Move to: b.txt\n@@\n-from\n+new\n*** End Patch", ) .await; - tracker.track_delta(&move_overwrite); + tracker.track_delta("", &move_overwrite); let left_oid_a = git_blob_sha1_hex("from\n"); let left_oid_b = git_blob_sha1_hex("existing\n"); @@ -298,13 +344,13 @@ async fn preserves_committed_change_order_with_delete_then_move_overwrite() { fs::write(dir.path().join("a.txt"), "from\n").expect("seed source"); fs::write(dir.path().join("b.txt"), "existing\n").expect("seed destination"); - let mut tracker = TurnDiffTracker::with_display_root(dir.path().to_path_buf()); + let mut tracker = tracker_with_root(dir.path()); let ordered_patch = apply_verified_patch( dir.path(), "*** Begin Patch\n*** Delete File: b.txt\n*** Update File: a.txt\n*** Move to: b.txt\n@@\n-from\n+new\n*** End Patch", ) .await; - tracker.track_delta(&ordered_patch); + tracker.track_delta("", &ordered_patch); let left_oid_a = git_blob_sha1_hex("from\n"); let left_oid_b = git_blob_sha1_hex("existing\n"); @@ -328,3 +374,122 @@ index {left_oid_b}..{right_oid_b} ); assert_eq!(tracker.get_unified_diff(), Some(expected)); } + +#[tokio::test] +async fn reuses_rendered_diffs_for_unchanged_paths() { + let dir = tempdir().expect("tempdir"); + let mut tracker = tracker_with_root(dir.path()); + + let add_a = apply_verified_patch( + dir.path(), + "*** Begin Patch\n*** Add File: a.txt\n+one\n*** End Patch", + ) + .await; + tracker.track_delta("", &add_a); + assert_eq!(tracker.rendered_diff_count(), 1); + + let add_b = apply_verified_patch( + dir.path(), + "*** Begin Patch\n*** Add File: b.txt\n+two\n*** End Patch", + ) + .await; + tracker.track_delta("", &add_b); + + assert_eq!(tracker.rendered_diff_count(), 2); + assert_eq!( + tracker.get_unified_diff(), + tracker.get_unified_diff(), + "reading the cached aggregate must not render file diffs", + ); + assert_eq!(tracker.rendered_diff_count(), 2); +} + +#[tokio::test] +async fn repeated_updates_only_rerender_the_touched_path() { + let dir = tempdir().expect("tempdir"); + let mut tracker = tracker_with_root(dir.path()); + + for patch in [ + "*** Begin Patch\n*** Add File: stable.txt\n+stable\n*** End Patch".to_string(), + "*** Begin Patch\n*** Add File: hot.txt\n+value 0\n*** End Patch".to_string(), + ] { + tracker.track_delta("", &apply_verified_patch(dir.path(), &patch).await); + } + + for value in 1..=40 { + let patch = format!( + "*** Begin Patch\n*** Update File: hot.txt\n@@\n-value {}\n+value {value}\n*** End Patch", + value - 1, + ); + tracker.track_delta("", &apply_verified_patch(dir.path(), &patch).await); + } + + assert_eq!(tracker.rendered_diff_count(), 42); +} + +#[test] +fn large_rewrite_returns_promptly_and_preserves_exact_content() { + let dir = tempdir().expect("tempdir"); + assert!( + Command::new("git") + .args(["init", "--quiet"]) + .current_dir(dir.path()) + .status() + .expect("run git init") + .success() + ); + assert!( + Command::new("git") + .args(["config", "core.autocrlf", "false"]) + .current_dir(dir.path()) + .status() + .expect("disable line ending conversion") + .success() + ); + let old_content = (0..48_000) + .map(|line| format!("old line {line:05}\n")) + .collect::(); + let new_content = (0..48_000) + .map(|line| format!("new line {line:05}\n")) + .collect::(); + let path = dir.path().join("large.txt"); + fs::write(&path, &old_content).expect("seed large file"); + assert!( + Command::new("git") + .args(["add", "large.txt"]) + .current_dir(dir.path()) + .status() + .expect("run git add") + .success() + ); + let tracker = tracker_with_root(dir.path()); + let tracked_path = TrackedPath::new("", &path); + + let started = Instant::now(); + let diff = tracker + .render_diff( + &tracked_path, + Some(&old_content), + &tracked_path, + Some(&new_content), + ) + .expect("complete rewrite should produce a diff"); + + assert!( + started.elapsed() < Duration::from_secs(2), + "large rewrite took {:?}", + started.elapsed(), + ); + let result = apply_git_patch(&ApplyGitRequest { + cwd: dir.path().to_path_buf(), + diff, + revert: false, + preflight: false, + }) + .expect("apply generated diff"); + assert_eq!(result.exit_code, 0, "{}", result.stderr); + assert_eq!( + fs::read_to_string(path).expect("read large file"), + new_content + ); +} diff --git a/codex-rs/core/src/turn_metadata.rs b/codex-rs/core/src/turn_metadata.rs index e66a1fbb50e..d13c081817b 100644 --- a/codex-rs/core/src/turn_metadata.rs +++ b/codex-rs/core/src/turn_metadata.rs @@ -6,16 +6,15 @@ use std::sync::RwLock; use std::sync::atomic::AtomicBool; use std::sync::atomic::Ordering; -use codex_analytics::CompactionImplementation; -use codex_analytics::CompactionPhase; -use codex_analytics::CompactionReason; -use codex_analytics::CompactionStrategy; -use codex_analytics::CompactionTrigger; -use codex_utils_string::to_ascii_json_string; -use serde::Serialize; use serde_json::Value; use tokio::task::JoinHandle; +use crate::responses_metadata::CodexResponsesMetadata; +use crate::responses_metadata::CodexResponsesRequestKind; +use crate::responses_metadata::TurnMetadataWorkspace; +use crate::responses_metadata::filter_extra_metadata; +use crate::responses_metadata::subagent_header_value; +use crate::responses_metadata::subagent_metadata_kind; use crate::sandbox_tags::permission_profile_sandbox_tag; use codex_git_utils::get_git_remote_urls_assume_git_repo; use codex_git_utils::get_git_repo_root; @@ -26,62 +25,18 @@ use codex_protocol::config_types::WindowsSandboxLevel; use codex_protocol::models::PermissionProfile; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; use codex_protocol::protocol::SessionSource; -use codex_protocol::protocol::ThreadSource; use codex_utils_absolute_path::AbsolutePathBuf; const MODEL_KEY: &str = "model"; const REASONING_EFFORT_KEY: &str = "reasoning_effort"; -const TURN_STARTED_AT_UNIX_MS_KEY: &str = "turn_started_at_unix_ms"; const USER_INPUT_REQUESTED_DURING_TURN_KEY: &str = "user_input_requested_during_turn"; const WORKSPACE_KIND_KEY: &str = "workspace_kind"; -const REQUEST_KIND_KEY: &str = "request_kind"; -const COMPACTION_KEY: &str = "compaction"; -const WINDOW_ID_KEY: &str = "window_id"; pub(crate) struct McpTurnMetadataContext<'a> { pub(crate) model: &'a str, pub(crate) reasoning_effort: Option, } -/// Metadata present only on outbound model requests that perform compaction. -/// -/// These fields describe the operation at dispatch time. Post-response outcomes such as status, -/// error, duration, and token deltas remain in compaction analytics events. -#[derive(Clone, Copy, Debug, Serialize)] -pub(crate) struct CompactionTurnMetadata { - trigger: CompactionTrigger, - reason: CompactionReason, - implementation: CompactionImplementation, - phase: CompactionPhase, - strategy: CompactionStrategy, -} - -impl CompactionTurnMetadata { - pub(crate) fn new( - trigger: CompactionTrigger, - reason: CompactionReason, - implementation: CompactionImplementation, - phase: CompactionPhase, - ) -> Self { - Self { - trigger, - reason, - implementation, - phase, - strategy: CompactionStrategy::Memento, - } - } -} - -#[derive(Clone, Copy, Debug, Serialize)] -#[serde(rename_all = "snake_case")] -enum TurnMetadataRequestKind { - Turn, - Prewarm, - Compaction, - Memory, -} - #[derive(Clone, Debug, Default)] struct WorkspaceGitMetadata { associated_remote_urls: Option>, @@ -97,16 +52,6 @@ impl WorkspaceGitMetadata { } } -#[derive(Clone, Debug, Serialize, Default)] -struct TurnMetadataWorkspace { - #[serde(default, skip_serializing_if = "Option::is_none")] - associated_remote_urls: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - latest_git_commit_hash: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - has_changes: Option, -} - impl From for TurnMetadataWorkspace { fn from(value: WorkspaceGitMetadata) -> Self { Self { @@ -117,141 +62,40 @@ impl From for TurnMetadataWorkspace { } } -/// Base payload for the outbound model request `x-codex-turn-metadata` header. -/// -/// Turn-owned state populates identity fields, including optional fork and subagent lineage. A -/// concrete request kind is added at outbound model dispatch so turns, startup prewarm, and -/// compaction remain distinguishable. Detached memory requests are constructed as `memory` -/// directly. -#[derive(Clone, Debug, Serialize)] -pub(crate) struct TurnMetadataBag { - #[serde(default, skip_serializing_if = "Option::is_none")] - request_kind: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - session_id: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - thread_id: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - forked_from_thread_id: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - parent_thread_id: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - subagent_kind: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - thread_source: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - turn_id: Option, - #[serde(default, skip_serializing_if = "BTreeMap::is_empty")] - workspaces: BTreeMap, - #[serde(default, skip_serializing_if = "Option::is_none")] - sandbox: Option, -} - -impl TurnMetadataBag { - fn with_workspace_git_metadata( - mut self, - repo_root: Option, - workspace_git_metadata: Option, - ) -> Self { - if let (Some(repo_root), Some(workspace_git_metadata)) = (repo_root, workspace_git_metadata) - && !workspace_git_metadata.is_empty() - { - self.workspaces - .insert(repo_root, workspace_git_metadata.into()); - } - self - } - - fn to_header_value(&self) -> Option { - to_ascii_json_string(self).ok() - } -} - -fn merge_turn_metadata( - header: &str, - turn_started_at_unix_ms: Option, - responsesapi_client_metadata: Option<&HashMap>, -) -> Option { - if turn_started_at_unix_ms.is_none() && responsesapi_client_metadata.is_none() { - return None; - } - - let mut metadata = serde_json::from_str::>(header).ok()?; - if let Some(turn_started_at_unix_ms) = turn_started_at_unix_ms { - metadata.insert( - TURN_STARTED_AT_UNIX_MS_KEY.to_string(), - Value::Number(turn_started_at_unix_ms.into()), - ); - } - if let Some(responsesapi_client_metadata) = responsesapi_client_metadata { - for (key, value) in responsesapi_client_metadata { - if matches!( - key.as_str(), - "session_id" - | "thread_id" - | "turn_id" - | TURN_STARTED_AT_UNIX_MS_KEY - | "forked_from_thread_id" - | "parent_thread_id" - | "subagent_kind" - | REQUEST_KIND_KEY - | COMPACTION_KEY - | WINDOW_ID_KEY - ) { - continue; - } - metadata - .entry(key.clone()) - .or_insert_with(|| Value::String(value.clone())); - } - } - to_ascii_json_string(&metadata).ok() -} - -pub async fn build_turn_metadata_header( +#[allow(clippy::too_many_arguments)] +pub async fn detached_memory_responses_metadata( + installation_id: String, + session_id: String, + thread_id: String, + window_id: String, + session_source: &SessionSource, cwd: &AbsolutePathBuf, sandbox: Option<&str>, -) -> Option { - let repo_root = get_git_repo_root(cwd).map(|root| root.to_string_lossy().into_owned()); - - let (head_commit_hash, associated_remote_urls, has_changes) = tokio::join!( - get_head_commit_hash(cwd), - get_git_remote_urls_assume_git_repo(cwd), - get_has_changes(cwd), - ); - let latest_git_commit_hash = head_commit_hash.map(|sha| sha.0); - TurnMetadataBag { - request_kind: Some(TurnMetadataRequestKind::Memory), - session_id: None, - thread_id: None, - forked_from_thread_id: None, - parent_thread_id: None, - subagent_kind: None, - thread_source: None, - turn_id: None, - workspaces: BTreeMap::new(), +) -> CodexResponsesMetadata { + CodexResponsesMetadata { + request_kind: Some(CodexResponsesRequestKind::Memory), + subagent_header: subagent_header_value(session_source), sandbox: sandbox.map(ToString::to_string), + workspaces: memory_workspaces(cwd).await, + ..CodexResponsesMetadata::new(installation_id, session_id, thread_id, window_id) } - .with_workspace_git_metadata( - repo_root, - Some(WorkspaceGitMetadata { - associated_remote_urls, - latest_git_commit_hash, - has_changes, - }), - ) - .to_header_value() } #[derive(Clone, Debug)] pub(crate) struct TurnMetadataState { cwd: AbsolutePathBuf, repo_root: Option, - base_metadata: TurnMetadataBag, - base_header: Option, - enriched_header: Arc>>, + session_id: String, + thread_id: String, + forked_from_thread_id: Option, + parent_thread_id: Option, + subagent_header: Option, + subagent_kind: Option, + turn_id: String, + sandbox: Option, + enriched_workspaces: Arc>>>, turn_started_at_unix_ms: Arc>>, - responsesapi_client_metadata: Arc>>>, + responsesapi_client_metadata: Arc>>, user_input_requested_during_turn: Arc, enrichment_task: Arc>>>, } @@ -264,7 +108,6 @@ impl TurnMetadataState { forked_from_thread_id: Option, parent_thread_id: Option, session_source: &SessionSource, - thread_source: Option, turn_id: String, cwd: AbsolutePathBuf, permission_profile: &PermissionProfile, @@ -280,79 +123,34 @@ impl TurnMetadataState { ) .to_string(), ); - let subagent_kind = match session_source { - SessionSource::SubAgent(subagent_source) => Some(subagent_source.kind().to_string()), - SessionSource::Cli - | SessionSource::VSCode - | SessionSource::Exec - | SessionSource::Mcp - | SessionSource::Custom(_) - | SessionSource::Internal(_) - | SessionSource::Unknown => None, - }; - let base_metadata = TurnMetadataBag { - request_kind: None, - session_id: Some(session_id), - thread_id: Some(thread_id), - forked_from_thread_id, - parent_thread_id, - subagent_kind, - thread_source, - turn_id: Some(turn_id), - workspaces: BTreeMap::new(), - sandbox, - }; - let base_header = base_metadata.to_header_value(); - Self { cwd, repo_root, - base_metadata, - base_header, - enriched_header: Arc::new(RwLock::new(None)), + session_id, + thread_id, + forked_from_thread_id, + parent_thread_id, + subagent_header: subagent_header_value(session_source), + subagent_kind: subagent_metadata_kind(session_source), + turn_id, + sandbox, + enriched_workspaces: Arc::new(RwLock::new(None)), turn_started_at_unix_ms: Arc::new(RwLock::new(None)), - responsesapi_client_metadata: Arc::new(RwLock::new(None)), + responsesapi_client_metadata: Arc::new(RwLock::new(BTreeMap::new())), user_input_requested_during_turn: Arc::new(AtomicBool::new(false)), enrichment_task: Arc::new(Mutex::new(None)), } } - pub(crate) fn current_header_value(&self) -> Option { - let header = if let Some(header) = self - .enriched_header - .read() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .as_ref() - .cloned() - { - header - } else { - self.base_header.clone()? - }; - let turn_started_at_unix_ms = *self - .turn_started_at_unix_ms - .read() - .unwrap_or_else(std::sync::PoisonError::into_inner); - let responsesapi_client_metadata = self - .responsesapi_client_metadata - .read() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .clone(); - merge_turn_metadata( - &header, - turn_started_at_unix_ms, - responsesapi_client_metadata.as_ref(), - ) - .or(Some(header)) - } - pub(crate) fn current_meta_value_for_mcp_request( &self, context: McpTurnMetadataContext<'_>, ) -> Option { - let header = self.current_header_value()?; - let mut metadata = serde_json::from_str::>(&header).ok()?; - metadata.remove(REQUEST_KIND_KEY); + let Value::Object(mut metadata) = + self.responses_metadata_template().turn_metadata_value()? + else { + return None; + }; metadata.insert( MODEL_KEY.to_string(), Value::String(context.model.to_string()), @@ -382,50 +180,18 @@ impl TurnMetadataState { Some(Value::Object(metadata)) } - fn current_header_value_for_model_request_kind( + pub(crate) fn to_responses_metadata( &self, - window_id: &str, - request_kind: TurnMetadataRequestKind, - ) -> Option { - let header = self.current_header_value()?; - let mut metadata = serde_json::from_str::>(&header).ok()?; - metadata.insert( - REQUEST_KIND_KEY.to_string(), - serde_json::to_value(request_kind).ok()?, - ); - metadata.insert( - WINDOW_ID_KEY.to_string(), - Value::String(window_id.to_string()), - ); - to_ascii_json_string(&metadata).ok() - } - - pub(crate) fn current_header_value_for_model_request(&self, window_id: &str) -> Option { - self.current_header_value_for_model_request_kind(window_id, TurnMetadataRequestKind::Turn) - } - - pub(crate) fn current_header_value_for_prewarm(&self, window_id: &str) -> Option { - self.current_header_value_for_model_request_kind( + installation_id: String, + window_id: String, + request_kind: CodexResponsesRequestKind, + ) -> CodexResponsesMetadata { + CodexResponsesMetadata { + installation_id, window_id, - TurnMetadataRequestKind::Prewarm, - ) - } - - pub(crate) fn current_header_value_for_compaction( - &self, - window_id: &str, - compaction: CompactionTurnMetadata, - ) -> Option { - let header = self.current_header_value_for_model_request_kind( - window_id, - TurnMetadataRequestKind::Compaction, - )?; - let mut metadata = serde_json::from_str::>(&header).ok()?; - metadata.insert( - COMPACTION_KEY.to_string(), - serde_json::to_value(compaction).ok()?, - ); - to_ascii_json_string(&metadata).ok() + request_kind: Some(request_kind), + ..self.responses_metadata_template() + } } pub(crate) fn mark_user_input_requested_during_turn(&self) { @@ -441,15 +207,54 @@ impl TurnMetadataState { .responsesapi_client_metadata .write() .unwrap_or_else(std::sync::PoisonError::into_inner) = - Some(responsesapi_client_metadata); + filter_extra_metadata(responsesapi_client_metadata); } pub(crate) fn workspace_kind(&self) -> Option { self.responsesapi_client_metadata .read() .unwrap_or_else(std::sync::PoisonError::into_inner) - .as_ref() - .and_then(|metadata| metadata.get(WORKSPACE_KIND_KEY).cloned()) + .get(WORKSPACE_KIND_KEY) + .cloned() + } + + fn responses_metadata_template(&self) -> CodexResponsesMetadata { + CodexResponsesMetadata { + turn_id: Some(self.turn_id.clone()), + forked_from_thread_id: self.forked_from_thread_id, + parent_thread_id: self.parent_thread_id, + subagent_header: self.subagent_header.clone(), + subagent_kind: self.subagent_kind.clone(), + sandbox: self.sandbox.clone(), + workspaces: self.current_workspaces(), + turn_started_at_unix_ms: self.current_turn_started_at_unix_ms(), + extra: self + .responsesapi_client_metadata + .read() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .clone(), + ..CodexResponsesMetadata::new( + String::new(), + self.session_id.clone(), + self.thread_id.clone(), + String::new(), + ) + } + } + + fn current_workspaces(&self) -> BTreeMap { + self.enriched_workspaces + .read() + .unwrap_or_else(std::sync::PoisonError::into_inner) + .clone() + .unwrap_or_default() + } + + fn current_turn_started_at_unix_ms(&self) -> Option { + *self + .turn_started_at_unix_ms + .read() + .unwrap_or_else(std::sync::PoisonError::into_inner) } pub(crate) fn set_turn_started_at_unix_ms(&self, turn_started_at_unix_ms: i64) { @@ -479,20 +284,16 @@ impl TurnMetadataState { return; }; - let enriched_metadata = state - .base_metadata - .clone() - .with_workspace_git_metadata(Some(repo_root), Some(workspace_git_metadata)); - if enriched_metadata.workspaces.is_empty() { + if workspace_git_metadata.is_empty() { return; } - if let Some(header_value) = enriched_metadata.to_header_value() { - *state - .enriched_header - .write() - .unwrap_or_else(std::sync::PoisonError::into_inner) = Some(header_value); - } + let mut workspaces = BTreeMap::new(); + workspaces.insert(repo_root, workspace_git_metadata.into()); + *state + .enriched_workspaces + .write() + .unwrap_or_else(std::sync::PoisonError::into_inner) = Some(workspaces); })); } @@ -522,6 +323,27 @@ impl TurnMetadataState { } } +async fn memory_workspaces(cwd: &AbsolutePathBuf) -> BTreeMap { + let repo_root = get_git_repo_root(cwd).map(|root| root.to_string_lossy().into_owned()); + let (head_commit_hash, associated_remote_urls, has_changes) = tokio::join!( + get_head_commit_hash(cwd), + get_git_remote_urls_assume_git_repo(cwd), + get_has_changes(cwd), + ); + let workspace_git_metadata = WorkspaceGitMetadata { + associated_remote_urls, + latest_git_commit_hash: head_commit_hash.map(|sha| sha.0), + has_changes, + }; + let mut workspaces = BTreeMap::new(); + if let Some(repo_root) = repo_root + && !workspace_git_metadata.is_empty() + { + workspaces.insert(repo_root, workspace_git_metadata.into()); + } + workspaces +} + #[cfg(test)] #[path = "turn_metadata_tests.rs"] mod tests; diff --git a/codex-rs/core/src/turn_metadata_tests.rs b/codex-rs/core/src/turn_metadata_tests.rs index 32a559848ad..5e6d1f32bb6 100644 --- a/codex-rs/core/src/turn_metadata_tests.rs +++ b/codex-rs/core/src/turn_metadata_tests.rs @@ -1,11 +1,18 @@ use super::*; +use crate::responses_metadata::CodexResponsesRequestKind; +use crate::responses_metadata::CompactionTurnMetadata; +use crate::responses_metadata::INSTALLATION_ID_KEY; +use crate::responses_metadata::WINDOW_ID_KEY; use crate::sandbox_tags::permission_profile_sandbox_tag; +use codex_analytics::CompactionImplementation; +use codex_analytics::CompactionPhase; +use codex_analytics::CompactionReason; +use codex_analytics::CompactionTrigger; use codex_protocol::models::PermissionProfile; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::SubAgentSource; -use codex_protocol::protocol::ThreadSource; use codex_utils_absolute_path::AbsolutePathBuf; use core_test_support::PathBufExt; use core_test_support::PathExt; @@ -23,6 +30,44 @@ fn test_mcp_turn_metadata_context() -> McpTurnMetadataContext<'static> { } } +fn test_responses_metadata_json( + state: &TurnMetadataState, + window_id: &str, + request_kind: CodexResponsesRequestKind, +) -> String { + state + .to_responses_metadata( + "installation-a".to_string(), + window_id.to_string(), + request_kind, + ) + .turn_metadata_json() + .expect("turn metadata json") +} + +fn test_turn_responses_metadata_json(state: &TurnMetadataState, window_id: &str) -> String { + test_responses_metadata_json(state, window_id, CodexResponsesRequestKind::Turn) +} + +fn test_compaction_responses_metadata_json( + state: &TurnMetadataState, + window_id: &str, + compaction: CompactionTurnMetadata, +) -> String { + test_responses_metadata_json( + state, + window_id, + CodexResponsesRequestKind::Compaction(compaction), + ) +} + +fn test_turn_metadata_header(state: &TurnMetadataState) -> String { + state + .responses_metadata_template() + .turn_metadata_json() + .expect("header") +} + async fn create_clean_git_repo(repo_name: &str) -> (TempDir, AbsolutePathBuf) { let temp_dir = TempDir::new().expect("temp dir"); let repo_path = temp_dir.path().join(repo_name).abs(); @@ -64,12 +109,21 @@ async fn create_clean_git_repo(repo_name: &str) -> (TempDir, AbsolutePathBuf) { } #[tokio::test] -async fn build_turn_metadata_header_marks_detached_memory_without_turn_identity() { +async fn detached_memory_responses_metadata_omits_turn_identity() { let (_temp_dir, repo_path) = create_clean_git_repo("repo-東京").await; - let header = build_turn_metadata_header(&repo_path, Some("none")) - .await - .expect("header"); + let header = detached_memory_responses_metadata( + String::new(), + String::new(), + String::new(), + String::new(), + &SessionSource::Unknown, + &repo_path, + Some("none"), + ) + .await + .turn_metadata_json() + .expect("header"); assert!(header.is_ascii()); assert!(!header.contains("東京")); let parsed: Value = serde_json::from_str(&header).expect("valid json"); @@ -100,13 +154,22 @@ async fn build_turn_metadata_header_marks_detached_memory_without_turn_identity( } #[tokio::test] -async fn build_turn_metadata_header_marks_memory_without_workspace_metadata() { +async fn detached_memory_responses_metadata_omits_empty_workspace_metadata() { let temp_dir = TempDir::new().expect("temp dir"); let cwd = temp_dir.path().abs(); - let header = build_turn_metadata_header(&cwd, /*sandbox*/ None) - .await - .expect("detached memory should emit its request kind"); + let header = detached_memory_responses_metadata( + String::new(), + String::new(), + String::new(), + String::new(), + &SessionSource::Unknown, + &cwd, + /*sandbox*/ None, + ) + .await + .turn_metadata_json() + .expect("detached memory should emit its request kind"); let parsed: Value = serde_json::from_str(&header).expect("valid json"); assert_eq!(parsed, serde_json::json!({"request_kind": "memory"})); @@ -124,7 +187,6 @@ fn turn_metadata_state_uses_platform_sandbox_tag() { /*forked_from_thread_id*/ None, /*parent_thread_id*/ None, &SessionSource::Exec, - Some(ThreadSource::User), "turn-a".to_string(), cwd, &permission_profile, @@ -132,12 +194,11 @@ fn turn_metadata_state_uses_platform_sandbox_tag() { /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); let sandbox_name = json.get("sandbox").and_then(Value::as_str); let session_id = json.get("session_id").and_then(Value::as_str); let thread_id = json.get("thread_id").and_then(Value::as_str); - let thread_source = json.get("thread_source").and_then(Value::as_str); assert!(json.get("request_kind").is_none()); let expected_sandbox = permission_profile_sandbox_tag( @@ -148,39 +209,12 @@ fn turn_metadata_state_uses_platform_sandbox_tag() { assert_eq!(sandbox_name, Some(expected_sandbox)); assert_eq!(session_id, Some("session-a")); assert_eq!(thread_id, Some("thread-a")); - assert_eq!(thread_source, Some("user")); assert!(json.get("forked_from_thread_id").is_none()); assert!(json.get("parent_thread_id").is_none()); assert!(json.get("subagent_kind").is_none()); assert!(json.get("session_source").is_none()); } -#[test] -fn turn_metadata_state_uses_explicit_subagent_thread_source() { - let temp_dir = TempDir::new().expect("temp dir"); - let cwd = temp_dir.path().abs(); - let permission_profile = PermissionProfile::read_only(); - let state = TurnMetadataState::new( - "session-a".to_string(), - "thread-a".to_string(), - /*forked_from_thread_id*/ None, - /*parent_thread_id*/ None, - &SessionSource::Exec, - Some(ThreadSource::Subagent), - "turn-a".to_string(), - cwd, - &permission_profile, - WindowsSandboxLevel::Disabled, - /*enforce_managed_network*/ false, - ); - - let header = state.current_header_value().expect("header"); - let json: Value = serde_json::from_str(&header).expect("json"); - - assert_eq!(json["thread_source"].as_str(), Some("subagent")); - assert!(json.get("session_source").is_none()); -} - #[test] fn turn_metadata_state_includes_root_fork_lineage() { let temp_dir = TempDir::new().expect("temp dir"); @@ -195,7 +229,6 @@ fn turn_metadata_state_includes_root_fork_lineage() { Some(source_thread_id), /*parent_thread_id*/ None, &SessionSource::Exec, - Some(ThreadSource::User), "turn-a".to_string(), cwd, &permission_profile, @@ -203,7 +236,7 @@ fn turn_metadata_state_includes_root_fork_lineage() { /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); assert_eq!( @@ -234,7 +267,6 @@ fn turn_metadata_state_includes_thread_spawn_subagent_parent_without_fork() { agent_nickname: None, agent_role: None, }), - Some(ThreadSource::Subagent), "turn-a".to_string(), cwd, &permission_profile, @@ -242,7 +274,7 @@ fn turn_metadata_state_includes_thread_spawn_subagent_parent_without_fork() { /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); assert!(json.get("forked_from_thread_id").is_none()); @@ -273,7 +305,6 @@ fn turn_metadata_state_includes_forked_thread_spawn_subagent_lineage() { agent_nickname: None, agent_role: None, }), - Some(ThreadSource::Subagent), "turn-a".to_string(), cwd, &permission_profile, @@ -281,7 +312,7 @@ fn turn_metadata_state_includes_forked_thread_spawn_subagent_lineage() { /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); assert_eq!( @@ -318,7 +349,6 @@ fn turn_metadata_state_includes_known_parent_for_non_thread_spawn_subagents_with /*forked_from_thread_id*/ None, Some(parent_thread_id), &SessionSource::SubAgent(subagent_source), - Some(ThreadSource::Subagent), "turn-a".to_string(), cwd.clone(), &permission_profile, @@ -326,7 +356,7 @@ fn turn_metadata_state_includes_known_parent_for_non_thread_spawn_subagents_with /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); assert!(json.get("forked_from_thread_id").is_none()); @@ -350,7 +380,6 @@ fn turn_metadata_state_includes_turn_started_at_unix_ms_after_start() { /*forked_from_thread_id*/ None, /*parent_thread_id*/ None, &SessionSource::Exec, - Some(ThreadSource::User), "turn-a".to_string(), cwd, &permission_profile, @@ -359,7 +388,7 @@ fn turn_metadata_state_includes_turn_started_at_unix_ms_after_start() { ); state.set_turn_started_at_unix_ms(/*turn_started_at_unix_ms*/ 1_700_000_000_123); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); assert_eq!( @@ -380,7 +409,6 @@ fn turn_metadata_state_includes_model_and_reasoning_effort_only_in_request_meta( /*forked_from_thread_id*/ None, /*parent_thread_id*/ None, &SessionSource::Exec, - /*thread_source*/ None, "turn-a".to_string(), cwd, &permission_profile, @@ -388,7 +416,7 @@ fn turn_metadata_state_includes_model_and_reasoning_effort_only_in_request_meta( /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let header_json: Value = serde_json::from_str(&header).expect("json"); assert!(header_json.get("model").is_none()); assert!(header_json.get("reasoning_effort").is_none()); @@ -429,7 +457,6 @@ fn turn_metadata_state_marks_user_input_requested_during_turn_only_for_mcp_reque /*forked_from_thread_id*/ None, /*parent_thread_id*/ None, &SessionSource::Exec, - /*thread_source*/ None, "turn-a".to_string(), cwd, &permission_profile, @@ -437,7 +464,7 @@ fn turn_metadata_state_marks_user_input_requested_during_turn_only_for_mcp_reque /*enforce_managed_network*/ false, ); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let header_json: Value = serde_json::from_str(&header).expect("json"); assert!( header_json @@ -452,7 +479,7 @@ fn turn_metadata_state_marks_user_input_requested_during_turn_only_for_mcp_reque state.mark_user_input_requested_during_turn(); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let header_json: Value = serde_json::from_str(&header).expect("json"); assert!( header_json @@ -482,7 +509,6 @@ fn turn_metadata_state_ignores_client_reserved_metadata_before_start() { /*forked_from_thread_id*/ None, /*parent_thread_id*/ None, &SessionSource::Exec, - Some(ThreadSource::User), "turn-a".to_string(), cwd, &permission_profile, @@ -505,7 +531,7 @@ fn turn_metadata_state_ignores_client_reserved_metadata_before_start() { ("subagent_kind".to_string(), "client-supplied".to_string()), ])); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); assert!(json.get("turn_started_at_unix_ms").is_none()); @@ -536,7 +562,6 @@ fn turn_metadata_state_merges_client_metadata_without_replacing_reserved_fields( agent_nickname: None, agent_role: None, }), - Some(ThreadSource::User), "turn-a".to_string(), cwd, &permission_profile, @@ -554,6 +579,19 @@ fn turn_metadata_state_merges_client_metadata_without_replacing_reserved_fields( ), ("session_id".to_string(), "client-supplied".to_string()), ("thread_id".to_string(), "client-supplied".to_string()), + ("installation_id".to_string(), "client-supplied".to_string()), + ( + "x-codex-installation-id".to_string(), + "client-supplied".to_string(), + ), + ( + "x-codex-parent-thread-id".to_string(), + "client-supplied".to_string(), + ), + ( + "x-openai-subagent".to_string(), + "client-supplied".to_string(), + ), ( "forked_from_thread_id".to_string(), "client-supplied".to_string(), @@ -574,7 +612,7 @@ fn turn_metadata_state_merges_client_metadata_without_replacing_reserved_fields( ])); state.set_turn_started_at_unix_ms(/*turn_started_at_unix_ms*/ 1_700_000_000_123); - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); assert!(header.is_ascii()); assert!(!header.contains("東京")); let json: Value = serde_json::from_str(&header).expect("json"); @@ -586,6 +624,10 @@ fn turn_metadata_state_merges_client_metadata_without_replacing_reserved_fields( assert_eq!(json["reasoning_effort"].as_str(), Some("client-supplied")); assert_eq!(json["session_id"].as_str(), Some("session-a")); assert_eq!(json["thread_id"].as_str(), Some("thread-a")); + assert!(json.get(INSTALLATION_ID_KEY).is_none()); + assert!(json.get("x-codex-installation-id").is_none()); + assert!(json.get("x-codex-parent-thread-id").is_none()); + assert!(json.get("x-openai-subagent").is_none()); assert_eq!( json["forked_from_thread_id"].as_str(), Some("44444444-4444-4444-8444-444444444444") @@ -595,7 +637,7 @@ fn turn_metadata_state_merges_client_metadata_without_replacing_reserved_fields( Some("55555555-5555-4555-8555-555555555555") ); assert_eq!(json["subagent_kind"].as_str(), Some("thread_spawn")); - assert_eq!(json["thread_source"].as_str(), Some("user")); + assert_eq!(json["thread_source"].as_str(), Some("client-supplied")); assert_eq!(json["turn_id"].as_str(), Some("turn-a")); assert!(json.get("request_kind").is_none()); assert!(json.get(WINDOW_ID_KEY).is_none()); @@ -604,12 +646,14 @@ fn turn_metadata_state_merges_client_metadata_without_replacing_reserved_fields( Some(1_700_000_000_123) ); - let model_request_header = state - .current_header_value_for_model_request("thread-a:1") - .expect("model request header"); + let model_request_header = test_turn_responses_metadata_json(&state, "thread-a:1"); let model_request_json: Value = serde_json::from_str(&model_request_header).expect("model request json"); assert_eq!(model_request_json["request_kind"].as_str(), Some("turn")); + assert_eq!( + model_request_json[INSTALLATION_ID_KEY].as_str(), + Some("installation-a") + ); assert_eq!( model_request_json[WINDOW_ID_KEY].as_str(), Some("thread-a:1") @@ -635,7 +679,6 @@ fn turn_metadata_state_overlays_compaction_only_on_compaction_requests() { /*forked_from_thread_id*/ None, /*parent_thread_id*/ None, &SessionSource::Exec, - Some(ThreadSource::User), "turn-a".to_string(), cwd, &permission_profile, @@ -647,17 +690,16 @@ fn turn_metadata_state_overlays_compaction_only_on_compaction_requests() { "client-supplied".to_string(), )])); - let compact_header = state - .current_header_value_for_compaction( - "thread-a:2", - CompactionTurnMetadata::new( - CompactionTrigger::Auto, - CompactionReason::ContextLimit, - CompactionImplementation::ResponsesCompactionV2, - CompactionPhase::MidTurn, - ), - ) - .expect("compact header"); + let compact_header = test_compaction_responses_metadata_json( + &state, + "thread-a:2", + CompactionTurnMetadata::new( + CompactionTrigger::Auto, + CompactionReason::ContextLimit, + CompactionImplementation::ResponsesCompactionV2, + CompactionPhase::MidTurn, + ), + ); let compact_json: Value = serde_json::from_str(&compact_header).expect("json"); assert_eq!(compact_json["request_kind"].as_str(), Some("compaction")); assert_eq!(compact_json["turn_id"].as_str(), Some("turn-a")); @@ -673,9 +715,7 @@ fn turn_metadata_state_overlays_compaction_only_on_compaction_requests() { }) ); - let regular_header = state - .current_header_value_for_model_request("thread-a:3") - .expect("regular header"); + let regular_header = test_turn_responses_metadata_json(&state, "thread-a:3"); let regular_json: Value = serde_json::from_str(®ular_header).expect("json"); assert_eq!(regular_json["request_kind"].as_str(), Some("turn")); assert_eq!(regular_json[WINDOW_ID_KEY].as_str(), Some("thread-a:3")); @@ -701,7 +741,6 @@ async fn turn_metadata_state_preserves_lineage_after_git_enrichment() { agent_nickname: None, agent_role: None, }), - Some(ThreadSource::Subagent), "turn-a".to_string(), repo_path, &permission_profile, @@ -713,7 +752,7 @@ async fn turn_metadata_state_preserves_lineage_after_git_enrichment() { let json = tokio::time::timeout(Duration::from_secs(2), async { loop { - let header = state.current_header_value().expect("header"); + let header = test_turn_metadata_header(&state); let json: Value = serde_json::from_str(&header).expect("json"); if json .get("workspaces") diff --git a/codex-rs/core/src/turn_timing.rs b/codex-rs/core/src/turn_timing.rs index 570e4a6e322..380e246fae0 100644 --- a/codex-rs/core/src/turn_timing.rs +++ b/codex-rs/core/src/turn_timing.rs @@ -1,8 +1,11 @@ +use std::sync::Arc; +use std::sync::Mutex as StdMutex; use std::time::Duration; use std::time::Instant; use std::time::SystemTime; use std::time::UNIX_EPOCH; +use codex_analytics::TurnProfile; use codex_otel::TURN_TTFM_DURATION_METRIC; use codex_protocol::items::TurnItem; use codex_protocol::models::ResponseItem; @@ -39,6 +42,7 @@ pub(crate) async fn record_turn_ttfm_metric(turn_context: &TurnContext, item: &T #[derive(Debug, Default)] pub(crate) struct TurnTimingState { state: Mutex, + profile: StdMutex, } #[derive(Debug, Default)] @@ -49,6 +53,35 @@ struct TurnTimingStateInner { first_message_at: Option, } +#[derive(Debug, Default)] +struct TurnProfileState { + started_at: Option, + last_transition_at: Option, + active_phase: Option, + seen_sampling: bool, + before_first_sampling: Duration, + sampling: Duration, + between_sampling_overhead: Duration, + tool_blocking: Duration, + pending_idle_after_sampling: Duration, + sampling_request_count: u32, + sampling_retry_count: u32, + completed_profile: Option, +} + +#[derive(Clone, Copy, Debug, PartialEq, Eq)] +enum TurnProfilePhase { + Sampling, + ToolBlocking, +} + +#[must_use] +pub(crate) struct TurnProfileTimingGuard { + timing: Arc, + phase: TurnProfilePhase, + active: bool, +} + impl TurnTimingState { pub(crate) async fn mark_turn_started(&self, started_at: Instant) -> i64 { let started_at_unix_ms = now_unix_timestamp_ms(); @@ -57,6 +90,7 @@ impl TurnTimingState { state.started_at_unix_secs = Some(started_at_unix_ms / 1000); state.first_token_at = None; state.first_message_at = None; + self.profile_state().start(started_at); started_at_unix_ms } @@ -80,6 +114,32 @@ impl TurnTimingState { .map(|duration| i64::try_from(duration.as_millis()).unwrap_or(i64::MAX)) } + pub(crate) fn complete_profile(&self) -> TurnProfile { + self.profile_state().complete(Instant::now()) + } + + pub(crate) fn begin_sampling(self: &Arc) -> TurnProfileTimingGuard { + let active = self.profile_state().begin_sampling(Instant::now()); + TurnProfileTimingGuard { + timing: Arc::clone(self), + phase: TurnProfilePhase::Sampling, + active, + } + } + + pub(crate) fn record_sampling_retry(&self) { + self.profile_state().record_sampling_retry(); + } + + pub(crate) fn begin_tool_blocking(self: &Arc) -> TurnProfileTimingGuard { + let active = self.profile_state().begin_tool_blocking(Instant::now()); + TurnProfileTimingGuard { + timing: Arc::clone(self), + phase: TurnProfilePhase::ToolBlocking, + active, + } + } + pub(crate) async fn record_ttft_for_response_event( &self, event: &ResponseEvent, @@ -98,6 +158,22 @@ impl TurnTimingState { let mut state = self.state.lock().await; state.record_turn_ttfm() } + + fn profile_state(&self) -> std::sync::MutexGuard<'_, TurnProfileState> { + self.profile + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner) + } +} + +impl Drop for TurnProfileTimingGuard { + fn drop(&mut self) { + if self.active { + self.timing + .profile_state() + .end_phase(Instant::now(), self.phase); + } + } } fn now_unix_timestamp_secs() -> i64 { @@ -111,6 +187,121 @@ pub(crate) fn now_unix_timestamp_ms() -> i64 { i64::try_from(duration.as_millis()).unwrap_or(i64::MAX) } +fn duration_to_u64_ms(duration: Duration) -> u64 { + u64::try_from(duration.as_millis()).unwrap_or(u64::MAX) +} + +impl TurnProfileState { + fn start(&mut self, started_at: Instant) { + *self = Self { + started_at: Some(started_at), + last_transition_at: Some(started_at), + ..Self::default() + }; + } + + fn begin_sampling(&mut self, now: Instant) -> bool { + if self.completed_profile.is_some() + || self.started_at.is_none() + || self.active_phase.is_some() + { + return false; + } + self.advance(now); + if self.seen_sampling { + self.between_sampling_overhead += std::mem::take(&mut self.pending_idle_after_sampling); + } + self.seen_sampling = true; + self.active_phase = Some(TurnProfilePhase::Sampling); + self.sampling_request_count = self.sampling_request_count.saturating_add(1); + true + } + + fn record_sampling_retry(&mut self) { + if self.completed_profile.is_none() && self.started_at.is_some() { + self.sampling_retry_count = self.sampling_retry_count.saturating_add(1); + } + } + + fn begin_tool_blocking(&mut self, now: Instant) -> bool { + if self.completed_profile.is_some() + || self.started_at.is_none() + || self.active_phase.is_some() + { + return false; + } + self.advance(now); + self.active_phase = Some(TurnProfilePhase::ToolBlocking); + true + } + + fn end_phase(&mut self, now: Instant, phase: TurnProfilePhase) { + if self.completed_profile.is_some() || self.active_phase != Some(phase) { + return; + } + self.advance(now); + self.active_phase = None; + } + + fn advance(&mut self, now: Instant) { + let Some(previous) = self.last_transition_at.replace(now) else { + return; + }; + let elapsed = now.saturating_duration_since(previous); + match self.active_phase { + Some(TurnProfilePhase::Sampling) => self.sampling += elapsed, + Some(TurnProfilePhase::ToolBlocking) => self.tool_blocking += elapsed, + None if self.seen_sampling => self.pending_idle_after_sampling += elapsed, + None => self.before_first_sampling += elapsed, + } + } + + fn complete(&mut self, now: Instant) -> TurnProfile { + if let Some(profile) = self.completed_profile.as_ref() { + return profile.clone(); + } + + let final_phase = self.active_phase; + self.advance(now); + let after_last_sampling = if self.seen_sampling { + std::mem::take(&mut self.pending_idle_after_sampling) + } else { + Duration::ZERO + }; + + let mut profile = TurnProfile { + before_first_sampling_ms: duration_to_u64_ms(self.before_first_sampling), + sampling_ms: duration_to_u64_ms(self.sampling), + between_sampling_overhead_ms: duration_to_u64_ms(self.between_sampling_overhead), + tool_blocking_ms: duration_to_u64_ms(self.tool_blocking), + after_last_sampling_ms: duration_to_u64_ms(after_last_sampling), + sampling_request_count: self.sampling_request_count, + sampling_retry_count: self.sampling_retry_count, + }; + let total_ms = self + .started_at + .map(|started_at| duration_to_u64_ms(now.saturating_duration_since(started_at))) + .unwrap_or_default(); + let classified_ms = profile + .before_first_sampling_ms + .saturating_add(profile.sampling_ms) + .saturating_add(profile.between_sampling_overhead_ms) + .saturating_add(profile.tool_blocking_ms) + .saturating_add(profile.after_last_sampling_ms); + let rounding_ms = total_ms.saturating_sub(classified_ms); + match final_phase { + Some(TurnProfilePhase::Sampling) => profile.sampling_ms += rounding_ms, + Some(TurnProfilePhase::ToolBlocking) => profile.tool_blocking_ms += rounding_ms, + None if self.seen_sampling => profile.after_last_sampling_ms += rounding_ms, + None => profile.before_first_sampling_ms += rounding_ms, + } + + self.active_phase = None; + self.completed_profile = Some(profile.clone()); + profile + } +} + impl TurnTimingStateInner { fn time_to_first_token(&self) -> Option { Some(self.first_token_at?.duration_since(self.started_at?)) @@ -147,6 +338,7 @@ fn response_event_records_turn_ttft(event: &ResponseEvent) -> bool { ResponseEvent::Created | ResponseEvent::ServerModel(_) | ResponseEvent::ModelVerifications(_) + | ResponseEvent::TurnModerationMetadata(_) | ResponseEvent::ServerReasoningIncluded(_) | ResponseEvent::ToolCallInputDelta { .. } | ResponseEvent::Completed { .. } @@ -177,6 +369,7 @@ fn response_item_records_turn_ttft(item: &ResponseItem) -> bool { }) }) } + ResponseItem::AgentMessage { .. } => false, ResponseItem::LocalShellCall { .. } | ResponseItem::FunctionCall { .. } | ResponseItem::CustomToolCall { .. } diff --git a/codex-rs/core/src/turn_timing_tests.rs b/codex-rs/core/src/turn_timing_tests.rs index a6675aea8eb..7146f537be6 100644 --- a/codex-rs/core/src/turn_timing_tests.rs +++ b/codex-rs/core/src/turn_timing_tests.rs @@ -1,13 +1,17 @@ +use codex_analytics::TurnProfile; use codex_protocol::items::AgentMessageItem; use codex_protocol::items::TurnItem; use codex_protocol::models::ContentItem; use codex_protocol::models::FunctionCallOutputPayload; use codex_protocol::models::ResponseItem; use pretty_assertions::assert_eq; +use std::time::Duration; use std::time::Instant; use std::time::SystemTime; use std::time::UNIX_EPOCH; +use super::TurnProfilePhase; +use super::TurnProfileState; use super::TurnTimingState; use super::response_item_records_turn_ttft; use crate::ResponseEvent; @@ -146,3 +150,40 @@ fn response_item_records_turn_ttft_ignores_empty_non_output_items() { } )); } + +#[test] +fn turn_profile_breaks_down_sampling_blocking_and_retry_overhead() { + let started_at = Instant::now(); + let mut state = TurnProfileState::default(); + state.start(started_at); + + let _ = state.begin_sampling(started_at + Duration::from_millis(100)); + state.end_phase( + started_at + Duration::from_millis(600), + TurnProfilePhase::Sampling, + ); + let _ = state.begin_tool_blocking(started_at + Duration::from_millis(600)); + state.end_phase( + started_at + Duration::from_millis(900), + TurnProfilePhase::ToolBlocking, + ); + state.record_sampling_retry(); + let _ = state.begin_sampling(started_at + Duration::from_millis(1_000)); + state.end_phase( + started_at + Duration::from_millis(1_200), + TurnProfilePhase::Sampling, + ); + + assert_eq!( + state.complete(started_at + Duration::from_millis(1_300)), + TurnProfile { + before_first_sampling_ms: 100, + sampling_ms: 700, + between_sampling_overhead_ms: 100, + tool_blocking_ms: 300, + after_last_sampling_ms: 100, + sampling_request_count: 2, + sampling_retry_count: 1, + } + ); +} diff --git a/codex-rs/core/src/unified_exec/mod.rs b/codex-rs/core/src/unified_exec/mod.rs index 94a7ab7c731..65b18b064dc 100644 --- a/codex-rs/core/src/unified_exec/mod.rs +++ b/codex-rs/core/src/unified_exec/mod.rs @@ -155,6 +155,8 @@ struct ProcessEntry { process: Arc, call_id: String, process_id: i32, + cwd: AbsolutePathBuf, + initial_exec_command_active: Arc, hook_command: String, tty: bool, network_approval: Option, diff --git a/codex-rs/core/src/unified_exec/mod_tests.rs b/codex-rs/core/src/unified_exec/mod_tests.rs index 9f24314da24..ad39d62b966 100644 --- a/codex-rs/core/src/unified_exec/mod_tests.rs +++ b/codex-rs/core/src/unified_exec/mod_tests.rs @@ -1,5 +1,6 @@ use super::head_tail_buffer::HeadTailBuffer; use super::*; +use crate::codex_thread::BackgroundTerminalInfo; use crate::exec::ExecCapturePolicy; use crate::exec::ExecExpiration; use crate::sandboxing::ExecRequest; @@ -9,6 +10,15 @@ use crate::session::turn_context::TurnContext; use crate::tools::context::ExecCommandToolOutput; use crate::unified_exec::WriteStdinRequest; use crate::unified_exec::process::OutputHandles; +use codex_exec_server::ExecProcess; +use codex_exec_server::ExecProcessEventReceiver; +use codex_exec_server::ExecProcessFuture; +use codex_exec_server::ProcessId; +use codex_exec_server::ProcessSignal; +use codex_exec_server::ReadResponse; +use codex_exec_server::StartedExecProcess; +use codex_exec_server::WriteResponse; +use codex_exec_server::WriteStatus; use codex_sandboxing::SandboxType; use codex_utils_output_truncation::TruncationPolicy; use codex_utils_output_truncation::approx_token_count; @@ -19,6 +29,8 @@ use pretty_assertions::assert_eq; use std::collections::HashMap; use std::path::PathBuf; use std::sync::Arc; +use tokio::sync::Notify; +use tokio::sync::watch; use tokio::time::Duration; use tokio::time::Instant; @@ -116,6 +128,8 @@ async fn exec_command_with_tty( process: Arc::clone(&process), call_id: context.call_id.clone(), process_id, + cwd: cwd.clone(), + initial_exec_command_active: Arc::new(std::sync::atomic::AtomicBool::new(true)), hook_command: cmd.to_string(), tty, network_approval: None, @@ -158,6 +172,18 @@ async fn exec_command_with_tty( manager.release_process_id(process_id).await; None }; + if response_process_id.is_some() + && let Some(entry) = manager + .process_store + .lock() + .await + .processes + .get_mut(&process_id) + { + entry + .initial_exec_command_active + .store(false, std::sync::atomic::Ordering::Release); + } Ok(ExecCommandToolOutput { event_call_id: context.call_id, @@ -184,6 +210,95 @@ impl SpawnLifecycle for TestSpawnLifecycle { } } +struct BlockingTerminateExecProcess { + process_id: ProcessId, + terminate_started: watch::Sender, + allow_terminate: Arc, + wake_tx: watch::Sender, +} + +impl BlockingTerminateExecProcess { + async fn read(&self) -> Result { + Ok(ReadResponse { + chunks: Vec::new(), + next_seq: 1, + exited: false, + exit_code: None, + closed: false, + failure: None, + }) + } + + async fn write(&self) -> Result { + Ok(WriteResponse { + status: WriteStatus::Accepted, + }) + } + + async fn terminate(&self) -> Result<(), codex_exec_server::ExecServerError> { + let _ = self.terminate_started.send(true); + self.allow_terminate.notified().await; + Ok(()) + } +} + +impl ExecProcess for BlockingTerminateExecProcess { + fn process_id(&self) -> &ProcessId { + &self.process_id + } + + fn subscribe_wake(&self) -> watch::Receiver { + self.wake_tx.subscribe() + } + + fn subscribe_events(&self) -> ExecProcessEventReceiver { + ExecProcessEventReceiver::empty() + } + + fn read( + &self, + _after_seq: Option, + _max_bytes: Option, + _wait_ms: Option, + ) -> ExecProcessFuture<'_, ReadResponse> { + Box::pin(BlockingTerminateExecProcess::read(self)) + } + + fn write(&self, _chunk: Vec) -> ExecProcessFuture<'_, WriteResponse> { + Box::pin(BlockingTerminateExecProcess::write(self)) + } + + fn signal(&self, _signal: ProcessSignal) -> ExecProcessFuture<'_, ()> { + Box::pin(async { Ok(()) }) + } + + fn terminate(&self) -> ExecProcessFuture<'_, ()> { + Box::pin(BlockingTerminateExecProcess::terminate(self)) + } +} + +async fn blocking_terminate_unified_process( + process_id: i32, + terminate_started: watch::Sender, + allow_terminate: Arc, +) -> anyhow::Result> { + let (wake_tx, _wake_rx) = watch::channel(0); + Ok(Arc::new( + UnifiedExecProcess::from_exec_server_started( + StartedExecProcess { + process: Arc::new(BlockingTerminateExecProcess { + process_id: process_id.to_string().into(), + terminate_started, + allow_terminate, + wake_tx, + }), + }, + SandboxType::None, + ) + .await?, + )) +} + async fn write_stdin( session: &Arc, process_id: i32, @@ -241,12 +356,23 @@ async fn unified_exec_persists_across_requests() -> anyhow::Result<()> { skip_if_sandbox!(Ok(())); let (session, turn) = test_session_and_turn().await; + #[allow(deprecated)] + let cwd = turn.cwd.clone(); let open_shell = exec_command( &session, &turn, "bash -i", /*yield_time_ms*/ 2_500, /*workdir*/ None, ) .await?; let process_id = open_shell.process_id.expect("expected process_id"); + assert_eq!( + session.list_background_terminals().await, + vec![BackgroundTerminalInfo { + item_id: "call".to_string(), + process_id: process_id.to_string(), + command: "bash -i".to_string(), + cwd, + }] + ); write_stdin( &session, @@ -270,6 +396,10 @@ async fn unified_exec_persists_across_requests() -> anyhow::Result<()> { "expected environment variable output" ); + assert!(session.terminate_background_terminal(process_id).await); + assert!(!session.terminate_background_terminal(process_id).await); + assert!(session.list_background_terminals().await.is_empty()); + Ok(()) } @@ -523,6 +653,148 @@ async fn reusing_completed_process_returns_unknown_process() -> anyhow::Result<( Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn terminating_initial_exec_command_rechecks_initial_response_state() -> anyhow::Result<()> { + let (session, turn) = test_session_and_turn().await; + let manager = &session.services.unified_exec_manager; + let process_id = manager.allocate_process_id().await; + let (terminate_started_tx, mut terminate_started_rx) = watch::channel(false); + let allow_terminate = Arc::new(Notify::new()); + let process = blocking_terminate_unified_process( + process_id, + terminate_started_tx, + Arc::clone(&allow_terminate), + ) + .await?; + #[allow(deprecated)] + let cwd = turn.cwd.clone(); + manager.process_store.lock().await.processes.insert( + process_id, + ProcessEntry { + process, + call_id: "call".to_string(), + process_id, + cwd, + initial_exec_command_active: Arc::new(std::sync::atomic::AtomicBool::new(true)), + hook_command: "sleep 60".to_string(), + tty: true, + network_approval: None, + session: Arc::downgrade(&session), + last_used: Instant::now(), + }, + ); + + let terminate_task = tokio::spawn({ + let session = Arc::clone(&session); + async move { session.terminate_background_terminal(process_id).await } + }); + tokio::time::timeout( + Duration::from_secs(2), + terminate_started_rx.wait_for(|started| *started), + ) + .await + .expect("terminate should start") + .expect("terminate signal sender should stay open"); + + { + let mut store = manager.process_store.lock().await; + let entry = store + .processes + .get_mut(&process_id) + .expect("process should remain stored until initial response returns"); + entry + .initial_exec_command_active + .store(false, std::sync::atomic::Ordering::Release); + } + + allow_terminate.notify_waiters(); + let terminated = tokio::time::timeout(Duration::from_secs(2), terminate_task) + .await + .expect("terminate should finish") + .expect("terminate task should not panic"); + assert!(terminated); + assert!( + !manager + .process_store + .lock() + .await + .processes + .contains_key(&process_id) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn terminating_during_stdin_poll_returns_exited_response() -> anyhow::Result<()> { + let (session, turn) = test_session_and_turn().await; + let manager = &session.services.unified_exec_manager; + let process_id = manager.allocate_process_id().await; + let (terminate_started_tx, _terminate_started_rx) = watch::channel(false); + let allow_terminate = Arc::new(Notify::new()); + let process = blocking_terminate_unified_process( + process_id, + terminate_started_tx, + Arc::clone(&allow_terminate), + ) + .await?; + #[allow(deprecated)] + let cwd = turn.cwd.clone(); + let last_used = Instant::now() - Duration::from_secs(1); + manager.process_store.lock().await.processes.insert( + process_id, + ProcessEntry { + process: Arc::clone(&process), + call_id: "call".to_string(), + process_id, + cwd, + initial_exec_command_active: Arc::new(std::sync::atomic::AtomicBool::new(false)), + hook_command: "sleep 60".to_string(), + tty: true, + network_approval: None, + session: Arc::downgrade(&session), + last_used, + }, + ); + + let poll_task = tokio::spawn({ + let session = Arc::clone(&session); + async move { + write_stdin(&session, process_id, "", /*yield_time_ms*/ 60_000).await + } + }); + tokio::time::timeout(Duration::from_secs(2), async { + loop { + let poll_started = manager + .process_store + .lock() + .await + .processes + .get(&process_id) + .is_some_and(|entry| entry.last_used != last_used); + if poll_started { + break; + } + tokio::time::sleep(Duration::from_millis(10)).await; + } + }) + .await + .expect("poll should clone process handles"); + + manager.release_process_id(process_id).await; + allow_terminate.notify_one(); + process.terminate_confirmed().await?; + + let output = tokio::time::timeout(Duration::from_secs(2), poll_task) + .await + .expect("poll should finish") + .expect("poll task should not panic")?; + assert_eq!(output.process_id, None); + assert!(manager.process_store.lock().await.processes.is_empty()); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn completed_pipe_commands_preserve_exit_code() -> anyhow::Result<()> { let (_, turn) = make_session_and_context().await; diff --git a/codex-rs/core/src/unified_exec/process.rs b/codex-rs/core/src/unified_exec/process.rs index 9671429d01d..725be9eed22 100644 --- a/codex-rs/core/src/unified_exec/process.rs +++ b/codex-rs/core/src/unified_exec/process.rs @@ -14,6 +14,7 @@ use tokio_util::sync::CancellationToken; use crate::exec::is_likely_sandbox_denied; use codex_exec_server::ExecProcess; +use codex_exec_server::ProcessSignal as ExecServerProcessSignal; use codex_exec_server::ReadResponse as ExecReadResponse; use codex_exec_server::StartedExecProcess; use codex_exec_server::WriteStatus; @@ -23,6 +24,7 @@ use codex_protocol::protocol::TruncationPolicy; use codex_sandboxing::SandboxType; use codex_utils_output_truncation::formatted_truncate_text; use codex_utils_pty::ExecCommandSession; +use codex_utils_pty::ProcessSignal as PtyProcessSignal; use codex_utils_pty::SpawnedPty; use super::UNIFIED_EXEC_OUTPUT_MAX_TOKENS; @@ -31,7 +33,6 @@ use super::head_tail_buffer::HeadTailBuffer; use super::process_state::ProcessState; const EARLY_EXIT_GRACE_PERIOD: Duration = Duration::from_millis(150); - pub(crate) trait SpawnLifecycle: std::fmt::Debug + Send + Sync { /// Returns file descriptors that must stay open across the child `exec()`. /// @@ -194,9 +195,16 @@ impl UnifiedExecProcess { } } - pub(super) fn terminate(&self) { + fn finish_termination(&self) { self.output_closed.store(true, Ordering::Release); self.output_closed_notify.notify_waiters(); + self.cancellation_token.cancel(); + if let Some(output_task) = &self.output_task { + output_task.abort(); + } + } + + pub(super) fn terminate(&self) { match &self.process_handle { ProcessHandle::Local(process_handle) => process_handle.terminate(), ProcessHandle::ExecServer(process_handle) => { @@ -206,9 +214,33 @@ impl UnifiedExecProcess { }); } } - self.cancellation_token.cancel(); - if let Some(output_task) = &self.output_task { - output_task.abort(); + self.finish_termination(); + } + + pub(super) async fn terminate_confirmed(&self) -> Result<(), UnifiedExecError> { + match &self.process_handle { + ProcessHandle::Local(process_handle) => process_handle.terminate(), + ProcessHandle::ExecServer(process_handle) => { + process_handle + .terminate() + .await + .map_err(|err| UnifiedExecError::process_failed(err.to_string()))?; + } + } + self.signal_exit(self.exit_code()); + self.finish_termination(); + Ok(()) + } + + pub(super) async fn interrupt(&self) -> Result<(), UnifiedExecError> { + match &self.process_handle { + ProcessHandle::Local(process_handle) => process_handle + .signal(PtyProcessSignal::Interrupt) + .map_err(|err| UnifiedExecError::process_failed(err.to_string())), + ProcessHandle::ExecServer(process_handle) => process_handle + .signal(ExecServerProcessSignal::Interrupt) + .await + .map_err(|err| UnifiedExecError::process_failed(err.to_string())), } } diff --git a/codex-rs/core/src/unified_exec/process_manager.rs b/codex-rs/core/src/unified_exec/process_manager.rs index 66b8b49a809..d744a72c957 100644 --- a/codex-rs/core/src/unified_exec/process_manager.rs +++ b/codex-rs/core/src/unified_exec/process_manager.rs @@ -11,6 +11,7 @@ use tokio::time::Duration; use tokio::time::Instant; use tokio_util::sync::CancellationToken; +use crate::codex_thread::BackgroundTerminalInfo; use crate::exec_env::CODEX_THREAD_ID_ENV_VAR; use crate::exec_env::create_env; use crate::exec_policy::ExecApprovalRequest; @@ -72,6 +73,7 @@ const UNIFIED_EXEC_ENV: [(&str, &str); 10] = [ const NETWORK_ACCESS_DENIED_MESSAGE: &str = "Network access was denied by the Codex sandbox network proxy."; const LATE_NETWORK_DENIAL_GRACE_PERIOD: Duration = Duration::from_millis(100); +const INTERRUPT: &str = "\u{3}"; /// Test-only override for deterministic unified exec process IDs. /// @@ -174,11 +176,22 @@ struct PreparedProcessHandles { pause_state: Option>, session: Option>, network_approval: Option, + call_id: String, hook_command: String, process_id: i32, tty: bool, } +struct InitialExecCommandGuard { + active: Arc, +} + +impl Drop for InitialExecCommandGuard { + fn drop(&mut self) { + self.active.store(false, Ordering::Release); + } +} + fn exec_server_process_id(process_id: i32) -> String { process_id.to_string() } @@ -413,7 +426,8 @@ impl UnifiedExecProcessManager { // Persist live sessions before the initial yield wait so interrupting the // turn cannot drop the last Arc and terminate the background process. let process_started_alive = !process.has_exited() && process.exit_code().is_none(); - if process_started_alive { + let _initial_exec_command_guard = if process_started_alive { + let initial_exec_command_active = Arc::new(AtomicBool::new(true)); self.store_process( Arc::clone(&process), context, @@ -425,9 +439,15 @@ impl UnifiedExecProcessManager { request.tty, deferred_network_approval.clone(), Arc::clone(&transcript), + Arc::clone(&initial_exec_command_active), ) .await; - } + Some(InitialExecCommandGuard { + active: initial_exec_command_active, + }) + } else { + None + }; let yield_time_ms = clamp_yield_time(request.yield_time_ms); // For the initial exec_command call, we both stream output to events @@ -608,6 +628,7 @@ impl UnifiedExecProcessManager { pause_state, session, network_approval, + call_id, hook_command, process_id, tty, @@ -617,24 +638,29 @@ impl UnifiedExecProcessManager { if !request.input.is_empty() { if !tty { - return Err(UnifiedExecError::StdinClosed); - } - match process.write(request.input.as_bytes()).await { - Ok(()) => { - // Give the remote process a brief window to react so that we are - // more likely to capture its output in the poll below. - tokio::time::sleep(Duration::from_millis(100)).await; + if request.input == INTERRUPT { + process.interrupt().await?; + } else { + return Err(UnifiedExecError::StdinClosed); } - Err(err) => { - let status = self.refresh_process_state(process_id).await; - if matches!(status, ProcessStatus::Exited { .. }) { - status_after_write = Some(status); - } else if matches!(err, UnifiedExecError::ProcessFailed { .. }) { - process.terminate(); - self.release_process_id(process_id).await; - return Err(err); - } else { - return Err(err); + } else { + match process.write(request.input.as_bytes()).await { + Ok(()) => { + // Give the remote process a brief window to react so that we are + // more likely to capture its output in the poll below. + tokio::time::sleep(Duration::from_millis(100)).await; + } + Err(err) => { + let status = self.refresh_process_state(process_id).await; + if matches!(status, ProcessStatus::Exited { .. }) { + status_after_write = Some(status); + } else if matches!(err, UnifiedExecError::ProcessFailed { .. }) { + process.terminate(); + self.release_process_id(process_id).await; + return Err(err); + } else { + return Err(err); + } } } } @@ -715,9 +741,13 @@ impl UnifiedExecProcessManager { (None, exit_code, call_id) } ProcessStatus::Unknown => { - return Err(UnifiedExecError::UnknownProcessId { - process_id: request.process_id, - }); + if process.has_exited() { + (None, process.exit_code(), call_id) + } else { + return Err(UnifiedExecError::UnknownProcessId { + process_id: request.process_id, + }); + } } }; @@ -738,29 +768,27 @@ impl UnifiedExecProcessManager { } async fn refresh_process_state(&self, process_id: i32) -> ProcessStatus { - { - let mut store = self.process_store.lock().await; - let Some(entry) = store.processes.get(&process_id) else { - return ProcessStatus::Unknown; - }; + let mut store = self.process_store.lock().await; + let Some(entry) = store.processes.get_mut(&process_id) else { + return ProcessStatus::Unknown; + }; - let exit_code = entry.process.exit_code(); - let process_id = entry.process_id; + let exit_code = entry.process.exit_code(); + let process_id = entry.process_id; - if entry.process.has_exited() { - let Some(entry) = store.remove(process_id) else { - return ProcessStatus::Unknown; - }; - ProcessStatus::Exited { - exit_code, - entry: Box::new(entry), - } - } else { - ProcessStatus::Alive { - exit_code, - call_id: entry.call_id.clone(), - process_id, - } + if entry.process.has_exited() { + let Some(entry) = store.remove(process_id) else { + return ProcessStatus::Unknown; + }; + ProcessStatus::Exited { + exit_code, + entry: Box::new(entry), + } + } else { + ProcessStatus::Alive { + exit_code, + call_id: entry.call_id.clone(), + process_id, } } } @@ -798,6 +826,7 @@ impl UnifiedExecProcessManager { pause_state, session, network_approval: entry.network_approval.clone(), + call_id: entry.call_id.clone(), hook_command: entry.hook_command.clone(), process_id: entry.process_id, tty: entry.tty, @@ -817,11 +846,14 @@ impl UnifiedExecProcessManager { tty: bool, network_approval: Option, transcript: Arc>, + initial_exec_command_active: Arc, ) { let entry = ProcessEntry { process: Arc::clone(&process), call_id: context.call_id.clone(), process_id, + cwd: cwd.clone(), + initial_exec_command_active, hook_command, tty, network_approval, @@ -1011,7 +1043,6 @@ impl UnifiedExecProcessManager { }; let mut orchestrator = ToolOrchestrator::new(); let mut runtime = UnifiedExecRuntime::new(self, request.shell_mode.clone()); - let file_system_sandbox_policy = context.turn.file_system_sandbox_policy(); let exec_approval_requirement = context .session .services @@ -1020,10 +1051,7 @@ impl UnifiedExecProcessManager { command: &request.command, approval_policy: context.turn.approval_policy.value(), permission_profile: context.turn.permission_profile(), - file_system_sandbox_policy: &file_system_sandbox_policy, - // The process cwd may be model-controlled. Policy resolution - // stays anchored to the selected turn environment cwd instead. - sandbox_cwd: request.sandbox_cwd.as_path(), + windows_sandbox_level: context.turn.windows_sandbox_level, sandbox_permissions: if request.additional_permissions_preapproved { crate::sandboxing::SandboxPermissions::UseDefault } else { @@ -1034,7 +1062,7 @@ impl UnifiedExecProcessManager { .await; let req = UnifiedExecToolRequest { command: request.command.clone(), - shell_type: request.shell_type.clone(), + shell_type: request.shell_type, hook_command: request.hook_command.clone(), process_id: request.process_id, cwd, @@ -1272,6 +1300,59 @@ impl UnifiedExecProcessManager { entry.process.terminate(); } } + + pub(crate) async fn list_processes(&self) -> Vec { + let store = self.process_store.lock().await; + let mut entries = store + .processes + .values() + .filter(|entry| !entry.process.has_exited()) + .collect::>(); + entries.sort_by_key(|entry| entry.process_id); + entries + .into_iter() + .map(|entry| BackgroundTerminalInfo { + item_id: entry.call_id.clone(), + process_id: entry.process_id.to_string(), + command: entry.hook_command.clone(), + cwd: entry.cwd.clone(), + }) + .collect() + } + + pub(crate) async fn terminate_process(&self, process_id: i32) -> bool { + let (process, already_exited) = { + let store = self.process_store.lock().await; + let Some(entry) = store.processes.get(&process_id) else { + return false; + }; + (Arc::clone(&entry.process), entry.process.has_exited()) + }; + + if !already_exited && process.terminate_confirmed().await.is_err() { + return false; + } + + let entry = { + let mut store = self.process_store.lock().await; + let Some(entry) = store.processes.get(&process_id) else { + return true; + }; + if !Arc::ptr_eq(&entry.process, &process) { + return true; + } + if entry.initial_exec_command_active.load(Ordering::Acquire) { + return true; + } + let Some(entry) = store.remove(process_id) else { + return false; + }; + entry + }; + + unregister_network_approval_for_entry(&entry).await; + true + } } enum ProcessStatus { diff --git a/codex-rs/core/src/unified_exec/process_tests.rs b/codex-rs/core/src/unified_exec/process_tests.rs index ee0ea1cba33..37ec5d858b2 100644 --- a/codex-rs/core/src/unified_exec/process_tests.rs +++ b/codex-rs/core/src/unified_exec/process_tests.rs @@ -1,10 +1,11 @@ use super::process::UnifiedExecProcess; use crate::unified_exec::UnifiedExecError; -use async_trait::async_trait; use codex_exec_server::ExecProcess; use codex_exec_server::ExecProcessEventReceiver; +use codex_exec_server::ExecProcessFuture; use codex_exec_server::ExecServerError; use codex_exec_server::ProcessId; +use codex_exec_server::ProcessSignal; use codex_exec_server::ReadResponse; use codex_exec_server::StartedExecProcess; use codex_exec_server::WriteResponse; @@ -21,10 +22,35 @@ struct MockExecProcess { process_id: ProcessId, write_response: WriteResponse, read_responses: Mutex>, + terminate_error: Option, wake_tx: watch::Sender, } -#[async_trait] +impl MockExecProcess { + async fn read(&self) -> Result { + Ok(self + .read_responses + .lock() + .await + .pop_front() + .unwrap_or(ReadResponse { + chunks: Vec::new(), + next_seq: 1, + exited: false, + exit_code: None, + closed: false, + failure: None, + })) + } + + async fn terminate(&self) -> Result<(), ExecServerError> { + if let Some(message) = &self.terminate_error { + return Err(ExecServerError::Protocol(message.clone())); + } + Ok(()) + } +} + impl ExecProcess for MockExecProcess { fn process_id(&self) -> &ProcessId { &self.process_id @@ -38,37 +64,32 @@ impl ExecProcess for MockExecProcess { ExecProcessEventReceiver::empty() } - async fn read( + fn read( &self, _after_seq: Option, _max_bytes: Option, _wait_ms: Option, - ) -> Result { - Ok(self - .read_responses - .lock() - .await - .pop_front() - .unwrap_or(ReadResponse { - chunks: Vec::new(), - next_seq: 1, - exited: false, - exit_code: None, - closed: false, - failure: None, - })) + ) -> ExecProcessFuture<'_, ReadResponse> { + Box::pin(MockExecProcess::read(self)) } - async fn write(&self, _chunk: Vec) -> Result { - Ok(self.write_response.clone()) + fn write(&self, _chunk: Vec) -> ExecProcessFuture<'_, WriteResponse> { + Box::pin(async { Ok(self.write_response.clone()) }) } - async fn terminate(&self) -> Result<(), ExecServerError> { - Ok(()) + fn signal(&self, _signal: ProcessSignal) -> ExecProcessFuture<'_, ()> { + Box::pin(async { Ok(()) }) + } + + fn terminate(&self) -> ExecProcessFuture<'_, ()> { + Box::pin(MockExecProcess::terminate(self)) } } -async fn remote_process(write_status: WriteStatus) -> UnifiedExecProcess { +async fn remote_process( + write_status: WriteStatus, + terminate_error: Option, +) -> UnifiedExecProcess { let (wake_tx, _wake_rx) = watch::channel(0); let started = StartedExecProcess { process: Arc::new(MockExecProcess { @@ -77,6 +98,7 @@ async fn remote_process(write_status: WriteStatus) -> UnifiedExecProcess { status: write_status, }, read_responses: Mutex::new(VecDeque::new()), + terminate_error, wake_tx, }), }; @@ -88,7 +110,7 @@ async fn remote_process(write_status: WriteStatus) -> UnifiedExecProcess { #[tokio::test] async fn remote_write_unknown_process_marks_process_exited() { - let process = remote_process(WriteStatus::UnknownProcess).await; + let process = remote_process(WriteStatus::UnknownProcess, /*terminate_error*/ None).await; let err = process .write(b"hello") @@ -101,7 +123,7 @@ async fn remote_write_unknown_process_marks_process_exited() { #[tokio::test] async fn remote_write_closed_stdin_marks_process_exited() { - let process = remote_process(WriteStatus::StdinClosed).await; + let process = remote_process(WriteStatus::StdinClosed, /*terminate_error*/ None).await; let err = process .write(b"hello") @@ -114,7 +136,7 @@ async fn remote_write_closed_stdin_marks_process_exited() { #[tokio::test] async fn fail_and_terminate_preserves_failure_message() { - let process = remote_process(WriteStatus::Accepted).await; + let process = remote_process(WriteStatus::Accepted, /*terminate_error*/ None).await; process.fail_and_terminate("network denied".to_string()); process.fail_and_terminate("second failure".to_string()); @@ -126,6 +148,32 @@ async fn fail_and_terminate_preserves_failure_message() { ); } +#[tokio::test] +async fn remote_terminate_confirmed_updates_state_on_success_only() { + let process = remote_process( + WriteStatus::Accepted, + Some("terminate unavailable".to_string()), + ) + .await; + + let err = process + .terminate_confirmed() + .await + .expect_err("expected terminate failure"); + + assert!(matches!(err, UnifiedExecError::ProcessFailed { .. })); + assert!(!process.has_exited()); + + let process = remote_process(WriteStatus::Accepted, /*terminate_error*/ None).await; + + process + .terminate_confirmed() + .await + .expect("terminate should succeed"); + + assert!(process.has_exited()); +} + #[tokio::test] async fn remote_process_waits_for_early_exit_event() { let (wake_tx, _wake_rx) = watch::channel(0); @@ -143,6 +191,7 @@ async fn remote_process_waits_for_early_exit_event() { closed: true, failure: None, }])), + terminate_error: None, wake_tx: wake_tx.clone(), }), }; diff --git a/codex-rs/core/tests/common/Cargo.toml b/codex-rs/core/tests/common/Cargo.toml index fb6221cfce0..76f06df1edc 100644 --- a/codex-rs/core/tests/common/Cargo.toml +++ b/codex-rs/core/tests/common/Cargo.toml @@ -20,6 +20,7 @@ codex-config = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } codex-exec-server = { workspace = true } +codex-home = { workspace = true } codex-features = { workspace = true } codex-hooks = { workspace = true } codex-login = { workspace = true } @@ -28,6 +29,7 @@ codex-models-manager = { workspace = true } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } codex-utils-cargo-bin = { workspace = true } +codex-utils-path-uri = { workspace = true } ctor = { workspace = true } futures = { workspace = true } notify = { workspace = true } diff --git a/codex-rs/core/tests/common/context_snapshot.rs b/codex-rs/core/tests/common/context_snapshot.rs index 8aaefbbf153..7a165214c38 100644 --- a/codex-rs/core/tests/common/context_snapshot.rs +++ b/codex-rs/core/tests/common/context_snapshot.rs @@ -297,9 +297,11 @@ fn canonicalize_json_snapshot_value(value: &mut Value, options: &ContextSnapshot fn format_snapshot_json_string(text: &str, options: &ContextSnapshotOptions) -> String { let normalized = match options.render_mode { ContextSnapshotRenderMode::RedactedText - | ContextSnapshotRenderMode::KindWithTextPrefix { .. } => normalize_snapshot_uuids( - &normalize_snapshot_line_endings(&canonicalize_snapshot_text(text)), - ), + | ContextSnapshotRenderMode::KindWithTextPrefix { .. } => { + normalize_snapshot_dynamic_values(&normalize_snapshot_line_endings( + &canonicalize_snapshot_text(text), + )) + } ContextSnapshotRenderMode::FullText => normalize_snapshot_line_endings(text), ContextSnapshotRenderMode::KindOnly => unreachable!(), }; @@ -440,7 +442,7 @@ fn normalize_dynamic_snapshot_paths(text: &str) -> String { .into_owned() } -fn normalize_snapshot_uuids(text: &str) -> String { +fn normalize_snapshot_dynamic_values(text: &str) -> String { static UUID_RE: OnceLock = OnceLock::new(); let uuid_re = UUID_RE.get_or_init(|| { Regex::new( @@ -448,7 +450,20 @@ fn normalize_snapshot_uuids(text: &str) -> String { ) .expect("uuid regex should compile") }); - uuid_re.replace_all(text, "").into_owned() + static TURN_STARTED_AT_UNIX_MS_RE: OnceLock = OnceLock::new(); + let turn_started_at_unix_ms_re = TURN_STARTED_AT_UNIX_MS_RE.get_or_init(|| { + Regex::new(r#""turn_started_at_unix_ms":\d+"#) + .expect("turn_started_at_unix_ms regex should compile") + }); + static SANDBOX_RE: OnceLock = OnceLock::new(); + let sandbox_re = SANDBOX_RE + .get_or_init(|| Regex::new(r#""sandbox":"[^"]+""#).expect("sandbox regex should compile")); + let text = uuid_re.replace_all(text, ""); + let text = + turn_started_at_unix_ms_re.replace_all(&text, r#""turn_started_at_unix_ms":"#); + sandbox_re + .replace_all(&text, r#""sandbox":"""#) + .into_owned() } #[cfg(test)] @@ -456,6 +471,7 @@ mod tests { use super::ContextSnapshotOptions; use super::ContextSnapshotRenderMode; use super::format_response_items_snapshot; + use super::format_snapshot_json_string; use pretty_assertions::assert_eq; use serde_json::json; @@ -708,4 +724,17 @@ mod tests { "00:message/developer:## Skills\\n- openai-docs: helper (file: /openai-docs/SKILL.md)" ); } + + #[test] + fn redacted_text_mode_normalizes_turn_metadata_dynamic_json_strings() { + let rendered = format_snapshot_json_string( + r#"{"turn_id":"019eaded-ba5c-7d40-8a81-a4dcebc4679e","sandbox":"seccomp","turn_started_at_unix_ms":1781035793002}"#, + &ContextSnapshotOptions::default(), + ); + + assert_eq!( + rendered, + r#"{"turn_id":"","sandbox":"","turn_started_at_unix_ms":}"# + ); + } } diff --git a/codex-rs/core/tests/common/lib.rs b/codex-rs/core/tests/common/lib.rs index be07b803f85..f9732b1b50c 100644 --- a/codex-rs/core/tests/common/lib.rs +++ b/codex-rs/core/tests/common/lib.rs @@ -15,10 +15,13 @@ use codex_core::CodexThread; use codex_core::config::Config; use codex_core::config::ConfigBuilder; use codex_core::config::ConfigOverrides; +pub use codex_core::test_support::TestCodexResponsesRequestKind; +pub use codex_core::test_support::responses_metadata; use codex_utils_absolute_path::AbsolutePathBuf; pub use codex_utils_absolute_path::test_support::PathBufExt; pub use codex_utils_absolute_path::test_support::PathExt; use regex_lite::Regex; +use std::path::Path; use std::path::PathBuf; pub mod apps_test_server; @@ -110,6 +113,20 @@ pub fn test_absolute_path(unix_path: &str) -> AbsolutePathBuf { test_absolute_path_with_windows(unix_path, /*windows_path*/ None) } +#[cfg(unix)] +#[allow(clippy::expect_used)] +pub fn create_directory_symlink(source: &Path, link: &Path) { + std::os::unix::fs::symlink(source, link).expect("create directory symlink"); +} + +#[cfg(windows)] +#[allow(clippy::expect_used)] +pub fn create_directory_symlink(source: &Path, link: &Path) { + // Running this test locally may require Windows Developer Mode or an elevated process. + std::os::windows::fs::symlink_dir(source, link) + .expect("create directory symlink; enable Developer Mode or run the test elevated"); +} + pub trait TempDirExt { fn abs(&self) -> AbsolutePathBuf; } diff --git a/codex-rs/core/tests/common/test_codex.rs b/codex-rs/core/tests/common/test_codex.rs index 4fe0609a715..1582b44d7dd 100644 --- a/codex-rs/core/tests/common/test_codex.rs +++ b/codex-rs/core/tests/common/test_codex.rs @@ -6,6 +6,7 @@ use std::path::PathBuf; use std::process::Command; use std::sync::Arc; use std::sync::atomic::AtomicU64; +use std::sync::atomic::AtomicUsize; use std::sync::atomic::Ordering; use std::time::Duration; @@ -23,12 +24,17 @@ use codex_core::thread_store_from_config; use codex_exec_server::CreateDirectoryOptions; use codex_exec_server::ExecutorFileSystem; use codex_exec_server::RemoveOptions; +use codex_extension_api::ExtensionRegistry; +use codex_extension_api::LoadUserInstructionsFuture; +use codex_extension_api::UserInstructionsProvider; use codex_extension_api::empty_extension_registry; +use codex_home::CodexHomeUserInstructionsProvider; use codex_login::CodexAuth; use codex_model_provider_info::ModelProviderInfo; use codex_model_provider_info::built_in_model_providers; use codex_models_manager::bundled_models_response; use codex_protocol::models::PermissionProfile; +use codex_protocol::openai_models::ModelInfo; use codex_protocol::openai_models::ModelsResponse; use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; @@ -38,8 +44,10 @@ use codex_protocol::protocol::SandboxPolicy; use codex_protocol::protocol::SessionConfiguredEvent; use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::TurnEnvironmentSelection; +use codex_protocol::protocol::TurnEnvironmentSelections; use codex_protocol::user_input::UserInput; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use futures::future::BoxFuture; use serde_json::Value; use tempfile::TempDir; @@ -68,6 +76,42 @@ const REMOTE_EXEC_SERVER_URL_ENV_VAR: &str = "CODEX_TEST_REMOTE_EXEC_SERVER_URL" static REMOTE_TEST_INSTANCE_COUNTER: AtomicU64 = AtomicU64::new(0); const SUBMIT_TURN_COMPLETE_TIMEOUT: Duration = Duration::from_secs(30); +pub struct RecordingUserInstructionsProvider { + inner: Arc, + load_count: AtomicUsize, +} + +impl RecordingUserInstructionsProvider { + pub fn new(inner: Arc) -> Self { + Self { + inner, + load_count: AtomicUsize::new(0), + } + } + + pub fn load_count(&self) -> usize { + self.load_count.load(Ordering::SeqCst) + } +} + +impl UserInstructionsProvider for RecordingUserInstructionsProvider { + fn load_user_instructions(&self) -> LoadUserInstructionsFuture<'_> { + self.load_count.fetch_add(1, Ordering::SeqCst); + self.inner.load_user_instructions() + } +} + +pub fn local(cwd: AbsolutePathBuf) -> TurnEnvironmentSelection { + TurnEnvironmentSelection { + environment_id: codex_exec_server::LOCAL_ENVIRONMENT_ID.to_string(), + cwd, + } +} + +pub fn local_selections(cwd: AbsolutePathBuf) -> TurnEnvironmentSelections { + TurnEnvironmentSelections::new(cwd.clone(), vec![local(cwd)]) +} + #[derive(Debug)] pub struct TestEnv { environment: codex_exec_server::Environment, @@ -121,10 +165,11 @@ pub async fn test_env() -> Result { let environment = codex_exec_server::Environment::create_for_tests(Some(websocket_url.clone()))?; let cwd = remote_aware_cwd_path(); + let cwd_uri = PathUri::from_path(&cwd)?; environment .get_filesystem() .create_directory( - &cwd, + &cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -216,6 +261,8 @@ pub struct TestCodexBuilder { cloud_config_bundle: Option, user_shell_override: Option, exec_server_url: Option, + extensions: Arc>, + user_instructions_provider: Option>, } impl TestCodexBuilder { @@ -239,6 +286,26 @@ impl TestCodexBuilder { }) } + pub fn with_model_info_override(self, model: &str, override_model_info: T) -> Self + where + T: FnOnce(&mut ModelInfo) + Send + 'static, + { + let model = model.to_string(); + self.with_config(move |config| { + let model_catalog = config.model_catalog.get_or_insert_with(|| { + bundled_models_response() + .unwrap_or_else(|err| panic!("bundled models.json should parse: {err}")) + }); + let model_info = model_catalog + .models + .iter_mut() + .find(|model_info| model_info.slug == model) + .unwrap_or_else(|| panic!("{model} should exist in the configured model catalog")); + override_model_info(model_info); + config.model = Some(model); + }) + } + pub fn with_pre_build_hook(mut self, hook: F) -> Self where F: FnOnce(&Path) + Send + 'static, @@ -280,6 +347,19 @@ impl TestCodexBuilder { self } + pub fn with_extensions(mut self, extensions: Arc>) -> Self { + self.extensions = extensions; + self + } + + pub fn with_user_instructions_provider( + mut self, + provider: Arc, + ) -> Self { + self.user_instructions_provider = Some(provider); + self + } + pub fn with_windows_cmd_shell(self) -> Self { if cfg!(windows) { self.with_user_shell(get_shell_by_model_provided_path(&PathBuf::from("cmd.exe"))) @@ -468,12 +548,19 @@ impl TestCodexBuilder { let state_db = codex_core::init_state_db(&config).await; let thread_store = thread_store_from_config(&config, state_db.clone()); let installation_id = resolve_installation_id(&config.codex_home).await?; + let user_instructions_provider = + self.user_instructions_provider.clone().unwrap_or_else(|| { + Arc::new(CodexHomeUserInstructionsProvider::new( + config.codex_home.clone(), + )) + }); let thread_manager = ThreadManager::new( &config, codex_core::test_support::auth_manager_from_auth(auth.clone()), SessionSource::Exec, Arc::clone(&environment_manager), - empty_extension_registry(), + Arc::clone(&self.extensions), + user_instructions_provider, /*analytics_events_client*/ None, thread_store, state_db.clone(), @@ -761,18 +848,20 @@ impl TestCodex { let (sandbox_policy, permission_profile) = turn_permission_fields(permission_profile, self.config.cwd.as_path()); let session_model = self.session_configured.model.clone(); + let turn_environment_selections = environments.map(|environments| { + TurnEnvironmentSelections::new(self.config.cwd.clone(), environments) + }); self.codex .submit(Op::UserInput { items: vec![UserInput::Text { text: prompt.into(), text_elements: Vec::new(), }], - environments, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(self.config.cwd.to_path_buf()), + environments: turn_environment_selections, approval_policy: Some(approval_policy), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -846,6 +935,10 @@ impl TestCodexHarness { self.test.config.cwd.as_path() } + pub fn cwd_abs(&self) -> AbsolutePathBuf { + self.test.config.cwd.clone() + } + pub fn path(&self, rel: impl AsRef) -> PathBuf { self.path_abs(rel).into_path_buf() } @@ -861,35 +954,45 @@ impl TestCodexHarness { ) -> Result<()> { let abs_path = self.path_abs(rel); if let Some(parent) = abs_path.parent() { + let parent_uri = PathUri::from_path(&parent)?; self.test .fs() .create_directory( - &parent, + &parent_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; } + let abs_path_uri = PathUri::from_path(&abs_path)?; self.test .fs() - .write_file(&abs_path, contents.as_ref().to_vec(), /*sandbox*/ None) + .write_file( + &abs_path_uri, + contents.as_ref().to_vec(), + /*sandbox*/ None, + ) .await?; Ok(()) } pub async fn read_file_text(&self, rel: impl AsRef) -> Result { + let path = self.path_abs(rel); + let path_uri = PathUri::from_path(&path)?; Ok(self .test .fs() - .read_file_text(&self.path_abs(rel), /*sandbox*/ None) + .read_file_text(&path_uri, /*sandbox*/ None) .await?) } pub async fn create_dir_all(&self, rel: impl AsRef) -> Result<()> { + let path = self.path_abs(rel); + let path_uri = PathUri::from_path(&path)?; self.test .fs() .create_directory( - &self.path_abs(rel), + &path_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -902,10 +1005,11 @@ impl TestCodexHarness { } pub async fn remove_abs_path(&self, path: &AbsolutePathBuf) -> Result<()> { + let path_uri = PathUri::from_abs_path(path)?; self.test .fs() .remove( - path, + &path_uri, RemoveOptions { recursive: false, force: true, @@ -917,7 +1021,13 @@ impl TestCodexHarness { } pub async fn abs_path_exists(&self, path: &AbsolutePathBuf) -> Result { - match self.test.fs().get_metadata(path, /*sandbox*/ None).await { + let path_uri = PathUri::from_abs_path(path)?; + match self + .test + .fs() + .get_metadata(&path_uri, /*sandbox*/ None) + .await + { Ok(_) => Ok(true), Err(err) if err.kind() == ErrorKind::NotFound => Ok(false), Err(err) => Err(err.into()), @@ -1037,6 +1147,8 @@ pub fn test_codex() -> TestCodexBuilder { cloud_config_bundle: None, user_shell_override: None, exec_server_url: None, + extensions: empty_extension_registry(), + user_instructions_provider: None, } } diff --git a/codex-rs/core/tests/common/zsh_fork.rs b/codex-rs/core/tests/common/zsh_fork.rs index e58ebd81dd5..5abfc753b98 100644 --- a/codex-rs/core/tests/common/zsh_fork.rs +++ b/codex-rs/core/tests/common/zsh_fork.rs @@ -94,6 +94,33 @@ where builder.build(server).await } +pub async fn build_unified_exec_zsh_fork_test( + server: &wiremock::MockServer, + runtime: ZshForkRuntime, + approval_policy: AskForApproval, + permission_profile: PermissionProfile, + pre_build_hook: F, +) -> Result +where + F: FnOnce(&Path) + Send + 'static, +{ + let mut builder = test_codex() + .with_pre_build_hook(pre_build_hook) + .with_config(move |config| { + runtime.apply_to_config(config, approval_policy, permission_profile); + config.use_experimental_unified_exec_tool = true; + config + .features + .enable(Feature::UnifiedExec) + .expect("test config should allow feature update"); + config + .features + .enable(Feature::UnifiedExecZshFork) + .expect("test config should allow feature update"); + }); + builder.build(server).await +} + fn find_test_zsh_path() -> Result> { let repo_root = codex_utils_cargo_bin::repo_root()?; let dotslash_zsh = repo_root.join("codex-rs/app-server/tests/suite/zsh"); diff --git a/codex-rs/core/tests/responses_headers.rs b/codex-rs/core/tests/responses_headers.rs index eda48a2c0e6..cda5ffcdb0e 100644 --- a/codex-rs/core/tests/responses_headers.rs +++ b/codex-rs/core/tests/responses_headers.rs @@ -15,8 +15,10 @@ use codex_protocol::models::ContentItem; use codex_protocol::models::ResponseItem; use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::SubAgentSource; +use core_test_support::TestCodexResponsesRequestKind; use core_test_support::load_default_config_for_test; use core_test_support::responses; +use core_test_support::responses_metadata as test_responses_metadata; use core_test_support::test_codex::test_codex; use futures::StreamExt; use pretty_assertions::assert_eq; @@ -32,6 +34,23 @@ fn normalize_git_remote_url(url: &str) -> String { } const TEST_INSTALLATION_ID: &str = "11111111-1111-4111-8111-111111111111"; +fn test_turn_responses_metadata( + _client: &ModelClient, + thread_id: ThreadId, + session_source: &SessionSource, +) -> codex_core::CodexResponsesMetadata { + let thread_id = thread_id.to_string(); + test_responses_metadata( + TEST_INSTALLATION_ID, + &thread_id, + &thread_id, + /*turn_id*/ None, + format!("{thread_id}:0"), + session_source, + /*parent_thread_id*/ None, + TestCodexResponsesRequestKind::Turn, + ) +} #[tokio::test] async fn responses_stream_includes_subagent_header_on_review() { @@ -74,7 +93,7 @@ async fn responses_stream_includes_subagent_header_on_review() { let mut config = load_default_config_for_test(&codex_home).await; config.model_provider_id = provider.name.clone(); config.model_provider = provider.clone(); - let effort = config.model_reasoning_effort; + let effort = config.model_reasoning_effort.clone(); let summary = config.model_reasoning_summary; let model = codex_core::test_support::get_model_offline(config.model.as_deref()); config.model = Some(model.clone()); @@ -85,6 +104,7 @@ async fn responses_stream_includes_subagent_header_on_review() { let session_source = SessionSource::SubAgent(SubAgentSource::Review); let model_info = codex_core::test_support::construct_model_info_offline(model.as_str(), &config); + let expected_window_id = format!("{thread_id}:0"); let session_telemetry = SessionTelemetry::new( thread_id, model.as_str(), @@ -100,18 +120,16 @@ async fn responses_stream_includes_subagent_header_on_review() { let client = ModelClient::new( /*auth_manager*/ None, - thread_id.into(), thread_id, - /*installation_id*/ TEST_INSTALLATION_ID.to_string(), provider.clone(), - session_source, - /*parent_thread_id*/ None, + session_source.clone(), config.model_verbosity, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, /*beta_features_header*/ None, /*attestation_provider*/ None, ); + let responses_metadata = test_turn_responses_metadata(&client, thread_id, &session_source); let mut client_session = client.new_session(); let mut prompt = Prompt::default(); @@ -132,7 +150,7 @@ async fn responses_stream_includes_subagent_header_on_review() { effort, summary.unwrap_or(model_info.default_reasoning_summary), /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -144,7 +162,6 @@ async fn responses_stream_includes_subagent_header_on_review() { } let request = request_recorder.single_request(); - let expected_window_id = format!("{thread_id}:0"); assert_eq!( request.header("x-openai-subagent").as_deref(), Some("review") @@ -158,6 +175,10 @@ async fn responses_stream_includes_subagent_header_on_review() { request.body_json()["client_metadata"]["x-codex-installation-id"].as_str(), Some(TEST_INSTALLATION_ID) ); + assert_eq!( + request.body_json()["client_metadata"]["x-codex-window-id"].as_str(), + Some(expected_window_id.as_str()) + ); assert_eq!(request.header("x-codex-sandbox"), None); } @@ -202,7 +223,7 @@ async fn responses_stream_includes_subagent_header_on_other() { let mut config = load_default_config_for_test(&codex_home).await; config.model_provider_id = provider.name.clone(); config.model_provider = provider.clone(); - let effort = config.model_reasoning_effort; + let effort = config.model_reasoning_effort.clone(); let summary = config.model_reasoning_summary; let model = codex_core::test_support::get_model_offline(config.model.as_deref()); config.model = Some(model.clone()); @@ -229,18 +250,16 @@ async fn responses_stream_includes_subagent_header_on_other() { let client = ModelClient::new( /*auth_manager*/ None, - thread_id.into(), thread_id, - /*installation_id*/ TEST_INSTALLATION_ID.to_string(), provider.clone(), - session_source, - /*parent_thread_id*/ None, + session_source.clone(), config.model_verbosity, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, /*beta_features_header*/ None, /*attestation_provider*/ None, ); + let responses_metadata = test_turn_responses_metadata(&client, thread_id, &session_source); let mut client_session = client.new_session(); let mut prompt = Prompt::default(); @@ -261,7 +280,7 @@ async fn responses_stream_includes_subagent_header_on_other() { effort, summary.unwrap_or(model_info.default_reasoning_summary), /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -318,7 +337,7 @@ async fn responses_respects_model_info_overrides_from_config() { config.model_provider = provider.clone(); config.model_supports_reasoning_summaries = Some(true); config.model_reasoning_summary = Some(ReasoningSummary::Detailed); - let effort = config.model_reasoning_effort; + let effort = config.model_reasoning_effort.clone(); let summary = config.model_reasoning_summary; let model = config.model.clone().expect("model configured"); let config = Arc::new(config); @@ -347,18 +366,16 @@ async fn responses_respects_model_info_overrides_from_config() { let client = ModelClient::new( /*auth_manager*/ None, - thread_id.into(), thread_id, - /*installation_id*/ TEST_INSTALLATION_ID.to_string(), provider.clone(), - session_source, - /*parent_thread_id*/ None, + session_source.clone(), config.model_verbosity, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, /*beta_features_header*/ None, /*attestation_provider*/ None, ); + let responses_metadata = test_turn_responses_metadata(&client, thread_id, &session_source); let mut client_session = client.new_session(); let mut prompt = Prompt::default(); @@ -379,7 +396,7 @@ async fn responses_respects_model_info_overrides_from_config() { effort, summary.unwrap_or(model_info.default_reasoning_summary), /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await diff --git a/codex-rs/core/tests/suite/abort_tasks.rs b/codex-rs/core/tests/suite/abort_tasks.rs index 82bb8c87987..d44b4e5a237 100644 --- a/codex-rs/core/tests/suite/abort_tasks.rs +++ b/codex-rs/core/tests/suite/abort_tasks.rs @@ -46,7 +46,6 @@ async fn interrupt_long_running_tool_emits_turn_aborted() { // Kick off a turn that triggers the function call. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "start sleep".into(), text_elements: Vec::new(), @@ -104,7 +103,6 @@ async fn interrupt_tool_records_history_entries() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "start history recording".into(), text_elements: Vec::new(), @@ -126,7 +124,6 @@ async fn interrupt_tool_records_history_entries() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "follow up".into(), text_elements: Vec::new(), @@ -210,7 +207,6 @@ async fn interrupt_persists_turn_aborted_marker_in_next_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "start interrupt marker".into(), text_elements: Vec::new(), @@ -232,7 +228,6 @@ async fn interrupt_persists_turn_aborted_marker_in_next_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "follow up".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/additional_context.rs b/codex-rs/core/tests/suite/additional_context.rs index f9bfdb966b6..6812be95e47 100644 --- a/codex-rs/core/tests/suite/additional_context.rs +++ b/codex-rs/core/tests/suite/additional_context.rs @@ -37,7 +37,6 @@ async fn additional_context_is_model_visible_but_not_a_user_message_item() -> Re test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "inspect the active tab".to_string(), text_elements: Vec::new(), @@ -136,7 +135,6 @@ async fn external_context_like_user_text_remains_a_user_message_item() -> Result test.codex .submit(Op::UserInput { - environments: None, items: vec![user_input.clone()], final_output_json_schema: None, responsesapi_client_metadata: None, @@ -182,7 +180,6 @@ async fn additional_context_trust_controls_message_role() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "inspect context".to_string(), text_elements: Vec::new(), @@ -263,7 +260,6 @@ async fn additional_context_is_deduplicated_between_turns_while_retained() -> Re test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first turn".to_string(), text_elements: Vec::new(), @@ -281,7 +277,6 @@ async fn additional_context_is_deduplicated_between_turns_while_retained() -> Re test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "second turn".to_string(), text_elements: Vec::new(), @@ -343,7 +338,6 @@ async fn additional_context_removes_one_value_while_adding_another() -> Result<( test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first turn".to_string(), text_elements: Vec::new(), @@ -376,7 +370,6 @@ async fn additional_context_removes_one_value_while_adding_another() -> Result<( test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "second turn".to_string(), text_elements: Vec::new(), @@ -409,7 +402,6 @@ async fn additional_context_removes_one_value_while_adding_another() -> Result<( test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "third turn".to_string(), text_elements: Vec::new(), @@ -506,7 +498,6 @@ async fn additional_context_values_are_truncated_before_model_input() -> Result< test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "summarize context".to_string(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/agent_execution.rs b/codex-rs/core/tests/suite/agent_execution.rs new file mode 100644 index 00000000000..f073d700891 --- /dev/null +++ b/codex-rs/core/tests/suite/agent_execution.rs @@ -0,0 +1,122 @@ +use anyhow::Result; +use codex_features::Feature; +use core_test_support::responses::ev_assistant_message; +use core_test_support::responses::ev_completed; +use core_test_support::responses::ev_function_call; +use core_test_support::responses::ev_response_created; +use core_test_support::responses::mount_sse_once_match; +use core_test_support::responses::sse; +use core_test_support::responses::start_mock_server; +use core_test_support::test_codex::test_codex; +use pretty_assertions::assert_eq; +use serde_json::json; +use std::time::Duration; + +const FIRST_PROMPT: &str = "spawn the first worker"; +const FIRST_TASK: &str = "first worker task"; +const SECOND_TASK: &str = "second worker task"; + +fn body_contains(request: &wiremock::Request, text: &str) -> bool { + serde_json::from_slice::(&request.body) + .is_ok_and(|body| body.to_string().contains(text)) +} + +fn has_function_call_output(request: &wiremock::Request, call_id: &str) -> bool { + serde_json::from_slice::(&request.body).is_ok_and(|body| { + body.get("input") + .and_then(serde_json::Value::as_array) + .is_some_and(|items| { + items.iter().any(|item| { + item.get("type").and_then(serde_json::Value::as_str) + == Some("function_call_output") + && item.get("call_id").and_then(serde_json::Value::as_str) == Some(call_id) + }) + }) + }) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn v2_nested_spawn_checks_shared_active_execution_capacity() -> Result<()> { + let server = start_mock_server().await; + let first_args = serde_json::to_string(&json!({ + "message": FIRST_TASK, + "task_name": "first", + }))?; + mount_sse_once_match( + &server, + |request: &wiremock::Request| body_contains(request, FIRST_PROMPT), + sse(vec![ + ev_response_created("first-response"), + ev_function_call("first-call", "spawn_agent", &first_args), + ev_completed("first-response"), + ]), + ) + .await; + let second_args = serde_json::to_string(&json!({ + "message": SECOND_TASK, + "task_name": "second", + }))?; + mount_sse_once_match( + &server, + |request: &wiremock::Request| { + body_contains(request, FIRST_TASK) && !has_function_call_output(request, "first-call") + }, + sse(vec![ + ev_response_created("first-worker-response"), + ev_function_call("second-call", "spawn_agent", &second_args), + ev_completed("first-worker-response"), + ]), + ) + .await; + let second_followup = mount_sse_once_match( + &server, + |request: &wiremock::Request| has_function_call_output(request, "second-call"), + sse(vec![ + ev_response_created("second-followup-response"), + ev_assistant_message("second-followup-message", "blocked"), + ev_completed("second-followup-response"), + ]), + ) + .await; + mount_sse_once_match( + &server, + |request: &wiremock::Request| has_function_call_output(request, "first-call"), + sse(vec![ + ev_response_created("first-followup-response"), + ev_assistant_message("first-followup-message", "spawned"), + ev_completed("first-followup-response"), + ]), + ) + .await; + + let mut builder = test_codex().with_model("koffing").with_config(|config| { + config + .features + .enable(Feature::Collab) + .expect("test config should allow feature update"); + config + .features + .enable(Feature::MultiAgentV2) + .expect("test config should allow feature update"); + config.multi_agent_v2.max_concurrent_threads_per_session = 2; + }); + let test = builder.build(&server).await?; + test.submit_turn(FIRST_PROMPT).await?; + + let second_output = tokio::time::timeout(Duration::from_secs(2), async { + loop { + if let Some(output) = second_followup.function_call_output_text("second-call") { + return output; + } + tokio::time::sleep(Duration::from_millis(10)).await; + } + }) + .await?; + assert_eq!( + second_output, + "collab spawn failed: agent thread limit reached" + ); + assert_eq!(test.thread_manager.list_thread_ids().await.len(), 2); + + Ok(()) +} diff --git a/codex-rs/core/tests/suite/agents_md.rs b/codex-rs/core/tests/suite/agents_md.rs index 276fa4bb516..585fd9e9b36 100644 --- a/codex-rs/core/tests/suite/agents_md.rs +++ b/codex-rs/core/tests/suite/agents_md.rs @@ -1,12 +1,50 @@ use anyhow::Result; +use anyhow::anyhow; +use codex_core::ForkSnapshot; +use codex_core::StartThreadOptions; use codex_exec_server::CreateDirectoryOptions; +use codex_features::Feature; +use codex_home::CodexHomeUserInstructionsProvider; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::InitialHistory; +use codex_protocol::protocol::Op; +use codex_protocol::user_input::UserInput; +use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; +use core_test_support::PathBufExt; +use core_test_support::create_directory_symlink; +use core_test_support::load_default_config_for_test; +use core_test_support::responses; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_response_created; use core_test_support::responses::mount_sse_once; use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; +use core_test_support::skip_if_no_network; +use core_test_support::test_codex::RecordingUserInstructionsProvider; use core_test_support::test_codex::TestCodexBuilder; use core_test_support::test_codex::test_codex; +use core_test_support::wait_for_event; +use core_test_support::wait_for_event_match; +use pretty_assertions::assert_eq; +use serde_json::json; +use std::sync::Arc; +use std::time::Duration; +use tempfile::TempDir; + +const GLOBAL_AGENTS_FILENAME: &str = "AGENTS.md"; +const GLOBAL_AGENTS_OVERRIDE_FILENAME: &str = "AGENTS.override.md"; +const GLOBAL_INSTRUCTIONS: &str = "global instructions"; +const NEW_GLOBAL_INSTRUCTIONS: &str = "new global instructions"; +const NEW_PROJECT_INSTRUCTIONS: &str = "new project instructions"; +const OLD_GLOBAL_INSTRUCTIONS: &str = "old global instructions"; +const PROJECT_INSTRUCTIONS: &str = "project instructions"; +const PROJECT_SEPARATOR: &str = "--- project-doc ---"; +const SPAWN_CALL_ID: &str = "spawn-global-instructions-child"; +const SPAWN_CHILD_PROMPT: &str = "inspect inherited global instructions"; +const SPAWN_FRESH_PARENT_PROMPT: &str = "spawn a child with fresh context"; +const SPAWN_PARENT_PROMPT: &str = "spawn a child with the parent context"; +const SPAWN_SEED_PROMPT: &str = "seed parent history"; async fn agents_instructions(mut builder: TestCodexBuilder) -> Result { let server = start_mock_server().await; @@ -27,16 +65,64 @@ async fn agents_instructions(mut builder: TestCodexBuilder) -> Result { .ok_or_else(|| anyhow::anyhow!("instructions message not found")) } +fn write_global_file( + home: &TempDir, + filename: &str, + contents: impl AsRef<[u8]>, +) -> Result { + let path = home.path().join(filename); + std::fs::write(&path, contents)?; + Ok(path.abs()) +} + +fn instruction_fragments(request: &responses::ResponsesRequest) -> Vec { + request + .message_input_texts("user") + .into_iter() + .filter(|text| text.starts_with("# AGENTS.md instructions for ")) + .collect() +} + +fn expected_instruction_fragment(cwd: &AbsolutePathBuf, contents: &str) -> String { + let cwd = cwd.as_path().display(); + format!("# AGENTS.md instructions for {cwd}\n\n\n{contents}\n") +} + +fn assert_single_instruction_fragment(request: &responses::ResponsesRequest, expected: &str) { + assert_eq!(instruction_fragments(request), vec![expected.to_string()]); +} + +fn request_body_contains(request: &wiremock::Request, text: &str) -> bool { + let is_zstd = request + .headers + .get("content-encoding") + .and_then(|value| value.to_str().ok()) + .is_some_and(|value| { + value + .split(',') + .any(|entry| entry.trim().eq_ignore_ascii_case("zstd")) + }); + let body = if is_zstd { + zstd::stream::decode_all(std::io::Cursor::new(&request.body)).ok() + } else { + Some(request.body.clone()) + }; + body.and_then(|body| String::from_utf8(body).ok()) + .is_some_and(|body| body.contains(text)) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn agents_override_is_preferred_over_agents_md() -> Result<()> { let instructions = agents_instructions(test_codex().with_workspace_setup(|cwd, fs| async move { let agents_md = cwd.join("AGENTS.md"); let override_md = cwd.join("AGENTS.override.md"); - fs.write_file(&agents_md, b"base doc".to_vec(), /*sandbox*/ None) + let agents_md_uri = PathUri::from_path(&agents_md)?; + let override_md_uri = PathUri::from_path(&override_md)?; + fs.write_file(&agents_md_uri, b"base doc".to_vec(), /*sandbox*/ None) .await?; fs.write_file( - &override_md, + &override_md_uri, b"override doc".to_vec(), /*sandbox*/ None, ) @@ -67,14 +153,20 @@ async fn configured_fallback_is_used_when_agents_candidate_is_directory() -> Res .with_workspace_setup(|cwd, fs| async move { let agents_dir = cwd.join("AGENTS.md"); let fallback = cwd.join("WORKFLOW.md"); + let agents_dir_uri = PathUri::from_path(&agents_dir)?; + let fallback_uri = PathUri::from_path(&fallback)?; fs.create_directory( - &agents_dir, + &agents_dir_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; - fs.write_file(&fallback, b"fallback doc".to_vec(), /*sandbox*/ None) - .await?; + fs.write_file( + &fallback_uri, + b"fallback doc".to_vec(), + /*sandbox*/ None, + ) + .await?; Ok::<(), anyhow::Error>(()) }), ) @@ -104,23 +196,35 @@ async fn agents_docs_are_concatenated_from_project_root_to_cwd() -> Result<()> { let root_agents = root.join("AGENTS.md"); let git_marker = root.join(".git"); let nested_agents = nested.join("AGENTS.md"); + let nested_uri = PathUri::from_path(&nested)?; + let root_agents_uri = PathUri::from_path(&root_agents)?; + let git_marker_uri = PathUri::from_path(&git_marker)?; + let nested_agents_uri = PathUri::from_path(&nested_agents)?; fs.create_directory( - &nested, + &nested_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; - fs.write_file(&root_agents, b"root doc".to_vec(), /*sandbox*/ None) - .await?; fs.write_file( - &git_marker, + &root_agents_uri, + b"root doc".to_vec(), + /*sandbox*/ None, + ) + .await?; + fs.write_file( + &git_marker_uri, b"gitdir: /tmp/mock-git-dir\n".to_vec(), /*sandbox*/ None, ) .await?; - fs.write_file(&nested_agents, b"child doc".to_vec(), /*sandbox*/ None) - .await?; + fs.write_file( + &nested_agents_uri, + b"child doc".to_vec(), + /*sandbox*/ None, + ) + .await?; Ok::<(), anyhow::Error>(()) }), ) @@ -139,3 +243,738 @@ async fn agents_docs_are_concatenated_from_project_root_to_cwd() -> Result<()> { Ok(()) } + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn symlinked_cwd_uses_logical_parent_for_agents_discovery() -> Result<()> { + let server = start_mock_server().await; + let resp_mock = mount_sse_once( + &server, + sse(vec![ev_response_created("resp1"), ev_completed("resp1")]), + ) + .await; + + let mut builder = test_codex() + .with_config(|config| { + config.cwd = config.cwd.join("logical-repo/workspace"); + }) + .with_workspace_setup(|cwd, _fs| async move { + // Construct two sibling repositories with the configured cwd as a + // directory symlink from the logical repository into the physical + // repository: + // + // test-root/ + // |-- logical-repo/ + // | |-- .git + // | |-- AGENTS.md ("logical parent doc") + // | `-- workspace ------------> physical-repo/workspace/ + // `-- physical-repo/ + // |-- .git + // |-- AGENTS.md ("physical parent doc") + // `-- workspace/ + // `-- AGENTS.md ("workspace doc") + // + // Discovery should walk the lexical path through logical-repo, + // while opening logical-repo/workspace/AGENTS.md still follows the + // symlink into physical-repo/workspace. + let logical_root = cwd.parent().expect("symlink should have a parent"); + let test_root = logical_root + .parent() + .expect("logical repository should have a parent"); + let physical_root = test_root.join("physical-repo"); + let physical_workspace = physical_root.join("workspace"); + + std::fs::create_dir_all(logical_root.as_path())?; + std::fs::write(logical_root.join(".git"), "")?; + std::fs::write(logical_root.join("AGENTS.md"), "logical parent doc")?; + + std::fs::create_dir_all(physical_workspace.as_path())?; + std::fs::write(physical_root.join(".git"), "")?; + std::fs::write(physical_root.join("AGENTS.md"), "physical parent doc")?; + std::fs::write(physical_workspace.join("AGENTS.md"), "workspace doc")?; + + create_directory_symlink(physical_workspace.as_path(), cwd.as_path()); + Ok(()) + }); + let test = builder.build(&server).await?; + let logical_root = test + .config + .cwd + .parent() + .expect("symlink should have a parent"); + + assert_eq!( + test.codex.instruction_sources().await, + vec![ + logical_root.join("AGENTS.md"), + test.config.cwd.join("AGENTS.md") + ] + ); + + test.submit_turn("hello").await?; + let instructions = resp_mock + .single_request() + .message_input_texts("user") + .into_iter() + .find(|text| text.starts_with("# AGENTS.md instructions for ")) + .expect("instructions message"); + assert!(instructions.contains("logical parent doc")); + assert!(instructions.contains("workspace doc")); + assert!(!instructions.contains("physical parent doc")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn selected_environment_sources_match_model_visible_instructions() -> Result<()> { + let server = start_mock_server().await; + let resp_mock = mount_sse_once( + &server, + sse(vec![ev_response_created("resp1"), ev_completed("resp1")]), + ) + .await; + let home = Arc::new(TempDir::new()?); + let global_agents = home.path().join("AGENTS.md"); + std::fs::write(&global_agents, "global doc")?; + + let mut builder = test_codex() + .with_home(home) + .with_workspace_setup(|cwd, fs| async move { + let agents_md_uri = PathUri::from_path(cwd.join("AGENTS.md"))?; + fs.write_file( + &agents_md_uri, + b"project doc".to_vec(), + /*sandbox*/ None, + ) + .await?; + Ok::<(), anyhow::Error>(()) + }); + let test = builder.build_with_remote_env(&server).await?; + let project_agents = test.config.cwd.join("AGENTS.md"); + let global_agents = global_agents.abs(); + + assert_eq!( + test.codex.instruction_sources().await, + vec![global_agents, project_agents] + ); + + test.submit_turn("hello").await?; + let instructions = resp_mock + .single_request() + .message_input_texts("user") + .into_iter() + .find(|text| text.starts_with("# AGENTS.md instructions for ")) + .expect("instructions message"); + assert!(instructions.contains("global doc\n\n--- project-doc ---\n\nproject doc")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn loads_user_instructions_without_a_primary_environment() -> Result<()> { + let server = start_mock_server().await; + let response_mock = mount_sse_once( + &server, + sse(vec![ + ev_response_created("no-primary-environment-response"), + ev_completed("no-primary-environment-response"), + ]), + ) + .await; + let home = Arc::new(TempDir::new()?); + let global_source = + write_global_file(home.as_ref(), GLOBAL_AGENTS_FILENAME, GLOBAL_INSTRUCTIONS)?; + let provider = Arc::new(RecordingUserInstructionsProvider::new(Arc::new( + CodexHomeUserInstructionsProvider::new(AbsolutePathBuf::try_from( + home.path().to_path_buf(), + )?), + ))); + + let mut builder = test_codex() + .with_home(Arc::clone(&home)) + .with_user_instructions_provider(provider.clone()) + .with_workspace_setup(|cwd, fs| async move { + let project_agents_uri = PathUri::from_path(cwd.join(GLOBAL_AGENTS_FILENAME))?; + fs.write_file( + &project_agents_uri, + PROJECT_INSTRUCTIONS.as_bytes().to_vec(), + /*sandbox*/ None, + ) + .await?; + Ok(()) + }); + let test = builder.build_with_remote_env(&server).await?; + assert_eq!(provider.load_count(), 1); + + let no_environment_thread = test + .thread_manager + .start_thread_with_options(StartThreadOptions { + config: test.config.clone(), + initial_history: InitialHistory::New, + session_source: None, + thread_source: None, + dynamic_tools: Vec::new(), + metrics_service_name: None, + parent_trace: None, + environments: Vec::new(), + thread_extension_init: Default::default(), + }) + .await?; + assert_eq!(provider.load_count(), 2); + assert_eq!( + no_environment_thread.thread.instruction_sources().await, + vec![global_source] + ); + + no_environment_thread + .thread + .submit(Op::UserInput { + items: vec![UserInput::Text { + text: "inspect global instructions without an environment".to_string(), + text_elements: Vec::new(), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: Default::default(), + }) + .await?; + wait_for_event(&no_environment_thread.thread, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let instruction_fragments = instruction_fragments(&response_mock.single_request()); + assert_eq!(instruction_fragments.len(), 1); + assert!(instruction_fragments[0].contains(GLOBAL_INSTRUCTIONS)); + assert!(!instruction_fragments[0].contains(PROJECT_INSTRUCTIONS)); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn fresh_thread_composes_global_before_project_and_reports_sources() -> Result<()> { + // Set up one global source, one project source, and two ordinary model turns. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("response-1"), + responses::ev_completed("response-1"), + ]), + responses::sse(vec![ + responses::ev_response_created("response-2"), + responses::ev_completed("response-2"), + ]), + ], + ) + .await; + let home = Arc::new(TempDir::new()?); + let global_source = + write_global_file(home.as_ref(), GLOBAL_AGENTS_FILENAME, GLOBAL_INSTRUCTIONS)?; + + let mut builder = test_codex() + .with_home(Arc::clone(&home)) + .with_workspace_setup(|cwd, fs| async move { + let agents_md_uri = PathUri::from_path(cwd.join("AGENTS.md"))?; + fs.write_file( + &agents_md_uri, + PROJECT_INSTRUCTIONS.as_bytes().to_vec(), + /*sandbox*/ None, + ) + .await?; + Ok(()) + }); + let test = builder.build_with_remote_env(&server).await?; + let project_source = test.config.cwd.join(GLOBAL_AGENTS_FILENAME); + let creation_sources = vec![global_source.clone(), project_source.clone()]; + + // Confirm the thread records both creation-time sources in composition order. + assert_eq!(test.codex.instruction_sources().await, creation_sources); + + // Materialize the initial snapshot, then rewrite both selected files in place before another + // ordinary turn. + test.submit_turn("first turn").await?; + let rewritten_global_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + test.fs() + .write_file( + &PathUri::from_path(&project_source)?, + NEW_PROJECT_INSTRUCTIONS.as_bytes().to_vec(), + /*sandbox*/ None, + ) + .await?; + assert_eq!( + rewritten_global_source, global_source, + "same-path mutation should retain the selected global source path" + ); + test.submit_turn("second turn").await?; + + // Assert the running thread keeps its original rendering and structured prefix even though + // both files at the reported source paths now contain different text. + let requests = response_mock.requests(); + assert_eq!(requests.len(), 2); + let expected_contents = + format!("{GLOBAL_INSTRUCTIONS}\n\n{PROJECT_SEPARATOR}\n\n{PROJECT_INSTRUCTIONS}"); + let expected_fragment = expected_instruction_fragment(&test.config.cwd, &expected_contents); + let fragments = instruction_fragments(&requests[0]); + assert_eq!(fragments, vec![expected_fragment.clone()]); + assert_single_instruction_fragment(&requests[1], &expected_fragment); + let rendered = fragments + .into_iter() + .next() + .ok_or_else(|| anyhow!("expected one rendered instruction fragment"))?; + let global_position = rendered.find(GLOBAL_INSTRUCTIONS).ok_or_else(|| { + anyhow!( + "expected rendered instructions to contain {GLOBAL_INSTRUCTIONS:?}; observed: {rendered}" + ) + })?; + let project_position = rendered.find(PROJECT_INSTRUCTIONS).ok_or_else(|| { + anyhow!( + "expected rendered instructions to contain {PROJECT_INSTRUCTIONS:?}; observed: {rendered}" + ) + })?; + assert!( + global_position < project_position, + "global instructions should precede project instructions: {rendered}" + ); + assert!( + rendered.contains(PROJECT_SEPARATOR), + "expected rendered instructions to contain {PROJECT_SEPARATOR:?}; observed: {rendered}" + ); + assert_eq!( + test.codex.instruction_sources().await, + creation_sources, + "ordinary turns retain the creation-time source list" + ); + let first_input = requests[0].input(); + let second_input = requests[1].input(); + assert_eq!( + second_input.get(..first_input.len()), + Some(first_input.as_slice()), + "the ordinary second turn should retain the cached prefix" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn global_loading_warning_surfaces_during_thread_creation() -> Result<()> { + // Set up a malformed global instruction file and one model response. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("warning-response"), + responses::ev_completed("warning-response"), + ]), + ) + .await; + let home = Arc::new(TempDir::new()?); + let source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + b"global\xFFinstructions", + )?; + + // Create the thread, capture its load warning, and submit one turn for rendered output. + let mut builder = test_codex().with_home(home); + let test = builder.build(&server).await?; + let warning = wait_for_event_match(&test.codex, |event| match event { + EventMsg::Warning(warning) + if warning + .message + .contains(source.as_path().display().to_string().as_str()) => + { + Some(warning.message.clone()) + } + _ => None, + }) + .await; + test.submit_turn("inspect lossy global instructions") + .await?; + + // Assert the source is reported, the warning is specific, and rendering is lossily decoded. + assert_eq!(test.codex.instruction_sources().await, vec![source.clone()]); + assert!( + warning.contains("invalid UTF-8"), + "expected warning to contain \"invalid UTF-8\"; observed: {warning}" + ); + let expected_fragment = + expected_instruction_fragment(&test.config.cwd, "global\u{FFFD}instructions"); + assert_single_instruction_fragment(&response_mock.single_request(), &expected_fragment); + + Ok(()) +} + +// TODO(anp): Align cold-resume instruction sources with the historical instructions replayed to +// the model so the API source list and model-visible context describe the same files. +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn cold_resume_replays_rendered_instructions_but_reports_current_config_sources() -> Result<()> +{ + // Set up an initial turn and a later cold-resumed turn against the same rollout. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("initial-response"), + responses::ev_completed("initial-response"), + ]), + responses::sse(vec![ + responses::ev_response_created("resumed-response"), + responses::ev_completed("resumed-response"), + ]), + ], + ) + .await; + let home = Arc::new(TempDir::new()?); + let old_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + OLD_GLOBAL_INSTRUCTIONS, + )?; + + // Create the initial thread and persist its creation-time instruction snapshot. + let mut initial_builder = test_codex().with_home(Arc::clone(&home)); + let initial = initial_builder.build(&server).await?; + + // Assert the pre-resume thread reports the source used to create its snapshot. + assert_eq!( + initial.codex.instruction_sources().await, + vec![old_source.clone()], + "initial thread reports the creation-time global source" + ); + initial.submit_turn("persist instructions").await?; + let rollout_path = initial + .session_configured + .rollout_path + .clone() + .expect("rollout path"); + initial.codex.submit(Op::Shutdown).await?; + wait_for_event(&initial.codex, |event| { + matches!(event, EventMsg::ShutdownComplete) + }) + .await; + + // Add a preferred override source, then cold-resume with freshly loaded configuration. + let new_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_OVERRIDE_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + assert_ne!(old_source, new_source); + let mut resume_builder = test_codex().with_home(Arc::clone(&home)); + let resumed = resume_builder + .resume(&server, Arc::clone(&home), rollout_path) + .await?; + + // Assert the API reports the new source while model history replays the old structured prefix. + assert_eq!( + resumed.codex.instruction_sources().await, + vec![new_source], + "resume reports sources from the newly loaded config" + ); + + resumed.submit_turn("continue resumed thread").await?; + + let requests = response_mock.requests(); + assert_eq!(requests.len(), 2); + let initial_input = requests[0].input(); + let resumed_input = requests[1].input(); + assert_eq!( + resumed_input.get(..initial_input.len()), + Some(initial_input.as_slice()), + "cold resume should replay the original structured input prefix" + ); + let expected_fragment = + expected_instruction_fragment(&initial.config.cwd, OLD_GLOBAL_INSTRUCTIONS); + assert_single_instruction_fragment(&requests[0], &expected_fragment); + assert_single_instruction_fragment(&requests[1], &expected_fragment); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn fork_replays_rendered_instructions_from_shared_history() -> Result<()> { + // Set up a parent turn and a later fork turn against the parent's rollout. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("parent-response"), + responses::ev_completed("parent-response"), + ]), + responses::sse(vec![ + responses::ev_response_created("fork-response"), + responses::ev_completed("fork-response"), + ]), + ], + ) + .await; + let home = Arc::new(TempDir::new()?); + let source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + OLD_GLOBAL_INSTRUCTIONS, + )?; + + // Create the parent and persist its creation-time instruction snapshot. + let mut builder = test_codex().with_home(Arc::clone(&home)); + let parent = builder.build(&server).await?; + + // Assert the parent reports the source used to create its snapshot. + assert_eq!( + parent.codex.instruction_sources().await, + vec![source.clone()], + "parent reports the creation-time global source" + ); + parent.submit_turn("persist instructions").await?; + parent.codex.ensure_rollout_materialized().await; + parent.codex.flush_rollout().await?; + let rollout_path = parent.codex.rollout_path().expect("rollout path"); + + // Add a preferred override source, then fork with freshly loaded configuration. + let new_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_OVERRIDE_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + assert_ne!(source, new_source); + let mut fork_config = load_default_config_for_test(home.as_ref()).await; + fork_config.cwd = parent.config.cwd.clone(); + fork_config.model = parent.config.model.clone(); + fork_config.model_provider = parent.config.model_provider.clone(); + fork_config.model_catalog = parent.config.model_catalog.clone(); + fork_config.codex_self_exe = parent.config.codex_self_exe.clone(); + let forked = parent + .thread_manager + .fork_thread( + ForkSnapshot::Interrupted, + fork_config, + rollout_path, + /*thread_source*/ None, + /*parent_trace*/ None, + ) + .await?; + + // Assert the fork reports the new source before issuing its first turn. + assert_eq!( + forked.thread.instruction_sources().await, + vec![new_source], + "fork config should reflect the newly loaded global source" + ); + + forked + .thread + .submit(Op::UserInput { + items: vec![UserInput::Text { + text: "continue fork".to_string(), + text_elements: Vec::new(), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: Default::default(), + }) + .await?; + wait_for_event(&forked.thread, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + // Assert the forked model request replays the parent's exact structured history. + let requests = response_mock.requests(); + assert_eq!(requests.len(), 2); + let parent_input = requests[0].input(); + let fork_input = requests[1].input(); + assert_eq!( + fork_input.get(..parent_input.len()), + Some(parent_input.as_slice()), + "fork should replay the parent's original structured input prefix" + ); + let expected_fragment = + expected_instruction_fragment(&parent.config.cwd, OLD_GLOBAL_INSTRUCTIONS); + assert_single_instruction_fragment(&requests[0], &expected_fragment); + assert_single_instruction_fragment(&requests[1], &expected_fragment); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn forked_subagent_replays_one_creation_time_global_instruction_fragment() -> Result<()> { + skip_if_no_network!(Ok(())); + run_subagent_global_instruction_case(/*fork_context*/ true).await +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn fresh_subagent_uses_creation_time_instructions_without_parent_history() -> Result<()> { + skip_if_no_network!(Ok(())); + run_subagent_global_instruction_case(/*fork_context*/ false).await +} + +async fn run_subagent_global_instruction_case(fork_context: bool) -> Result<()> { + // Set up matched responses for the parent seed, spawn call, child turn, and parent follow-up. + let server = responses::start_mock_server().await; + let parent_prompt = if fork_context { + SPAWN_PARENT_PROMPT + } else { + SPAWN_FRESH_PARENT_PROMPT + }; + let seed_mock = responses::mount_sse_once_match( + &server, + |request: &wiremock::Request| request_body_contains(request, SPAWN_SEED_PROMPT), + responses::sse(vec![ + responses::ev_response_created("seed-response"), + responses::ev_assistant_message("seed-message", "seeded"), + responses::ev_completed("seed-response"), + ]), + ) + .await; + let spawn_args = serde_json::to_string(&json!({ + "message": SPAWN_CHILD_PROMPT, + "fork_context": fork_context, + }))?; + let spawn_mock = responses::mount_sse_once_match( + &server, + move |request: &wiremock::Request| request_body_contains(request, parent_prompt), + responses::sse(vec![ + responses::ev_response_created("spawn-response"), + responses::ev_function_call_with_namespace( + SPAWN_CALL_ID, + "multi_agent_v1", + "spawn_agent", + &spawn_args, + ), + responses::ev_completed("spawn-response"), + ]), + ) + .await; + let child_mock = responses::mount_sse_once_match( + &server, + |request: &wiremock::Request| { + request_body_contains(request, SPAWN_CHILD_PROMPT) + && !request_body_contains(request, SPAWN_CALL_ID) + }, + responses::sse(vec![ + responses::ev_response_created("child-response"), + responses::ev_assistant_message("child-message", "done"), + responses::ev_completed("child-response"), + ]), + ) + .await; + responses::mount_sse_once_match( + &server, + |request: &wiremock::Request| request_body_contains(request, SPAWN_CALL_ID), + responses::sse(vec![ + responses::ev_response_created("spawn-follow-up-response"), + responses::ev_assistant_message("spawn-follow-up-message", "child started"), + responses::ev_completed("spawn-follow-up-response"), + ]), + ) + .await; + + // Create the parent thread, record its source, and seed the history inherited by the child. + let home = Arc::new(TempDir::new()?); + let source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + OLD_GLOBAL_INSTRUCTIONS, + )?; + let mut builder = test_codex() + .with_home(Arc::clone(&home)) + .with_config(|config| { + let _ = config.features.enable(Feature::Collab); + let _ = config.features.disable(Feature::EnableRequestCompression); + }); + let test = builder.build(&server).await?; + + // Assert the parent reports the creation-time source before spawning. + assert_eq!( + test.codex.instruction_sources().await, + vec![source.clone()], + "parent reports the creation-time global source before spawning" + ); + test.submit_turn(SPAWN_SEED_PROMPT).await?; + let seed_request = seed_mock.single_request(); + + // Add a preferred override, then spawn a full-history child while observing its thread ID. + let new_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_OVERRIDE_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + assert_ne!(source, new_source); + let mut created_threads = test.thread_manager.subscribe_thread_created(); + test.submit_turn(parent_prompt).await?; + let child_thread_id = tokio::time::timeout(Duration::from_secs(10), created_threads.recv()) + .await + .map_err(|_| anyhow!("timed out waiting for the subagent thread"))??; + let child_thread = test.thread_manager.get_thread(child_thread_id).await?; + let spawn_request = spawn_mock.single_request(); + let child_request = tokio::time::timeout(Duration::from_secs(10), async { + loop { + if let Some(request) = child_mock.requests().into_iter().find(|request| { + request + .message_input_texts("user") + .iter() + .any(|text| text == SPAWN_CHILD_PROMPT) + }) { + break request; + } + tokio::time::sleep(Duration::from_millis(10)).await; + } + }) + .await + .map_err(|_| anyhow!("timed out waiting for the subagent request"))?; + + // Assert parent and child report and render the parent's creation-time snapshot exactly once. + let expected_fragment = + expected_instruction_fragment(&test.config.cwd, OLD_GLOBAL_INSTRUCTIONS); + assert_single_instruction_fragment(&seed_request, &expected_fragment); + assert_single_instruction_fragment(&spawn_request, &expected_fragment); + assert_single_instruction_fragment(&child_request, &expected_fragment); + assert_eq!( + test.codex.instruction_sources().await, + vec![source.clone()], + "running parent retains the creation-time global source after spawning" + ); + assert_eq!( + child_thread.instruction_sources().await, + vec![source], + "subagent reports the parent's creation-time source" + ); + if fork_context { + let seed_input = seed_request.input(); + let child_input = child_request.input(); + assert_eq!( + child_input.get(..seed_input.len()), + Some(seed_input.as_slice()), + "forked subagent should replay the parent's original structured input prefix" + ); + } else { + let child_user_texts = child_request.message_input_texts("user"); + assert_eq!( + child_user_texts + .iter() + .filter(|text| text.as_str() == SPAWN_SEED_PROMPT) + .count(), + 0, + "fresh-context subagent should omit parent user history; observed: {child_user_texts:?}" + ); + assert_eq!( + child_user_texts + .iter() + .filter(|text| text.as_str() == SPAWN_CHILD_PROMPT) + .count(), + 1, + "fresh-context subagent should contain its own prompt exactly once; observed: {child_user_texts:?}" + ); + } + + Ok(()) +} diff --git a/codex-rs/core/tests/suite/apply_patch_cli.rs b/codex-rs/core/tests/suite/apply_patch_cli.rs index da138851f55..f320063a668 100644 --- a/codex-rs/core/tests/suite/apply_patch_cli.rs +++ b/codex-rs/core/tests/suite/apply_patch_cli.rs @@ -7,12 +7,20 @@ use core_test_support::responses::ev_apply_patch_custom_tool_call; use core_test_support::responses::ev_apply_patch_shell_command_call_via_heredoc; use core_test_support::responses::ev_shell_command_call; use core_test_support::test_codex::ApplyPatchModelOutput; +use core_test_support::test_codex::local_selections; use pretty_assertions::assert_eq; +use std::fs; +use std::path::PathBuf; use std::sync::atomic::AtomicI32; use std::sync::atomic::Ordering; use std::time::Duration; +use std::time::SystemTime; +use std::time::UNIX_EPOCH; use codex_exec_server::CreateDirectoryOptions; +use codex_exec_server::LOCAL_ENVIRONMENT_ID; +use codex_exec_server::REMOTE_ENVIRONMENT_ID; +use codex_exec_server::RemoveOptions; use codex_features::Feature; use codex_protocol::models::PermissionProfile; use codex_protocol::permissions::FileSystemAccessMode; @@ -25,11 +33,15 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::protocol::SandboxPolicy; +use codex_protocol::protocol::TurnEnvironmentSelection; use codex_protocol::user_input::UserInput; #[cfg(target_os = "linux")] use codex_sandboxing::landlock::CODEX_LINUX_SANDBOX_ARG0; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; +use core_test_support::PathBufExt; use core_test_support::assert_regex_match; +use core_test_support::get_remote_test_env; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_function_call; @@ -37,11 +49,14 @@ use core_test_support::responses::ev_response_created; use core_test_support::responses::ev_shell_command_call_with_args; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; +use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::skip_if_remote; use core_test_support::test_codex::TestCodexBuilder; use core_test_support::test_codex::TestCodexHarness; +use core_test_support::test_codex::local; use core_test_support::test_codex::test_codex; +use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; use core_test_support::wait_for_event_with_timeout; use serde_json::json; @@ -88,12 +103,11 @@ async fn submit_without_wait_with_turn_permissions( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(harness.cwd().to_path_buf()), + environments: Some(local_selections(harness.cwd_abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -1316,25 +1330,24 @@ async fn apply_patch_turn_diff_paths_stay_repo_relative_when_session_cwd_is_nest config.cwd = config.cwd.join("subdir"); }) .with_workspace_setup(|cwd, fs| async move { + let cwd_uri = PathUri::from_path(&cwd)?; fs.create_directory( - &cwd, + &cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; let repo_root = cwd.parent().expect("nested cwd should have parent"); + let git_uri = PathUri::from_path(repo_root.join(".git"))?; + let repo_file_uri = PathUri::from_path(repo_root.join("repo.txt"))?; fs.write_file( - &repo_root.join(".git"), + &git_uri, b"gitdir: /tmp/fake-worktree\n".to_vec(), /*sandbox*/ None, ) .await?; - fs.write_file( - &repo_root.join("repo.txt"), - b"before\n".to_vec(), - /*sandbox*/ None, - ) - .await?; + fs.write_file(&repo_file_uri, b"before\n".to_vec(), /*sandbox*/ None) + .await?; Ok(()) }) }) @@ -1553,6 +1566,166 @@ async fn apply_patch_emits_turn_diff_event_with_unified_diff() -> Result<()> { Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn apply_patch_turn_diff_tracks_local_and_remote_environment_paths() -> Result<()> { + skip_if_no_network!(Ok(())); + let Some(_remote_env) = get_remote_test_env() else { + return Ok(()); + }; + + let server = start_mock_server().await; + let mut builder = test_codex(); + let test = builder.build_with_remote_and_local_env(&server).await?; + let file_name = "shared-turn-diff.txt"; + let shared_cwd = PathBuf::from(format!( + "/tmp/codex-remote-turn-diff-{}", + SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() + )) + .abs(); + let shared_cwd_uri = PathUri::from_path(&shared_cwd)?; + let _ = fs::remove_dir_all(shared_cwd.as_path()); + test.fs() + .remove( + &shared_cwd_uri, + RemoveOptions { + recursive: true, + force: true, + }, + /*sandbox*/ None, + ) + .await?; + fs::create_dir_all(shared_cwd.as_path())?; + test.fs() + .create_directory( + &shared_cwd_uri, + CreateDirectoryOptions { recursive: true }, + /*sandbox*/ None, + ) + .await?; + + let local_patch = format!( + "*** Begin Patch\n*** Environment ID: {LOCAL_ENVIRONMENT_ID}\n*** Add File: {file_name}\n+local\n*** End Patch" + ); + let remote_patch = format!( + "*** Begin Patch\n*** Environment ID: {REMOTE_ENVIRONMENT_ID}\n*** Add File: {file_name}\n+remote\n*** End Patch" + ); + mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-local"), + ev_apply_patch_custom_tool_call("call-local", &local_patch), + ev_completed("resp-local"), + ]), + sse(vec![ + ev_response_created("resp-remote"), + ev_apply_patch_custom_tool_call("call-remote", &remote_patch), + ev_completed("resp-remote"), + ]), + sse(vec![ + ev_response_created("resp-done"), + ev_assistant_message("msg-done", "done"), + ev_completed("resp-done"), + ]), + ], + ) + .await; + + let (sandbox_policy, permission_profile) = + turn_permission_fields(PermissionProfile::Disabled, test.config.cwd.as_path()); + let environments = vec![ + local(shared_cwd.clone()), + TurnEnvironmentSelection { + environment_id: REMOTE_ENVIRONMENT_ID.to_string(), + cwd: shared_cwd.clone(), + }, + ]; + test.codex + .submit(Op::UserInput { + items: vec![UserInput::Text { + text: "apply matching patches to local and remote environments".into(), + text_elements: Vec::new(), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { + environments: Some(codex_protocol::protocol::TurnEnvironmentSelections::new( + test.config.cwd.clone(), + environments, + )), + approval_policy: Some(AskForApproval::Never), + sandbox_policy: Some(sandbox_policy), + permission_profile, + collaboration_mode: Some(codex_protocol::config_types::CollaborationMode { + mode: codex_protocol::config_types::ModeKind::Default, + settings: codex_protocol::config_types::Settings { + model: test.session_configured.model.clone(), + reasoning_effort: None, + developer_instructions: None, + }, + }), + ..Default::default() + }, + }) + .await?; + + let mut last_diff = None; + wait_for_event(&test.codex, |event| match event { + EventMsg::TurnDiff(ev) => { + last_diff = Some(ev.unified_diff.clone()); + false + } + EventMsg::TurnComplete(_) => true, + _ => false, + }) + .await; + + assert_eq!(fs::read_to_string(shared_cwd.join(file_name))?, "local\n"); + assert_eq!( + test.fs() + .read_file_text( + &PathUri::from_path(shared_cwd.join(file_name))?, + /*sandbox*/ None, + ) + .await?, + "remote\n" + ); + let diff = last_diff.expect("expected TurnDiff event"); + assert_eq!( + diff, + r#"diff --git a/local/shared-turn-diff.txt b/local/shared-turn-diff.txt +new file mode 100644 +index 0000000000000000000000000000000000000000..40830374235df1c19661a2901b7ca73cc9499f3d +--- /dev/null ++++ b/local/shared-turn-diff.txt +@@ -0,0 +1 @@ ++local +diff --git a/remote/shared-turn-diff.txt b/remote/shared-turn-diff.txt +new file mode 100644 +index 0000000000000000000000000000000000000000..9c998f7b995a7327177b38a90d1385170df2b94b +--- /dev/null ++++ b/remote/shared-turn-diff.txt +@@ -0,0 +1 @@ ++remote +"# + ); + + let _ = fs::remove_dir_all(shared_cwd.as_path()); + test.fs() + .remove( + &shared_cwd_uri, + RemoveOptions { + recursive: true, + force: true, + }, + /*sandbox*/ None, + ) + .await?; + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn apply_patch_aggregates_diff_across_multiple_tool_calls() -> Result<()> { skip_if_no_network!(Ok(())); @@ -1682,8 +1855,9 @@ async fn apply_patch_clears_aggregated_diff_after_inexact_delta() -> Result<()> let harness = apply_patch_harness_with(|builder| { builder.with_workspace_setup(|cwd, fs| async move { + let binary_path_uri = PathUri::from_path(cwd.join("binary.dat"))?; fs.write_file( - &cwd.join("binary.dat"), + &binary_path_uri, vec![0xff, 0xfe, 0xfd], /*sandbox*/ None, ) diff --git a/codex-rs/core/tests/suite/approvals.rs b/codex-rs/core/tests/suite/approvals.rs index aceac7320e4..927b1f18f9e 100644 --- a/codex-rs/core/tests/suite/approvals.rs +++ b/codex-rs/core/tests/suite/approvals.rs @@ -39,6 +39,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -658,12 +659,11 @@ async fn submit_turn( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer: Some(ApprovalsReviewer::User), sandbox_policy: Some(sandbox_policy), @@ -2619,12 +2619,11 @@ async fn env_zsh_script_spawned_by_python_can_request_escalation_under_zsh_fork( text: "run nested env zsh script through python".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer: Some(ApprovalsReviewer::User), sandbox_policy: Some(sandbox_policy), @@ -2764,12 +2763,11 @@ async fn matched_prefix_rule_runs_unsandboxed_under_zsh_fork() -> Result<()> { text: "run allowed touch under zsh fork".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer: Some(ApprovalsReviewer::User), sandbox_policy: Some(sandbox_policy), @@ -3356,12 +3354,11 @@ allow_local_binding = true text: "deny-read network retry".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer: Some(ApprovalsReviewer::User), sandbox_policy: Some(turn_sandbox_policy), diff --git a/codex-rs/core/tests/suite/auto_review.rs b/codex-rs/core/tests/suite/auto_review.rs index 570f97008f9..7dae7c4c620 100644 --- a/codex-rs/core/tests/suite/auto_review.rs +++ b/codex-rs/core/tests/suite/auto_review.rs @@ -22,6 +22,7 @@ use codex_protocol::protocol::Op; use codex_protocol::request_permissions::PermissionGrantScope; use codex_protocol::request_permissions::RequestPermissionsResponse; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::responses::ev_apply_patch_custom_tool_call; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; @@ -33,6 +34,7 @@ use core_test_support::responses::sse; use core_test_support::skip_if_no_network; use core_test_support::skip_if_sandbox; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -150,7 +152,7 @@ async fn remote_model_override_uses_catalog_model_for_strict_auto_review() -> Re ) .await?; - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::read_only(), cwd_path.as_path()); codex @@ -159,12 +161,11 @@ async fn remote_model_override_uses_catalog_model_for_strict_auto_review() -> Re text: "run the Guardian model override check".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::OnRequest), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -231,6 +232,7 @@ fn remote_model_with_auto_review_override(slug: &str, review_model: &str) -> Mod input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: Some(review_model.to_string()), tool_mode: None, multi_agent_version: None, @@ -254,6 +256,7 @@ fn remote_model_with_auto_review_override(slug: &str, review_model: &str) -> Mod context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), } diff --git a/codex-rs/core/tests/suite/cli_stream.rs b/codex-rs/core/tests/suite/cli_stream.rs index 361096943e1..1ef7c82c39b 100644 --- a/codex-rs/core/tests/suite/cli_stream.rs +++ b/codex-rs/core/tests/suite/cli_stream.rs @@ -1,14 +1,35 @@ -use assert_cmd::Command as AssertCommand; use codex_git_utils::collect_git_info; +use codex_login::CODEX_ACCESS_TOKEN_ENV_VAR; use codex_login::CODEX_API_KEY_ENV_VAR; use codex_protocol::protocol::GitInfo; use core_test_support::fs_wait; use core_test_support::responses; use core_test_support::skip_if_no_network; +use pretty_assertions::assert_eq; +use std::io; +#[cfg(unix)] +use std::os::unix::process::CommandExt as _; +use std::process::Command; +use std::process::Output; +use std::process::Stdio; +use std::sync::mpsc; +use std::thread; use std::time::Duration; use tempfile::TempDir; use uuid::Uuid; +use wiremock::Mock; use wiremock::MockServer; +use wiremock::ResponseTemplate; +use wiremock::matchers::header; +use wiremock::matchers::method; +use wiremock::matchers::path; + +const PERSONAL_ACCESS_TOKEN: &str = "at-cli-test"; +const PERSONAL_ACCESS_TOKEN_AUTHORIZATION: &str = "Bearer at-cli-test"; +const PERSONAL_ACCESS_TOKEN_ACCOUNT_ID: &str = "account-pat"; +const WHOAMI_PATH: &str = "/v1/user-auth-credential/whoami"; +const CLOUD_CONFIG_BUNDLE_PATH: &str = "/backend-api/wham/config/bundle"; +const CLI_TIMEOUT: Duration = Duration::from_secs(30); fn repo_root() -> std::path::PathBuf { #[expect(clippy::expect_used)] @@ -23,6 +44,171 @@ fn cli_sse_response() -> String { ]) } +async fn mount_personal_access_token_startup(server: &MockServer) { + Mock::given(method("GET")) + .and(path(WHOAMI_PATH)) + .and(header("authorization", PERSONAL_ACCESS_TOKEN_AUTHORIZATION)) + .respond_with(ResponseTemplate::new(200).set_body_json(serde_json::json!({ + "email": "user@example.com", + "chatgpt_user_id": "user-pat", + "chatgpt_account_id": PERSONAL_ACCESS_TOKEN_ACCOUNT_ID, + "chatgpt_plan_type": "enterprise", + "chatgpt_account_is_fedramp": true, + }))) + .expect(1..) + .mount(server) + .await; + Mock::given(method("GET")) + .and(path(CLOUD_CONFIG_BUNDLE_PATH)) + .and(header("authorization", PERSONAL_ACCESS_TOKEN_AUTHORIZATION)) + .respond_with(ResponseTemplate::new(200).set_body_json(serde_json::json!({}))) + .expect(1) + .mount(server) + .await; +} + +#[expect(clippy::unwrap_used)] +fn personal_access_token_exec_command(server: &MockServer, home: &TempDir) -> Command { + let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); + let mut cmd = Command::new(bin); + cmd.arg("exec") + .arg("--skip-git-repo-check") + .arg("-c") + .arg(format!("openai_base_url=\"{}/api/codex\"", server.uri())) + .arg("-c") + .arg(format!("chatgpt_base_url=\"{}/backend-api\"", server.uri())) + .arg("-C") + .arg(repo_root()) + .arg("hello?"); + cmd.env("CODEX_HOME", home.path()) + .env(CODEX_ACCESS_TOKEN_ENV_VAR, PERSONAL_ACCESS_TOKEN) + .env("CODEX_AUTHAPI_BASE_URL", server.uri()) + .env_remove(CODEX_API_KEY_ENV_VAR) + .env_remove("OPENAI_API_KEY"); + cmd +} + +struct ChildProcessCleanupGuard(u32); + +impl Drop for ChildProcessCleanupGuard { + fn drop(&mut self) { + #[cfg(unix)] + { + let _ = codex_utils_pty::process_group::kill_process_group(self.0); + } + + #[cfg(windows)] + { + let _ = Command::new("taskkill") + .args(["/PID", &self.0.to_string(), "/T", "/F"]) + .stdin(Stdio::null()) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .status(); + } + + #[cfg(not(any(unix, windows)))] + { + let _ = self.0; + } + } +} + +// Use this for new `codex exec` subprocess tests in this file. These commands +// can spawn shell/Python grandchildren, so the timeout path must reap the whole +// process group instead of only the direct CLI child. +fn run_cli_command(command: &mut Command) -> io::Result { + #[cfg(unix)] + command.process_group(0); + + command + .stdin(Stdio::null()) + .stdout(Stdio::piped()) + .stderr(Stdio::piped()); + + let child = command.spawn()?; + let _cleanup = ChildProcessCleanupGuard(child.id()); + let (sender, receiver) = mpsc::sync_channel(1); + let _waiter = thread::spawn(move || { + let _ = sender.send(child.wait_with_output()); + }); + + match receiver.recv_timeout(CLI_TIMEOUT) { + Ok(output) => output, + Err(mpsc::RecvTimeoutError::Timeout) => { + Err(io::Error::new(io::ErrorKind::TimedOut, "process timed out")) + } + Err(mpsc::RecvTimeoutError::Disconnected) => { + Err(io::Error::other("process output reader thread exited")) + } + } +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_mode_stream_cli_supports_personal_access_tokens() { + skip_if_no_network!(); + + let server = MockServer::start().await; + mount_personal_access_token_startup(&server).await; + let resp_mock = responses::mount_sse_once(&server, cli_sse_response()).await; + let home = TempDir::new().unwrap(); + + let mut cmd = personal_access_token_exec_command(&server, &home); + let output = run_cli_command(&mut cmd).unwrap(); + + assert!( + output.status.success(), + "codex-cli exec failed: {}", + String::from_utf8_lossy(&output.stderr) + ); + let request = resp_mock.single_request(); + assert_eq!(request.path(), "/api/codex/responses"); + assert_eq!( + request.header("authorization").as_deref(), + Some("Bearer at-cli-test") + ); + assert_eq!( + request.header("chatgpt-account-id").as_deref(), + Some(PERSONAL_ACCESS_TOKEN_ACCOUNT_ID) + ); + assert_eq!(request.header("x-openai-fedramp").as_deref(), Some("true")); + server.verify().await; +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_mode_stream_cli_does_not_attempt_oauth_refresh_for_personal_access_tokens_after_401() + { + skip_if_no_network!(); + + let server = MockServer::start().await; + mount_personal_access_token_startup(&server).await; + Mock::given(method("POST")) + .and(path("/api/codex/responses")) + .and(header("authorization", PERSONAL_ACCESS_TOKEN_AUTHORIZATION)) + .and(header( + "chatgpt-account-id", + PERSONAL_ACCESS_TOKEN_ACCOUNT_ID, + )) + .and(header("x-openai-fedramp", "true")) + .respond_with(ResponseTemplate::new(401).set_body_string("unauthorized")) + .expect(1..) + .mount(&server) + .await; + Mock::given(method("POST")) + .and(path("/oauth/token")) + .respond_with(ResponseTemplate::new(500)) + .expect(0) + .mount(&server) + .await; + let home = TempDir::new().unwrap(); + + let mut cmd = personal_access_token_exec_command(&server, &home); + let output = run_cli_command(&mut cmd).unwrap(); + + assert!(!output.status.success()); + server.verify().await; +} + /// Tests streaming the Responses API through the CLI using a mock server. #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn responses_mode_stream_cli() { @@ -43,8 +229,7 @@ async fn responses_mode_stream_cli() { server.uri() ); let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd = AssertCommand::new(bin); - cmd.timeout(Duration::from_secs(30)); + let mut cmd = Command::new(bin); cmd.arg("exec") .arg("--skip-git-repo-check") .arg("-c") @@ -57,7 +242,7 @@ async fn responses_mode_stream_cli() { cmd.env("CODEX_HOME", home.path()) .env("OPENAI_API_KEY", "dummy"); - let output = cmd.output().unwrap(); + let output = run_cli_command(&mut cmd).unwrap(); println!("Status: {}", output.status); println!("Stdout:\n{}", String::from_utf8_lossy(&output.stdout)); println!("Stderr:\n{}", String::from_utf8_lossy(&output.stderr)); @@ -86,8 +271,7 @@ async fn responses_mode_stream_cli_supports_openai_base_url_config_override() { let home = TempDir::new().unwrap(); let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd = AssertCommand::new(bin); - cmd.timeout(Duration::from_secs(30)); + let mut cmd = Command::new(bin); cmd.arg("exec") .arg("--skip-git-repo-check") .arg("-c") @@ -98,7 +282,7 @@ async fn responses_mode_stream_cli_supports_openai_base_url_config_override() { cmd.env("CODEX_HOME", home.path()) .env("OPENAI_API_KEY", "dummy"); - let output = cmd.output().unwrap(); + let output = run_cli_command(&mut cmd).unwrap(); assert!(output.status.success()); let request = resp_mock.single_request(); @@ -139,7 +323,7 @@ async fn exec_cli_applies_model_instructions_file() { let home = TempDir::new().unwrap(); let repo_root = repo_root(); let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd = AssertCommand::new(bin); + let mut cmd = Command::new(bin); cmd.arg("exec") .arg("--skip-git-repo-check") .arg("-c") @@ -154,7 +338,7 @@ async fn exec_cli_applies_model_instructions_file() { cmd.env("CODEX_HOME", home.path()) .env("OPENAI_API_KEY", "dummy"); - let output = cmd.output().unwrap(); + let output = run_cli_command(&mut cmd).unwrap(); println!("Status: {}", output.status); println!("Stdout:\n{}", String::from_utf8_lossy(&output.stdout)); println!("Stderr:\n{}", String::from_utf8_lossy(&output.stderr)); @@ -209,7 +393,7 @@ async fn exec_cli_profile_applies_model_instructions_file() { let repo_root = repo_root(); let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd = AssertCommand::new(bin); + let mut cmd = Command::new(bin); cmd.arg("exec") .arg("--skip-git-repo-check") .arg("--profile") @@ -224,7 +408,7 @@ async fn exec_cli_profile_applies_model_instructions_file() { cmd.env("CODEX_HOME", home.path()) .env("OPENAI_API_KEY", "dummy"); - let output = cmd.output().unwrap(); + let output = run_cli_command(&mut cmd).unwrap(); println!("Status: {}", output.status); println!("Stdout:\n{}", String::from_utf8_lossy(&output.stdout)); println!("Stderr:\n{}", String::from_utf8_lossy(&output.stderr)); @@ -254,8 +438,7 @@ async fn responses_api_stream_cli() { let home = TempDir::new().unwrap(); let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd = AssertCommand::new(bin); - cmd.timeout(Duration::from_secs(30)); + let mut cmd = Command::new(bin); cmd.arg("exec") .arg("--skip-git-repo-check") .arg("-c") @@ -266,7 +449,7 @@ async fn responses_api_stream_cli() { cmd.env("CODEX_HOME", home.path()) .env("OPENAI_API_KEY", "dummy"); - let output = cmd.output().unwrap(); + let output = run_cli_command(&mut cmd).unwrap(); assert!(output.status.success()); let stdout = String::from_utf8_lossy(&output.stdout); assert!(stdout.contains("fixture hello")); @@ -296,8 +479,7 @@ async fn integration_creates_and_checks_session_file() -> anyhow::Result<()> { // 4. Run the codex CLI and invoke `exec`, which is what records a session. let bin = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd = AssertCommand::new(bin); - cmd.timeout(Duration::from_secs(30)); + let mut cmd = Command::new(bin); cmd.arg("exec") .arg("--skip-git-repo-check") .arg("-c") @@ -308,7 +490,7 @@ async fn integration_creates_and_checks_session_file() -> anyhow::Result<()> { cmd.env("CODEX_HOME", home.path()) .env(CODEX_API_KEY_ENV_VAR, "dummy"); - let output = cmd.output().unwrap(); + let output = run_cli_command(&mut cmd).unwrap(); assert!( output.status.success(), "codex-cli exec failed: {}", @@ -417,8 +599,7 @@ async fn integration_creates_and_checks_session_file() -> anyhow::Result<()> { let marker2 = format!("integration-resume-{}", Uuid::new_v4()); let prompt2 = format!("echo {marker2}"); let bin2 = codex_utils_cargo_bin::cargo_bin("codex").unwrap(); - let mut cmd2 = AssertCommand::new(bin2); - cmd2.timeout(Duration::from_secs(30)); + let mut cmd2 = Command::new(bin2); cmd2.arg("exec") .arg("--skip-git-repo-check") .arg("-c") @@ -431,7 +612,7 @@ async fn integration_creates_and_checks_session_file() -> anyhow::Result<()> { cmd2.env("CODEX_HOME", home.path()) .env("OPENAI_API_KEY", "dummy"); - let output2 = cmd2.output().unwrap(); + let output2 = run_cli_command(&mut cmd2).unwrap(); assert!(output2.status.success(), "resume codex-cli run failed"); assert_eq!(resp_mock.requests().len(), 2); diff --git a/codex-rs/core/tests/suite/client.rs b/codex-rs/core/tests/suite/client.rs index c954a954fb3..cf8d2ec17d8 100644 --- a/codex-rs/core/tests/suite/client.rs +++ b/codex-rs/core/tests/suite/client.rs @@ -49,6 +49,7 @@ use codex_protocol::protocol::SessionMetaLine; use codex_protocol::protocol::SessionSource; use codex_protocol::user_input::UserInput; use core_test_support::PathBufExt; +use core_test_support::TestCodexResponsesRequestKind; use core_test_support::apps_test_server::AppsTestServer; use core_test_support::load_default_config_for_test; use core_test_support::responses::ResponsesRequest; @@ -63,8 +64,10 @@ use core_test_support::responses::mount_sse_once_match; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; use core_test_support::responses::sse_failed; +use core_test_support::responses_metadata as test_responses_metadata; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use dunce::canonicalize as normalize_path; @@ -88,6 +91,25 @@ use wiremock::matchers::path; use wiremock::matchers::query_param; const INSTALLATION_ID_FILENAME: &str = "installation_id"; +const TEST_WINDOW_ID: &str = "test-thread:0"; +const TEST_INSTALLATION_ID: &str = "11111111-1111-4111-8111-111111111111"; + +fn test_turn_responses_metadata( + _client: &ModelClient, + thread_id: ThreadId, +) -> codex_core::CodexResponsesMetadata { + let thread_id = thread_id.to_string(); + test_responses_metadata( + TEST_INSTALLATION_ID, + &thread_id, + &thread_id, + /*turn_id*/ None, + TEST_WINDOW_ID.to_string(), + &SessionSource::Exec, + /*parent_thread_id*/ None, + TestCodexResponsesRequestKind::Turn, + ) +} #[expect(clippy::unwrap_used)] fn assert_message_role(request_body: &serde_json::Value, role: &str) { @@ -111,6 +133,41 @@ fn message_input_text_contains(request: &ResponsesRequest, role: &str, needle: & .any(|text| text.contains(needle)) } +fn assert_codex_client_metadata( + request_body: &serde_json::Value, + installation_id: &str, + session_id: &str, + thread_id: &str, +) { + let client_metadata = &request_body["client_metadata"]; + assert_eq!( + client_metadata["x-codex-installation-id"].as_str(), + Some(installation_id) + ); + assert_eq!(client_metadata["session_id"].as_str(), Some(session_id)); + assert_eq!(client_metadata["thread_id"].as_str(), Some(thread_id)); + let Some(turn_metadata_str) = client_metadata["x-codex-turn-metadata"].as_str() else { + panic!("missing x-codex-turn-metadata client metadata"); + }; + let Ok(turn_metadata) = serde_json::from_str::(turn_metadata_str) else { + panic!("invalid x-codex-turn-metadata json"); + }; + assert_eq!( + turn_metadata["installation_id"].as_str(), + Some(installation_id) + ); + assert_eq!(turn_metadata["session_id"].as_str(), Some(session_id)); + assert_eq!(turn_metadata["thread_id"].as_str(), Some(thread_id)); + assert_eq!( + client_metadata["turn_id"].as_str(), + turn_metadata["turn_id"].as_str() + ); + assert_eq!( + client_metadata["x-codex-window-id"].as_str(), + turn_metadata["window_id"].as_str() + ); +} + /// Writes an `auth.json` into the provided `codex_home` with the specified parameters. /// Returns the fake JWT string written to `tokens.id_token`. #[expect(clippy::unwrap_used)] @@ -362,9 +419,8 @@ async fn resume_includes_initial_messages_and_sends_prior_items() { let codex_home = Arc::new(TempDir::new().unwrap()); let mut builder = test_codex() .with_home(codex_home.clone()) - .with_config(|config| { - // Ensure user instructions are NOT delivered on resume. - config.user_instructions = Some("be nice".to_string()); + .with_pre_build_hook(|home| { + std::fs::write(home.join("AGENTS.md"), "be nice").expect("write global instructions"); }); let test = builder .resume(&server, codex_home, session_path.clone()) @@ -385,7 +441,6 @@ async fn resume_includes_initial_messages_and_sends_prior_items() { // 2) Submit new input; the request body must include the prior items, then initial context, then new user input. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -754,7 +809,6 @@ async fn includes_session_id_thread_id_and_model_headers_in_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -781,9 +835,10 @@ async fn includes_session_id_thread_id_and_model_headers_in_request() { let installation_id = std::fs::read_to_string(test.codex_home_path().join(INSTALLATION_ID_FILENAME)) .expect("read installation id"); + let session_id_string = expected_session_id.to_string(); let thread_id_string = expected_thread_id.to_string(); - assert_eq!(request_session_id, expected_session_id.to_string()); + assert_eq!(request_session_id, session_id_string.as_str()); assert_eq!(request_thread_id, thread_id_string.as_str()); assert_eq!(request_originator, originator().value); assert_eq!(request_authorization, "Bearer Test API Key"); @@ -791,9 +846,11 @@ async fn includes_session_id_thread_id_and_model_headers_in_request() { request_body["prompt_cache_key"].as_str(), Some(thread_id_string.as_str()) ); - assert_eq!( - request_body["client_metadata"]["x-codex-installation-id"].as_str(), - Some(installation_id.as_str()) + assert_codex_client_metadata( + &request_body, + installation_id.as_str(), + session_id_string.as_str(), + thread_id_string.as_str(), ); } @@ -875,7 +932,7 @@ async fn send_provider_auth_request(server: &MockServer, auth: ModelProviderAuth let mut config = load_default_config_for_test(&codex_home).await; config.model_provider_id = provider.name.clone(); config.model_provider = provider.clone(); - let effort = config.model_reasoning_effort; + let effort = config.model_reasoning_effort.clone(); let summary = config.model_reasoning_summary; let model = codex_core::test_support::get_model_offline(config.model.as_deref()); config.model = Some(model.clone()); @@ -899,18 +956,16 @@ async fn send_provider_auth_request(server: &MockServer, auth: ModelProviderAuth Some(AuthManager::from_auth_for_testing(CodexAuth::from_api_key( "unused-api-key", ))), - thread_id.into(), thread_id, - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), provider, SessionSource::Exec, - /*parent_thread_id*/ None, config.model_verbosity, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, /*beta_features_header*/ None, /*attestation_provider*/ None, ); + let responses_metadata = test_turn_responses_metadata(&client, thread_id); let mut client_session = client.new_session(); let mut prompt = Prompt::default(); prompt.input.push(ResponseItem::Message { @@ -930,7 +985,7 @@ async fn send_provider_auth_request(server: &MockServer, auth: ModelProviderAuth effort, summary.unwrap_or(ReasoningSummary::Auto), /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -967,7 +1022,6 @@ async fn includes_base_instructions_override_in_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1025,7 +1079,6 @@ async fn chatgpt_auth_sends_correct_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1056,15 +1109,19 @@ async fn chatgpt_auth_sends_correct_request() { let installation_id = std::fs::read_to_string(test.codex_home_path().join(INSTALLATION_ID_FILENAME)) .expect("read installation id"); - assert_eq!(request_session_id, expected_session_id.to_string()); - assert_eq!(request_thread_id, expected_thread_id.to_string()); + let session_id_string = expected_session_id.to_string(); + let thread_id_string = expected_thread_id.to_string(); + assert_eq!(request_session_id, session_id_string.as_str()); + assert_eq!(request_thread_id, thread_id_string.as_str()); assert_eq!(request_originator, originator().value); assert_eq!(request_authorization, "Bearer Access Token"); assert_eq!(request_chatgpt_account_id, "account_id"); - assert_eq!( - request_body["client_metadata"]["x-codex-installation-id"].as_str(), - Some(installation_id.as_str()) + assert_codex_client_metadata( + &request_body, + installation_id.as_str(), + session_id_string.as_str(), + thread_id_string.as_str(), ); assert!(request_body["stream"].as_bool().unwrap()); assert_eq!( @@ -1137,6 +1194,7 @@ async fn prefers_apikey_when_config_prefers_apikey_even_with_chatgpt_tokens() { SessionSource::Exec, Arc::new(codex_exec_server::EnvironmentManager::default_for_tests()), empty_extension_registry(), + Arc::new(codex_core::test_support::EmptyUserInstructionsProvider), /*analytics_events_client*/ None, thread_store_from_config(&config, /*state_db*/ None), /*state_db*/ None, @@ -1150,7 +1208,6 @@ async fn prefers_apikey_when_config_prefers_apikey_even_with_chatgpt_tokens() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1179,8 +1236,8 @@ async fn includes_user_instructions_message_in_request() { let mut builder = test_codex() .with_auth(CodexAuth::from_api_key("Test API Key")) - .with_config(|config| { - config.user_instructions = Some("be nice".to_string()); + .with_pre_build_hook(|home| { + std::fs::write(home.join("AGENTS.md"), "be nice").expect("write global instructions"); }); let codex = builder .build(&server) @@ -1190,7 +1247,6 @@ async fn includes_user_instructions_message_in_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1279,7 +1335,6 @@ async fn includes_apps_guidance_as_developer_message_for_chatgpt_auth() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1343,7 +1398,6 @@ async fn omits_apps_guidance_for_api_key_auth_even_when_feature_enabled() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1403,7 +1457,6 @@ async fn omits_apps_guidance_when_configured_off() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1446,7 +1499,6 @@ async fn omits_environment_context_when_configured_off() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1504,7 +1556,6 @@ async fn skills_append_to_developer_message() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1588,7 +1639,6 @@ async fn skills_use_aliases_in_developer_message_under_budget_pressure() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1650,7 +1700,6 @@ async fn includes_configured_effort_in_request() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1693,7 +1742,6 @@ async fn includes_no_effort_in_request() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1737,7 +1785,6 @@ async fn includes_default_reasoning_effort_in_request_when_defined_by_model_info codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1793,12 +1840,11 @@ async fn user_turn_collaboration_mode_overrides_model_and_effort() -> anyhow::Re text: "hello".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(config.cwd.to_path_buf()), + environments: Some(local_selections(config.cwd.clone())), approval_policy: Some(config.permissions.approval_policy.value()), sandbox_policy: Some(config.legacy_sandbox_policy()), summary: Some( @@ -1846,7 +1892,6 @@ async fn configured_reasoning_summary_is_sent() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1871,6 +1916,60 @@ async fn configured_reasoning_summary_is_sent() -> anyhow::Result<()> { .and_then(|value| value.as_str()), Some("concise") ); + pretty_assertions::assert_eq!( + request_body + .get("reasoning") + .and_then(|reasoning| reasoning.get("context")), + None + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_lite_sets_all_turns_context_and_disables_parallel_tool_calls() +-> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + let server = MockServer::start().await; + + let resp_mock = mount_sse_once( + &server, + sse(vec![ev_response_created("resp1"), ev_completed("resp1")]), + ) + .await; + + let TestCodex { codex, .. } = test_codex() + .with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + model_info.supports_parallel_tool_calls = true; + }) + .build(&server) + .await?; + + codex + .submit(Op::UserInput { + items: vec![UserInput::Text { + text: "hello".into(), + text_elements: Vec::new(), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: Default::default(), + }) + .await?; + + wait_for_event(&codex, |ev| matches!(ev, EventMsg::TurnComplete(_))).await; + + let request_body = resp_mock.single_request().body_json(); + pretty_assertions::assert_eq!( + request_body + .get("reasoning") + .and_then(|reasoning| reasoning.get("context")) + .and_then(|value| value.as_str()), + Some("all_turns") + ); + pretty_assertions::assert_eq!(request_body.get("parallel_tool_calls"), Some(&json!(false))); Ok(()) } @@ -1916,12 +2015,11 @@ async fn user_turn_explicit_reasoning_summary_overrides_model_catalog_default() text: "hello".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(config.cwd.to_path_buf()), + environments: Some(local_selections(config.cwd.clone())), approval_policy: Some(config.permissions.approval_policy.value()), sandbox_policy: Some(config.legacy_sandbox_policy()), summary: Some(ReasoningSummary::Concise), @@ -1973,7 +2071,6 @@ async fn reasoning_summary_is_omitted_when_disabled() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2033,7 +2130,6 @@ async fn reasoning_summary_none_overrides_model_catalog_default() -> anyhow::Res codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2073,7 +2169,6 @@ async fn includes_default_verbosity_in_request() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2122,7 +2217,6 @@ async fn configured_verbosity_not_sent_for_models_without_support() -> anyhow::R codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2170,7 +2264,6 @@ async fn configured_verbosity_is_sent() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2211,8 +2304,10 @@ async fn includes_developer_instructions_message_in_request() { .await; let mut builder = test_codex() .with_auth(CodexAuth::from_api_key("Test API Key")) + .with_pre_build_hook(|home| { + std::fs::write(home.join("AGENTS.md"), "be nice").expect("write global instructions"); + }) .with_config(|config| { - config.user_instructions = Some("be nice".to_string()); config.developer_instructions = Some("be useful".to_string()); }); let codex = builder @@ -2223,7 +2318,6 @@ async fn includes_developer_instructions_message_in_request() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2331,7 +2425,7 @@ async fn azure_responses_request_includes_store_and_reasoning_ids() { let mut config = load_default_config_for_test(&codex_home).await; config.model_provider_id = provider.name.clone(); config.model_provider = provider.clone(); - let effort = config.model_reasoning_effort; + let effort = config.model_reasoning_effort.clone(); let summary = config.model_reasoning_summary; let model = codex_core::test_support::get_model_offline(config.model.as_deref()); config.model = Some(model.clone()); @@ -2356,18 +2450,16 @@ async fn azure_responses_request_includes_store_and_reasoning_ids() { let client = ModelClient::new( /*auth_manager*/ None, - thread_id.into(), thread_id, - /*installation_id*/ "11111111-1111-4111-8111-111111111111".to_string(), provider.clone(), SessionSource::Exec, - /*parent_thread_id*/ None, config.model_verbosity, /*enable_request_compression*/ false, /*include_timing_metrics*/ false, /*beta_features_header*/ None, /*attestation_provider*/ None, ); + let responses_metadata = test_turn_responses_metadata(&client, thread_id); let mut client_session = client.new_session(); let mut prompt = Prompt::default(); @@ -2441,7 +2533,7 @@ async fn azure_responses_request_includes_store_and_reasoning_ids() { effort, summary.unwrap_or(ReasoningSummary::Auto), /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -2521,7 +2613,6 @@ async fn token_count_includes_rate_limits_snapshot() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2663,7 +2754,6 @@ async fn usage_limit_error_emits_rate_limit_event() -> anyhow::Result<()> { let submission_id = codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -2741,7 +2831,6 @@ async fn context_window_error_sets_total_tokens_to_model_window() -> anyhow::Res codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "seed turn".into(), text_elements: Vec::new(), @@ -2757,7 +2846,6 @@ async fn context_window_error_sets_total_tokens_to_model_window() -> anyhow::Res codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "trigger context window".into(), text_elements: Vec::new(), @@ -2843,7 +2931,6 @@ async fn incomplete_response_emits_content_filter_error_message() -> anyhow::Res .await?; codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "trigger incomplete".into(), text_elements: Vec::new(), @@ -2955,7 +3042,6 @@ async fn azure_overrides_assign_properties_used_for_responses_url() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -3045,7 +3131,6 @@ async fn env_var_overrides_loaded_auth() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -3103,7 +3188,6 @@ async fn history_dedupes_streamed_and_final_messages_across_turns() { // Turn 1: user sends U1; wait for completion. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "U1".into(), text_elements: Vec::new(), @@ -3120,7 +3204,6 @@ async fn history_dedupes_streamed_and_final_messages_across_turns() { // Turn 2: user sends U2; wait for completion. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "U2".into(), text_elements: Vec::new(), @@ -3137,7 +3220,6 @@ async fn history_dedupes_streamed_and_final_messages_across_turns() { // Turn 3: user sends U3; wait for completion. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "U3".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/client_websockets.rs b/codex-rs/core/tests/suite/client_websockets.rs index 41db88f1add..4aac3dcbd8f 100755 --- a/codex-rs/core/tests/suite/client_websockets.rs +++ b/codex-rs/core/tests/suite/client_websockets.rs @@ -1,6 +1,7 @@ #![allow(clippy::expect_used, clippy::unwrap_used)] use codex_api::WS_REQUEST_HEADER_TRACEPARENT_CLIENT_METADATA_KEY; use codex_api::WS_REQUEST_HEADER_TRACESTATE_CLIENT_METADATA_KEY; +use codex_core::CodexResponsesMetadata; use codex_core::ModelClient; use codex_core::ModelClientSession; use codex_core::Prompt; @@ -35,6 +36,7 @@ use codex_rollout_trace::InferenceTraceContext; use codex_rollout_trace::RawTraceEventPayload; use codex_rollout_trace::TraceWriter; use codex_rollout_trace::replay_bundle; +use core_test_support::TestCodexResponsesRequestKind; use core_test_support::load_default_config_for_test; use core_test_support::responses::WebSocketConnectionConfig; use core_test_support::responses::WebSocketTestServer; @@ -43,6 +45,7 @@ use core_test_support::responses::ev_completed; use core_test_support::responses::ev_response_created; use core_test_support::responses::start_websocket_server; use core_test_support::responses::start_websocket_server_with_headers; +use core_test_support::responses_metadata as test_responses_metadata; use core_test_support::skip_if_no_network; use core_test_support::test_codex::test_codex; use core_test_support::tracing::install_test_tracing; @@ -62,7 +65,10 @@ const OPENAI_BETA_HEADER: &str = "OpenAI-Beta"; const USER_AGENT_HEADER: &str = "user-agent"; const WS_V2_BETA_HEADER_VALUE: &str = "responses_websockets=2026-02-06"; const X_CLIENT_REQUEST_ID_HEADER: &str = "x-client-request-id"; +const WS_REQUEST_HEADER_RESPONSES_LITE_CLIENT_METADATA_KEY: &str = + "ws_request_header_x_openai_internal_codex_responses_lite"; const TEST_INSTALLATION_ID: &str = "11111111-1111-4111-8111-111111111111"; +const TEST_WINDOW_ID: &str = "test-thread:0"; const X_CODEX_WS_STREAM_REQUEST_START_MS_CLIENT_METADATA_KEY: &str = "x-codex-ws-stream-request-start-ms"; @@ -103,6 +109,42 @@ struct WebsocketTestHarness { session_telemetry: SessionTelemetry, } +fn responses_metadata( + harness: &WebsocketTestHarness, + turn_id: Option<&str>, + request_kind: TestCodexResponsesRequestKind, +) -> CodexResponsesMetadata { + test_responses_metadata( + TEST_INSTALLATION_ID, + &harness.session_id.to_string(), + &harness.thread_id.to_string(), + turn_id, + TEST_WINDOW_ID.to_string(), + &SessionSource::Exec, + /*parent_thread_id*/ None, + request_kind, + ) +} + +fn turn_metadata(harness: &WebsocketTestHarness, turn_id: Option<&str>) -> CodexResponsesMetadata { + responses_metadata(harness, turn_id, TestCodexResponsesRequestKind::Turn) +} + +fn prewarm_metadata( + harness: &WebsocketTestHarness, + turn_id: Option<&str>, +) -> CodexResponsesMetadata { + responses_metadata(harness, turn_id, TestCodexResponsesRequestKind::Prewarm) +} + +fn websocket_connection_metadata(harness: &WebsocketTestHarness) -> CodexResponsesMetadata { + responses_metadata( + harness, + /*turn_id*/ None, + TestCodexResponsesRequestKind::WebsocketConnection, + ) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn responses_websocket_streams_request() { skip_if_no_network!(); @@ -185,168 +227,6 @@ async fn responses_websocket_streams_without_feature_flag_when_provider_supports server.shutdown().await; } -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn responses_websocket_sends_response_processed_when_feature_enabled() { - skip_if_no_network!(); - - let server = start_websocket_server(vec![vec![ - vec![ - ev_response_created("resp-prewarm"), - ev_completed("resp-prewarm"), - ], - vec![ - ev_response_created("resp-1"), - ev_assistant_message("msg-1", "hi"), - ev_completed("resp-1"), - ], - vec![], - ]]) - .await; - - let mut builder = test_codex().with_config(|config| { - config - .features - .enable(Feature::ResponsesWebsocketResponseProcessed) - .expect("test config should allow feature update"); - }); - let test = builder - .build_with_websocket_server(&server) - .await - .expect("build websocket codex"); - - test.submit_turn("hello") - .await - .expect("submission should send response.processed after processing"); - - let processed = server - .wait_for_request(/*connection_index*/ 0, /*request_index*/ 2) - .await; - assert_eq!( - processed.body_json(), - json!({ - "type": "response.processed", - "response_id": "resp-1", - }) - ); - - let connection = server.single_connection(); - assert_eq!(connection.len(), 3); - assert_eq!( - connection[1].body_json()["type"].as_str(), - Some("response.create") - ); - - server.shutdown().await; -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn responses_websocket_sends_response_processed_after_remote_compaction_v2() { - skip_if_no_network!(); - - let server = start_websocket_server(vec![vec![ - vec![ - ev_response_created("resp-prewarm"), - ev_completed("resp-prewarm"), - ], - vec![ - ev_response_created("resp-1"), - ev_assistant_message("msg-1", "hi"), - ev_completed("resp-1"), - ], - vec![], - vec![ - json!({ - "type": "response.output_item.done", - "item": { - "type": "compaction", - "encrypted_content": "ENCRYPTED_CONTEXT_COMPACTION_SUMMARY", - } - }), - ev_completed("resp-compact"), - ], - vec![], - ]]) - .await; - - let mut builder = test_codex().with_config(|config| { - config - .features - .enable(Feature::RemoteCompactionV2) - .expect("test config should allow feature update"); - config - .features - .enable(Feature::ResponsesWebsocketResponseProcessed) - .expect("test config should allow feature update"); - }); - let test = builder - .build_with_websocket_server(&server) - .await - .expect("build websocket codex"); - - test.submit_turn("hello") - .await - .expect("submission should send response.processed after processing"); - - test.codex - .submit(Op::Compact) - .await - .expect("compact submission should succeed"); - wait_for_event(&test.codex, |msg| matches!(msg, EventMsg::TurnComplete(_))).await; - - let compact_processed = server - .wait_for_request(/*connection_index*/ 0, /*request_index*/ 4) - .await; - assert_eq!( - compact_processed.body_json(), - json!({ - "type": "response.processed", - "response_id": "resp-compact", - }) - ); - - let connection = server.single_connection(); - assert_eq!(connection.len(), 5); - assert_eq!( - connection[3].body_json()["type"].as_str(), - Some("response.create") - ); - - server.shutdown().await; -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn responses_websocket_omits_response_processed_without_feature() { - skip_if_no_network!(); - - let server = start_websocket_server(vec![vec![ - vec![ - ev_response_created("resp-prewarm"), - ev_completed("resp-prewarm"), - ], - vec![ - ev_response_created("resp-1"), - ev_assistant_message("msg-1", "hi"), - ev_completed("resp-1"), - ], - vec![], - ]]) - .await; - let mut builder = test_codex(); - let test = builder - .build_with_websocket_server(&server) - .await - .expect("build websocket codex"); - - test.submit_turn("hello") - .await - .expect("submission should complete without response.processed"); - - let connection = server.single_connection(); - assert_eq!(connection.len(), 2); - - server.shutdown().await; -} - #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn responses_websocket_reuses_connection_with_per_turn_trace_payloads() { skip_if_no_network!(); @@ -433,8 +313,9 @@ async fn responses_websocket_preconnect_does_not_replace_turn_trace_payload() { let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); + let responses_metadata = websocket_connection_metadata(&harness); client_session - .preconnect_websocket(&harness.session_telemetry, &harness.model_info) + .preconnect_websocket(&harness.session_telemetry, &responses_metadata) .await .expect("websocket preconnect failed"); let prompt = prompt_with_input(vec![message_item("hello")]); @@ -469,8 +350,9 @@ async fn responses_websocket_preconnect_reuses_connection() { let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); + let responses_metadata = websocket_connection_metadata(&harness); client_session - .preconnect_websocket(&harness.session_telemetry, &harness.model_info) + .preconnect_websocket(&harness.session_telemetry, &responses_metadata) .await .expect("websocket preconnect failed"); let prompt = prompt_with_input(vec![message_item("hello")]); @@ -481,6 +363,10 @@ async fn responses_websocket_preconnect_reuses_connection() { server.single_handshake().header(USER_AGENT_HEADER), Some(codex_login::default_client::get_codex_user_agent()) ); + assert_eq!( + server.single_handshake().header("x-codex-window-id"), + Some(TEST_WINDOW_ID.to_string()) + ); let connection = server.single_connection(); assert_eq!(connection.len(), 1); @@ -500,15 +386,16 @@ async fn responses_websocket_request_prewarm_reuses_connection() { let harness = websocket_harness_with_options(&server, /*runtime_metrics_enabled*/ true).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); + let responses_metadata = prewarm_metadata(&harness, /*turn_id*/ None); client_session .prewarm_websocket( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, ) .await .expect("websocket prewarm failed"); @@ -533,6 +420,16 @@ async fn responses_websocket_request_prewarm_reuses_connection() { assert_eq!(warmup["type"].as_str(), Some("response.create")); assert_eq!(warmup["generate"].as_bool(), Some(false)); assert_eq!(warmup["tools"], serde_json::json!([])); + let warmup_turn_metadata: serde_json::Value = serde_json::from_str( + warmup["client_metadata"]["x-codex-turn-metadata"] + .as_str() + .expect("warmup turn metadata"), + ) + .expect("valid warmup turn metadata"); + assert_eq!( + warmup_turn_metadata["request_kind"].as_str(), + Some("prewarm") + ); assert_eq!(follow_up["type"].as_str(), Some("response.create")); assert_eq!(follow_up["previous_response_id"].as_str(), Some("warm-1")); assert_eq!(follow_up["input"], serde_json::json!([])); @@ -540,6 +437,49 @@ async fn responses_websocket_request_prewarm_reuses_connection() { server.shutdown().await; } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_websocket_request_prewarm_uses_caller_supplied_metadata() { + skip_if_no_network!(); + + let server = start_websocket_server(vec![vec![vec![ + ev_response_created("warm-1"), + ev_completed("warm-1"), + ]]]) + .await; + + let harness = websocket_harness_with_options(&server, /*runtime_metrics_enabled*/ true).await; + let mut client_session = harness.client.new_session(); + let prompt = prompt_with_input(vec![message_item("hello")]); + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); + client_session + .prewarm_websocket( + &prompt, + &harness.model_info, + &harness.session_telemetry, + harness.effort.clone(), + harness.summary, + /*service_tier*/ None, + &responses_metadata, + ) + .await + .expect("websocket prewarm failed"); + + let warmup = server + .single_connection() + .first() + .expect("missing warmup request") + .body_json(); + let warmup_turn_metadata: serde_json::Value = serde_json::from_str( + warmup["client_metadata"]["x-codex-turn-metadata"] + .as_str() + .expect("warmup turn metadata"), + ) + .expect("valid warmup turn metadata"); + assert_eq!(warmup_turn_metadata["request_kind"].as_str(), Some("turn")); + + server.shutdown().await; +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn responses_websocket_request_prewarm_traces_logical_request() { skip_if_no_network!(); @@ -553,16 +493,17 @@ async fn responses_websocket_request_prewarm_traces_logical_request() { let harness = websocket_harness_with_options(&server, /*runtime_metrics_enabled*/ true).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); + let prewarm_responses_metadata = prewarm_metadata(&harness, /*turn_id*/ None); client_session .prewarm_websocket( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &prewarm_responses_metadata, ) .await .expect("websocket prewarm failed"); @@ -599,15 +540,16 @@ async fn responses_websocket_request_prewarm_traces_logical_request() { "test-provider".to_string(), ); + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut stream = client_session .stream( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &inference_trace, ) .await @@ -674,6 +616,85 @@ async fn responses_websocket_reuses_connection_after_session_drop() { server.shutdown().await; } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_websocket_sends_responses_lite_metadata_per_request() { + skip_if_no_network!(); + + let server = start_websocket_server(vec![vec![ + vec![ev_response_created("normal-1"), ev_completed("normal-1")], + vec![ev_response_created("lite-1"), ev_completed("lite-1")], + vec![ev_response_created("normal-2"), ev_completed("normal-2")], + ]]) + .await; + + let harness = websocket_harness(&server).await; + let mut normal_model_info = harness.model_info.clone(); + normal_model_info.supports_reasoning_summaries = true; + let mut lite_model_info = normal_model_info.clone(); + lite_model_info.use_responses_lite = true; + let mut session = harness.client.new_session(); + + stream_until_complete_with_model_info( + &mut session, + &harness, + &prompt_with_input(vec![message_item("normal one")]), + &normal_model_info, + "normal-1", + ) + .await; + stream_until_complete_with_model_info( + &mut session, + &harness, + &prompt_with_input(vec![message_item("lite")]), + &lite_model_info, + "lite-1", + ) + .await; + stream_until_complete_with_model_info( + &mut session, + &harness, + &prompt_with_input(vec![message_item("normal two")]), + &normal_model_info, + "normal-2", + ) + .await; + + let connection = server.single_connection(); + assert_eq!( + connection + .iter() + .map(|request| { + let body = request.body_json(); + json!({ + "responses_lite": body["client_metadata"] + .get(WS_REQUEST_HEADER_RESPONSES_LITE_CLIENT_METADATA_KEY), + "reasoning_context": body["reasoning"].get("context"), + "parallel_tool_calls": body["parallel_tool_calls"], + }) + }) + .collect::>(), + vec![ + json!({ + "responses_lite": null, + "reasoning_context": null, + "parallel_tool_calls": false, + }), + json!({ + "responses_lite": "true", + "reasoning_context": "all_turns", + "parallel_tool_calls": false, + }), + json!({ + "responses_lite": null, + "reasoning_context": null, + "parallel_tool_calls": false, + }), + ] + ); + + server.shutdown().await; +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn responses_websocket_preconnect_is_reused_even_with_header_changes() { skip_if_no_network!(); @@ -686,20 +707,22 @@ async fn responses_websocket_preconnect_is_reused_even_with_header_changes() { let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); + let preconnect_metadata = websocket_connection_metadata(&harness); client_session - .preconnect_websocket(&harness.session_telemetry, &harness.model_info) + .preconnect_websocket(&harness.session_telemetry, &preconnect_metadata) .await .expect("websocket preconnect failed"); let prompt = prompt_with_input(vec![message_item("hello")]); + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut stream = client_session .stream( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -730,27 +753,29 @@ async fn responses_websocket_request_prewarm_is_reused_even_with_header_changes( let harness = websocket_harness_with_options(&server, /*runtime_metrics_enabled*/ true).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); + let prewarm_responses_metadata = prewarm_metadata(&harness, /*turn_id*/ None); client_session .prewarm_websocket( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &prewarm_responses_metadata, ) .await .expect("websocket prewarm failed"); + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut stream = client_session .stream( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -796,15 +821,16 @@ async fn responses_websocket_prewarm_uses_v2_when_provider_supports_websockets() let harness = websocket_harness_with_options(&server, /*runtime_metrics_enabled*/ false).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); + let responses_metadata = prewarm_metadata(&harness, /*turn_id*/ None); client_session .prewarm_websocket( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, ) .await .expect("websocket prewarm failed"); @@ -852,13 +878,18 @@ async fn responses_websocket_preconnect_runs_when_only_v2_feature_enabled() { let harness = websocket_harness_with_options(&server, /*runtime_metrics_enabled*/ true).await; let mut client_session = harness.client.new_session(); + let responses_metadata = websocket_connection_metadata(&harness); client_session - .preconnect_websocket(&harness.session_telemetry, &harness.model_info) + .preconnect_websocket(&harness.session_telemetry, &responses_metadata) .await .expect("websocket preconnect failed"); assert_eq!(server.handshakes().len(), 1); assert_eq!(server.single_connection().len(), 0); + assert_eq!( + server.single_handshake().header("x-codex-turn-metadata"), + None + ); let prompt = prompt_with_input(vec![message_item("hello")]); stream_until_complete(&mut client_session, &harness, &prompt).await; @@ -1144,16 +1175,17 @@ async fn responses_websocket_emits_reasoning_included_event() { let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut stream = client_session .stream( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -1218,16 +1250,17 @@ async fn responses_websocket_emits_rate_limit_events() { let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut stream = client_session .stream( &prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -1312,7 +1345,6 @@ async fn responses_websocket_usage_limit_error_emits_rate_limit_event() { let submission_id = test .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1403,7 +1435,6 @@ async fn responses_websocket_invalid_request_error_with_status_is_forwarded() { let submission_id = test .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1543,30 +1574,29 @@ async fn responses_websocket_forwards_turn_metadata_on_initial_and_incremental_c let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); - let first_turn_metadata = - r#"{"turn_id":"turn-123","thread_source":"user","sandbox":"workspace-write"}"#; - let enriched_turn_metadata = r#"{"turn_id":"turn-123","thread_source":"user","sandbox":"workspace-write","workspaces":[{"root_path":"/tmp/repo","latest_git_commit_hash":"abc123","associated_remote_urls":["git@github.com:openai/codex.git"],"has_changes":true}]}"#; let prompt_one = prompt_with_input(vec![message_item("hello")]); let prompt_two = prompt_with_input(vec![ message_item("hello"), assistant_message_item("msg-1", "assistant output"), message_item("second"), ]); + let first_responses_metadata = turn_metadata(&harness, Some("turn-123")); + let second_responses_metadata = turn_metadata(&harness, Some("turn-456")); - stream_until_complete_with_turn_metadata( + stream_until_complete_with_metadata( &mut client_session, &harness, &prompt_one, /*service_tier*/ None, - Some(first_turn_metadata), + &first_responses_metadata, ) .await; - stream_until_complete_with_turn_metadata( + stream_until_complete_with_metadata( &mut client_session, &harness, &prompt_two, /*service_tier*/ None, - Some(enriched_turn_metadata), + &second_responses_metadata, ) .await; @@ -1576,36 +1606,37 @@ async fn responses_websocket_forwards_turn_metadata_on_initial_and_incremental_c let second = connection.get(1).expect("missing request").body_json(); assert_eq!(first["type"].as_str(), Some("response.create")); - assert_eq!( - first["client_metadata"]["x-codex-turn-metadata"].as_str(), - Some(first_turn_metadata) - ); assert_eq!(second["type"].as_str(), Some("response.create")); assert_eq!(second["previous_response_id"].as_str(), Some("resp-1")); - assert_eq!( - second["client_metadata"]["x-codex-turn-metadata"].as_str(), - Some(enriched_turn_metadata) - ); - - let first_metadata: serde_json::Value = - serde_json::from_str(first_turn_metadata).expect("first metadata should be valid json"); - let second_metadata: serde_json::Value = serde_json::from_str(enriched_turn_metadata) - .expect("enriched metadata should be valid json"); + let first_metadata: serde_json::Value = serde_json::from_str( + first["client_metadata"]["x-codex-turn-metadata"] + .as_str() + .expect("first turn metadata"), + ) + .expect("first metadata should be valid json"); + let second_metadata: serde_json::Value = serde_json::from_str( + second["client_metadata"]["x-codex-turn-metadata"] + .as_str() + .expect("second turn metadata"), + ) + .expect("second metadata should be valid json"); assert_eq!(first_metadata["turn_id"].as_str(), Some("turn-123")); - assert_eq!(second_metadata["turn_id"].as_str(), Some("turn-123")); - assert_eq!(first_metadata["thread_source"].as_str(), Some("user")); - assert_eq!(second_metadata["thread_source"].as_str(), Some("user")); + assert_eq!(second_metadata["turn_id"].as_str(), Some("turn-456")); + assert_eq!( + first["client_metadata"]["turn_id"].as_str(), + first_metadata["turn_id"].as_str() + ); assert_eq!( - second_metadata["workspaces"][0]["has_changes"].as_bool(), - Some(true) + second["client_metadata"]["turn_id"].as_str(), + second_metadata["turn_id"].as_str() ); server.shutdown().await; } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn responses_websocket_preserves_custom_turn_metadata_fields() { +async fn responses_websocket_sends_canonical_turn_metadata() { skip_if_no_network!(); let server = start_websocket_server(vec![vec![vec![ @@ -1617,19 +1648,14 @@ async fn responses_websocket_preserves_custom_turn_metadata_fields() { let harness = websocket_harness(&server).await; let mut client_session = harness.client.new_session(); let prompt = prompt_with_input(vec![message_item("hello")]); - let turn_metadata = json!({ - "turn_id": "turn-123", - "fiber_run_id": "fiber-123", - "origin": "app-server", - }) - .to_string(); + let responses_metadata = turn_metadata(&harness, Some("turn-123")); - stream_until_complete_with_turn_metadata( + stream_until_complete_with_metadata( &mut client_session, &harness, &prompt, /*service_tier*/ None, - Some(&turn_metadata), + &responses_metadata, ) .await; @@ -1640,15 +1666,16 @@ async fn responses_websocket_preserves_custom_turn_metadata_fields() { .body_json(); assert_eq!(body["type"].as_str(), Some("response.create")); - assert_eq!( + let turn_metadata: serde_json::Value = serde_json::from_str( body["client_metadata"]["x-codex-turn-metadata"] .as_str() - .map(|value| serde_json::from_str::(value).expect("valid json")), - Some(json!({ - "turn_id": "turn-123", - "fiber_run_id": "fiber-123", - "origin": "app-server", - })) + .expect("turn metadata"), + ) + .expect("valid turn metadata"); + assert_eq!(turn_metadata["turn_id"].as_str(), Some("turn-123")); + assert_eq!( + body["client_metadata"]["turn_id"].as_str(), + turn_metadata["turn_id"].as_str() ); server.shutdown().await; @@ -1875,15 +1902,16 @@ async fn responses_websocket_v2_after_error_uses_full_create_without_previous_re stream_until_complete(&mut session, &harness, &prompt_one).await; + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut second_stream = session .stream( &prompt_two, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -1963,15 +1991,16 @@ async fn responses_websocket_v2_surfaces_terminal_error_without_close_handshake( stream_until_complete(&mut session, &harness, &prompt_one).await; + let responses_metadata = turn_metadata(&harness, /*turn_id*/ None); let mut second_stream = session .stream( &prompt_two, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, /*service_tier*/ None, - /*turn_metadata_header*/ None, + &responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await @@ -2151,12 +2180,9 @@ async fn websocket_harness_with_provider_options( let summary = ReasoningSummary::Auto; let client = ModelClient::new( /*auth_manager*/ None, - session_id, thread_id, - /*installation_id*/ TEST_INSTALLATION_ID.to_string(), provider.clone(), SessionSource::Exec, - /*parent_thread_id*/ None, config.model_verbosity, /*enable_request_compression*/ false, runtime_metrics_enabled, @@ -2190,55 +2216,74 @@ async fn stream_until_complete( .await; } -async fn stream_until_complete_with_service_tier( +async fn stream_until_complete_with_model_info( client_session: &mut ModelClientSession, harness: &WebsocketTestHarness, prompt: &Prompt, - service_tier: Option, + model_info: &ModelInfo, + expected_response_id: &str, ) { - stream_until_complete_with_turn_metadata( - client_session, - harness, - prompt, - service_tier, - /*turn_metadata_header*/ None, - ) - .await; + let responses_metadata = turn_metadata(harness, /*turn_id*/ None); + let mut stream = client_session + .stream( + prompt, + model_info, + &harness.session_telemetry, + harness.effort.clone(), + harness.summary, + /*service_tier*/ None, + &responses_metadata, + &codex_rollout_trace::InferenceTraceContext::disabled(), + ) + .await + .expect("websocket stream failed"); + + while let Some(event) = stream.next().await { + match event { + Ok(ResponseEvent::Completed { response_id, .. }) => { + assert_eq!(response_id, expected_response_id); + return; + } + Ok(_) => {} + Err(err) => panic!("websocket stream failed: {err}"), + } + } + panic!("websocket stream ended before completion"); } -async fn stream_until_complete_with_turn_metadata( +async fn stream_until_complete_with_service_tier( client_session: &mut ModelClientSession, harness: &WebsocketTestHarness, prompt: &Prompt, service_tier: Option, - turn_metadata_header: Option<&str>, ) { - stream_until_complete_with_request_metadata( + let responses_metadata = turn_metadata(harness, /*turn_id*/ None); + stream_until_complete_with_metadata( client_session, harness, prompt, service_tier, - turn_metadata_header, + &responses_metadata, ) .await; } -async fn stream_until_complete_with_request_metadata( +async fn stream_until_complete_with_metadata( client_session: &mut ModelClientSession, harness: &WebsocketTestHarness, prompt: &Prompt, service_tier: Option, - turn_metadata_header: Option<&str>, + responses_metadata: &CodexResponsesMetadata, ) { let mut stream = client_session .stream( prompt, &harness.model_info, &harness.session_telemetry, - harness.effort, + harness.effort.clone(), harness.summary, service_tier.map(|service_tier| service_tier.request_value().to_string()), - turn_metadata_header, + responses_metadata, &codex_rollout_trace::InferenceTraceContext::disabled(), ) .await diff --git a/codex-rs/core/tests/suite/code_mode.rs b/codex-rs/core/tests/suite/code_mode.rs index e33f964aa5e..0f954bac7b0 100644 --- a/codex-rs/core/tests/suite/code_mode.rs +++ b/codex-rs/core/tests/suite/code_mode.rs @@ -6,9 +6,11 @@ use base64::engine::general_purpose::STANDARD as BASE64_STANDARD; use codex_config::types::McpServerConfig; use codex_config::types::McpServerTransportConfig; use codex_core::config::Config; +use codex_extension_api::ExtensionRegistryBuilder; use codex_features::Feature; use codex_login::CodexAuth; use codex_models_manager::bundled_models_response; +use codex_protocol::config_types::WebSearchMode; use codex_protocol::dynamic_tools::DynamicToolCallOutputContentItem; use codex_protocol::dynamic_tools::DynamicToolResponse; use codex_protocol::dynamic_tools::DynamicToolSpec; @@ -17,6 +19,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use codex_web_search_extension::install as install_web_search_extension; use core_test_support::apps_test_server::AppsTestServer; use core_test_support::apps_test_server::AppsTestToolLoading; use core_test_support::apps_test_server::DIRECT_CALENDAR_APP_ONLY_TOOL; @@ -39,15 +42,25 @@ use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; use core_test_support::wait_for_event_match; use core_test_support::wait_for_mcp_server; +use image::DynamicImage; +use image::GenericImageView; +use image::ImageBuffer; +use image::Rgba; use pretty_assertions::assert_eq; use serde_json::Value; use std::collections::HashMap; use std::collections::HashSet; use std::fs; +use std::io::Cursor; use std::path::Path; +use std::sync::Arc; use std::time::Duration; use std::time::Instant; +use wiremock::Mock; use wiremock::MockServer; +use wiremock::ResponseTemplate; +use wiremock::matchers::method; +use wiremock::matchers::path; fn custom_tool_output_items(req: &ResponsesRequest, call_id: &str) -> Vec { match req.custom_tool_call_output(call_id).get("output") { @@ -160,12 +173,21 @@ async fn run_code_mode_turn_with_config( code: &str, configure: impl FnOnce(&mut Config) + Send + 'static, ) -> Result<(TestCodex, ResponseMock)> { - let mut builder = test_codex() - .with_model("test-gpt-5.1-codex") - .with_config(move |config| { - let _ = config.features.enable(Feature::CodeMode); - configure(config); - }); + run_code_mode_turn_with_model_and_config(server, prompt, code, "test-gpt-5.1-codex", configure) + .await +} + +async fn run_code_mode_turn_with_model_and_config( + server: &MockServer, + prompt: &str, + code: &str, + model: &'static str, + configure: impl FnOnce(&mut Config) + Send + 'static, +) -> Result<(TestCodex, ResponseMock)> { + let mut builder = test_codex().with_model(model).with_config(move |config| { + let _ = config.features.enable(Feature::CodeMode); + configure(config); + }); let test = builder.build(server).await?; responses::mount_sse_once( @@ -191,6 +213,108 @@ async fn run_code_mode_turn_with_config( Ok((test, second_mock)) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn code_mode_can_call_standalone_web_search() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + Mock::given(method("POST")) + .and(path("/v1/alpha/search")) + .respond_with(ResponseTemplate::new(200).set_body_json(serde_json::json!({ + "output": "Search result", + }))) + .expect(1) + .mount(&server) + .await; + + responses::mount_sse_once( + &server, + sse(vec![ + ev_response_created("resp-1"), + ev_custom_tool_call( + "call-1", + "exec", + r#" +const result = await tools.web__run({ + search_query: [{ q: "standalone web search" }], +}); +text(result); +"#, + ), + ev_completed("resp-1"), + ]), + ) + .await; + let follow_up_mock = responses::mount_sse_once( + &server, + sse(vec![ + ev_assistant_message("msg-1", "done"), + ev_completed("resp-2"), + ]), + ) + .await; + + let auth = CodexAuth::from_api_key("dummy"); + let auth_manager = codex_core::test_support::auth_manager_from_auth(auth.clone()); + let mut extension_builder = ExtensionRegistryBuilder::::new(); + install_web_search_extension(&mut extension_builder, auth_manager); + let mut builder = test_codex() + .with_auth(auth) + .with_extensions(Arc::new(extension_builder.build())) + .with_model("test-gpt-5.1-codex") + .with_config(|config| { + config + .features + .enable(Feature::CodeMode) + .expect("code mode should be enabled"); + config + .features + .enable(Feature::StandaloneWebSearch) + .expect("standalone web search should be enabled"); + config + .web_search_mode + .set(WebSearchMode::Live) + .expect("web search mode should be accepted"); + }); + let test = builder.build(&server).await?; + + test.submit_turn("Search the web from code mode").await?; + + let search_request = server + .received_requests() + .await + .expect("received requests should be available") + .into_iter() + .find(|request| request.url.path() == "/v1/alpha/search") + .expect("standalone search request should be sent"); + let search_body = search_request + .body_json::() + .expect("search request body should be JSON"); + assert_eq!( + search_body["model"], + serde_json::json!("test-gpt-5.1-codex") + ); + assert_eq!( + search_body["commands"], + serde_json::json!({ + "search_query": [{"q": "standalone web search"}], + }) + ); + assert_eq!( + search_body["settings"], + serde_json::json!({ + "allowed_callers": ["direct"], + "external_web_access": true, + }) + ); + assert_eq!( + custom_tool_output_last_non_empty_text(&follow_up_mock.single_request(), "call-1"), + Some("Search result".to_string()) + ); + + Ok(()) +} + async fn run_code_mode_turn_with_rmcp( server: &MockServer, prompt: &str, @@ -375,7 +499,11 @@ async fn code_mode_only_restricts_prompt_tools() -> Result<()> { let first_body = resp_mock.single_request().body_json(); assert_eq!( tool_names(&first_body), - vec!["exec".to_string(), "wait".to_string()] + vec![ + "exec".to_string(), + "wait".to_string(), + "web_search".to_string() + ] ); Ok(()) @@ -457,7 +585,12 @@ if (!tool) { let first_body = resp_mock.single_request().body_json(); assert_eq!( tool_names(&first_body), - vec!["exec".to_string(), "wait".to_string()] + vec![ + "exec".to_string(), + "wait".to_string(), + "web_search".to_string(), + "image_generation".to_string() + ] ); let exec_description = first_body @@ -668,6 +801,47 @@ text(JSON.stringify(result)); Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn code_mode_get_context_remaining_returns_structured_result() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let (_test, second_mock) = run_code_mode_turn_with_config( + &server, + "use exec to get remaining context", + r#" +const result = await tools.get_context_remaining({}); +text(JSON.stringify(result)); +"#, + |config| { + config.model_context_window = Some(10_000); + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }, + ) + .await?; + + let req = second_mock.single_request(); + let (output, success) = custom_tool_output_body_and_success(&req, "call-1"); + assert_ne!( + success, + Some(false), + "exec get_context_remaining call failed unexpectedly: {output}" + ); + + let parsed: Value = serde_json::from_str(&output)?; + assert_eq!( + parsed, + serde_json::json!({ + "tokens_left": 9500, + }) + ); + + Ok(()) +} + #[cfg_attr(windows, ignore = "flaky on windows")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn code_mode_nested_tool_calls_can_run_in_parallel() -> Result<()> { @@ -2417,6 +2591,103 @@ image("data:image/png;base64,AAA"); Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn resize_all_images_replaces_malformed_code_mode_image_only() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let (_test, second_mock) = run_code_mode_turn_with_config( + &server, + "use exec to return images", + r#" +image("https://example.com/image.jpg"); +image("data:image/png;base64,AAA"); +"#, + |config| { + let _ = config.features.enable(Feature::ResizeAllImages); + }, + ) + .await?; + + let req = second_mock.single_request(); + let items = custom_tool_output_items(&req, "call-1"); + let (_, success) = custom_tool_output_body_and_success(&req, "call-1"); + assert_ne!(success, Some(false)); + assert_eq!(items.len(), 3); + assert_eq!( + items[1], + serde_json::json!({ + "type": "input_image", + "image_url": "https://example.com/image.jpg", + "detail": "high" + }) + ); + assert_eq!( + items[2], + serde_json::json!({ + "type": "input_text", + "text": "image content omitted because it could not be processed" + }) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn resize_all_images_resizes_explicit_original_code_mode_image() -> Result<()> { + skip_if_no_network!(Ok(())); + + let original_dimensions = (6401, 100); + let image = ImageBuffer::from_pixel( + original_dimensions.0, + original_dimensions.1, + Rgba([20, 40, 60, 255]), + ); + let mut encoded = Cursor::new(Vec::new()); + DynamicImage::ImageRgba8(image).write_to(&mut encoded, image::ImageFormat::Png)?; + let image_data_url = format!( + "data:image/png;base64,{}", + BASE64_STANDARD.encode(encoded.into_inner()) + ); + let code = format!( + "image({}, \"original\");", + serde_json::to_string(&image_data_url)? + ); + + let server = responses::start_mock_server().await; + let (_test, second_mock) = run_code_mode_turn_with_model_and_config( + &server, + "use exec to return a large original-detail image", + &code, + "gpt-5.3-codex", + |config| { + config + .features + .enable(Feature::ResizeAllImages) + .expect("resize_all_images should be enabled"); + }, + ) + .await?; + + let req = second_mock.single_request(); + let items = custom_tool_output_items(&req, "call-1"); + let (_, success) = custom_tool_output_body_and_success(&req, "call-1"); + assert_ne!(success, Some(false)); + let resized_url = items[1]["image_url"] + .as_str() + .expect("code mode image output should contain a data URL"); + assert_eq!(items[1]["detail"], "original"); + let (_, resized_base64) = resized_url + .split_once(',') + .expect("resized image should contain a data URL prefix"); + let resized_bytes = BASE64_STANDARD.decode(resized_base64)?; + let resized = image::load_from_memory(&resized_bytes)?; + let resized_dimensions = resized.dimensions(); + assert_eq!(resized_dimensions, (6000, 94)); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn code_mode_can_use_view_image_result_with_image_helper() -> Result<()> { skip_if_no_network!(Ok(())); @@ -2898,6 +3169,7 @@ text(JSON.stringify(Object.getOwnPropertyNames(globalThis).sort())); "escape", "exit", "eval", + "generatedImage", "globalThis", "image", "isFinite", @@ -2953,7 +3225,7 @@ text(JSON.stringify(tool)); parsed, serde_json::json!({ "name": "view_image", - "description": "View a local image file from the filesystem when visual inspection is needed. Use this for images already available on disk.\n\nexec tool declaration:\n```ts\ndeclare const tools: { view_image(args: {\n // Local filesystem path to an image file\n path: string;\n}): Promise<{\n // Image detail hint returned by view_image. Returns `high` for default resized behavior or `original` when original resolution is preserved.\n detail: \"high\" | \"original\";\n // Data URL for the loaded image.\n image_url: string;\n}>; };\n```", + "description": "View a local image file from the filesystem when visual inspection is needed. Use this for images already available on disk.\n\nexec tool declaration:\n```ts\ndeclare const tools: { view_image(args: {\n // Local filesystem path to an image file.\n path: string;\n}): Promise<{\n // Image detail hint returned by view_image. Returns `high` for default resized behavior or `original` when original resolution is preserved.\n detail: \"high\" | \"original\";\n // Data URL for the loaded image.\n image_url: string;\n}>; };\n```", }) ); @@ -3069,7 +3341,7 @@ text( ) .await; - let cwd = test.cwd.path().to_path_buf(); + let cwd = test.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); @@ -3079,12 +3351,14 @@ text( text: "use exec to inspect and call hidden tools".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(codex_protocol::protocol::TurnEnvironmentSelections::new( + cwd, + Vec::new(), + )), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -3165,6 +3439,93 @@ text( Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn code_mode_excludes_configured_nested_tool_namespaces() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let mut builder = test_codex().with_config(|config| { + let _ = config.features.enable(Feature::CodeMode); + config.code_mode.excluded_tool_namespaces = vec!["excluded".to_string()]; + }); + let base_test = builder.build(&server).await?; + let new_thread = base_test + .thread_manager + .start_thread_with_tools( + base_test.config.clone(), + vec![DynamicToolSpec { + namespace: Some("excluded".to_string()), + name: "lookup".to_string(), + description: "An excluded dynamic tool.".to_string(), + input_schema: serde_json::json!({ + "type": "object", + "properties": {}, + "additionalProperties": false, + }), + defer_loading: false, + }], + ) + .await?; + let mut test = base_test; + test.codex = new_thread.thread; + test.session_configured = new_thread.session_configured; + + let first_mock = responses::mount_sse_once( + &server, + sse(vec![ + ev_response_created("resp-1"), + ev_custom_tool_call( + "call-1", + "exec", + r#" +text(JSON.stringify({ + excludedType: typeof tools.excluded__lookup, + excludedMetadata: ALL_TOOLS.some(({ name }) => name === "excluded__lookup"), + allowedType: typeof tools.update_plan, + allowedMetadata: ALL_TOOLS.some(({ name }) => name === "update_plan"), +})); +"#, + ), + ev_completed("resp-1"), + ]), + ) + .await; + let second_mock = responses::mount_sse_once( + &server, + sse(vec![ + ev_assistant_message("msg-1", "done"), + ev_completed("resp-2"), + ]), + ) + .await; + + test.submit_turn("use exec to inspect nested tool namespaces") + .await?; + + assert!( + tool_names(&first_mock.single_request().body_json()).contains(&"excluded".to_string()), + "excluded namespace should remain directly exposed in mixed code mode" + ); + let request = second_mock.single_request(); + let (output, success) = custom_tool_output_body_and_success(&request, "call-1"); + assert_ne!( + success, + Some(false), + "exec configured namespace exclusion failed unexpectedly: {output}" + ); + assert_eq!( + serde_json::from_str::(&output)?, + serde_json::json!({ + "excludedType": "undefined", + "excludedMetadata": false, + "allowedType": "function", + "allowedMetadata": true, + }) + ); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn code_mode_can_print_content_only_mcp_tool_result_fields() -> Result<()> { skip_if_no_network!(Ok(())); diff --git a/codex-rs/core/tests/suite/collaboration_instructions.rs b/codex-rs/core/tests/suite/collaboration_instructions.rs index bbbb0f1aa23..d9d511edbda 100644 --- a/codex-rs/core/tests/suite/collaboration_instructions.rs +++ b/codex-rs/core/tests/suite/collaboration_instructions.rs @@ -13,6 +13,7 @@ use core_test_support::responses::mount_sse_once; use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use pretty_assertions::assert_eq; @@ -72,7 +73,6 @@ async fn no_collaboration_instructions_by_default() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -127,7 +127,6 @@ async fn user_input_includes_collaboration_instructions_after_override() -> Resu test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -169,12 +168,11 @@ async fn collaboration_instructions_added_on_user_turn() -> Result<()> { text: "hello".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(test.config.permissions.approval_policy.value()), sandbox_policy: Some(test.config.legacy_sandbox_policy()), summary: Some( @@ -220,12 +218,11 @@ async fn collaboration_instructions_omitted_when_disabled() -> Result<()> { text: "hello".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(test.config.permissions.approval_policy.value()), sandbox_policy: Some(test.config.legacy_sandbox_policy()), summary: Some( @@ -276,7 +273,6 @@ async fn override_then_next_turn_uses_updated_collaboration_instructions() -> Re test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -329,12 +325,11 @@ async fn user_turn_overrides_collaboration_instructions_after_override() -> Resu text: "hello".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(test.config.permissions.approval_policy.value()), sandbox_policy: Some(test.config.legacy_sandbox_policy()), summary: Some( @@ -390,7 +385,6 @@ async fn collaboration_mode_update_emits_new_instruction_message() -> Result<()> test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -414,7 +408,6 @@ async fn collaboration_mode_update_emits_new_instruction_message() -> Result<()> test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -467,7 +460,6 @@ async fn collaboration_mode_update_noop_does_not_append() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -491,7 +483,6 @@ async fn collaboration_mode_update_noop_does_not_append() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -546,7 +537,6 @@ async fn collaboration_mode_update_emits_new_instruction_message_when_mode_chang test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -573,7 +563,6 @@ async fn collaboration_mode_update_emits_new_instruction_message_when_mode_chang test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -629,7 +618,6 @@ async fn collaboration_mode_update_noop_does_not_append_when_mode_is_unchanged() test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -656,7 +644,6 @@ async fn collaboration_mode_update_noop_does_not_append_when_mode_is_unchanged() test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -715,7 +702,6 @@ async fn resume_replays_collaboration_instructions() -> Result<()> { initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -732,7 +718,6 @@ async fn resume_replays_collaboration_instructions() -> Result<()> { resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after resume".into(), text_elements: Vec::new(), @@ -785,7 +770,6 @@ async fn empty_collaboration_instructions_are_ignored() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/compact.rs b/codex-rs/core/tests/suite/compact.rs index 0e2c02de917..73bc05df43e 100644 --- a/codex-rs/core/tests/suite/compact.rs +++ b/codex-rs/core/tests/suite/compact.rs @@ -1,4 +1,6 @@ #![allow(clippy::expect_used)] +use anyhow::Result; +use anyhow::anyhow; use codex_core::compact::SUMMARIZATION_PROMPT; use codex_core::compact::SUMMARY_PREFIX; use codex_core::config::Config; @@ -23,15 +25,20 @@ use codex_protocol::protocol::RolloutItem; use codex_protocol::protocol::RolloutLine; use codex_protocol::protocol::WarningEvent; use codex_protocol::user_input::UserInput; +use codex_utils_absolute_path::AbsolutePathBuf; +use core_test_support::PathBufExt; use core_test_support::context_snapshot; use core_test_support::context_snapshot::ContextSnapshotOptions; use core_test_support::context_snapshot::ContextSnapshotRenderMode; use core_test_support::hooks::trust_discovered_hooks; +use core_test_support::responses; use core_test_support::responses::ev_reasoning_item; use core_test_support::responses::mount_models_once; use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; +use core_test_support::test_path_buf; use core_test_support::wait_for_event; use core_test_support::wait_for_event_match; use std::path::PathBuf; @@ -54,6 +61,8 @@ use serde_json::Value; use serde_json::json; use std::fs; use std::path::Path; +use std::sync::Arc; +use tempfile::TempDir; use wiremock::MockServer; // --- Test helpers ----------------------------------------------------------- @@ -75,6 +84,11 @@ const DUMMY_CALL_ID: &str = "call-multi-auto"; const FUNCTION_CALL_LIMIT_MSG: &str = "function call limit push"; const POST_AUTO_USER_MSG: &str = "post auto follow-up"; const PRETURN_CONTEXT_DIFF_CWD: &str = "/tmp/PRETURN_CONTEXT_DIFF_CWD"; +const GLOBAL_AGENTS_FILENAME: &str = "AGENTS.md"; +const GLOBAL_AGENTS_OVERRIDE_FILENAME: &str = "AGENTS.override.md"; +const NEW_GLOBAL_INSTRUCTIONS: &str = "new global instructions"; +const OLD_GLOBAL_INSTRUCTIONS: &str = "old global instructions"; +const REMOTE_V2_SUMMARY: &str = "global-instructions-remote-v2-summary"; pub(super) const COMPACT_WARNING_MESSAGE: &str = "Heads up: Long threads and multiple compactions can cause the model to be less accurate. Start a new thread when possible to keep threads small and targeted."; @@ -94,12 +108,11 @@ fn disabled_permission_user_turn(text: impl Into, cwd: PathBuf, model: S text: text.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -265,6 +278,92 @@ fn non_openai_model_provider(server: &MockServer) -> ModelProviderInfo { provider } +fn write_global_file( + home: &TempDir, + filename: &str, + contents: impl AsRef<[u8]>, +) -> Result { + let path = home.path().join(filename); + std::fs::write(&path, contents)?; + Ok(path.abs()) +} + +fn instruction_fragments(request: &responses::ResponsesRequest) -> Vec { + request + .message_input_texts("user") + .into_iter() + .filter(|text| text.starts_with("# AGENTS.md instructions for ")) + .collect() +} + +fn instruction_fragments_in_items(items: &[Value]) -> Vec { + items + .iter() + .filter(|item| { + item.get("type").and_then(Value::as_str) == Some("message") + && item.get("role").and_then(Value::as_str) == Some("user") + }) + .filter_map(|item| item.get("content").and_then(Value::as_array)) + .flatten() + .filter_map(|span| span.get("text").and_then(Value::as_str)) + .filter(|text| text.starts_with("# AGENTS.md instructions for ")) + .map(str::to_string) + .collect() +} + +fn expected_instruction_fragment(cwd: &AbsolutePathBuf, contents: &str) -> String { + let cwd = cwd.as_path().display(); + format!("# AGENTS.md instructions for {cwd}\n\n\n{contents}\n") +} + +fn assert_single_instruction_fragment(request: &responses::ResponsesRequest, expected: &str) { + assert_eq!(instruction_fragments(request), vec![expected.to_string()]); +} + +fn replacement_history_from_rollout(path: &Path) -> Result> { + let rollout_text = fs::read_to_string(path)?; + let mut replacement_history = None; + for line in rollout_text + .lines() + .map(str::trim) + .filter(|line| !line.is_empty()) + { + let entry: RolloutLine = serde_json::from_str(line)?; + if let RolloutItem::Compacted(compacted) = entry.item + && let Some(items) = compacted.replacement_history + { + replacement_history = Some( + items + .into_iter() + .map(serde_json::to_value) + .collect::, _>>()?, + ); + } + } + replacement_history.ok_or_else(|| anyhow!("expected rollout replacement history")) +} + +fn remote_v2_compaction_response() -> String { + responses::sse(vec![ + json!({ + "type": "response.output_item.done", + "item": { + "type": "compaction", + "encrypted_content": REMOTE_V2_SUMMARY, + } + }), + responses::ev_completed("remote-v2-compact-response"), + ]) +} + +fn local_compaction_provider(server: &wiremock::MockServer) -> ModelProviderInfo { + let mut provider = built_in_model_providers(/*openai_base_url*/ None)["openai"].clone(); + provider.name = "OpenAI-compatible test provider".to_string(); + provider.base_url = Some(format!("{}/v1", server.uri())); + provider.supports_websockets = false; + provider +} + fn model_info_with_context_window(slug: &str, context_window: i64) -> ModelInfo { let models_response = bundled_models_response() .unwrap_or_else(|err| panic!("bundled models.json should parse: {err}")); @@ -277,6 +376,12 @@ fn model_info_with_context_window(slug: &str, context_window: i64) -> ModelInfo model_info } +fn model_info_with_optional_comp_hash(slug: &str, comp_hash: Option<&str>) -> ModelInfo { + let mut model_info = model_info_with_context_window(slug, /*context_window*/ 273_000); + model_info.comp_hash = comp_hash.map(str::to_string); + model_info +} + fn assert_pre_sampling_switch_compaction_requests( first: &serde_json::Value, compact: &serde_json::Value, @@ -402,7 +507,6 @@ async fn summarize_context_three_requests_and_instructions() { // 1) Normal user input – should hit server once. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello world".into(), text_elements: Vec::new(), @@ -428,7 +532,6 @@ async fn summarize_context_three_requests_and_instructions() { // 3) Next user input – third hit; history should include only the summary. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: THIRD_USER_MSG.into(), text_elements: Vec::new(), @@ -604,7 +707,6 @@ async fn manual_pre_compact_block_decision_does_not_block_compaction() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello before blocked compact".to_string(), text_elements: Vec::new(), @@ -678,7 +780,6 @@ async fn compact_hooks_respect_matchers_and_post_runs_after_compaction() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello before matched compact".to_string(), text_elements: Vec::new(), @@ -749,7 +850,6 @@ async fn manual_compact_uses_custom_prompt() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -897,7 +997,6 @@ async fn manual_compact_emits_context_compaction_items() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "manual compact".into(), text_elements: Vec::new(), @@ -1064,7 +1163,6 @@ async fn multiple_auto_compact_per_task_runs_after_token_limit_hit() { // Start the conversation with the user message codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user_message.into(), text_elements: Vec::new(), @@ -1537,7 +1635,6 @@ async fn auto_compact_runs_after_token_limit_hit() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: FIRST_AUTO_MSG.into(), text_elements: Vec::new(), @@ -1554,7 +1651,6 @@ async fn auto_compact_runs_after_token_limit_hit() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: SECOND_AUTO_MSG.into(), text_elements: Vec::new(), @@ -1571,7 +1667,6 @@ async fn auto_compact_runs_after_token_limit_hit() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: POST_AUTO_USER_MSG.into(), text_elements: Vec::new(), @@ -1743,7 +1838,6 @@ async fn auto_compact_emits_context_compaction_items() { for user in [FIRST_AUTO_MSG, SECOND_AUTO_MSG, POST_AUTO_USER_MSG] { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user.into(), text_elements: Vec::new(), @@ -1825,7 +1919,6 @@ async fn auto_compact_starts_after_turn_started() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: FIRST_AUTO_MSG.into(), text_elements: Vec::new(), @@ -1841,7 +1934,6 @@ async fn auto_compact_starts_after_turn_started() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: SECOND_AUTO_MSG.into(), text_elements: Vec::new(), @@ -1857,7 +1949,6 @@ async fn auto_compact_starts_after_turn_started() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: POST_AUTO_USER_MSG.into(), text_elements: Vec::new(), @@ -1924,6 +2015,7 @@ async fn auto_compact_runs_after_resume_when_token_usage_is_over_limit() { let mut builder = test_codex().with_config(move |config| { set_test_compact_prompt(config); config.model_auto_compact_token_limit = Some(limit); + let _ = config.features.disable(Feature::RemoteCompactionV2); }); let initial = builder.build(&server).await.unwrap(); let home = initial.home.clone(); @@ -1952,6 +2044,7 @@ async fn auto_compact_runs_after_resume_when_token_usage_is_over_limit() { let mut resume_builder = test_codex().with_config(move |config| { set_test_compact_prompt(config); config.model_auto_compact_token_limit = Some(limit); + let _ = config.features.disable(Feature::RemoteCompactionV2); }); let resumed = resume_builder .resume(&server, home, rollout_path) @@ -2104,6 +2197,203 @@ async fn pre_sampling_compact_runs_on_switch_to_smaller_context_model() { ); } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn pre_sampling_compact_runs_when_comp_hash_changes() { + skip_if_no_network!(); + + let server = MockServer::start().await; + let previous_model = "gpt-5.3-codex"; + let next_model = "gpt-5.2"; + + let models_mock = mount_models_once( + &server, + ModelsResponse { + models: vec![ + model_info_with_optional_comp_hash(previous_model, Some("hash-a")), + model_info_with_optional_comp_hash(next_model, Some("hash-b")), + ], + }, + ) + .await; + + let request_log = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_assistant_message("m1", "before switch"), + ev_completed_with_tokens("r1", /*total_tokens*/ 100), + ]), + sse(vec![ + ev_assistant_message("m2", "COMP_HASH_SUMMARY"), + ev_completed_with_tokens("r2", /*total_tokens*/ 10), + ]), + sse(vec![ + ev_assistant_message("m3", "after switch"), + ev_completed_with_tokens("r3", /*total_tokens*/ 100), + ]), + ], + ) + .await; + + let model_provider = non_openai_model_provider(&server); + let mut builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model(previous_model) + .with_config(move |config| { + config.model_provider = model_provider; + set_test_compact_prompt(config); + }); + let test = builder.build(&server).await.expect("build test codex"); + + test.codex + .submit(disabled_permission_user_turn( + "before switch", + test.cwd.path().to_path_buf(), + previous_model.to_string(), + )) + .await + .expect("submit first user turn"); + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + test.codex + .submit(disabled_permission_user_turn( + "after switch", + test.cwd.path().to_path_buf(), + next_model.to_string(), + )) + .await + .expect("submit second user turn"); + assert_compaction_uses_turn_lifecycle_id(&test.codex).await; + + let requests = request_log.requests(); + assert_eq!(models_mock.requests().len(), 1); + assert_eq!( + requests.len(), + 3, + "a comp-hash change should compact before sampling the next turn" + ); + assert_pre_sampling_switch_compaction_requests( + &requests[0].body_json(), + &requests[1].body_json(), + &requests[2].body_json(), + previous_model, + next_model, + ); +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn pre_sampling_compact_skips_when_either_comp_hash_is_missing() { + skip_if_no_network!(); + + let server = MockServer::start().await; + let model_without_hash = "gpt-5.4"; + let model_with_hash = "gpt-5.3-codex"; + let next_model_without_hash = "gpt-5.2"; + + let models_mock = mount_models_once( + &server, + ModelsResponse { + models: vec![ + model_info_with_optional_comp_hash(model_without_hash, /*comp_hash*/ None), + model_info_with_optional_comp_hash(model_with_hash, Some("hash-a")), + model_info_with_optional_comp_hash( + next_model_without_hash, + /*comp_hash*/ None, + ), + ], + }, + ) + .await; + + let request_log = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_assistant_message("m1", "before hash"), + ev_completed_with_tokens("r1", /*total_tokens*/ 100), + ]), + sse(vec![ + ev_assistant_message("m2", "hash introduced"), + ev_completed_with_tokens("r2", /*total_tokens*/ 100), + ]), + sse(vec![ + ev_assistant_message("m3", "hash removed"), + ev_completed_with_tokens("r3", /*total_tokens*/ 100), + ]), + ], + ) + .await; + + let model_provider = non_openai_model_provider(&server); + let mut builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model(model_without_hash) + .with_config(move |config| { + config.model_provider = model_provider; + set_test_compact_prompt(config); + }); + let test = builder.build(&server).await.expect("build test codex"); + + test.codex + .submit(disabled_permission_user_turn( + "before hash", + test.cwd.path().to_path_buf(), + model_without_hash.to_string(), + )) + .await + .expect("submit first user turn"); + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + test.codex + .submit(disabled_permission_user_turn( + "hash introduced", + test.cwd.path().to_path_buf(), + model_with_hash.to_string(), + )) + .await + .expect("submit second user turn"); + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + test.codex + .submit(disabled_permission_user_turn( + "hash removed", + test.cwd.path().to_path_buf(), + next_model_without_hash.to_string(), + )) + .await + .expect("submit third user turn"); + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let requests = request_log.requests(); + assert_eq!(models_mock.requests().len(), 1); + assert_eq!( + requests + .iter() + .map(|request| request.body_json()["model"].as_str().map(str::to_string)) + .collect::>(), + vec![ + Some(model_without_hash.to_string()), + Some(model_with_hash.to_string()), + Some(next_model_without_hash.to_string()), + ] + ); + assert!(requests.iter().all(|request| { + !body_contains_text(&request.body_json().to_string(), SUMMARIZATION_PROMPT) + })); +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn body_after_prefix_model_switch_budget_compacts_with_next_model() { skip_if_no_network!(); @@ -2320,45 +2610,305 @@ async fn pre_sampling_compact_runs_after_resume_and_switch_to_smaller_model() { } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn auto_compact_persists_rollout_entries() { +async fn pre_sampling_compact_recovers_comp_hash_after_resume() { skip_if_no_network!(); - let server = start_mock_server().await; - - let sse1 = sse(vec![ - ev_assistant_message("m1", FIRST_REPLY), - ev_completed_with_tokens("r1", /*total_tokens*/ 70_000), - ]); - - let sse2 = sse(vec![ - ev_assistant_message("m2", "SECOND_REPLY"), - ev_completed_with_tokens("r2", /*total_tokens*/ 330_000), - ]); + let server = MockServer::start().await; + let previous_model = "gpt-5.3-codex"; + let next_model = "gpt-5.2"; - let auto_summary_payload = auto_summary(AUTO_SUMMARY_TEXT); - let sse3 = sse(vec![ - ev_assistant_message("m3", &auto_summary_payload), - ev_completed_with_tokens("r3", /*total_tokens*/ 200), - ]); - let sse4 = sse(vec![ - ev_assistant_message("m4", FINAL_REPLY), - ev_completed_with_tokens("r4", /*total_tokens*/ 120), - ]); + let models_mock = mount_models_once( + &server, + ModelsResponse { + models: vec![ + model_info_with_optional_comp_hash(previous_model, Some("hash-a")), + model_info_with_optional_comp_hash(next_model, Some("hash-b")), + ], + }, + ) + .await; - let first_matcher = |req: &wiremock::Request| { - let body = std::str::from_utf8(&req.body).unwrap_or(""); - body.contains(FIRST_AUTO_MSG) - && !body.contains(SECOND_AUTO_MSG) - && !body_contains_text(body, SUMMARIZATION_PROMPT) - }; - mount_sse_once_match(&server, first_matcher, sse1).await; + let request_log = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_assistant_message("m1", "before resume"), + ev_completed_with_tokens("r1", /*total_tokens*/ 100), + ]), + sse(vec![ + ev_assistant_message("m2", "RESUMED_COMP_HASH_SUMMARY"), + ev_completed_with_tokens("r2", /*total_tokens*/ 10), + ]), + sse(vec![ + ev_assistant_message("m3", "after resume"), + ev_completed_with_tokens("r3", /*total_tokens*/ 100), + ]), + ], + ) + .await; - let second_matcher = |req: &wiremock::Request| { - let body = std::str::from_utf8(&req.body).unwrap_or(""); - body.contains(SECOND_AUTO_MSG) - && body.contains(FIRST_AUTO_MSG) - && !body_contains_text(body, SUMMARIZATION_PROMPT) - }; + let model_provider = non_openai_model_provider(&server); + let mut initial_builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model(previous_model) + .with_config(move |config| { + config.model_provider = model_provider; + set_test_compact_prompt(config); + }); + let initial = initial_builder + .build(&server) + .await + .expect("build initial test codex"); + let home = initial.home.clone(); + let rollout_path = initial + .session_configured + .rollout_path + .clone() + .expect("rollout path"); + + initial + .codex + .submit(disabled_permission_user_turn( + "before resume", + initial.cwd.path().to_path_buf(), + previous_model.to_string(), + )) + .await + .expect("submit pre-resume turn"); + wait_for_event(&initial.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + initial + .codex + .submit(Op::Shutdown) + .await + .expect("shutdown initial session"); + wait_for_event(&initial.codex, |event| { + matches!(event, EventMsg::ShutdownComplete) + }) + .await; + + let rollout = fs::read_to_string(&rollout_path).expect("read rollout"); + let persisted_comp_hash = rollout + .lines() + .filter_map(|line| serde_json::from_str::(line).ok()) + .find_map(|line| match line.item { + RolloutItem::TurnContext(context) => context.comp_hash, + _ => None, + }); + assert_eq!(persisted_comp_hash.as_deref(), Some("hash-a")); + + let model_provider = non_openai_model_provider(&server); + let mut resumed_builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model(previous_model) + .with_config(move |config| { + config.model_provider = model_provider; + set_test_compact_prompt(config); + }); + let resumed = resumed_builder + .resume(&server, home, rollout_path) + .await + .expect("resume codex"); + + resumed + .codex + .submit(disabled_permission_user_turn( + "after resume", + resumed.cwd.path().to_path_buf(), + next_model.to_string(), + )) + .await + .expect("submit resumed user turn"); + assert_compaction_uses_turn_lifecycle_id(&resumed.codex).await; + + let requests = request_log.requests(); + assert_eq!(models_mock.requests().len(), 1); + assert_eq!( + requests.len(), + 3, + "the resumed turn should compact using the comp hash recovered from rollout" + ); + assert_pre_sampling_switch_compaction_requests( + &requests[0].body_json(), + &requests[1].body_json(), + &requests[2].body_json(), + previous_model, + next_model, + ); +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn pre_sampling_compact_skips_missing_comp_hash_after_resume() { + skip_if_no_network!(); + + let server = MockServer::start().await; + let previous_model = "gpt-5.3-codex"; + let next_model = "gpt-5.2"; + + let models_mock = mount_models_once( + &server, + ModelsResponse { + models: vec![ + model_info_with_optional_comp_hash(previous_model, /*comp_hash*/ None), + model_info_with_optional_comp_hash(next_model, Some("hash-b")), + ], + }, + ) + .await; + + let request_log = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_assistant_message("m1", "before resume"), + ev_completed_with_tokens("r1", /*total_tokens*/ 100), + ]), + sse(vec![ + ev_assistant_message("m2", "after resume"), + ev_completed_with_tokens("r2", /*total_tokens*/ 100), + ]), + ], + ) + .await; + + let model_provider = non_openai_model_provider(&server); + let mut initial_builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model(previous_model) + .with_config(move |config| { + config.model_provider = model_provider; + set_test_compact_prompt(config); + }); + let initial = initial_builder + .build(&server) + .await + .expect("build initial test codex"); + let home = initial.home.clone(); + let rollout_path = initial + .session_configured + .rollout_path + .clone() + .expect("rollout path"); + + initial + .codex + .submit(disabled_permission_user_turn( + "before resume", + initial.cwd.path().to_path_buf(), + previous_model.to_string(), + )) + .await + .expect("submit pre-resume turn"); + wait_for_event(&initial.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + initial + .codex + .submit(Op::Shutdown) + .await + .expect("shutdown initial session"); + wait_for_event(&initial.codex, |event| { + matches!(event, EventMsg::ShutdownComplete) + }) + .await; + + let rollout = fs::read_to_string(&rollout_path).expect("read rollout"); + let persisted_turn_context = rollout + .lines() + .filter_map(|line| serde_json::from_str::(line).ok()) + .find(|line| line["type"] == "turn_context") + .expect("persisted turn context"); + assert!(persisted_turn_context["payload"].get("comp_hash").is_none()); + + let model_provider = non_openai_model_provider(&server); + let mut resumed_builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model(previous_model) + .with_config(move |config| { + config.model_provider = model_provider; + set_test_compact_prompt(config); + }); + let resumed = resumed_builder + .resume(&server, home, rollout_path) + .await + .expect("resume codex"); + + resumed + .codex + .submit(disabled_permission_user_turn( + "after resume", + resumed.cwd.path().to_path_buf(), + next_model.to_string(), + )) + .await + .expect("submit resumed user turn"); + wait_for_event(&resumed.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let requests = request_log.requests(); + assert_eq!(models_mock.requests().len(), 1); + assert_eq!( + requests + .iter() + .map(|request| request.body_json()["model"].as_str().map(str::to_string)) + .collect::>(), + vec![ + Some(previous_model.to_string()), + Some(next_model.to_string()), + ] + ); + assert!(requests.iter().all(|request| { + !body_contains_text(&request.body_json().to_string(), SUMMARIZATION_PROMPT) + })); +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn auto_compact_persists_rollout_entries() { + skip_if_no_network!(); + + let server = start_mock_server().await; + + let sse1 = sse(vec![ + ev_assistant_message("m1", FIRST_REPLY), + ev_completed_with_tokens("r1", /*total_tokens*/ 70_000), + ]); + + let sse2 = sse(vec![ + ev_assistant_message("m2", "SECOND_REPLY"), + ev_completed_with_tokens("r2", /*total_tokens*/ 330_000), + ]); + + let auto_summary_payload = auto_summary(AUTO_SUMMARY_TEXT); + let sse3 = sse(vec![ + ev_assistant_message("m3", &auto_summary_payload), + ev_completed_with_tokens("r3", /*total_tokens*/ 200), + ]); + let sse4 = sse(vec![ + ev_assistant_message("m4", FINAL_REPLY), + ev_completed_with_tokens("r4", /*total_tokens*/ 120), + ]); + + let first_matcher = |req: &wiremock::Request| { + let body = std::str::from_utf8(&req.body).unwrap_or(""); + body.contains(FIRST_AUTO_MSG) + && !body.contains(SECOND_AUTO_MSG) + && !body_contains_text(body, SUMMARIZATION_PROMPT) + }; + mount_sse_once_match(&server, first_matcher, sse1).await; + + let second_matcher = |req: &wiremock::Request| { + let body = std::str::from_utf8(&req.body).unwrap_or(""); + body.contains(SECOND_AUTO_MSG) + && body.contains(FIRST_AUTO_MSG) + && !body_contains_text(body, SUMMARIZATION_PROMPT) + }; mount_sse_once_match(&server, second_matcher, sse2).await; let third_matcher = |req: &wiremock::Request| { @@ -2386,7 +2936,6 @@ async fn auto_compact_persists_rollout_entries() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: FIRST_AUTO_MSG.into(), text_elements: Vec::new(), @@ -2402,7 +2951,6 @@ async fn auto_compact_persists_rollout_entries() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: SECOND_AUTO_MSG.into(), text_elements: Vec::new(), @@ -2418,7 +2966,6 @@ async fn auto_compact_persists_rollout_entries() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: POST_AUTO_USER_MSG.into(), text_elements: Vec::new(), @@ -2508,7 +3055,6 @@ async fn manual_compact_retries_after_context_window_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first turn".into(), text_elements: Vec::new(), @@ -2613,7 +3159,6 @@ async fn manual_compact_non_context_failure_retries_then_emits_task_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first turn".into(), text_elements: Vec::new(), @@ -2709,7 +3254,6 @@ async fn manual_compact_twice_preserves_latest_user_messages() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: first_user_message.into(), text_elements: Vec::new(), @@ -2728,7 +3272,6 @@ async fn manual_compact_twice_preserves_latest_user_messages() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: second_user_message.into(), text_elements: Vec::new(), @@ -2747,7 +3290,6 @@ async fn manual_compact_twice_preserves_latest_user_messages() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: final_user_message.into(), text_elements: Vec::new(), @@ -2959,7 +3501,6 @@ async fn auto_compact_allows_multiple_attempts_when_interleaved_with_other_turn_ for user in [MULTI_AUTO_MSG, follow_up_user, final_user] { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user.into(), text_elements: Vec::new(), @@ -3065,7 +3606,6 @@ async fn snapshot_request_shape_mid_turn_continuation_compaction() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: FUNCTION_CALL_LIMIT_MSG.into(), text_elements: Vec::new(), @@ -3485,6 +4025,7 @@ async fn auto_compact_counts_encrypted_reasoning_before_last_user() { config.chatgpt_base_url = chatgpt_base_url; set_test_compact_prompt(config); config.model_auto_compact_token_limit = Some(300); + let _ = config.features.disable(Feature::RemoteCompactionV2); }) .build(&server) .await @@ -3497,7 +4038,6 @@ async fn auto_compact_counts_encrypted_reasoning_before_last_user() { { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user.into(), text_elements: Vec::new(), @@ -3608,6 +4148,7 @@ async fn auto_compact_runs_when_reasoning_header_clears_between_turns() { .with_config(|config| { set_test_compact_prompt(config); config.model_auto_compact_token_limit = Some(300); + let _ = config.features.disable(Feature::RemoteCompactionV2); }) .build(&server) .await @@ -3617,7 +4158,6 @@ async fn auto_compact_runs_when_reasoning_header_clears_between_turns() { for user in [first_user, second_user, third_user] { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user.into(), text_elements: Vec::new(), @@ -3680,7 +4220,6 @@ async fn snapshot_request_shape_pre_turn_compaction_including_incoming_user_mess for user in ["USER_ONE", "USER_TWO"] { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user.to_string(), text_elements: Vec::new(), @@ -3697,7 +4236,9 @@ async fn snapshot_request_shape_pre_turn_compaction_including_incoming_user_mess core_test_support::submit_thread_settings( &codex, codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(PathBuf::from(PRETURN_CONTEXT_DIFF_CWD)), + environments: Some(local_selections( + test_path_buf(PRETURN_CONTEXT_DIFF_CWD).abs(), + )), ..Default::default() }, ) @@ -3707,7 +4248,6 @@ async fn snapshot_request_shape_pre_turn_compaction_including_incoming_user_mess .to_string(); codex .submit(Op::UserInput { - environments: None, items: vec![ UserInput::Image { image_url: image_url.clone(), @@ -3903,7 +4443,6 @@ async fn snapshot_request_shape_pre_turn_compaction_context_window_exceeded() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3919,7 +4458,6 @@ async fn snapshot_request_shape_pre_turn_compaction_context_window_exceeded() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -3993,7 +4531,6 @@ async fn snapshot_request_shape_manual_compact_without_previous_user_messages() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "AFTER_MANUAL_EMPTY_COMPACT".to_string(), text_elements: Vec::new(), @@ -4025,3 +4562,290 @@ async fn snapshot_request_shape_manual_compact_without_previous_user_messages() ) ); } + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn manual_compaction_keeps_the_creation_time_global_instructions() -> Result<()> { + // Set up an initial turn, a manual compaction response, and a post-compaction turn. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("first-response"), + responses::ev_completed("first-response"), + ]), + responses::sse(vec![ + responses::ev_response_created("compact-response"), + responses::ev_assistant_message("compact-message", "summary"), + responses::ev_completed("compact-response"), + ]), + responses::sse(vec![ + responses::ev_response_created("follow-up-response"), + responses::ev_completed("follow-up-response"), + ]), + ], + ) + .await; + let home = Arc::new(TempDir::new()?); + let source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + OLD_GLOBAL_INSTRUCTIONS, + )?; + let provider = local_compaction_provider(&server); + + // Create the thread with the old global source loaded into its instruction snapshot. + let mut builder = test_codex() + .with_home(Arc::clone(&home)) + .with_config(move |config| { + config.model_provider = provider; + }); + let test = builder.build(&server).await?; + + // Assert the pre-compaction source list points at the creation-time file. + assert_eq!( + test.codex.instruction_sources().await, + vec![source.clone()], + "thread reports the creation-time global source before compaction" + ); + + // Materialize the old snapshot, rewrite the selected file in place, and manually compact. + test.submit_turn("first turn").await?; + let rewritten_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + assert_eq!(source, rewritten_source); + + test.codex.submit(Op::Compact).await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + test.submit_turn("after compact").await?; + + // Assert ordinary and compact turns keep the old rendering even though the reported source + // path now contains new text. + let requests = response_mock.requests(); + assert_eq!(requests.len(), 3); + let expected_fragment = + expected_instruction_fragment(&test.config.cwd, OLD_GLOBAL_INSTRUCTIONS); + assert_single_instruction_fragment(&requests[0], &expected_fragment); + assert_single_instruction_fragment(&requests[1], &expected_fragment); + assert_single_instruction_fragment(&requests[2], &expected_fragment); + assert_eq!( + test.codex.instruction_sources().await, + vec![source], + "thread retains the creation-time global source after compaction" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn mid_turn_compaction_keeps_the_creation_time_global_instructions() -> Result<()> { + // Set up a turn that crosses the auto-compaction limit and a post-compaction response. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_function_call("call-1", "unsupported_tool", "{}"), + responses::ev_completed_with_tokens("first-response", /*total_tokens*/ 96), + ]), + responses::sse(vec![ + responses::ev_assistant_message("compact-message", "summary"), + responses::ev_completed_with_tokens("compact-response", /*total_tokens*/ 10), + ]), + responses::sse(vec![ + responses::ev_assistant_message("final-message", "done"), + responses::ev_completed_with_tokens("follow-up-response", /*total_tokens*/ 10), + ]), + ], + ) + .await; + let home = Arc::new(TempDir::new()?); + let source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + OLD_GLOBAL_INSTRUCTIONS, + )?; + let provider = local_compaction_provider(&server); + + // Create the thread with the old global source loaded into its instruction snapshot. + let mut builder = test_codex() + .with_home(Arc::clone(&home)) + .with_config(move |config| { + config.model_provider = provider; + config.model_context_window = Some(100); + config.model_auto_compact_token_limit = Some(90); + }); + let test = builder.build(&server).await?; + + // Assert the pre-compaction source list points at the creation-time file. + assert_eq!( + test.codex.instruction_sources().await, + vec![source.clone()], + "thread reports the creation-time global source before mid-turn compaction" + ); + + // Add a preferred override before the turn triggers automatic mid-turn compaction. + let new_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_OVERRIDE_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + assert_ne!(source, new_source); + test.submit_turn("trigger mid-turn compaction").await?; + + // Assert the initial, compact, and resumed requests all keep the old snapshot and source. + let requests = response_mock.requests(); + assert_eq!(requests.len(), 3); + let expected_fragment = + expected_instruction_fragment(&test.config.cwd, OLD_GLOBAL_INSTRUCTIONS); + assert_single_instruction_fragment(&requests[0], &expected_fragment); + assert_single_instruction_fragment(&requests[1], &expected_fragment); + assert_single_instruction_fragment(&requests[2], &expected_fragment); + assert_eq!( + test.codex.instruction_sources().await, + vec![source], + "thread retains the creation-time global source after mid-turn compaction" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn remote_v2_compaction_keeps_creation_time_instructions_after_same_path_mutation() +-> Result<()> { + skip_if_no_network!(Ok(())); + + // Set up an ordinary turn, a remote-v2 compact response, and a post-compaction turn. + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("remote-v2-initial-response"), + responses::ev_completed("remote-v2-initial-response"), + ]), + remote_v2_compaction_response(), + responses::sse(vec![ + responses::ev_response_created("remote-v2-follow-up-response"), + responses::ev_completed("remote-v2-follow-up-response"), + ]), + responses::sse(vec![ + responses::ev_response_created("remote-v2-resumed-response"), + responses::ev_completed("remote-v2-resumed-response"), + ]), + ], + ) + .await; + let home = Arc::new(TempDir::new()?); + let source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + OLD_GLOBAL_INSTRUCTIONS, + )?; + let mut builder = test_codex() + .with_home(Arc::clone(&home)) + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_config(|config| { + let _ = config.features.enable(Feature::RemoteCompactionV2); + }); + let test = builder.build(&server).await?; + + // Materialize the old snapshot, rewrite the selected file in place, and compact remotely. + test.submit_turn("before remote v2 compaction").await?; + let rewritten_source = write_global_file( + home.as_ref(), + GLOBAL_AGENTS_FILENAME, + NEW_GLOBAL_INSTRUCTIONS, + )?; + assert_eq!(source, rewritten_source); + test.codex.submit(Op::Compact).await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + test.submit_turn("after remote v2 compaction").await?; + test.codex.flush_rollout().await?; + + // Assert the compact request, installed replacement history, and follow-up all keep the + // creation-time item despite the file-backed source now containing new text. + let requests = response_mock.requests(); + assert_eq!(requests.len(), 3); + let old_fragment = expected_instruction_fragment(&test.config.cwd, OLD_GLOBAL_INSTRUCTIONS); + assert_single_instruction_fragment(&requests[0], &old_fragment); + assert_single_instruction_fragment(&requests[1], &old_fragment); + assert_single_instruction_fragment(&requests[2], &old_fragment); + assert_eq!( + requests[1].input().last(), + Some(&json!({"type": "compaction_trigger"})), + "remote-v2 compact request should append exactly one compaction trigger" + ); + let rollout_path = test.codex.rollout_path().expect("rollout path"); + let replacement_history = replacement_history_from_rollout(&rollout_path)?; + assert_eq!( + instruction_fragments_in_items(&replacement_history), + Vec::::new(), + "remote-v2 replacement history currently omits the global-instruction fragment" + ); + assert_eq!( + test.codex.instruction_sources().await, + vec![source.clone()], + "running thread retains the selected same-path source" + ); + assert_eq!( + fs::read_to_string(source.as_path())?, + NEW_GLOBAL_INSTRUCTIONS, + "the selected source path should contain the rewritten text" + ); + + // Cold-resume the persisted replacement history with freshly loaded same-path configuration. + test.codex.submit(Op::Shutdown).await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::ShutdownComplete) + }) + .await; + let resumed_cwd = test.config.cwd.clone(); + let mut resume_builder = test_codex() + .with_home(Arc::clone(&home)) + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_config(move |config| { + config.cwd = resumed_cwd; + let _ = config.features.enable(Feature::RemoteCompactionV2); + }); + let resumed = resume_builder + .resume(&server, Arc::clone(&home), rollout_path) + .await?; + resumed + .submit_turn("after remote v2 compaction cold resume") + .await?; + + // Modern replacement-history resume replays the persisted checkpoint and its later old-context + // suffix even though the same source path now contains new text. + let requests = response_mock.requests(); + assert_eq!(requests.len(), 4); + assert_single_instruction_fragment(&requests[3], &old_fragment); + let resumed_input = requests[3].input(); + assert_eq!( + resumed_input.get(..replacement_history.len()), + Some(replacement_history.as_slice()), + "remote-v2 cold resume should replay persisted replacement history verbatim" + ); + let post_compact_input = requests[2].input(); + assert_eq!( + resumed_input.get(..post_compact_input.len()), + Some(post_compact_input.as_slice()), + "remote-v2 cold resume should replay the complete post-compaction structured prefix" + ); + assert_eq!( + resumed.codex.instruction_sources().await, + vec![source], + "cold-resumed thread reports the same rewritten source path" + ); + + Ok(()) +} diff --git a/codex-rs/core/tests/suite/compact_remote.rs b/codex-rs/core/tests/suite/compact_remote.rs index ebb78a01760..a63397c5594 100644 --- a/codex-rs/core/tests/suite/compact_remote.rs +++ b/codex-rs/core/tests/suite/compact_remote.rs @@ -1,7 +1,7 @@ #![allow(clippy::expect_used)] +use core_test_support::test_codex::local_selections; use std::fs; -use std::path::PathBuf; use anyhow::Result; use codex_core::compact::SUMMARY_PREFIX; @@ -24,6 +24,7 @@ use codex_protocol::protocol::RealtimeOutputModality; use codex_protocol::protocol::RolloutItem; use codex_protocol::protocol::RolloutLine; use codex_protocol::user_input::UserInput; +use core_test_support::PathBufExt; use core_test_support::apps_test_server::configure_search_capable_model; use core_test_support::context_snapshot; use core_test_support::context_snapshot::ContextSnapshotOptions; @@ -35,7 +36,8 @@ use core_test_support::responses::start_websocket_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodexBuilder; use core_test_support::test_codex::TestCodexHarness; -use core_test_support::test_codex::test_codex; +use core_test_support::test_codex::test_codex as base_test_codex; +use core_test_support::test_path_buf; use core_test_support::wait_for_event; use core_test_support::wait_for_event_match; use core_test_support::wait_for_event_with_timeout; @@ -158,6 +160,12 @@ fn compacted_summary_only_output(summary: &str) -> Vec { }] } +fn test_codex() -> TestCodexBuilder { + base_test_codex().with_config(|config| { + let _ = config.features.disable(Feature::RemoteCompactionV2); + }) +} + fn remote_realtime_test_codex_builder( realtime_server: &responses::WebSocketTestServer, ) -> TestCodexBuilder { @@ -192,10 +200,12 @@ async fn start_remote_realtime_server() -> responses::WebSocketTestServer { async fn start_realtime_conversation(codex: &codex_core::CodexThread) -> Result<()> { codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -323,7 +333,6 @@ async fn remote_compact_replaces_history_for_followups() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello remote compact".into(), text_elements: Vec::new(), @@ -341,7 +350,6 @@ async fn remote_compact_replaces_history_for_followups() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after compact".into(), text_elements: Vec::new(), @@ -378,6 +386,10 @@ async fn remote_compact_replaces_history_for_followups() -> Result<()> { .expect("remote compact request should include turn metadata"), ) .expect("remote compact turn metadata should be valid json"); + assert_eq!( + compact_request.header("x-codex-installation-id").as_deref(), + compact_metadata["installation_id"].as_str() + ); assert!( compact_metadata["turn_id"] .as_str() @@ -584,7 +596,6 @@ async fn assert_remote_manual_compact_request_parity( codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "TURN_ONE_USER".to_string(), text_elements: Vec::new(), @@ -599,7 +610,6 @@ async fn assert_remote_manual_compact_request_parity( codex .submit(Op::UserInput { - environments: None, items: vec![ UserInput::Text { text: "TURN_TWO_PREFIX".to_string(), @@ -620,7 +630,6 @@ async fn assert_remote_manual_compact_request_parity( codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "TURN_THREE_TOOL_USER".to_string(), text_elements: Vec::new(), @@ -635,7 +644,6 @@ async fn assert_remote_manual_compact_request_parity( codex .submit(Op::UserInput { - environments: None, items: vec![ UserInput::Image { image_url, @@ -656,7 +664,6 @@ async fn assert_remote_manual_compact_request_parity( codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "TURN_FIVE_USER".to_string(), text_elements: Vec::new(), @@ -825,7 +832,6 @@ async fn remote_compact_v2_reuses_compaction_trigger_for_followups() -> Result<( codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello remote compact".into(), text_elements: Vec::new(), @@ -843,7 +849,6 @@ async fn remote_compact_v2_reuses_compaction_trigger_for_followups() -> Result<( codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after compact".into(), text_elements: Vec::new(), @@ -882,6 +887,10 @@ async fn remote_compact_v2_reuses_compaction_trigger_for_followups() -> Result<( compact_metadata["window_id"].as_str(), compact_request.header("x-codex-window-id").as_deref() ); + assert_eq!( + compact_request.body_json()["client_metadata"]["x-codex-window-id"].as_str(), + compact_metadata["window_id"].as_str() + ); assert_eq!( compact_metadata["compaction"], json!({ @@ -971,7 +980,6 @@ async fn remote_compact_v2_retries_failures_with_stream_retry_budget() -> Result codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello remote compact".into(), text_elements: Vec::new(), @@ -989,7 +997,6 @@ async fn remote_compact_v2_retries_failures_with_stream_retry_budget() -> Result codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after compact".into(), text_elements: Vec::new(), @@ -1076,7 +1083,6 @@ async fn remote_compact_v2_accepts_additional_output_items_before_compaction() - codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello remote compact".into(), text_elements: Vec::new(), @@ -1094,7 +1100,6 @@ async fn remote_compact_v2_accepts_additional_output_items_before_compaction() - codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after compact".into(), text_elements: Vec::new(), @@ -1182,7 +1187,6 @@ async fn remote_compact_filters_deferred_dynamic_tools() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello remote compact".into(), text_elements: Vec::new(), @@ -1255,7 +1259,6 @@ async fn remote_compact_runs_automatically() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello remote compact".into(), text_elements: Vec::new(), @@ -1393,7 +1396,6 @@ async fn remote_compact_trims_function_call_history_to_fit_context_window() -> R codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: first_user_message.into(), text_elements: Vec::new(), @@ -1408,7 +1410,6 @@ async fn remote_compact_trims_function_call_history_to_fit_context_window() -> R codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: second_user_message.into(), text_elements: Vec::new(), @@ -1523,7 +1524,6 @@ async fn remote_compact_rewrites_multiple_trailing_function_call_outputs() -> Re codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: first_user_message.into(), text_elements: Vec::new(), @@ -1538,7 +1538,6 @@ async fn remote_compact_rewrites_multiple_trailing_function_call_outputs() -> Re codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: second_user_message.into(), text_elements: Vec::new(), @@ -1651,7 +1650,6 @@ async fn auto_remote_compact_trims_function_call_history_to_fit_context_window() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: first_user_message.into(), text_elements: Vec::new(), @@ -1666,7 +1664,6 @@ async fn auto_remote_compact_trims_function_call_history_to_fit_context_window() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: second_user_message.into(), text_elements: Vec::new(), @@ -1687,7 +1684,6 @@ async fn auto_remote_compact_trims_function_call_history_to_fit_context_window() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "turn that triggers auto compact".into(), text_elements: Vec::new(), @@ -1811,7 +1807,6 @@ async fn remote_compact_trims_tool_search_output_to_empty_tools_array() -> Resul codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Find the oversized deferred tool".to_string(), text_elements: Vec::new(), @@ -1892,7 +1887,6 @@ async fn auto_remote_compact_failure_stops_agent_loop() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "turn that exceeds token threshold".into(), text_elements: Vec::new(), @@ -1907,7 +1901,6 @@ async fn auto_remote_compact_failure_stops_agent_loop() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "turn that triggers auto compact".into(), text_elements: Vec::new(), @@ -2002,7 +1995,6 @@ async fn remote_compact_trim_estimate_uses_session_base_instructions() -> Result baseline_codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: first_user_message.into(), text_elements: Vec::new(), @@ -2020,7 +2012,6 @@ async fn remote_compact_trim_estimate_uses_session_base_instructions() -> Result baseline_codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: second_user_message.into(), text_elements: Vec::new(), @@ -2112,7 +2103,6 @@ async fn remote_compact_trim_estimate_uses_session_base_instructions() -> Result override_codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: first_user_message.into(), text_elements: Vec::new(), @@ -2130,7 +2120,6 @@ async fn remote_compact_trim_estimate_uses_session_base_instructions() -> Result override_codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: second_user_message.into(), text_elements: Vec::new(), @@ -2207,7 +2196,6 @@ async fn remote_manual_compact_emits_context_compaction_items() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "manual remote compact".into(), text_elements: Vec::new(), @@ -2289,7 +2277,6 @@ async fn remote_manual_compact_failure_emits_task_error_event() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "manual remote compact".into(), text_elements: Vec::new(), @@ -2374,7 +2361,6 @@ async fn remote_compact_persists_replacement_history_in_rollout() -> Result<()> codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "needs compaction".into(), text_elements: Vec::new(), @@ -2518,7 +2504,6 @@ async fn remote_compact_and_resume_refresh_stale_developer_instructions() -> Res initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "start remote compact flow".into(), text_elements: Vec::new(), @@ -2537,7 +2522,6 @@ async fn remote_compact_and_resume_refresh_stale_developer_instructions() -> Res initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after compact in same session".into(), text_elements: Vec::new(), @@ -2563,7 +2547,6 @@ async fn remote_compact_and_resume_refresh_stale_developer_instructions() -> Res resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after resume".into(), text_elements: Vec::new(), @@ -2660,7 +2643,6 @@ async fn remote_compact_refreshes_stale_developer_instructions_without_resume() test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "start remote compact flow".into(), text_elements: Vec::new(), @@ -2678,7 +2660,6 @@ async fn remote_compact_refreshes_stale_developer_instructions_without_resume() test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after compact in same session".into(), text_elements: Vec::new(), @@ -2751,7 +2732,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_restates_realtime_sta test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -2766,7 +2746,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_restates_realtime_sta test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -2834,7 +2813,6 @@ async fn remote_request_uses_custom_experimental_realtime_start_instructions() - test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -2896,7 +2874,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_restates_realtime_end test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -2913,7 +2890,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_restates_realtime_end test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -2989,7 +2965,6 @@ async fn snapshot_request_shape_remote_manual_compact_restates_realtime_start() test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3007,7 +2982,6 @@ async fn snapshot_request_shape_remote_manual_compact_restates_realtime_start() test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -3091,7 +3065,6 @@ async fn snapshot_request_shape_remote_mid_turn_compaction_does_not_restate_real test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "SETUP_USER".to_string(), text_elements: Vec::new(), @@ -3108,7 +3081,6 @@ async fn snapshot_request_shape_remote_mid_turn_compaction_does_not_restate_real test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -3200,7 +3172,6 @@ async fn snapshot_request_shape_remote_compact_resume_restates_realtime_end() -> initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3231,7 +3202,6 @@ async fn snapshot_request_shape_remote_compact_resume_restates_realtime_end() -> resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -3313,7 +3283,9 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_including_incoming_us core_test_support::submit_thread_settings( &codex, codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(PathBuf::from(PRETURN_CONTEXT_DIFF_CWD)), + environments: Some(local_selections( + test_path_buf(PRETURN_CONTEXT_DIFF_CWD).abs(), + )), ..Default::default() }, ) @@ -3321,7 +3293,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_including_incoming_us } codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user.to_string(), text_elements: Vec::new(), @@ -3409,7 +3380,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_strips_incoming_model codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "BEFORE_SWITCH_USER".to_string(), text_elements: Vec::new(), @@ -3432,7 +3402,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_strips_incoming_model .await?; codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "AFTER_SWITCH_USER".to_string(), text_elements: Vec::new(), @@ -3552,7 +3521,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_context_window_exceed codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3567,7 +3535,6 @@ async fn snapshot_request_shape_remote_pre_turn_compaction_context_window_exceed codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -3653,7 +3620,6 @@ async fn snapshot_request_shape_remote_mid_turn_continuation_compaction() -> Res codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3732,7 +3698,6 @@ async fn snapshot_request_shape_remote_mid_turn_compaction_summary_only_reinject codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3819,7 +3784,6 @@ async fn snapshot_request_shape_remote_mid_turn_compaction_multi_summary_reinjec codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), @@ -3837,7 +3801,6 @@ async fn snapshot_request_shape_remote_mid_turn_compaction_multi_summary_reinjec codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_TWO".to_string(), text_elements: Vec::new(), @@ -3920,7 +3883,6 @@ async fn snapshot_request_shape_remote_manual_compact_without_previous_user_mess codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "USER_ONE".to_string(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/compact_remote_parity.rs b/codex-rs/core/tests/suite/compact_remote_parity.rs index 22678fc46f7..87f771b7432 100644 --- a/codex-rs/core/tests/suite/compact_remote_parity.rs +++ b/codex-rs/core/tests/suite/compact_remote_parity.rs @@ -28,6 +28,7 @@ const FIXED_CWD: &str = "/tmp/codex_remote_compaction_parity_workspace"; const IMAGE_URL: &str = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/x8AAwMCAO+/p9sAAAAASUVORK5CYII="; const SUMMARY: &str = "REMOTE_COMPACTION_PARITY_ENCRYPTED_SUMMARY"; const DUMMY_FUNCTION_NAME: &str = "test_tool"; +const USER_INSTRUCTIONS: &str = "PARITY_USER_INSTRUCTIONS"; #[derive(Clone, Copy, Debug, Eq, PartialEq)] enum Mode { @@ -508,7 +509,12 @@ async fn build_harness_inner( auto_compact_limit: Option, ) -> Result { fs::create_dir_all(FIXED_CWD)?; - let mut builder = test_codex().with_auth(settings.auth.build()); + let mut builder = test_codex() + .with_auth(settings.auth.build()) + .with_pre_build_hook(|home| { + fs::write(home.join("AGENTS.md"), USER_INSTRUCTIONS) + .expect("write global instructions"); + }); if hooks { builder = builder.with_pre_build_hook(write_manual_compact_hooks); } @@ -517,7 +523,6 @@ async fn build_harness_inner( FIXED_CWD, )) .expect("fixed cwd should be absolute"); - config.user_instructions = Some("PARITY_USER_INSTRUCTIONS".to_string()); config.developer_instructions = Some("PARITY_DEVELOPER_INSTRUCTIONS".to_string()); if settings.service_tier_fast { config.service_tier = Some(ServiceTier::Fast.request_value().to_string()); @@ -526,8 +531,8 @@ async fn build_harness_inner( if hooks { trust_discovered_hooks(config); } - if mode == Mode::V2 { - let _ = config.features.enable(Feature::RemoteCompactionV2); + if mode == Mode::Legacy { + let _ = config.features.disable(Feature::RemoteCompactionV2); } })) .await @@ -602,7 +607,6 @@ async fn capture_from_requests( async fn submit_user_input(codex: &codex_core::CodexThread, items: Vec) -> Result<()> { codex .submit(Op::UserInput { - environments: None, items, final_output_json_schema: None, responsesapi_client_metadata: None, diff --git a/codex-rs/core/tests/suite/compact_resume_fork.rs b/codex-rs/core/tests/suite/compact_resume_fork.rs index 54056b5b9db..06ef8f62a1a 100644 --- a/codex-rs/core/tests/suite/compact_resume_fork.rs +++ b/codex-rs/core/tests/suite/compact_resume_fork.rs @@ -34,6 +34,7 @@ use core_test_support::responses::ev_response_created; use core_test_support::responses::mount_sse_once_match; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use pretty_assertions::assert_eq; @@ -551,7 +552,7 @@ async fn snapshot_rollback_followup_turn_trims_context_updates() -> Result<()> { core_test_support::submit_thread_settings( &conversation, codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(override_cwd.to_path_buf()), + environments: Some(local_selections(override_cwd.clone())), collaboration_mode: Some(CollaborationMode { mode: ModeKind::Default, settings: Settings { @@ -774,7 +775,6 @@ async fn start_test_conversation( async fn user_turn(conversation: &Arc, text: &str) { conversation .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: text.into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/exec_policy.rs b/codex-rs/core/tests/suite/exec_policy.rs index 9e350d27730..e0d198771d2 100644 --- a/codex-rs/core/tests/suite/exec_policy.rs +++ b/codex-rs/core/tests/suite/exec_policy.rs @@ -17,6 +17,7 @@ use core_test_support::responses::ev_response_created; use core_test_support::responses::mount_sse_once; use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -51,12 +52,11 @@ async fn submit_user_turn( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -87,6 +87,77 @@ fn assert_no_matched_rules_invariant(output_item: &Value) { ); } +#[cfg(windows)] +#[tokio::test] +async fn unified_exec_disabled_windows_sandbox_rejects_managed_read_only_command() -> Result<()> { + let server = start_mock_server().await; + let mut builder = test_codex().with_config(|config| { + config + .features + .enable(Feature::UnifiedExec) + .expect("test config should allow feature update"); + config + .features + .disable(Feature::WindowsSandbox) + .expect("test config should allow feature update"); + config + .features + .disable(Feature::WindowsSandboxElevated) + .expect("test config should allow feature update"); + config.set_windows_sandbox_enabled(false); + config.set_windows_elevated_sandbox_enabled(false); + }); + let test = builder.build(&server).await?; + let call_id = "unified-exec-disabled-windows-sandbox-read-only"; + let args = json!({ + "cmd": "cmd.exe /c dir", + "yield_time_ms": 1_000, + }); + + mount_sse_once( + &server, + sse(vec![ + ev_response_created("resp-disabled-windows-sandbox-1"), + ev_function_call(call_id, "exec_command", &serde_json::to_string(&args)?), + ev_completed("resp-disabled-windows-sandbox-1"), + ]), + ) + .await; + let results_mock = mount_sse_once( + &server, + sse(vec![ + ev_assistant_message("msg-disabled-windows-sandbox-1", "done"), + ev_completed("resp-disabled-windows-sandbox-2"), + ]), + ) + .await; + + submit_user_turn( + &test, + "run unified exec with disabled Windows sandbox", + AskForApproval::Never, + PermissionProfile::read_only(), + None, + ) + .await?; + + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let output_item = results_mock.single_request().function_call_output(call_id); + let Some(output) = output_item.get("output").and_then(Value::as_str) else { + panic!("function_call_output should include string output payload: {output_item:?}"); + }; + assert!( + output.contains("cmd.exe /c dir") && output.contains("rejected: blocked by policy"), + "unexpected output: {output}", + ); + + Ok(()) +} + #[tokio::test] async fn execpolicy_blocks_shell_invocation() -> Result<()> { let mut builder = test_codex().with_config(|config| { @@ -139,12 +210,11 @@ async fn execpolicy_blocks_shell_invocation() -> Result<()> { text: "run shell command".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/extension_sandbox.rs b/codex-rs/core/tests/suite/extension_sandbox.rs new file mode 100644 index 00000000000..e4c01557dee --- /dev/null +++ b/codex-rs/core/tests/suite/extension_sandbox.rs @@ -0,0 +1,305 @@ +use std::sync::Arc; + +use anyhow::Context; +use anyhow::Result; +use codex_core::config::Config; +use codex_core::config::Constrained; +use codex_extension_api::ExtensionRegistry; +use codex_extension_api::ExtensionRegistryBuilder; +use codex_features::Feature; +use codex_image_generation_extension::install as install_image_generation_extension; +use codex_login::CodexAuth; +use codex_protocol::config_types::ApprovalsReviewer; +use codex_protocol::config_types::WebSearchMode; +use codex_protocol::models::FileSystemPermissions; +use codex_protocol::models::PermissionProfile; +use codex_protocol::openai_models::InputModality; +use codex_protocol::permissions::FileSystemAccessMode; +use codex_protocol::permissions::FileSystemPath; +use codex_protocol::permissions::FileSystemSandboxEntry; +use codex_protocol::permissions::FileSystemSandboxPolicy; +use codex_protocol::permissions::NetworkSandboxPolicy; +use codex_protocol::protocol::AskForApproval; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::Op; +use codex_protocol::request_permissions::PermissionGrantScope; +use codex_protocol::request_permissions::RequestPermissionProfile; +use codex_protocol::request_permissions::RequestPermissionsResponse; +use codex_protocol::user_input::UserInput; +use core_test_support::responses; +use core_test_support::skip_if_no_network; +use core_test_support::skip_if_sandbox; +use core_test_support::test_codex::local_selections; +use core_test_support::test_codex::test_codex; +use core_test_support::test_codex::turn_permission_fields; +use core_test_support::wait_for_event; +use pretty_assertions::assert_eq; +use serde_json::json; +use wiremock::Mock; +use wiremock::ResponseTemplate; +use wiremock::matchers::method; +use wiremock::matchers::path; + +const TINY_PNG_BYTES: &[u8] = &[ + 137, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82, 0, 0, 0, 1, 0, 0, 0, 1, 8, 6, 0, + 0, 0, 31, 21, 196, 137, 0, 0, 0, 11, 73, 68, 65, 84, 120, 156, 99, 96, 0, 2, 0, 0, 5, 0, 1, + 122, 94, 171, 63, 0, 0, 0, 0, 73, 69, 78, 68, 174, 66, 96, 130, +]; + +fn image_generation_extensions(auth: &CodexAuth) -> Arc> { + let auth_manager = codex_core::test_support::auth_manager_from_auth(auth.clone()); + let mut extension_builder = ExtensionRegistryBuilder::::new(); + install_image_generation_extension(&mut extension_builder, auth_manager); + Arc::new(extension_builder.build()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn extension_tool_receives_turn_environment_sandbox() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let extensions = image_generation_extensions(&auth); + let mut builder = test_codex() + .with_auth(auth) + .with_extensions(extensions) + .with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + model_info.input_modalities = vec![InputModality::Text, InputModality::Image]; + }) + .with_config(|config| { + assert!(config.web_search_mode.set(WebSearchMode::Live).is_ok()); + assert!(config.features.enable(Feature::ImageGeneration).is_ok()); + assert!(config.features.disable(Feature::ImageGenExt).is_ok()); + }); + let test = builder.build(&server).await?; + let denied_path = test.config.cwd.join("denied.png"); + std::fs::write(&denied_path, b"not readable")?; + + let call_id = "image-edit-denied"; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_function_call_with_namespace( + call_id, + "image_gen", + "imagegen", + &json!({ + "prompt": "edit the image", + "referenced_image_paths": [denied_path.display().to_string()], + }) + .to_string(), + ), + responses::ev_completed("resp-1"), + ]), + responses::sse(vec![ + responses::ev_response_created("resp-2"), + responses::ev_assistant_message("msg-1", "done"), + responses::ev_completed("resp-2"), + ]), + ], + ) + .await; + + let mut file_system_sandbox_policy = FileSystemSandboxPolicy::default(); + file_system_sandbox_policy + .entries + .push(FileSystemSandboxEntry { + path: FileSystemPath::Path { + path: denied_path.clone(), + }, + access: FileSystemAccessMode::Deny, + }); + let permission_profile = PermissionProfile::from_runtime_permissions( + &file_system_sandbox_policy, + NetworkSandboxPolicy::Restricted, + ); + + test.submit_turn_with_permission_profile("edit the denied image", permission_profile) + .await?; + + let request = response_mock + .last_request() + .context("missing request containing extension output")?; + let output = request + .function_call_output_content_and_success(call_id) + .and_then(|(content, _)| content) + .context("extension error text should be present")?; + assert!( + output.starts_with(&format!( + "unable to read referenced image at `{}`:", + denied_path.display() + )), + "unexpected extension error: {output}" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn extension_tool_uses_granted_turn_permissions() -> Result<()> { + skip_if_no_network!(Ok(())); + skip_if_sandbox!(Ok(())); + + let server = responses::start_mock_server().await; + Mock::given(method("POST")) + .and(path("/v1/images/edits")) + .respond_with(ResponseTemplate::new(200).set_body_json(json!({ + "created": 1, + "data": [{"b64_json": "cG5n"}], + }))) + .expect(1) + .mount(&server) + .await; + + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let extensions = image_generation_extensions(&auth); + let base_permission_profile = PermissionProfile::workspace_write_with( + &[], + NetworkSandboxPolicy::Restricted, + /*exclude_tmpdir_env_var*/ true, + /*exclude_slash_tmp*/ true, + ); + let permission_profile_for_config = base_permission_profile.clone(); + let mut builder = test_codex() + .with_auth(auth) + .with_extensions(extensions) + .with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + model_info.input_modalities = vec![InputModality::Text, InputModality::Image]; + }) + .with_config(move |config| { + config.permissions.approval_policy = Constrained::allow_any(AskForApproval::OnRequest); + config + .permissions + .set_permission_profile(permission_profile_for_config) + .expect("set permission profile"); + assert!(config.web_search_mode.set(WebSearchMode::Live).is_ok()); + assert!(config.features.enable(Feature::ImageGeneration).is_ok()); + assert!(config.features.disable(Feature::ImageGenExt).is_ok()); + assert!( + config + .features + .enable(Feature::RequestPermissionsTool) + .is_ok() + ); + }); + let test = builder.build(&server).await?; + + let image_dir = tempfile::tempdir()?; + let image_path = image_dir.path().canonicalize()?.join("granted.png"); + std::fs::write(&image_path, TINY_PNG_BYTES)?; + let requested_permissions = RequestPermissionProfile { + file_system: Some(FileSystemPermissions::from_read_write_roots( + Some(vec![image_dir.path().canonicalize()?.try_into()?]), + Some(Vec::new()), + )), + ..RequestPermissionProfile::default() + }; + let permissions_call_id = "permissions-call"; + let image_call_id = "image-edit-granted"; + let response_mock = responses::mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_function_call( + permissions_call_id, + "request_permissions", + &serde_json::to_string(&json!({ + "reason": "Read an image outside the workspace", + "permissions": requested_permissions, + }))?, + ), + responses::ev_completed("resp-1"), + ]), + responses::sse(vec![ + responses::ev_response_created("resp-2"), + responses::ev_function_call_with_namespace( + image_call_id, + "image_gen", + "imagegen", + &json!({ + "prompt": "edit the image", + "referenced_image_paths": [image_path.display().to_string()], + }) + .to_string(), + ), + responses::ev_completed("resp-2"), + ]), + responses::sse(vec![ + responses::ev_response_created("resp-3"), + responses::ev_assistant_message("msg-1", "done"), + responses::ev_completed("resp-3"), + ]), + ], + ) + .await; + + let (sandbox_policy, permission_profile) = + turn_permission_fields(base_permission_profile, test.config.cwd.as_path()); + test.codex + .submit(Op::UserInput { + items: vec![UserInput::Text { + text: "request access and edit the image".to_string(), + text_elements: Vec::new(), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { + environments: Some(local_selections(test.config.cwd.clone())), + approval_policy: Some(AskForApproval::OnRequest), + approvals_reviewer: Some(ApprovalsReviewer::User), + sandbox_policy: Some(sandbox_policy), + permission_profile, + collaboration_mode: Some(codex_protocol::config_types::CollaborationMode { + mode: codex_protocol::config_types::ModeKind::Default, + settings: codex_protocol::config_types::Settings { + model: test.session_configured.model.clone(), + reasoning_effort: None, + developer_instructions: None, + }, + }), + ..Default::default() + }, + }) + .await?; + let event = wait_for_event(&test.codex, |event| { + matches!( + event, + EventMsg::RequestPermissions(_) | EventMsg::TurnComplete(_) + ) + }) + .await; + let EventMsg::RequestPermissions(request) = event else { + panic!("expected request_permissions before turn completion"); + }; + assert_eq!(request.call_id, permissions_call_id); + test.codex + .submit(Op::RequestPermissionsResponse { + id: permissions_call_id.to_string(), + response: RequestPermissionsResponse { + permissions: request.permissions, + scope: PermissionGrantScope::Turn, + strict_auto_review: false, + }, + }) + .await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let request = response_mock + .last_request() + .context("missing request containing extension output")?; + let output = request.function_call_output(image_call_id); + let image = &output["output"][0]; + assert_eq!(image["type"], "input_image"); + assert_eq!(image["image_url"], "data:image/png;base64,cG5n"); + + Ok(()) +} diff --git a/codex-rs/core/tests/suite/fork_thread.rs b/codex-rs/core/tests/suite/fork_thread.rs index a1eb7eba328..b4898ea8274 100644 --- a/codex-rs/core/tests/suite/fork_thread.rs +++ b/codex-rs/core/tests/suite/fork_thread.rs @@ -50,7 +50,6 @@ async fn fork_thread_twice_drops_to_first_message() { for text in ["first", "second", "third"] { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: text.to_string(), text_elements: Vec::new(), @@ -173,7 +172,6 @@ async fn fork_thread_from_history_does_not_require_source_rollout_path() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "fork me from stored history".to_string(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/guardian_review.rs b/codex-rs/core/tests/suite/guardian_review.rs index df38fb43539..ae87350c397 100644 --- a/codex-rs/core/tests/suite/guardian_review.rs +++ b/codex-rs/core/tests/suite/guardian_review.rs @@ -19,6 +19,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::skip_if_sandbox; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use pretty_assertions::assert_eq; @@ -111,7 +112,6 @@ printf '%s\n' "${@: -1}" >> "${payload_path}""#, test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "run a command that requires Guardian review".into(), text_elements: Vec::new(), @@ -120,7 +120,7 @@ printf '%s\n' "${@: -1}" >> "${payload_path}""#, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer: Some(ApprovalsReviewer::AutoReview), sandbox_policy: Some(sandbox_policy), diff --git a/codex-rs/core/tests/suite/hierarchical_agents.rs b/codex-rs/core/tests/suite/hierarchical_agents.rs index 751807623b8..276fd235f9c 100644 --- a/codex-rs/core/tests/suite/hierarchical_agents.rs +++ b/codex-rs/core/tests/suite/hierarchical_agents.rs @@ -1,4 +1,5 @@ use codex_features::Feature; +use codex_utils_path_uri::PathUri; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_response_created; use core_test_support::responses::mount_sse_once; @@ -27,7 +28,8 @@ async fn hierarchical_agents_appends_to_project_doc_in_user_instructions() { }) .with_workspace_setup(|cwd, fs| async move { let agents_md = cwd.join("AGENTS.md"); - fs.write_file(&agents_md, b"be nice".to_vec(), /*sandbox*/ None) + let agents_md_uri = PathUri::from_path(&agents_md)?; + fs.write_file(&agents_md_uri, b"be nice".to_vec(), /*sandbox*/ None) .await?; Ok::<(), anyhow::Error>(()) }); diff --git a/codex-rs/core/tests/suite/hooks.rs b/codex-rs/core/tests/suite/hooks.rs index 5813508e7af..31e54c5e7b2 100644 --- a/codex-rs/core/tests/suite/hooks.rs +++ b/codex-rs/core/tests/suite/hooks.rs @@ -34,7 +34,6 @@ use core_test_support::responses::ev_function_call; use core_test_support::responses::ev_message_item_added; use core_test_support::responses::ev_output_text_delta; use core_test_support::responses::ev_response_created; -use core_test_support::responses::mount_compact_json_once; use core_test_support::responses::mount_sse_once; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; @@ -1441,21 +1440,32 @@ async fn resumed_thread_runs_resume_then_compact_session_start_hooks() -> Result let remote_summary = "remote compact summary"; let resume_context = "remember the resumed reef"; let compact_context = "remember the compacted reef"; - let compacted_history = vec![ - ResponseItem::Message { - id: None, - role: "assistant".to_string(), - content: vec![ContentItem::OutputText { - text: remote_summary.to_string(), - }], - phase: None, - }, - ResponseItem::Compaction { - encrypted_content: "encrypted compact summary".to_string(), - }, - ]; - let compact_mock = - mount_compact_json_once(&server, serde_json::json!({ "output": compacted_history })).await; + let responses_mock = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_assistant_message("msg-1", "hello before resume"), + ev_completed_with_tokens("resp-1", over_limit_tokens), + ]), + sse(vec![ + serde_json::json!({ + "type": "response.output_item.done", + "item": { + "type": "compaction", + "encrypted_content": remote_summary, + } + }), + ev_completed("resp-compact"), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_assistant_message("msg-2", "hello after resume"), + ev_completed("resp-2"), + ]), + ], + ) + .await; let mut builder = test_codex() .with_pre_build_hook(move |home| { @@ -1479,37 +1489,19 @@ async fn resumed_thread_runs_resume_then_compact_session_start_hooks() -> Result .clone() .context("rollout path")?; - mount_sse_once( - &server, - sse(vec![ - ev_response_created("resp-1"), - ev_assistant_message("msg-1", "hello before resume"), - ev_completed_with_tokens("resp-1", over_limit_tokens), - ]), - ) - .await; initial.submit_turn("hello before resume").await?; - assert!(compact_mock.requests().is_empty()); + assert_eq!(responses_mock.requests().len(), 1); let mut resume_builder = test_codex().with_config(move |config| { config.model_auto_compact_token_limit = Some(limit); trust_discovered_hooks(config); }); let resumed = resume_builder.resume(&server, home, rollout_path).await?; - let follow_up = mount_sse_once( - &server, - sse(vec![ - ev_response_created("resp-2"), - ev_assistant_message("msg-2", "hello after resume"), - ev_completed("resp-2"), - ]), - ) - .await; - resumed.submit_turn("hello after resume").await?; - assert_eq!(compact_mock.requests().len(), 1); - let developer_messages = follow_up.single_request().message_input_texts("developer"); + let requests = responses_mock.requests(); + assert_eq!(requests.len(), 3); + let developer_messages = requests[2].message_input_texts("developer"); assert!( developer_messages .iter() @@ -1843,7 +1835,6 @@ async fn blocked_queued_prompt_does_not_strand_earlier_accepted_prompt() -> Resu test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "initial prompt".to_string(), text_elements: Vec::new(), @@ -1863,7 +1854,6 @@ async fn blocked_queued_prompt_does_not_strand_earlier_accepted_prompt() -> Resu for text in ["accepted queued prompt", "blocked queued prompt"] { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: text.to_string(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/image_rollout.rs b/codex-rs/core/tests/suite/image_rollout.rs index 7018274510e..199a7d1db6f 100644 --- a/codex-rs/core/tests/suite/image_rollout.rs +++ b/codex-rs/core/tests/suite/image_rollout.rs @@ -9,6 +9,7 @@ use codex_protocol::protocol::Op; use codex_protocol::protocol::RolloutItem; use codex_protocol::protocol::RolloutLine; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::responses; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; @@ -17,6 +18,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -124,12 +126,11 @@ async fn copy_paste_local_image_persists_rollout_request_shape() -> anyhow::Resu text_elements: Vec::new(), }, ], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -223,12 +224,11 @@ async fn drag_drop_image_persists_rollout_request_shape() -> anyhow::Result<()> text_elements: Vec::new(), }, ], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/items.rs b/codex-rs/core/tests/suite/items.rs index a56b2ab95f5..a39a2b5e059 100644 --- a/codex-rs/core/tests/suite/items.rs +++ b/codex-rs/core/tests/suite/items.rs @@ -17,6 +17,7 @@ use codex_protocol::user_input::ByteRange; use codex_protocol::user_input::TextElement; use codex_protocol::user_input::UserInput; use codex_utils_absolute_path::AbsolutePathBuf; +use core_test_support::PathBufExt; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_image_generation_call; @@ -34,6 +35,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -47,7 +49,7 @@ fn disabled_plan_turn( _model: String, collaboration_mode: CollaborationMode, ) -> anyhow::Result { - let cwd = std::env::current_dir()?; + let cwd = std::env::current_dir()?.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); Ok(Op::UserInput { @@ -55,12 +57,11 @@ fn disabled_plan_turn( text: text.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -116,7 +117,6 @@ async fn user_message_item_is_emitted() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![expected_input.clone()], final_output_json_schema: None, responsesapi_client_metadata: None, @@ -173,7 +173,6 @@ async fn assistant_message_item_is_emitted() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "please summarize results".into(), text_elements: Vec::new(), @@ -235,7 +234,6 @@ async fn reasoning_item_is_emitted() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "explain your reasoning".into(), text_elements: Vec::new(), @@ -298,7 +296,6 @@ async fn web_search_item_is_emitted() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "find the weather".into(), text_elements: Vec::new(), @@ -379,7 +376,6 @@ async fn image_generation_call_event_is_emitted() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "generate a tiny blue square".into(), text_elements: Vec::new(), @@ -467,7 +463,6 @@ async fn image_generation_call_event_is_emitted_when_image_save_fails() -> anyho codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "generate an image".into(), text_elements: Vec::new(), @@ -524,7 +519,6 @@ async fn agent_message_content_delta_has_item_metadata() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "please stream text".into(), text_elements: Vec::new(), @@ -1109,7 +1103,6 @@ async fn reasoning_content_delta_has_item_metadata() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "reason through it".into(), text_elements: Vec::new(), @@ -1165,7 +1158,6 @@ async fn reasoning_raw_content_delta_respects_flag() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "show raw reasoning".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/json_result.rs b/codex-rs/core/tests/suite/json_result.rs index 67275d31468..c9a855e6af7 100644 --- a/codex-rs/core/tests/suite/json_result.rs +++ b/codex-rs/core/tests/suite/json_result.rs @@ -8,6 +8,7 @@ use codex_protocol::user_input::UserInput; use core_test_support::responses; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -69,9 +70,10 @@ async fn codex_returns_json_result(model: String) -> anyhow::Result<()> { }; responses::mount_sse_once_match(&server, match_json_text_param, sse1).await; - let TestCodex { codex, cwd, .. } = test_codex().build(&server).await?; + let TestCodex { codex, config, .. } = test_codex().build(&server).await?; + let cwd = config.cwd.clone(); let (sandbox_policy, permission_profile) = - turn_permission_fields(PermissionProfile::Disabled, cwd.path()); + turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); // 1) Normal user input – should hit server once. codex @@ -80,12 +82,11 @@ async fn codex_returns_json_result(model: String) -> anyhow::Result<()> { text: "hello world".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: Some(serde_json::from_str(SCHEMA)?), responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/mcp_turn_metadata.rs b/codex-rs/core/tests/suite/mcp_turn_metadata.rs index 897d8621628..49d3c0f2a6f 100644 --- a/codex-rs/core/tests/suite/mcp_turn_metadata.rs +++ b/codex-rs/core/tests/suite/mcp_turn_metadata.rs @@ -32,6 +32,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; use core_test_support::wait_for_event_match; @@ -73,12 +74,11 @@ async fn submit_user_turn( text: text.to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/mod.rs b/codex-rs/core/tests/suite/mod.rs index 1e4a5f9501e..87dc0ffce3d 100644 --- a/codex-rs/core/tests/suite/mod.rs +++ b/codex-rs/core/tests/suite/mod.rs @@ -30,6 +30,7 @@ pub static CODEX_ALIASES_TEMP_DIR: Option = { #[cfg(not(target_os = "windows"))] mod abort_tasks; mod additional_context; +mod agent_execution; mod agent_jobs; mod agent_websocket; mod agents_md; @@ -50,6 +51,8 @@ mod compact_resume_fork; mod deprecation_notice; mod exec; mod exec_policy; +#[cfg(not(target_os = "windows"))] +mod extension_sandbox; mod fork_thread; #[cfg(not(target_os = "windows"))] mod guardian_review; @@ -91,6 +94,7 @@ mod request_permissions_tool; mod request_plugin_install; mod request_user_input; mod responses_api_proxy_headers; +mod responses_lite; mod resume; mod resume_warning; mod review; @@ -108,12 +112,15 @@ mod sqlite_state; mod stream_error_allows_next_turn; mod stream_no_completed; mod subagent_notifications; +mod token_budget; mod tool_harness; mod tool_parallelism; mod tools; mod truncation; mod turn_state; mod unified_exec; +#[cfg(unix)] +mod unified_exec_zsh_fork_approvals; mod unstable_features_warning; mod user_notification; mod user_shell_cmd; diff --git a/codex-rs/core/tests/suite/model_runtime_selectors.rs b/codex-rs/core/tests/suite/model_runtime_selectors.rs index 15ed519af7b..38c95394ea6 100644 --- a/codex-rs/core/tests/suite/model_runtime_selectors.rs +++ b/codex-rs/core/tests/suite/model_runtime_selectors.rs @@ -127,7 +127,6 @@ async fn response_body_for_remote_model( text: "list tools".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -277,7 +276,6 @@ async fn remote_multi_agent_selector_uses_model_selected_before_first_turn() -> text: ROOT_PROMPT.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), diff --git a/codex-rs/core/tests/suite/model_switching.rs b/codex-rs/core/tests/suite/model_switching.rs index b76a3522ec5..22363eabea3 100644 --- a/codex-rs/core/tests/suite/model_switching.rs +++ b/codex-rs/core/tests/suite/model_switching.rs @@ -32,6 +32,7 @@ use core_test_support::responses::sse_completed; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -45,12 +46,11 @@ fn read_only_user_turn(test: &TestCodex, items: Vec, model: String) - turn_permission_fields(PermissionProfile::read_only(), test.cwd_path()); Op::UserInput { items, - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -58,7 +58,7 @@ fn read_only_user_turn(test: &TestCodex, items: Vec, model: String) - mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model, - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -112,6 +112,7 @@ fn test_model_info( input_modalities, used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -135,6 +136,7 @@ fn test_model_info( context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), } @@ -932,6 +934,7 @@ async fn model_switch_to_smaller_model_updates_token_context_window() -> Result< input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -955,6 +958,7 @@ async fn model_switch_to_smaller_model_updates_token_context_window() -> Result< context_window: Some(large_context_window), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent, experimental_supported_tools: Vec::new(), }; diff --git a/codex-rs/core/tests/suite/model_visible_layout.rs b/codex-rs/core/tests/suite/model_visible_layout.rs index e02e1ffaefe..16234621829 100644 --- a/codex-rs/core/tests/suite/model_visible_layout.rs +++ b/codex-rs/core/tests/suite/model_visible_layout.rs @@ -1,5 +1,6 @@ #![allow(clippy::expect_used)] +use core_test_support::test_codex::local_selections; use std::fs; use std::sync::Arc; @@ -11,6 +12,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use core_test_support::PathBufExt; use core_test_support::context_snapshot; use core_test_support::context_snapshot::ContextSnapshotOptions; use core_test_support::context_snapshot::ContextSnapshotRenderMode; @@ -112,7 +114,8 @@ async fn snapshot_model_visible_layout_turn_overrides() -> Result<()> { let test = builder.build(&server).await?; let preturn_context_diff_cwd = test.cwd_path().join(PRETURN_CONTEXT_DIFF_CWD); fs::create_dir_all(&preturn_context_diff_cwd)?; - let first_turn_cwd = test.cwd_path().to_path_buf(); + let preturn_context_diff_cwd = preturn_context_diff_cwd.abs(); + let first_turn_cwd = test.config.cwd.clone(); let (first_sandbox_policy, first_permission_profile) = turn_permission_fields(PermissionProfile::read_only(), first_turn_cwd.as_path()); @@ -122,12 +125,11 @@ async fn snapshot_model_visible_layout_turn_overrides() -> Result<()> { text: "first turn".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(first_turn_cwd), + environments: Some(local_selections(first_turn_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(first_sandbox_policy), permission_profile: first_permission_profile, @@ -135,7 +137,7 @@ async fn snapshot_model_visible_layout_turn_overrides() -> Result<()> { mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: test.session_configured.model.clone(), - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -158,12 +160,11 @@ async fn snapshot_model_visible_layout_turn_overrides() -> Result<()> { text: "second turn with context updates".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(preturn_context_diff_cwd), + environments: Some(local_selections(preturn_context_diff_cwd)), approval_policy: Some(AskForApproval::OnRequest), sandbox_policy: Some(second_sandbox_policy), permission_profile: second_permission_profile, @@ -172,7 +173,7 @@ async fn snapshot_model_visible_layout_turn_overrides() -> Result<()> { mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: test.session_configured.model.clone(), - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -239,6 +240,8 @@ async fn snapshot_model_visible_layout_cwd_change_does_not_refresh_agents() -> R cwd_two.join("AGENTS.md"), "# AGENTS two\n\n\nTurn two agents instructions.\n\n", )?; + let cwd_one = cwd_one.abs(); + let cwd_two = cwd_two.abs(); let (first_sandbox_policy, first_permission_profile) = turn_permission_fields(PermissionProfile::read_only(), cwd_one.as_path()); @@ -248,12 +251,11 @@ async fn snapshot_model_visible_layout_cwd_change_does_not_refresh_agents() -> R text: "first turn in agents_one".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_one.clone()), + environments: Some(local_selections(cwd_one.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(first_sandbox_policy), permission_profile: first_permission_profile, @@ -261,7 +263,7 @@ async fn snapshot_model_visible_layout_cwd_change_does_not_refresh_agents() -> R mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: test.session_configured.model.clone(), - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -282,12 +284,11 @@ async fn snapshot_model_visible_layout_cwd_change_does_not_refresh_agents() -> R text: "second turn in agents_two".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_two), + environments: Some(local_selections(cwd_two)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(second_sandbox_policy), permission_profile: second_permission_profile, @@ -295,7 +296,7 @@ async fn snapshot_model_visible_layout_cwd_change_does_not_refresh_agents() -> R mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: test.session_configured.model.clone(), - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -362,7 +363,6 @@ async fn snapshot_model_visible_layout_resume_with_personality_change() -> Resul .await; codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "seed resume history".into(), text_elements: Vec::new(), @@ -397,6 +397,7 @@ async fn snapshot_model_visible_layout_resume_with_personality_change() -> Resul let resumed = resume_builder.resume(&server, home, rollout_path).await?; let resume_override_cwd = resumed.cwd_path().join(PRETURN_CONTEXT_DIFF_CWD); fs::create_dir_all(&resume_override_cwd)?; + let resume_override_cwd = resume_override_cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields( PermissionProfile::read_only(), resume_override_cwd.as_path(), @@ -408,12 +409,11 @@ async fn snapshot_model_visible_layout_resume_with_personality_change() -> Resul text: "resume and change personality".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(resume_override_cwd), + environments: Some(local_selections(resume_override_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -422,7 +422,7 @@ async fn snapshot_model_visible_layout_resume_with_personality_change() -> Resul mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: resumed.session_configured.model.clone(), - reasoning_effort: resumed.config.model_reasoning_effort, + reasoning_effort: resumed.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -478,7 +478,6 @@ async fn snapshot_model_visible_layout_resume_override_matches_rollout_model() - .await; codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "seed resume history".into(), text_elements: Vec::new(), @@ -508,10 +507,11 @@ async fn snapshot_model_visible_layout_resume_override_matches_rollout_model() - let resumed = resume_builder.resume(&server, home, rollout_path).await?; let resume_override_cwd = resumed.cwd_path().join(PRETURN_CONTEXT_DIFF_CWD); fs::create_dir_all(&resume_override_cwd)?; + let resume_override_cwd = resume_override_cwd.abs(); core_test_support::submit_thread_settings( &resumed.codex, codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(resume_override_cwd), + environments: Some(local_selections(resume_override_cwd)), model: Some("gpt-5.2".to_string()), ..Default::default() }, @@ -520,7 +520,6 @@ async fn snapshot_model_visible_layout_resume_override_matches_rollout_model() - resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first resumed turn after model override".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/models_cache_ttl.rs b/codex-rs/core/tests/suite/models_cache_ttl.rs index 34fc98b59f9..5103f821238 100644 --- a/codex-rs/core/tests/suite/models_cache_ttl.rs +++ b/codex-rs/core/tests/suite/models_cache_ttl.rs @@ -1,3 +1,4 @@ +use core_test_support::test_codex::local_selections; use std::path::Path; use std::sync::Arc; @@ -97,12 +98,11 @@ async fn renews_cache_ttl_on_matching_models_etag() -> Result<()> { text: "hi".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(codex_protocol::protocol::AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -365,11 +365,13 @@ fn test_remote_model(slug: &str, priority: i32) -> ModelInfo { context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/core/tests/suite/models_etag_responses.rs b/codex-rs/core/tests/suite/models_etag_responses.rs index cbd73fffe9c..8b2e9f35b17 100644 --- a/codex-rs/core/tests/suite/models_etag_responses.rs +++ b/codex-rs/core/tests/suite/models_etag_responses.rs @@ -1,5 +1,6 @@ #![cfg(not(target_os = "windows"))] +use core_test_support::test_codex::local_selections; use std::sync::Arc; use std::time::Duration; @@ -12,6 +13,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::responses; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; @@ -62,7 +64,7 @@ async fn refresh_models_on_models_etag_mismatch_and_avoid_duplicate_models_fetch let codex = Arc::clone(&test.codex); let cwd = Arc::clone(&test.cwd); let session_model = test.session_configured.model.clone(); - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); @@ -109,12 +111,11 @@ async fn refresh_models_on_models_etag_mismatch_and_avoid_duplicate_models_fetch text: "please run a tool".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/otel.rs b/codex-rs/core/tests/suite/otel.rs index 7f5fa260cd6..95811d3f63b 100644 --- a/codex-rs/core/tests/suite/otel.rs +++ b/codex-rs/core/tests/suite/otel.rs @@ -1,11 +1,15 @@ use codex_core::config::Constrained; use codex_features::Feature; +use codex_otel::SessionTelemetry; +use codex_otel::TelemetryAuthMode; +use codex_protocol::ThreadId; use codex_protocol::models::PermissionProfile; use codex_protocol::openai_models::ReasoningEffort; use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::protocol::ReviewDecision; +use codex_protocol::protocol::SessionSource; use codex_protocol::user_input::UserInput; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; @@ -27,6 +31,7 @@ use core_test_support::test_codex::TestCodex; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use std::sync::Mutex; +use std::time::Duration; use tracing::Level; use tracing_test::traced_test; @@ -115,7 +120,6 @@ async fn responses_api_emits_api_request_event() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -162,7 +166,6 @@ async fn process_sse_emits_tracing_for_output_item() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -209,7 +212,6 @@ async fn process_sse_emits_failed_event_on_parse_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -257,7 +259,6 @@ async fn process_sse_records_failed_event_when_stream_closes_without_completed() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -325,7 +326,6 @@ async fn process_sse_failed_event_records_response_error_message() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -391,7 +391,6 @@ async fn process_sse_failed_event_logs_parse_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -444,7 +443,6 @@ async fn process_sse_failed_event_logs_missing_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -506,7 +504,6 @@ async fn process_sse_failed_event_logs_response_completed_parse_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -562,7 +559,6 @@ async fn process_sse_emits_completed_telemetry() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -642,7 +638,6 @@ async fn turn_and_completed_response_spans_record_token_usage() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -731,7 +726,6 @@ async fn handle_responses_span_records_response_kind_and_tool_name() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -826,7 +820,6 @@ async fn record_responses_sets_span_fields_for_response_events() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -916,7 +909,6 @@ async fn handle_response_item_records_tool_result_for_custom_tool_call() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -993,7 +985,6 @@ async fn handle_response_item_records_tool_result_for_function_call() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1071,7 +1062,6 @@ async fn handle_response_item_records_tool_result_for_shell_command_call() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1145,6 +1135,70 @@ fn tool_decision_assertion<'a>( } } +fn sandbox_outcome_assertion<'a>( + call_id: &'a str, + expected_outcome: &'a str, +) -> impl Fn(&[&str]) -> Result<(), String> + 'a { + let call_id = call_id.to_string(); + let expected_outcome = expected_outcome.to_string(); + + move |lines: &[&str]| { + let line = lines + .iter() + .find(|line| { + line.contains("codex.sandbox_outcome") + && line.contains(&format!("call_id={call_id}")) + }) + .ok_or_else(|| format!("missing codex.sandbox_outcome event for {call_id}"))?; + + let lower = line.to_lowercase(); + if !lower.contains("tool_name=shell_command") { + return Err("missing tool_name for shell_command".to_string()); + } + if !lower.contains(&format!("outcome={expected_outcome}")) { + return Err(format!("unexpected sandbox outcome for {call_id}")); + } + if !lower.contains("initial_duration_ms=12") { + return Err("missing initial_duration_ms field".to_string()); + } + if !lower.contains("escalated_duration_ms=34") { + return Err("missing escalated_duration_ms field".to_string()); + } + + Ok(()) + } +} + +#[test] +#[traced_test] +fn sandbox_outcome_event_records_outcome() { + let telemetry = SessionTelemetry::new( + ThreadId::new(), + "gpt-5.5", + "gpt-5.5", + /*account_id*/ None, + /*account_email*/ None, + Some(TelemetryAuthMode::ApiKey), + "Codex_Desktop".to_string(), + /*log_user_prompts*/ false, + "tty".to_string(), + SessionSource::Cli, + ); + + telemetry.sandbox_outcome( + "shell_command", + "sandbox-outcome-call", + "escalated", + Duration::from_millis(/*millis*/ 12), + Some(Duration::from_millis(/*millis*/ 34)), + ); + + logs_assert(sandbox_outcome_assertion( + "sandbox-outcome-call", + "escalated", + )); +} + #[tokio::test] #[traced_test] async fn handle_shell_command_autoapprove_from_config_records_tool_decision() { @@ -1181,7 +1235,6 @@ async fn handle_shell_command_autoapprove_from_config_records_tool_decision() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -1237,7 +1290,6 @@ async fn handle_shell_command_user_approved_records_tool_decision() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "approved".into(), text_elements: Vec::new(), @@ -1308,7 +1360,6 @@ async fn handle_shell_command_user_approved_for_session_records_tool_decision() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "persist".into(), text_elements: Vec::new(), @@ -1379,7 +1430,6 @@ async fn handle_sandbox_error_user_approves_retry_records_tool_decision() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "retry".into(), text_elements: Vec::new(), @@ -1450,7 +1500,6 @@ async fn handle_shell_command_user_denies_records_tool_decision() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "deny".into(), text_elements: Vec::new(), @@ -1521,7 +1570,6 @@ async fn handle_sandbox_error_user_approves_for_session_records_tool_decision() codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "persist".into(), text_elements: Vec::new(), @@ -1593,7 +1641,6 @@ async fn handle_sandbox_error_user_denies_records_tool_decision() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "deny".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/override_updates.rs b/codex-rs/core/tests/suite/override_updates.rs index ce7c87a93b9..beb553e4eab 100644 --- a/codex-rs/core/tests/suite/override_updates.rs +++ b/codex-rs/core/tests/suite/override_updates.rs @@ -6,8 +6,10 @@ use codex_protocol::config_types::Settings; use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; +use core_test_support::TempDirExt; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use tempfile::TempDir; @@ -67,7 +69,7 @@ async fn thread_settings_update_without_user_turn_does_not_record_environment_up core_test_support::submit_thread_settings( &test.codex, codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(new_cwd.path().to_path_buf()), + environments: Some(local_selections(new_cwd.abs())), ..Default::default() }, ) diff --git a/codex-rs/core/tests/suite/pending_input.rs b/codex-rs/core/tests/suite/pending_input.rs index 96b89caec84..55a00a2110b 100644 --- a/codex-rs/core/tests/suite/pending_input.rs +++ b/codex-rs/core/tests/suite/pending_input.rs @@ -1,3 +1,4 @@ +use core_test_support::test_codex::local_selections; use std::sync::Arc; use codex_core::CodexThread; @@ -96,7 +97,6 @@ async fn build_codex(server: &StreamingSseServer) -> Arc { async fn submit_user_input(codex: &CodexThread, text: &str) { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: text.to_string(), text_elements: Vec::new(), @@ -119,12 +119,11 @@ async fn submit_danger_full_access_user_turn(test: &TestCodex, text: &str) { text: text.to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -288,7 +287,6 @@ async fn injected_user_input_triggers_follow_up_request_with_deltas() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first prompt".into(), text_elements: Vec::new(), @@ -308,7 +306,6 @@ async fn injected_user_input_triggers_follow_up_request_with_deltas() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "second prompt".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/permissions_messages.rs b/codex-rs/core/tests/suite/permissions_messages.rs index 38c0fe0911c..e5a69962bc2 100644 --- a/codex-rs/core/tests/suite/permissions_messages.rs +++ b/codex-rs/core/tests/suite/permissions_messages.rs @@ -51,7 +51,6 @@ async fn permissions_message_sent_once_on_start() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -92,7 +91,6 @@ async fn permissions_message_added_on_override_change() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -116,7 +114,6 @@ async fn permissions_message_added_on_override_change() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -163,7 +160,6 @@ async fn permissions_message_not_added_when_no_change() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -178,7 +174,6 @@ async fn permissions_message_not_added_when_no_change() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -225,7 +220,6 @@ async fn permissions_message_omitted_when_disabled() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -249,7 +243,6 @@ async fn permissions_message_omitted_when_disabled() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -309,7 +302,6 @@ async fn resume_replays_permissions_messages() -> Result<()> { initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -334,7 +326,6 @@ async fn resume_replays_permissions_messages() -> Result<()> { initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -351,7 +342,6 @@ async fn resume_replays_permissions_messages() -> Result<()> { resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after resume".into(), text_elements: Vec::new(), @@ -412,7 +402,6 @@ async fn resume_and_fork_append_permissions_messages() -> Result<()> { initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -437,7 +426,6 @@ async fn resume_and_fork_append_permissions_messages() -> Result<()> { initial .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -460,7 +448,6 @@ async fn resume_and_fork_append_permissions_messages() -> Result<()> { resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after resume".into(), text_elements: Vec::new(), @@ -496,7 +483,6 @@ async fn resume_and_fork_append_permissions_messages() -> Result<()> { forked .thread .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "after fork".into(), text_elements: Vec::new(), @@ -558,7 +544,6 @@ async fn permissions_message_includes_writable_roots() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/personality.rs b/codex-rs/core/tests/suite/personality.rs index 231a6d826f6..a58e5f20fed 100644 --- a/codex-rs/core/tests/suite/personality.rs +++ b/codex-rs/core/tests/suite/personality.rs @@ -26,6 +26,7 @@ use core_test_support::responses::sse_completed; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -65,12 +66,11 @@ fn read_only_text_turn_with_personality( text: text.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -79,7 +79,7 @@ fn read_only_text_turn_with_personality( mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model, - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), @@ -587,11 +587,13 @@ async fn remote_model_friendly_personality_instructions_with_feature() -> anyhow context_window: Some(128_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -700,11 +702,13 @@ async fn user_turn_personality_remote_model_template_includes_update_message() - context_window: Some(128_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/core/tests/suite/plugins.rs b/codex-rs/core/tests/suite/plugins.rs index 03b1afdfaa9..412b5edbbca 100644 --- a/codex-rs/core/tests/suite/plugins.rs +++ b/codex-rs/core/tests/suite/plugins.rs @@ -180,7 +180,6 @@ async fn capability_sections_render_in_developer_message_in_order() -> Result<() codex .submit(Op::UserInput { - environments: None, items: vec![codex_protocol::user_input::UserInput::Text { text: "hello".into(), text_elements: Vec::new(), @@ -261,7 +260,6 @@ async fn explicit_plugin_mentions_inject_plugin_guidance() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![codex_protocol::user_input::UserInput::Mention { name: "sample".into(), path: format!("plugin://{SAMPLE_PLUGIN_CONFIG_NAME}"), @@ -345,7 +343,6 @@ async fn explicit_plugin_mentions_track_plugin_used_analytics() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![codex_protocol::user_input::UserInput::Mention { name: "sample".into(), path: format!("plugin://{SAMPLE_PLUGIN_CONFIG_NAME}"), diff --git a/codex-rs/core/tests/suite/prompt_caching.rs b/codex-rs/core/tests/suite/prompt_caching.rs index b9afa13852f..809cb0ea327 100644 --- a/codex-rs/core/tests/suite/prompt_caching.rs +++ b/codex-rs/core/tests/suite/prompt_caching.rs @@ -1,5 +1,8 @@ #![allow(clippy::unwrap_used)] +use std::fs; +use std::path::Path; + use codex_core::shell::default_user_shell; use codex_features::Feature; use codex_prompts::APPLY_PATCH_TOOL_INSTRUCTIONS; @@ -24,12 +27,18 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; use pretty_assertions::assert_eq; use tempfile::TempDir; +fn write_global_instructions(home: &Path) { + fs::write(home.join("AGENTS.md"), "be consistent and helpful") + .unwrap_or_else(|err| panic!("write global instructions: {err}")); +} + fn text_user_input(text: String) -> serde_json::Value { text_user_input_parts(vec![text]) } @@ -121,8 +130,8 @@ async fn prompt_tools_are_consistent_across_requests() -> anyhow::Result<()> { thread_manager, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config.model = Some("gpt-5.2".to_string()); // Keep tool expectations stable when the default web_search mode changes. config @@ -150,7 +159,6 @@ async fn prompt_tools_are_consistent_across_requests() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -165,7 +173,6 @@ async fn prompt_tools_are_consistent_across_requests() -> anyhow::Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -185,9 +192,6 @@ async fn prompt_tools_are_consistent_across_requests() -> anyhow::Result<()> { }; expected_tools_names.extend([ "update_plan", - "get_goal", - "create_goal", - "update_goal", "request_user_input", "apply_patch", "view_image", @@ -236,8 +240,8 @@ async fn gpt_5_tools_without_apply_patch_append_apply_patch_instructions() -> an .await; let TestCodex { codex, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config .features .enable(Feature::CollaborationModes) @@ -249,7 +253,6 @@ async fn gpt_5_tools_without_apply_patch_append_apply_patch_instructions() -> an codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -264,7 +267,6 @@ async fn gpt_5_tools_without_apply_patch_append_apply_patch_instructions() -> an wait_for_event(&codex, |ev| matches!(ev, EventMsg::TurnComplete(_))).await; codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -318,8 +320,8 @@ async fn prefixes_context_and_instructions_once_and_consistently_across_requests .await; let TestCodex { codex, config, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config .features .enable(Feature::CollaborationModes) @@ -330,7 +332,6 @@ async fn prefixes_context_and_instructions_once_and_consistently_across_requests codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -345,7 +346,6 @@ async fn prefixes_context_and_instructions_once_and_consistently_across_requests codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -416,8 +416,8 @@ async fn overrides_turn_context_but_keeps_cached_prefix_and_key_constant() -> an .await; let TestCodex { codex, config, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config .features .enable(Feature::CollaborationModes) @@ -429,7 +429,6 @@ async fn overrides_turn_context_but_keeps_cached_prefix_and_key_constant() -> an // First turn codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -468,7 +467,6 @@ async fn overrides_turn_context_but_keeps_cached_prefix_and_key_constant() -> an // Second turn after overrides codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 2".into(), text_elements: Vec::new(), @@ -566,7 +564,6 @@ async fn override_before_first_turn_emits_environment_context() -> anyhow::Resul codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first message".into(), text_elements: Vec::new(), @@ -708,8 +705,8 @@ async fn per_turn_overrides_keep_cached_prefix_and_key_constant() -> anyhow::Res .await; let TestCodex { codex, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config .features .enable(Feature::CollaborationModes) @@ -721,7 +718,6 @@ async fn per_turn_overrides_keep_cached_prefix_and_key_constant() -> anyhow::Res // First turn codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello 1".into(), text_elements: Vec::new(), @@ -751,12 +747,11 @@ async fn per_turn_overrides_keep_cached_prefix_and_key_constant() -> anyhow::Res text: "hello 2".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(new_cwd.path().to_path_buf()), + environments: Some(local_selections(new_cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -843,8 +838,8 @@ async fn send_user_turn_with_no_changes_does_not_send_environment_context() -> a session_configured, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config .features .enable(Feature::CollaborationModes) @@ -857,7 +852,7 @@ async fn send_user_turn_with_no_changes_does_not_send_environment_context() -> a let default_approval_policy = config.permissions.approval_policy.value(); let default_sandbox_policy = &config.legacy_sandbox_policy(); let default_model = session_configured.model; - let default_effort = config.model_reasoning_effort; + let default_effort = config.model_reasoning_effort.clone(); let default_summary = config.model_reasoning_summary; codex @@ -866,12 +861,11 @@ async fn send_user_turn_with_no_changes_does_not_send_environment_context() -> a text: "hello 1".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(default_cwd.to_path_buf()), + environments: Some(local_selections(default_cwd.clone())), approval_policy: Some(default_approval_policy), sandbox_policy: Some(default_sandbox_policy.clone()), summary: Some(default_summary.unwrap_or(ReasoningSummary::Auto)), @@ -879,7 +873,7 @@ async fn send_user_turn_with_no_changes_does_not_send_environment_context() -> a mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: default_model.clone(), - reasoning_effort: default_effort, + reasoning_effort: default_effort.clone(), developer_instructions: None, }, }), @@ -895,12 +889,11 @@ async fn send_user_turn_with_no_changes_does_not_send_environment_context() -> a text: "hello 2".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(default_cwd.to_path_buf()), + environments: Some(local_selections(default_cwd.clone())), approval_policy: Some(default_approval_policy), sandbox_policy: Some(default_sandbox_policy.clone()), summary: Some(default_summary.unwrap_or(ReasoningSummary::Auto)), @@ -984,8 +977,8 @@ async fn send_user_turn_with_changes_sends_environment_context() -> anyhow::Resu session_configured, .. } = test_codex() + .with_pre_build_hook(write_global_instructions) .with_config(|config| { - config.user_instructions = Some("be consistent and helpful".to_string()); config .features .enable(Feature::CollaborationModes) @@ -998,7 +991,7 @@ async fn send_user_turn_with_changes_sends_environment_context() -> anyhow::Resu let default_approval_policy = config.permissions.approval_policy.value(); let default_sandbox_policy = &config.legacy_sandbox_policy(); let default_model = session_configured.model; - let default_effort = config.model_reasoning_effort; + let default_effort = config.model_reasoning_effort.clone(); let default_summary = config.model_reasoning_summary; codex @@ -1007,12 +1000,11 @@ async fn send_user_turn_with_changes_sends_environment_context() -> anyhow::Resu text: "hello 1".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(default_cwd.to_path_buf()), + environments: Some(local_selections(default_cwd.clone())), approval_policy: Some(default_approval_policy), sandbox_policy: Some(default_sandbox_policy.clone()), summary: Some(default_summary.unwrap_or(ReasoningSummary::Auto)), @@ -1038,12 +1030,11 @@ async fn send_user_turn_with_changes_sends_environment_context() -> anyhow::Resu text: "hello 2".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(default_cwd.to_path_buf()), + environments: Some(local_selections(default_cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/prompt_debug_tests.rs b/codex-rs/core/tests/suite/prompt_debug_tests.rs index dc506bc4746..c2ebe3999b8 100644 --- a/codex-rs/core/tests/suite/prompt_debug_tests.rs +++ b/codex-rs/core/tests/suite/prompt_debug_tests.rs @@ -1,18 +1,24 @@ +use std::sync::Arc; + use anyhow::Result; use codex_core::build_prompt_input; use codex_core::config::ConfigBuilder; use codex_core::config::ConfigOverrides; +use codex_home::CodexHomeUserInstructionsProvider; use codex_protocol::models::ContentItem; use codex_protocol::models::ResponseItem; use codex_protocol::user_input::UserInput; use pretty_assertions::assert_eq; use tempfile::TempDir; +const TEST_INSTRUCTIONS: &str = "Global test instructions"; + #[tokio::test] async fn build_prompt_input_includes_context_and_user_message() -> Result<()> { let codex_home = TempDir::new()?; let cwd = TempDir::new()?; - let mut config = ConfigBuilder::default() + std::fs::write(codex_home.path().join("AGENTS.md"), TEST_INSTRUCTIONS)?; + let config = ConfigBuilder::default() .codex_home(codex_home.path().to_path_buf()) .harness_overrides(ConfigOverrides { cwd: Some(cwd.path().to_path_buf()), @@ -21,7 +27,9 @@ async fn build_prompt_input_includes_context_and_user_message() -> Result<()> { }) .build() .await?; - config.user_instructions = Some("Project-specific test instructions".to_string()); + let user_instructions_provider = Arc::new(CodexHomeUserInstructionsProvider::new( + config.codex_home.clone(), + )); let input = build_prompt_input( config, @@ -30,6 +38,7 @@ async fn build_prompt_input_includes_context_and_user_message() -> Result<()> { text_elements: Vec::new(), }], /*state_db*/ None, + user_instructions_provider, ) .await?; @@ -52,7 +61,7 @@ async fn build_prompt_input_includes_context_and_user_message() -> Result<()> { else { return false; }; - text.contains("Project-specific test instructions") + text.contains(TEST_INSTRUCTIONS) }) })); diff --git a/codex-rs/core/tests/suite/quota_exceeded.rs b/codex-rs/core/tests/suite/quota_exceeded.rs index 904c116cfbc..33f7d77fa7b 100644 --- a/codex-rs/core/tests/suite/quota_exceeded.rs +++ b/codex-rs/core/tests/suite/quota_exceeded.rs @@ -41,7 +41,6 @@ async fn quota_exceeded_emits_single_error_event() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "quota?".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/realtime_conversation.rs b/codex-rs/core/tests/suite/realtime_conversation.rs index a2aec5c95f6..25f0516b0d9 100644 --- a/codex-rs/core/tests/suite/realtime_conversation.rs +++ b/codex-rs/core/tests/suite/realtime_conversation.rs @@ -27,7 +27,6 @@ use codex_protocol::protocol::RealtimeVoice; use codex_protocol::protocol::RolloutItem; use codex_protocol::protocol::SessionSource; use codex_protocol::user_input::UserInput; -use codex_utils_output_truncation::approx_token_count; use core_test_support::responses; use core_test_support::responses::WebSocketConnectionConfig; use core_test_support::responses::start_mock_server; @@ -283,10 +282,12 @@ async fn conversation_start_audio_text_close_round_trip() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -421,10 +422,12 @@ async fn conversation_start_defaults_to_v2_and_gpt_realtime_1_5() -> Result<()> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -503,18 +506,20 @@ async fn conversation_webrtc_start_posts_generated_session() -> Result<()> { config.experimental_realtime_ws_model = Some("realtime-test-model".to_string()); config.experimental_realtime_ws_startup_context = Some("startup context".to_string()); config.experimental_realtime_ws_base_url = Some(realtime_ws_base_url); - config.realtime.version = RealtimeWsVersion::V1; + config.realtime.version = RealtimeWsVersion::V2; }); let test = builder.build(&server).await?; test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: Some("session-override-model".to_string()), output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: Some(ConversationStartTransport::Webrtc { sdp: "v=offer\r\n".to_string(), }), + version: Some(RealtimeConversationVersion::V1), voice: None, })) .await?; @@ -573,7 +578,7 @@ async fn conversation_webrtc_start_posts_generated_session() -> Result<()> { Some("multipart/form-data; boundary=codex-realtime-call-boundary") ); let body = String::from_utf8(request.body).context("multipart body should be utf-8")?; - let session = r#"{"audio":{"input":{"format":{"type":"audio/pcm","rate":24000}},"output":{"voice":"cove"}},"type":"quicksilver","model":"realtime-test-model","instructions":"backend prompt\n\nstartup context"}"#; + let session = r#"{"audio":{"input":{"format":{"type":"audio/pcm","rate":24000}},"output":{"voice":"cove"}},"type":"quicksilver","model":"session-override-model","instructions":"backend prompt\n\nstartup context"}"#; let session = normalized_json_string(session)?; assert_eq!( body, @@ -679,12 +684,14 @@ async fn conversation_webrtc_close_while_sideband_connecting_drops_pending_join( test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: Some(ConversationStartTransport::Webrtc { sdp: "v=offer\r\n".to_string(), }), + version: None, voice: None, })) .await?; @@ -763,12 +770,14 @@ async fn conversation_webrtc_sideband_connect_failure_closes_with_error() -> Res test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: Some(ConversationStartTransport::Webrtc { sdp: "v=offer\r\n".to_string(), }), + version: None, voice: None, })) .await?; @@ -848,10 +857,12 @@ async fn conversation_start_uses_openai_env_key_fallback_with_chatgpt_auth() -> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -914,10 +925,12 @@ async fn conversation_transport_close_emits_closed_event() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1004,10 +1017,12 @@ async fn conversation_start_preflight_failure_emits_realtime_error_only() -> Res test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1048,10 +1063,12 @@ async fn conversation_start_connect_failure_emits_realtime_error_only() -> Resul test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1139,10 +1156,12 @@ async fn conversation_second_start_replaces_runtime() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("old".to_string())), realtime_session_id: Some("conv_old".to_string()), transport: None, + version: None, voice: None, })) .await?; @@ -1162,10 +1181,12 @@ async fn conversation_second_start_replaces_runtime() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("new".to_string())), realtime_session_id: Some("conv_new".to_string()), transport: None, + version: None, voice: None, })) .await?; @@ -1256,10 +1277,12 @@ async fn conversation_uses_experimental_realtime_ws_base_url_override() -> Resul test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1318,10 +1341,12 @@ async fn conversation_uses_default_realtime_backend_prompt() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: None, realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1388,10 +1413,12 @@ async fn conversation_uses_empty_instructions_for_null_or_empty_prompt() -> Resu ] { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt, realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1451,10 +1478,12 @@ async fn conversation_uses_explicit_start_voice() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: Some(RealtimeVoice::Breeze), })) .await?; @@ -1506,10 +1535,12 @@ async fn conversation_uses_configured_realtime_voice() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1549,10 +1580,12 @@ async fn conversation_rejects_voice_for_wrong_realtime_version() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: Some(RealtimeVoice::Cove), })) .await?; @@ -1593,10 +1626,12 @@ async fn conversation_uses_experimental_realtime_ws_backend_prompt_override() -> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("prompt from op".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1663,10 +1698,12 @@ async fn conversation_uses_experimental_realtime_ws_startup_context_override() - test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("prompt from op".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1727,10 +1764,12 @@ async fn conversation_disables_realtime_startup_context_with_empty_override() -> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("prompt from op".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1784,10 +1823,12 @@ async fn conversation_start_injects_startup_context_from_thread_history() -> Res test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1893,10 +1934,12 @@ async fn conversation_startup_context_current_thread_selects_many_turns_by_budge codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -1998,10 +2041,12 @@ async fn conversation_startup_context_falls_back_to_workspace_map() -> Result<() test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2055,10 +2100,12 @@ async fn conversation_startup_context_is_truncated_and_sent_once_per_start() -> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2099,7 +2146,7 @@ async fn conversation_startup_context_is_truncated_and_sent_once_per_start() -> } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn conversation_user_text_turn_is_sent_to_realtime_when_active() -> Result<()> { +async fn conversation_user_text_turn_is_not_sent_to_realtime() -> Result<()> { skip_if_no_network!(Ok(())); let api_server = start_mock_server().await; @@ -2107,7 +2154,6 @@ async fn conversation_user_text_turn_is_sent_to_realtime_when_active() -> Result &api_server, responses::sse(vec![ responses::ev_response_created("resp_user_text"), - responses::ev_assistant_message("msg_user_text", "ack"), responses::ev_completed("resp_user_text"), ]), ) @@ -2133,10 +2179,12 @@ async fn conversation_user_text_turn_is_sent_to_realtime_when_active() -> Result test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2155,10 +2203,8 @@ async fn conversation_user_text_turn_is_sent_to_realtime_when_active() -> Result assert_eq!(session_updated, "sess_user_text"); let user_text = "typed follow-up for realtime"; - let prefixed_user_text = format!("[USER] {user_text}"); test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: user_text.to_string(), text_elements: Vec::new(), @@ -2170,182 +2216,22 @@ async fn conversation_user_text_turn_is_sent_to_realtime_when_active() -> Result }) .await?; - wait_for_event(&test.codex, |event| { - matches!(event, EventMsg::TurnComplete(_)) - }) - .await; - - let realtime_text_request = wait_for_matching_websocket_request( - &realtime_server, - "normal user turn text mirrored to realtime", - |request| websocket_request_text(request).as_deref() == Some(prefixed_user_text.as_str()), - ) - .await; - let model_user_texts = response_mock.single_request().message_input_texts("user"); - assert_eq!( - ( - model_user_texts.iter().any(|text| text == user_text), - websocket_request_text(&realtime_text_request), - ), - (true, Some(prefixed_user_text)), - ); - let realtime_response_create = timeout(Duration::from_millis(200), async { - wait_for_matching_websocket_request( - &realtime_server, - "unexpected realtime response request for mirrored user text", - |request| request.body_json()["type"].as_str() == Some("response.create"), - ) - .await - }) - .await; - assert!( - realtime_response_create.is_err(), - "mirrored user text should not request a realtime response" - ); - - let realtime_request_body = realtime_text_request.body_json(); - let content = &realtime_request_body["item"]["content"][0]; - let snapshot = format!( - "type: {}\nitem.type: {}\nitem.role: {}\ncontent[0].type: {}\ncontent[0].text: {}\nresponse.create: {}", - realtime_request_body["type"].as_str().unwrap_or_default(), - realtime_request_body["item"]["type"] - .as_str() - .unwrap_or_default(), - realtime_request_body["item"]["role"] - .as_str() - .unwrap_or_default(), - content["type"].as_str().unwrap_or_default(), - content["text"].as_str().unwrap_or_default(), - realtime_response_create.is_ok(), - ); - insta::assert_snapshot!( - "conversation_user_text_turn_is_sent_to_realtime_when_active", - snapshot - ); - - realtime_server.shutdown().await; - Ok(()) -} - -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn conversation_user_text_turn_is_capped_when_mirrored_to_realtime() -> Result<()> { - skip_if_no_network!(Ok(())); - - let api_server = start_mock_server().await; - let response_mock = responses::mount_sse_once( - &api_server, - responses::sse(vec![ - responses::ev_response_created("resp_long_user_text"), - responses::ev_assistant_message("msg_long_user_text", "ack"), - responses::ev_completed("resp_long_user_text"), - ]), - ) - .await; - - let realtime_server = start_websocket_server(vec![vec![ - vec![json!({ - "type": "session.updated", - "session": { "id": "sess_long_user_text", "instructions": "backend prompt" } - })], - vec![], - ]]) - .await; - - let mut builder = test_codex().with_config({ - let realtime_base_url = realtime_server.uri().to_string(); - move |config| { - config.experimental_realtime_ws_base_url = Some(realtime_base_url); - config.experimental_realtime_ws_startup_context = Some(String::new()); - } - }); - let test = builder.build(&api_server).await?; - - // Phase 1: start realtime so the next normal user turn mirrors over the - // active WebSocket session. - test.codex - .submit(Op::RealtimeConversationStart(ConversationStartParams { - output_modality: RealtimeOutputModality::Audio, - prompt: Some(Some("backend prompt".to_string())), - realtime_session_id: None, - transport: None, - voice: None, - })) - .await?; - - let session_updated = wait_for_event_match(&test.codex, |msg| match msg { - EventMsg::RealtimeConversationRealtime(RealtimeConversationRealtimeEvent { - payload: - RealtimeEvent::SessionUpdated { - realtime_session_id: session_id, - .. - }, - }) => Some(session_id.clone()), + let turn_complete = wait_for_event_match(&test.codex, |event| match event { + EventMsg::TurnComplete(turn_complete) => Some(turn_complete.clone()), _ => None, }) .await; - assert_eq!(session_updated, "sess_long_user_text"); + assert_eq!(turn_complete.last_agent_message, None); - // Phase 2: submit one oversized text turn. The model request should keep - // the exact user text, while the realtime mirror should get the capped copy. - let user_text = format!( - "mirror-head {} mirror-middle {} mirror-tail", - "alpha ".repeat(900), - "omega ".repeat(900), - ); - test.codex - .submit(Op::UserInput { - environments: None, - items: vec![UserInput::Text { - text: user_text.clone(), - text_elements: Vec::new(), - }], - final_output_json_schema: None, - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - }) - .await?; - - wait_for_event(&test.codex, |event| { - matches!(event, EventMsg::TurnComplete(_)) - }) - .await; - - // Phase 3: capture the mirrored WebSocket item; the snapshot below records - // the capped payload shape. - let realtime_text_request = wait_for_matching_websocket_request( - &realtime_server, - "capped normal user turn text mirrored to realtime", - |request| websocket_request_text(request).is_some_and(|text| text.contains("mirror-head")), - ) - .await; - let realtime_text = - websocket_request_text(&realtime_text_request).expect("realtime request text"); let model_user_texts = response_mock.single_request().message_input_texts("user"); + assert!(model_user_texts.iter().any(|text| text == user_text)); - let realtime_request_body = realtime_text_request.body_json(); - let content = &realtime_request_body["item"]["content"][0]; - - // Snapshot the request envelope and capped text together so reviewers can - // see the preserved head/tail and truncation marker in one place. - let snapshot = format!( - "type: {}\nitem.type: {}\nitem.role: {}\ncontent[0].type: {}\nmodel_has_full_user_text: {}\nrealtime_text_equal_full_user_text: {}\nrealtime_text_approx_tokens: {}\ncontent[0].text: {}", - realtime_request_body["type"].as_str().unwrap_or_default(), - realtime_request_body["item"]["type"] - .as_str() - .unwrap_or_default(), - realtime_request_body["item"]["role"] - .as_str() - .unwrap_or_default(), - content["type"].as_str().unwrap_or_default(), - model_user_texts.iter().any(|text| text == &user_text), - realtime_text == user_text, - approx_token_count(&realtime_text), - realtime_text, - ); - insta::assert_snapshot!( - "conversation_user_text_turn_is_capped_when_mirrored_to_realtime", - snapshot + let realtime_connections = realtime_server.connections(); + assert_eq!(realtime_connections.len(), 1); + assert_eq!(realtime_connections[0].len(), 1); + assert_eq!( + realtime_connections[0][0].body_json()["type"].as_str(), + Some("session.update") ); realtime_server.shutdown().await; @@ -2389,10 +2275,12 @@ async fn realtime_v2_noop_tool_call_returns_empty_function_output_without_respon test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2485,10 +2373,12 @@ async fn conversation_mirrors_assistant_message_text_to_realtime_handoff() -> Re test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2619,10 +2509,12 @@ async fn conversation_handoff_persists_across_item_done_until_turn_complete() -> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2768,10 +2660,12 @@ async fn inbound_handoff_request_starts_turn() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2867,10 +2761,12 @@ async fn inbound_handoff_request_uses_active_transcript() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -2967,10 +2863,12 @@ async fn inbound_handoff_request_sends_transcript_delta_after_each_handoff() -> test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -3065,10 +2963,12 @@ async fn inbound_conversation_item_does_not_start_turn_and_still_forwards_audio( test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -3185,10 +3085,12 @@ async fn delegated_turn_user_role_echo_does_not_redelegate_and_still_forwards_au test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -3335,10 +3237,12 @@ async fn inbound_handoff_request_does_not_block_realtime_event_forwarding() -> R test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -3443,7 +3347,6 @@ async fn inbound_handoff_request_steers_active_turn() -> Result<()> { "type": "session.updated", "session": { "id": "sess_steer", "instructions": "backend prompt" } })], - vec![], vec![ json!({ "type": "conversation.input_transcript.delta", @@ -3470,10 +3373,12 @@ async fn inbound_handoff_request_steers_active_turn() -> Result<()> { test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; @@ -3491,7 +3396,6 @@ async fn inbound_handoff_request_steers_active_turn() -> Result<()> { test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first prompt".to_string(), text_elements: Vec::new(), @@ -3507,12 +3411,6 @@ async fn inbound_handoff_request_steers_active_turn() -> Result<()> { matches!(event, EventMsg::AgentMessageContentDelta(_)) }) .await; - let _ = wait_for_matching_websocket_request( - &realtime_server, - "first prompt mirrored to realtime", - |request| websocket_request_text(request).as_deref() == Some("first prompt"), - ) - .await; test.codex .submit(Op::RealtimeConversationAudio(ConversationAudioParams { @@ -3627,10 +3525,12 @@ async fn inbound_handoff_request_starts_turn_and_does_not_block_realtime_audio() test.codex .submit(Op::RealtimeConversationStart(ConversationStartParams { + model: None, output_modality: RealtimeOutputModality::Audio, prompt: Some(Some("backend prompt".to_string())), realtime_session_id: None, transport: None, + version: None, voice: None, })) .await?; diff --git a/codex-rs/core/tests/suite/remote_env.rs b/codex-rs/core/tests/suite/remote_env.rs index 0862482f9dc..64d5c7081c1 100644 --- a/codex-rs/core/tests/suite/remote_env.rs +++ b/codex-rs/core/tests/suite/remote_env.rs @@ -28,6 +28,7 @@ use codex_protocol::request_permissions::RequestPermissionProfile; use codex_protocol::request_permissions::RequestPermissionsResponse; use codex_protocol::user_input::UserInput; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use core_test_support::PathBufExt; use core_test_support::PathExt; use core_test_support::get_remote_test_env; @@ -41,6 +42,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::test_env; use core_test_support::wait_for_event; @@ -70,18 +72,21 @@ async fn submit_turn_with_approval_and_environments( prompt: &str, environments: Vec, ) -> Result<()> { + let turn_environment_selections = codex_protocol::protocol::TurnEnvironmentSelections::new( + test.config.cwd.clone(), + environments, + ); test.codex .submit(Op::UserInput { items: vec![UserInput::Text { text: prompt.into(), text_elements: Vec::new(), }], - environments: Some(environments), final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(turn_environment_selections), approval_policy: Some(AskForApproval::OnRequest), approvals_reviewer: Some(ApprovalsReviewer::User), sandbox_policy: Some(SandboxPolicy::new_read_only_policy()), @@ -151,19 +156,20 @@ async fn remote_test_env_can_connect_and_use_filesystem() -> Result<()> { let file_system = test_env.environment().get_filesystem(); let file_path_abs = remote_test_file_path().abs(); + let file_path_uri = PathUri::from_path(&file_path_abs)?; let payload = b"remote-test-env-ok".to_vec(); file_system - .write_file(&file_path_abs, payload.clone(), /*sandbox*/ None) + .write_file(&file_path_uri, payload.clone(), /*sandbox*/ None) .await?; let actual = file_system - .read_file(&file_path_abs, /*sandbox*/ None) + .read_file(&file_path_uri, /*sandbox*/ None) .await?; assert_eq!(actual, payload); file_system .remove( - &file_path_abs, + &file_path_uri, RemoveOptions { recursive: false, force: true, @@ -284,26 +290,25 @@ async fn exec_command_routes_to_selected_remote_environment() -> Result<()> { let test = unified_exec_test(&server).await?; let local_cwd = TempDir::new()?; fs::write(local_cwd.path().join("marker.txt"), "local-routing")?; - let local_selection = TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: local_cwd.path().abs(), - }; + let local_selection = local(local_cwd.path().abs()); let remote_cwd = PathBuf::from(format!( "/tmp/codex-remote-routing-{}", SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() )) .abs(); let remote_marker_name = "marker.txt"; + let remote_cwd_uri = PathUri::from_path(&remote_cwd)?; + let remote_marker_uri = PathUri::from_path(remote_cwd.join(remote_marker_name))?; test.fs() .create_directory( - &remote_cwd, + &remote_cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; test.fs() .write_file( - &remote_cwd.join(remote_marker_name), + &remote_marker_uri, b"remote-routing".to_vec(), /*sandbox*/ None, ) @@ -337,7 +342,7 @@ async fn exec_command_routes_to_selected_remote_environment() -> Result<()> { test.fs() .remove( - &remote_cwd, + &remote_cwd_uri, RemoveOptions { recursive: true, force: true, @@ -389,9 +394,10 @@ async fn remote_request_permissions_grant_unblocks_later_remote_exec() -> Result let local_write_root = local_cwd.path().join(relative_write_root); let local_target_path = local_cwd.path().join(relative_target_path); fs::create_dir(&local_write_root)?; + let remote_write_root_uri = PathUri::from_path(&remote_write_root)?; test.fs() .create_directory( - &remote_write_root, + &remote_write_root_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -462,10 +468,7 @@ async fn remote_request_permissions_grant_unblocks_later_remote_exec() -> Result &test, "request permissions, then write in the remote environment", vec![ - TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: local_cwd.path().abs(), - }, + local(local_cwd.path().abs()), TurnEnvironmentSelection { environment_id: REMOTE_ENVIRONMENT_ID.to_string(), cwd: remote_cwd.clone(), @@ -529,7 +532,10 @@ async fn remote_request_permissions_grant_unblocks_later_remote_exec() -> Result ); assert_eq!( test.fs() - .read_file_text(&remote_target_path, /*sandbox*/ None) + .read_file_text( + &PathUri::from_path(&remote_target_path)?, + /*sandbox*/ None, + ) .await?, "remote-request-permissions-ok" ); @@ -540,7 +546,7 @@ async fn remote_request_permissions_grant_unblocks_later_remote_exec() -> Result test.fs() .remove( - &remote_cwd, + &PathUri::from_abs_path(&remote_cwd)?, RemoveOptions { recursive: true, force: true, @@ -569,9 +575,10 @@ async fn apply_patch_freeform_routes_to_selected_remote_environment() -> Result< SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() )) .abs(); + let remote_cwd_uri = PathUri::from_path(&remote_cwd)?; test.fs() .create_directory( - &remote_cwd, + &remote_cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -601,10 +608,7 @@ async fn apply_patch_freeform_routes_to_selected_remote_environment() -> Result< test.submit_turn_with_environments( "apply patch to remote environment", Some(vec![ - TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: local_cwd.path().abs(), - }, + local(local_cwd.path().abs()), TurnEnvironmentSelection { environment_id: REMOTE_ENVIRONMENT_ID.to_string(), cwd: remote_cwd.clone(), @@ -615,7 +619,10 @@ async fn apply_patch_freeform_routes_to_selected_remote_environment() -> Result< let remote_contents = test .fs() - .read_file_text(&remote_cwd.join(file_name), /*sandbox*/ None) + .read_file_text( + &PathUri::from_path(remote_cwd.join(file_name))?, + /*sandbox*/ None, + ) .await?; assert_eq!(remote_contents, "patched remote freeform\n"); assert!( @@ -625,7 +632,7 @@ async fn apply_patch_freeform_routes_to_selected_remote_environment() -> Result< test.fs() .remove( - &remote_cwd, + &remote_cwd_uri, RemoveOptions { recursive: true, force: true, @@ -656,9 +663,10 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() )) .abs(); + let remote_cwd_uri = PathUri::from_path(&remote_cwd)?; test.fs() .create_directory( - &remote_cwd, + &remote_cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -669,10 +677,11 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() )) .abs(); + let target_path_uri = PathUri::from_path(&target_path)?; let _ = fs::remove_file(&target_path); test.fs() .remove( - &target_path, + &target_path_uri, RemoveOptions { recursive: false, force: true, @@ -682,10 +691,7 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { .await?; let environments = vec![ - TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: local_cwd.path().abs(), - }, + local(local_cwd.path().abs()), TurnEnvironmentSelection { environment_id: REMOTE_ENVIRONMENT_ID.to_string(), cwd: remote_cwd.clone(), @@ -779,7 +785,7 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { .await; assert_eq!( test.fs() - .read_file_text(&target_path, /*sandbox*/ None) + .read_file_text(&target_path_uri, /*sandbox*/ None) .await?, "remote\n" ); @@ -793,7 +799,7 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { wait_for_completion_without_patch_approval(&test).await; assert_eq!( test.fs() - .read_file_text(&target_path, /*sandbox*/ None) + .read_file_text(&target_path_uri, /*sandbox*/ None) .await?, "remote updated\n" ); @@ -801,7 +807,7 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { let _ = fs::remove_file(&target_path); test.fs() .remove( - &target_path, + &target_path_uri, RemoveOptions { recursive: false, force: true, @@ -811,7 +817,7 @@ async fn apply_patch_approvals_are_remembered_per_environment() -> Result<()> { .await?; test.fs() .remove( - &remote_cwd, + &remote_cwd_uri, RemoveOptions { recursive: true, force: true, @@ -840,9 +846,10 @@ async fn apply_patch_intercepted_exec_command_routes_to_selected_remote_environm SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() )) .abs(); + let remote_cwd_uri = PathUri::from_path(&remote_cwd)?; test.fs() .create_directory( - &remote_cwd, + &remote_cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -882,10 +889,7 @@ async fn apply_patch_intercepted_exec_command_routes_to_selected_remote_environm test.submit_turn_with_environments( "apply patch through exec command to remote environment", Some(vec![ - TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: local_cwd.path().abs(), - }, + local(local_cwd.path().abs()), TurnEnvironmentSelection { environment_id: REMOTE_ENVIRONMENT_ID.to_string(), cwd: remote_cwd.clone(), @@ -896,7 +900,10 @@ async fn apply_patch_intercepted_exec_command_routes_to_selected_remote_environm let remote_contents = test .fs() - .read_file_text(&remote_cwd.join(file_name), /*sandbox*/ None) + .read_file_text( + &PathUri::from_path(remote_cwd.join(file_name))?, + /*sandbox*/ None, + ) .await?; assert_eq!(remote_contents, "patched remote exec\n"); assert!( @@ -906,7 +913,7 @@ async fn apply_patch_intercepted_exec_command_routes_to_selected_remote_environm test.fs() .remove( - &remote_cwd, + &remote_cwd_uri, RemoveOptions { recursive: true, force: true, @@ -930,16 +937,18 @@ async fn remote_test_env_sandboxed_read_allows_readable_root() -> Result<()> { let allowed_dir = PathBuf::from(format!("/tmp/codex-remote-readable-{}", std::process::id())); let file_path = allowed_dir.join("note.txt"); + let allowed_dir_uri = PathUri::from_path(&allowed_dir)?; + let file_path_uri = PathUri::from_path(&file_path)?; file_system .create_directory( - &absolute_path(allowed_dir.clone()), + &allowed_dir_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; file_system .write_file( - &absolute_path(file_path.clone()), + &file_path_uri, b"sandboxed hello".to_vec(), /*sandbox*/ None, ) @@ -947,13 +956,13 @@ async fn remote_test_env_sandboxed_read_allows_readable_root() -> Result<()> { let sandbox = read_only_sandbox(allowed_dir.clone()); let contents = file_system - .read_file(&absolute_path(file_path.clone()), Some(&sandbox)) + .read_file(&file_path_uri, Some(&sandbox)) .await?; assert_eq!(contents, b"sandboxed hello"); file_system .remove( - &absolute_path(allowed_dir), + &allowed_dir_uri, RemoveOptions { recursive: true, force: true, @@ -987,7 +996,8 @@ async fn remote_test_env_sandboxed_read_rejects_symlink_parent_dotdot_escape() - secret = secret_path.display(), ))?; - let requested_path = absolute_path(allowed_dir.join("link").join("..").join("secret.txt")); + let requested_path = + PathUri::from_path(allowed_dir.join("link").join("..").join("secret.txt"))?; let sandbox = read_only_sandbox(allowed_dir.clone()); let error = match file_system.read_file(&requested_path, Some(&sandbox)).await { Ok(_) => anyhow::bail!("read should fail after path normalization"), @@ -1034,7 +1044,7 @@ async fn remote_test_env_remove_removes_symlink_not_target() -> Result<()> { let sandbox = workspace_write_sandbox(allowed_dir.clone()); file_system .remove( - &absolute_path(symlink_path.clone()), + &PathUri::from_path(&symlink_path)?, RemoveOptions { recursive: false, force: false, @@ -1044,18 +1054,21 @@ async fn remote_test_env_remove_removes_symlink_not_target() -> Result<()> { .await?; let symlink_exists = file_system - .get_metadata(&absolute_path(symlink_path), /*sandbox*/ None) + .get_metadata( + &PathUri::from_abs_path(&absolute_path(symlink_path))?, + /*sandbox*/ None, + ) .await .is_ok(); assert!(!symlink_exists); let outside = file_system - .read_file_text(&absolute_path(outside_file.clone()), /*sandbox*/ None) + .read_file_text(&PathUri::from_path(&outside_file)?, /*sandbox*/ None) .await?; assert_eq!(outside, "outside"); file_system .remove( - &absolute_path(root), + &PathUri::from_path(&root)?, RemoveOptions { recursive: true, force: true, @@ -1096,8 +1109,8 @@ async fn remote_test_env_copy_preserves_symlink_source() -> Result<()> { let sandbox = workspace_write_sandbox(allowed_dir.clone()); file_system .copy( - &absolute_path(source_symlink), - &absolute_path(copied_symlink.clone()), + &PathUri::from_path(&source_symlink)?, + &PathUri::from_path(&copied_symlink)?, CopyOptions { recursive: false }, Some(&sandbox), ) @@ -1128,7 +1141,7 @@ async fn remote_test_env_copy_preserves_symlink_source() -> Result<()> { file_system .remove( - &absolute_path(root), + &PathUri::from_path(&root)?, RemoveOptions { recursive: true, force: true, diff --git a/codex-rs/core/tests/suite/remote_models.rs b/codex-rs/core/tests/suite/remote_models.rs index fd6e01c0755..b3fc9b9db7f 100644 --- a/codex-rs/core/tests/suite/remote_models.rs +++ b/codex-rs/core/tests/suite/remote_models.rs @@ -23,6 +23,7 @@ use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::ExecCommandSource; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::load_default_config_for_test; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; @@ -36,6 +37,7 @@ use core_test_support::responses::sse; use core_test_support::skip_if_no_network; use core_test_support::skip_if_sandbox; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -157,7 +159,6 @@ async fn remote_models_config_context_window_override_clamps_to_max_context_wind text: "check context window".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -225,7 +226,6 @@ async fn remote_models_config_override_above_max_uses_max_context_window() -> Re text: "check context window".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -292,7 +292,6 @@ async fn remote_models_use_context_window_when_config_override_is_absent() -> Re text: "check context window".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -318,7 +317,7 @@ async fn remote_models_use_context_window_when_config_override_is_absent() -> Re } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn remote_models_long_model_slug_is_sent_with_high_reasoning() -> Result<()> { +async fn remote_models_long_model_slug_is_sent_with_custom_reasoning() -> Result<()> { skip_if_no_network!(Ok(())); skip_if_sandbox!(Ok(())); @@ -331,15 +330,16 @@ async fn remote_models_long_model_slug_is_sent_with_high_reasoning() -> Result<( /*priority*/ 1_000, TruncationPolicyConfig::bytes(/*limit*/ 10_000), ); - remote_model.default_reasoning_level = Some(ReasoningEffort::High); + let custom_reasoning_effort = ReasoningEffort::Custom("max".to_string()); + remote_model.default_reasoning_level = Some(custom_reasoning_effort.clone()); remote_model.supported_reasoning_levels = vec![ ReasoningEffortPreset { effort: ReasoningEffort::Medium, description: ReasoningEffort::Medium.to_string(), }, ReasoningEffortPreset { - effort: ReasoningEffort::High, - description: ReasoningEffort::High.to_string(), + effort: custom_reasoning_effort.clone(), + description: custom_reasoning_effort.to_string(), }, ]; remote_model.supports_reasoning_summaries = true; @@ -372,7 +372,6 @@ async fn remote_models_long_model_slug_is_sent_with_high_reasoning() -> Result<( text: "check model slug".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -393,7 +392,7 @@ async fn remote_models_long_model_slug_is_sent_with_high_reasoning() -> Result<( .and_then(|reasoning| reasoning.get("summary")) .and_then(|value| value.as_str()); assert_eq!(body["model"].as_str(), Some(requested_model)); - assert_eq!(reasoning_effort, Some("high")); + assert_eq!(reasoning_effort, Some("max")); assert_eq!(reasoning_summary, Some("detailed")); Ok(()) @@ -423,7 +422,6 @@ async fn namespaced_model_slug_uses_catalog_metadata_without_fallback_warning() text: "check namespaced model metadata".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -477,6 +475,7 @@ async fn remote_models_remote_model_uses_unified_exec() -> Result<()> { input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -500,6 +499,7 @@ async fn remote_models_remote_model_uses_unified_exec() -> Result<()> { context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), }; @@ -571,7 +571,7 @@ async fn remote_models_remote_model_uses_unified_exec() -> Result<()> { ]; mount_sse_sequence(&server, responses).await; - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); codex @@ -580,12 +580,11 @@ async fn remote_models_remote_model_uses_unified_exec() -> Result<()> { text: "run call".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -729,6 +728,7 @@ async fn remote_models_apply_remote_base_instructions() -> Result<()> { input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -752,6 +752,7 @@ async fn remote_models_apply_remote_base_instructions() -> Result<()> { context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), }; @@ -798,7 +799,7 @@ async fn remote_models_apply_remote_base_instructions() -> Result<()> { ) .await?; - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); codex @@ -807,12 +808,11 @@ async fn remote_models_apply_remote_base_instructions() -> Result<()> { text: "hello remote".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -1215,6 +1215,7 @@ fn test_remote_model_with_policy( input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -1238,6 +1239,7 @@ fn test_remote_model_with_policy( context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), } diff --git a/codex-rs/core/tests/suite/request_compression.rs b/codex-rs/core/tests/suite/request_compression.rs index fe9cb1e5f84..e70346a5a35 100644 --- a/codex-rs/core/tests/suite/request_compression.rs +++ b/codex-rs/core/tests/suite/request_compression.rs @@ -40,7 +40,6 @@ async fn request_body_is_zstd_compressed_for_codex_backend_when_enabled() -> any codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "compress me".into(), text_elements: Vec::new(), @@ -91,7 +90,6 @@ async fn request_body_is_not_compressed_for_api_key_auth_even_when_enabled() -> codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "do not compress".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/request_permissions.rs b/codex-rs/core/tests/suite/request_permissions.rs index a78e4a016eb..f78ccf1ac73 100644 --- a/codex-rs/core/tests/suite/request_permissions.rs +++ b/codex-rs/core/tests/suite/request_permissions.rs @@ -31,6 +31,7 @@ use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::skip_if_sandbox; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -195,12 +196,11 @@ async fn submit_turn( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer: Some(ApprovalsReviewer::User), sandbox_policy: Some(sandbox_policy), diff --git a/codex-rs/core/tests/suite/request_permissions_tool.rs b/codex-rs/core/tests/suite/request_permissions_tool.rs index a122cc399b3..dc08160d7fd 100644 --- a/codex-rs/core/tests/suite/request_permissions_tool.rs +++ b/codex-rs/core/tests/suite/request_permissions_tool.rs @@ -28,6 +28,7 @@ use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::skip_if_sandbox; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -147,12 +148,11 @@ async fn submit_turn( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), approvals_reviewer, sandbox_policy: Some(sandbox_policy), diff --git a/codex-rs/core/tests/suite/request_user_input.rs b/codex-rs/core/tests/suite/request_user_input.rs index d09071d72d9..902c7a8bb02 100644 --- a/codex-rs/core/tests/suite/request_user_input.rs +++ b/codex-rs/core/tests/suite/request_user_input.rs @@ -1,5 +1,6 @@ #![allow(clippy::unwrap_used)] +use core_test_support::test_codex::local_selections; use std::collections::HashMap; use codex_features::Feature; @@ -13,6 +14,7 @@ use codex_protocol::protocol::Op; use codex_protocol::request_user_input::RequestUserInputAnswer; use codex_protocol::request_user_input::RequestUserInputResponse; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::responses; use core_test_support::responses::ResponsesRequest; use core_test_support::responses::ev_assistant_message; @@ -141,12 +143,11 @@ async fn request_user_input_round_trip_for_mode(mode: ModeKind) -> anyhow::Resul text: "please confirm".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -285,12 +286,11 @@ async fn request_user_input_interrupt_emits_deferred_token_count() -> anyhow::Re text: "please confirm".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -390,12 +390,11 @@ where text: "please confirm".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/responses_api_proxy_headers.rs b/codex-rs/core/tests/suite/responses_api_proxy_headers.rs index 144feb016fd..768bbf11dbd 100644 --- a/codex-rs/core/tests/suite/responses_api_proxy_headers.rs +++ b/codex-rs/core/tests/suite/responses_api_proxy_headers.rs @@ -20,6 +20,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use pretty_assertions::assert_eq; @@ -141,7 +142,7 @@ async fn responses_api_parent_and_subagent_requests_include_identity_headers() - async fn submit_turn_with_timeout(test: &TestCodex, prompt: &str) -> Result<()> { let session_model = test.session_configured.model.clone(); - let cwd = test.config.cwd.to_path_buf(); + let cwd = test.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::workspace_write(), cwd.as_path()); test.codex @@ -150,12 +151,11 @@ async fn submit_turn_with_timeout(test: &TestCodex, prompt: &str) -> Result<()> text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::OnRequest), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/responses_lite.rs b/codex-rs/core/tests/suite/responses_lite.rs new file mode 100644 index 00000000000..b137d5bc730 --- /dev/null +++ b/codex-rs/core/tests/suite/responses_lite.rs @@ -0,0 +1,291 @@ +use std::sync::Arc; + +use anyhow::Context; +use anyhow::Result; +use codex_core::config::Config; +use codex_extension_api::ExtensionRegistry; +use codex_extension_api::ExtensionRegistryBuilder; +use codex_features::Feature; +use codex_image_generation_extension::install as install_image_generation_extension; +use codex_login::CodexAuth; +use codex_protocol::config_types::WebSearchMode; +use codex_protocol::models::ImageDetail; +use codex_protocol::openai_models::InputModality; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::Op; +use codex_protocol::user_input::UserInput; +use codex_web_search_extension::install as install_web_search_extension; +use core_test_support::responses; +use core_test_support::skip_if_no_network; +use core_test_support::test_codex::test_codex; +use core_test_support::wait_for_event; +use pretty_assertions::assert_eq; +use serde_json::Value; + +const RESPONSES_LITE_HEADER: &str = "x-openai-internal-codex-responses-lite"; + +fn responses_extensions(auth: &CodexAuth) -> Arc> { + let auth_manager = codex_core::test_support::auth_manager_from_auth(auth.clone()); + let mut extension_builder = ExtensionRegistryBuilder::::new(); + install_web_search_extension(&mut extension_builder, Arc::clone(&auth_manager)); + install_image_generation_extension(&mut extension_builder, auth_manager); + Arc::new(extension_builder.build()) +} + +fn configure_responses_tools(config: &mut Config) { + assert!(config.web_search_mode.set(WebSearchMode::Live).is_ok()); + assert!( + config + .features + .disable(Feature::StandaloneWebSearch) + .is_ok() + ); + assert!(config.features.enable(Feature::ImageGeneration).is_ok()); + assert!(config.features.disable(Feature::ImageGenExt).is_ok()); +} + +fn configure_image_capable_model(model_info: &mut codex_protocol::openai_models::ModelInfo) { + model_info.input_modalities = vec![InputModality::Text, InputModality::Image]; +} + +fn has_hosted_tool(tools: &[Value], tool_type: &str) -> bool { + tools + .iter() + .any(|tool| tool.get("type").and_then(Value::as_str) == Some(tool_type)) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_lite_strips_data_image_detail_without_resize_all_images() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_completed("resp-1"), + ]), + ) + .await; + let image_url = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR4nGP4z8DwHwAFAAH/iZk9HQAAAABJRU5ErkJggg=="; + let mut builder = test_codex().with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + configure_image_capable_model(model_info); + }); + let test = builder.build(&server).await?; + + test.codex + .submit(Op::UserInput { + items: vec![UserInput::Image { + image_url: image_url.to_string(), + detail: Some(ImageDetail::Original), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: Default::default(), + }) + .await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let request = response_mock.single_request(); + let input = request.input(); + let image = input + .iter() + .filter_map(|item| item.get("content").and_then(Value::as_array)) + .flatten() + .find(|item| item.get("type").and_then(Value::as_str) == Some("input_image")) + .context("request should contain an image")?; + assert_eq!( + image, + &serde_json::json!({ + "type": "input_image", + "image_url": image_url + }) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_lite_uses_standalone_web_search_and_image_generation() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_completed("resp-1"), + ]), + ) + .await; + + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let extensions = responses_extensions(&auth); + + let mut builder = test_codex() + .with_auth(auth) + .with_extensions(extensions) + .with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + configure_image_capable_model(model_info); + }) + .with_config(configure_responses_tools); + let test = builder.build(&server).await?; + + test.submit_turn("Use standalone tools").await?; + + let request = response_mock.single_request(); + assert_eq!( + request.header(RESPONSES_LITE_HEADER).as_deref(), + Some("true") + ); + request + .tool_by_name("web", "run") + .context("Responses Lite should expose standalone web search")?; + request + .tool_by_name("image_gen", "imagegen") + .context("Responses Lite should expose standalone image generation")?; + + let body = request.body_json(); + let tools = body["tools"] + .as_array() + .context("Responses request tools should be an array")?; + assert!(!has_hosted_tool(tools, "web_search")); + assert!(!has_hosted_tool(tools, "image_generation")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_lite_compact_request_uses_lite_transport_contract() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_completed("resp-1"), + ]), + ) + .await; + let compact_mock = + responses::mount_compact_json_once(&server, serde_json::json!({ "output": [] })).await; + + let mut builder = test_codex() + .with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + model_info.supports_parallel_tool_calls = true; + }) + .with_config(|config| { + let _ = config.features.disable(Feature::RemoteCompactionV2); + }); + let test = builder.build(&server).await?; + + test.submit_turn("Compact this conversation").await?; + test.codex.submit(Op::Compact).await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + response_mock.single_request(); + let compact_request = compact_mock.single_request(); + assert_eq!( + compact_request.header(RESPONSES_LITE_HEADER).as_deref(), + Some("true") + ); + let compact_body = compact_request.body_json(); + assert_eq!( + compact_body + .get("reasoning") + .and_then(|reasoning| reasoning.get("context")) + .and_then(Value::as_str), + Some("all_turns") + ); + assert_eq!( + compact_body.get("parallel_tool_calls"), + Some(&Value::Bool(false)) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn responses_lite_omits_hosted_tools_without_standalone_extensions() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_completed("resp-1"), + ]), + ) + .await; + + let mut builder = test_codex() + .with_auth(CodexAuth::create_dummy_chatgpt_auth_for_testing()) + .with_model_info_override("gpt-5.4", |model_info| { + model_info.use_responses_lite = true; + configure_image_capable_model(model_info); + }) + .with_config(configure_responses_tools); + let test = builder.build(&server).await?; + + test.submit_turn("Do not use hosted tools").await?; + + let body = response_mock.single_request().body_json(); + let tools = body["tools"] + .as_array() + .context("Responses request tools should be an array")?; + assert!(!has_hosted_tool(tools, "web_search")); + assert!(!has_hosted_tool(tools, "image_generation")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn non_lite_uses_hosted_tools_when_standalone_features_are_disabled() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let response_mock = responses::mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_completed("resp-1"), + ]), + ) + .await; + + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let extensions = responses_extensions(&auth); + let mut builder = test_codex() + .with_auth(auth) + .with_extensions(extensions) + .with_model_info_override("gpt-5.4", configure_image_capable_model) + .with_config(configure_responses_tools); + let test = builder.build(&server).await?; + + test.submit_turn("Use hosted tools").await?; + + let request = response_mock.single_request(); + assert_eq!(request.header(RESPONSES_LITE_HEADER), None); + assert!(request.tool_by_name("web", "run").is_none()); + assert!(request.tool_by_name("image_gen", "imagegen").is_none()); + let body = request.body_json(); + let tools = body["tools"] + .as_array() + .context("Responses request tools should be an array")?; + assert!(has_hosted_tool(tools, "web_search")); + assert!(has_hosted_tool(tools, "image_generation")); + + Ok(()) +} diff --git a/codex-rs/core/tests/suite/resume.rs b/codex-rs/core/tests/suite/resume.rs index 0dc7eaddcbd..8f760db4175 100644 --- a/codex-rs/core/tests/suite/resume.rs +++ b/codex-rs/core/tests/suite/resume.rs @@ -86,7 +86,6 @@ async fn resume_includes_initial_messages_from_rollout_events() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Record some messages".into(), text_elements: text_elements.clone(), @@ -173,7 +172,6 @@ async fn resume_includes_initial_messages_from_reasoning_events() -> Result<()> codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Record reasoning messages".into(), text_elements: Vec::new(), @@ -264,7 +262,6 @@ async fn resume_switches_models_preserves_base_instructions() -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Record initial instructions".into(), text_elements: Vec::new(), @@ -308,7 +305,6 @@ async fn resume_switches_models_preserves_base_instructions() -> Result<()> { resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Resume with different model".into(), text_elements: Vec::new(), @@ -327,7 +323,6 @@ async fn resume_switches_models_preserves_base_instructions() -> Result<()> { resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Second turn after resume".into(), text_elements: Vec::new(), @@ -401,7 +396,6 @@ async fn resume_model_switch_is_not_duplicated_after_pre_turn_override() -> Resu .await; codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Record initial instructions".into(), text_elements: Vec::new(), @@ -440,7 +434,6 @@ async fn resume_model_switch_is_not_duplicated_after_pre_turn_override() -> Resu resumed .codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first turn after override".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/resume_warning.rs b/codex-rs/core/tests/suite/resume_warning.rs index 54b046e66ca..21205597519 100644 --- a/codex-rs/core/tests/suite/resume_warning.rs +++ b/codex-rs/core/tests/suite/resume_warning.rs @@ -37,11 +37,12 @@ fn resume_history( network: None, file_system_sandbox_policy: None, model: previous_model.to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, realtime_active: None, - effort: config.model_reasoning_effort, + effort: config.model_reasoning_effort.clone(), summary: config .model_reasoning_summary .unwrap_or(ReasoningSummary::Auto), diff --git a/codex-rs/core/tests/suite/review.rs b/codex-rs/core/tests/suite/review.rs index 0d3f5648931..3fdd5f83efa 100644 --- a/codex-rs/core/tests/suite/review.rs +++ b/codex-rs/core/tests/suite/review.rs @@ -23,6 +23,7 @@ use core_test_support::responses::ResponseMock; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use pretty_assertions::assert_eq; @@ -705,7 +706,6 @@ async fn review_history_surfaces_in_parent_session() { let followup = "back to parent".to_string(); codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: followup.clone(), text_elements: Vec::new(), @@ -821,7 +821,7 @@ async fn review_uses_overridden_cwd_for_base_branch_merge_base() { core_test_support::submit_thread_settings( &codex, codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(repo_path.to_path_buf()), + environments: Some(local_selections(repo_path.to_path_buf().abs())), ..Default::default() }, ) diff --git a/codex-rs/core/tests/suite/rmcp_client.rs b/codex-rs/core/tests/suite/rmcp_client.rs index 36ea7d4b2c1..d9397cfc55f 100644 --- a/codex-rs/core/tests/suite/rmcp_client.rs +++ b/codex-rs/core/tests/suite/rmcp_client.rs @@ -2,6 +2,9 @@ use anyhow::Context as _; use anyhow::ensure; +use base64::Engine; +use base64::engine::general_purpose::STANDARD as BASE64_STANDARD; +use core_test_support::test_codex::local_selections; use std::collections::HashMap; use std::ffi::OsStr; use std::ffi::OsString; @@ -24,6 +27,7 @@ use codex_core::config::Config; use codex_exec_server::CreateDirectoryOptions; use codex_exec_server::Environment; use codex_exec_server::HttpRequestParams; +use codex_features::Feature; use codex_login::CodexAuth; use codex_mcp::MCP_SANDBOX_STATE_META_CAPABILITY; use codex_models_manager::manager::RefreshStrategy; @@ -44,6 +48,7 @@ use codex_protocol::protocol::McpToolCallBeginEvent; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; use codex_utils_cargo_bin::cargo_bin; +use codex_utils_path_uri::PathUri; use core_test_support::assert_regex_match; use core_test_support::remote_env_env_var; use core_test_support::responses; @@ -56,11 +61,16 @@ use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; use core_test_support::wait_for_mcp_server; +use image::DynamicImage; +use image::GenericImageView; +use image::ImageBuffer; +use image::Rgba; use reqwest::Client; use reqwest::StatusCode; use serde_json::Value; use serde_json::json; use serial_test::serial; +use std::io::Cursor; use tempfile::tempdir; use tokio::process::Child; use tokio::process::Command; @@ -120,7 +130,7 @@ fn user_turn_with_permission_profile( model: String, permission_profile: PermissionProfile, ) -> Op { - let cwd = fixture.cwd.path().to_path_buf(); + let cwd = fixture.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(permission_profile, cwd.as_path()); Op::UserInput { @@ -128,12 +138,11 @@ fn user_turn_with_permission_profile( text: text.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -558,6 +567,52 @@ async fn stdio_server_round_trip() -> anyhow::Result<()> { Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn shutdown_cancels_startup_prewarm_waiting_for_mcp_startup() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_websocket_server(vec![vec![vec![ + responses::ev_response_created("warm-1"), + responses::ev_completed("warm-1"), + ]]]) + .await; + let pending_mcp_listener = tokio::net::TcpListener::bind("127.0.0.1:0").await?; + let pending_mcp_url = format!("http://{}/mcp", pending_mcp_listener.local_addr()?); + + let fixture = test_codex() + .with_config(move |config| { + insert_mcp_server( + config, + "shutdown_prewarm", + McpServerTransportConfig::StreamableHttp { + url: pending_mcp_url, + bearer_token_env_var: None, + http_headers: None, + env_http_headers: None, + }, + TestMcpServerOptions::default(), + ); + }) + .build_with_websocket_server(&server) + .await?; + + let (_pending_mcp_connection, _) = + tokio::time::timeout(Duration::from_secs(5), pending_mcp_listener.accept()) + .await + .context("startup prewarm should start the MCP connection")??; + tokio::time::timeout(Duration::from_secs(2), fixture.codex.shutdown_and_wait()) + .await + .context("shutdown should not wait for startup prewarm MCP startup")??; + tokio::time::sleep(Duration::from_millis(100)).await; + assert!( + server.connections().is_empty(), + "startup prewarm should not send a websocket request after shutdown" + ); + + server.shutdown().await; + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 1)] #[serial(mcp_cwd)] async fn stdio_server_uses_configured_cwd_before_runtime_fallback() -> anyhow::Result<()> { @@ -571,8 +626,10 @@ async fn stdio_server_uses_configured_cwd_before_runtime_fallback() -> anyhow::R let fixture = test_codex() .with_workspace_setup(|cwd, fs| async move { + let configured_cwd = cwd.join("mcp-configured-cwd"); + let configured_cwd_uri = PathUri::from_path(&configured_cwd)?; fs.create_directory( - &cwd.join("mcp-configured-cwd"), + &configured_cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -1211,6 +1268,107 @@ async fn stdio_image_responses_round_trip() -> anyhow::Result<()> { Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +#[serial(mcp_test_value)] +async fn stdio_image_responses_resize_large_image() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = responses::start_mock_server().await; + let call_id = "img-resize-1"; + let server_name = "rmcp"; + let namespace = format!("mcp__{server_name}"); + + let original_dimensions = (3000, 2000); + let image = ImageBuffer::from_pixel( + original_dimensions.0, + original_dimensions.1, + Rgba([20, 40, 60, 255]), + ); + let mut encoded = Cursor::new(Vec::new()); + DynamicImage::ImageRgba8(image).write_to(&mut encoded, image::ImageFormat::Png)?; + let image_data_url = format!( + "data:image/png;base64,{}", + BASE64_STANDARD.encode(encoded.into_inner()) + ); + let tool_arguments = serde_json::to_string(&json!({ + "scenario": "image_only", + "data_url": image_data_url, + }))?; + + mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_response_created("resp-1"), + responses::ev_function_call_with_namespace( + call_id, + &namespace, + "image_scenario", + &tool_arguments, + ), + responses::ev_completed("resp-1"), + ]), + ) + .await; + let final_mock = mount_sse_once( + &server, + responses::sse(vec![ + responses::ev_assistant_message("msg-1", "done"), + responses::ev_completed("resp-2"), + ]), + ) + .await; + + let rmcp_test_server_bin = remote_aware_stdio_server_bin()?; + let fixture = test_codex() + .with_config(move |config| { + config + .features + .enable(Feature::ResizeAllImages) + .expect("resize_all_images should be enabled"); + insert_mcp_server( + config, + server_name, + stdio_transport(rmcp_test_server_bin, /*env*/ None, Vec::new()), + TestMcpServerOptions { + environment_id: remote_aware_environment_id(), + ..Default::default() + }, + ); + }) + .build_with_remote_env(&server) + .await?; + wait_for_mcp_server(&fixture.codex, server_name).await?; + + fixture + .codex + .submit(read_only_user_turn( + &fixture, + "call the rmcp image_scenario tool", + )) + .await?; + wait_for_event(&fixture.codex, |ev| matches!(ev, EventMsg::TurnComplete(_))).await; + + let output_item = final_mock.single_request().function_call_output(call_id); + assert_eq!(output_item["call_id"], call_id); + let output = output_item["output"] + .as_array() + .expect("image MCP output should be content items"); + let resized_url = output[1]["image_url"] + .as_str() + .expect("MCP image output should contain a data URL"); + assert_eq!(output[1]["detail"], "high"); + let (_, resized_base64) = resized_url + .split_once(',') + .expect("resized image should contain a data URL prefix"); + let resized_bytes = BASE64_STANDARD.decode(resized_base64)?; + let resized = image::load_from_memory(&resized_bytes)?; + let resized_dimensions = resized.dimensions(); + assert_eq!(resized_dimensions, (1920, 1280)); + + server.verify().await; + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 1)] #[serial(mcp_test_value)] async fn stdio_image_responses_preserve_original_detail_metadata() -> anyhow::Result<()> { @@ -1344,11 +1502,13 @@ async fn stdio_image_responses_are_sanitized_for_text_only_model() -> anyhow::Re context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: vec![InputModality::Text], used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/core/tests/suite/safety_check_downgrade.rs b/codex-rs/core/tests/suite/safety_check_downgrade.rs index 3d4cb93b9c5..a271702c9cb 100644 --- a/codex-rs/core/tests/suite/safety_check_downgrade.rs +++ b/codex-rs/core/tests/suite/safety_check_downgrade.rs @@ -21,6 +21,7 @@ use core_test_support::responses::sse_response; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -42,12 +43,11 @@ fn disabled_text_turn(test: &TestCodex, text: &str) -> Op { text: text.to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -55,7 +55,7 @@ fn disabled_text_turn(test: &TestCodex, text: &str) -> Op { mode: codex_protocol::config_types::ModeKind::Default, settings: codex_protocol::config_types::Settings { model: REQUESTED_MODEL.to_string(), - reasoning_effort: test.config.model_reasoning_effort, + reasoning_effort: test.config.model_reasoning_effort.clone(), developer_instructions: None, }, }), diff --git a/codex-rs/core/tests/suite/search_tool.rs b/codex-rs/core/tests/suite/search_tool.rs index dd8fe60d36e..686b9b9e42b 100644 --- a/codex-rs/core/tests/suite/search_tool.rs +++ b/codex-rs/core/tests/suite/search_tool.rs @@ -524,7 +524,6 @@ async fn tool_search_returns_deferred_tools_without_follow_up_tool_injection() - let test = builder.build(&server).await?; test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Find the calendar create tool".to_string(), text_elements: Vec::new(), @@ -934,7 +933,6 @@ async fn tool_search_returns_deferred_dynamic_tool_and_routes_follow_up_call() - test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Use the automation tool".to_string(), text_elements: Vec::new(), @@ -1245,7 +1243,6 @@ async fn tool_search_surfaced_mcp_tool_errors_are_returned_to_model() -> Result< test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Find the rmcp echo tool and call it.".to_string(), text_elements: Vec::new(), @@ -1563,7 +1560,6 @@ async fn tool_search_matches_dynamic_tools_by_name_description_namespace_and_sch test.codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "Search for the dynamic tool".to_string(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/shell_snapshot.rs b/codex-rs/core/tests/suite/shell_snapshot.rs index 69db30b21b4..b6f38b29b17 100644 --- a/codex-rs/core/tests/suite/shell_snapshot.rs +++ b/codex-rs/core/tests/suite/shell_snapshot.rs @@ -14,6 +14,7 @@ use core_test_support::responses::ev_response_created; use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; use core_test_support::test_codex::TestCodexHarness; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -154,7 +155,7 @@ async fn run_snapshot_command_with_options( let codex = test.codex.clone(); let codex_home = test.home.path().to_path_buf(); let session_model = test.session_configured.model.clone(); - let cwd = test.cwd_path().to_path_buf(); + let cwd = test.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); @@ -164,12 +165,11 @@ async fn run_snapshot_command_with_options( text: "run unified exec with shell snapshot".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -255,7 +255,7 @@ async fn run_shell_command_snapshot_with_options( let codex = test.codex.clone(); let codex_home = test.home.path().to_path_buf(); let session_model = test.session_configured.model.clone(); - let cwd = test.cwd_path().to_path_buf(); + let cwd = test.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); @@ -265,12 +265,11 @@ async fn run_shell_command_snapshot_with_options( text: "run shell_command with shell snapshot".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -337,7 +336,7 @@ async fn run_tool_turn_on_harness( let test = harness.test(); let codex = test.codex.clone(); let session_model = test.session_configured.model.clone(); - let cwd = test.cwd_path().to_path_buf(); + let cwd = test.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); codex @@ -346,12 +345,11 @@ async fn run_tool_turn_on_harness( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -554,7 +552,7 @@ async fn shell_command_snapshot_still_intercepts_apply_patch() -> Result<()> { let test = harness.test(); let codex = test.codex.clone(); - let cwd = test.cwd_path().to_path_buf(); + let cwd = test.config.cwd.clone(); let codex_home = test.home.path().to_path_buf(); let target = cwd.join("snapshot-apply.txt"); @@ -590,12 +588,11 @@ async fn shell_command_snapshot_still_intercepts_apply_patch() -> Result<()> { text: "apply patch via shell_command with snapshot".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.clone()), + environments: Some(local_selections(cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/skill_approval.rs b/codex-rs/core/tests/suite/skill_approval.rs index 2335ba64155..50ea9495ac5 100644 --- a/codex-rs/core/tests/suite/skill_approval.rs +++ b/codex-rs/core/tests/suite/skill_approval.rs @@ -13,6 +13,7 @@ use core_test_support::responses::mount_function_call_agent_response; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; use core_test_support::wait_for_event_match; @@ -51,12 +52,11 @@ async fn submit_turn_with_policies( text: prompt.to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd_path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(approval_policy), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/skills.rs b/codex-rs/core/tests/suite/skills.rs index e21668fa842..55c75016d99 100644 --- a/codex-rs/core/tests/suite/skills.rs +++ b/codex-rs/core/tests/suite/skills.rs @@ -9,6 +9,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_response_created; @@ -16,6 +17,7 @@ use core_test_support::responses::mount_sse_once; use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use std::sync::Arc; @@ -28,15 +30,17 @@ async fn write_repo_skill( body: &str, ) -> Result<()> { let skill_dir = cwd.join(".agents").join("skills").join(name); + let skill_dir_uri = PathUri::from_path(&skill_dir)?; fs.create_directory( - &skill_dir, + &skill_dir_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; let contents = format!("---\nname: {name}\ndescription: {description}\n---\n\n{body}\n"); let path = skill_dir.join("SKILL.md"); - fs.write_file(&path, contents.into_bytes(), /*sandbox*/ None) + let path_uri = PathUri::from_path(&path)?; + fs.write_file(&path_uri, contents.into_bytes(), /*sandbox*/ None) .await?; Ok(()) } @@ -85,12 +89,11 @@ async fn user_turn_includes_skill_instructions() -> Result<()> { path: skill_path.clone(), }, ], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_api_auth_prompt_cache_key_request_diff.snap b/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_api_auth_prompt_cache_key_request_diff.snap index 750250f86af..0df96a7c064 100644 --- a/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_api_auth_prompt_cache_key_request_diff.snap +++ b/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_api_auth_prompt_cache_key_request_diff.snap @@ -7,7 +7,12 @@ Scenario: After five varied API-key-auth turns, remote manual compaction omits s --- Last Normal /responses Request +++ Remote /responses/compact Request - "client_metadata": { -- "x-codex-installation-id": "" +- "session_id": "", +- "thread_id": "", +- "turn_id": "", +- "x-codex-installation-id": "", +- "x-codex-turn-metadata": "{\"installation_id\":\"\",\"session_id\":\"\",\"thread_id\":\"\",\"turn_id\":\"\",\"window_id\":\":0\",\"request_kind\":\"turn\",\"sandbox\":\"\",\"turn_started_at_unix_ms\":}", +- "x-codex-window-id": ":0" - }, - "include": [ - "reasoning.encrypted_content" diff --git a/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_chatgpt_auth_service_tier_prompt_cache_key_request_diff.snap b/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_chatgpt_auth_service_tier_prompt_cache_key_request_diff.snap index e28ddd30d10..d959d526cc9 100644 --- a/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_chatgpt_auth_service_tier_prompt_cache_key_request_diff.snap +++ b/codex-rs/core/tests/suite/snapshots/all__suite__compact_remote__remote_manual_compact_chatgpt_auth_service_tier_prompt_cache_key_request_diff.snap @@ -7,7 +7,12 @@ Scenario: After five varied ChatGPT-auth turns, remote manual compaction reuses --- Last Normal /responses Request +++ Remote /responses/compact Request - "client_metadata": { -- "x-codex-installation-id": "" +- "session_id": "", +- "thread_id": "", +- "turn_id": "", +- "x-codex-installation-id": "", +- "x-codex-turn-metadata": "{\"installation_id\":\"\",\"session_id\":\"\",\"thread_id\":\"\",\"turn_id\":\"\",\"window_id\":\":0\",\"request_kind\":\"turn\",\"sandbox\":\"\",\"turn_started_at_unix_ms\":}", +- "x-codex-window-id": ":0" - }, - "include": [ - "reasoning.encrypted_content" diff --git a/codex-rs/core/tests/suite/snapshots/all__suite__realtime_conversation__conversation_user_text_turn_is_capped_when_mirrored_to_realtime.snap b/codex-rs/core/tests/suite/snapshots/all__suite__realtime_conversation__conversation_user_text_turn_is_capped_when_mirrored_to_realtime.snap deleted file mode 100644 index 3daae5d3788..00000000000 --- a/codex-rs/core/tests/suite/snapshots/all__suite__realtime_conversation__conversation_user_text_turn_is_capped_when_mirrored_to_realtime.snap +++ /dev/null @@ -1,12 +0,0 @@ ---- -source: core/tests/suite/realtime_conversation.rs -expression: snapshot ---- -type: conversation.item.create -item.type: message -item.role: user -content[0].type: input_text -model_has_full_user_text: true -realtime_text_equal_full_user_text: false -realtime_text_approx_tokens: 300 -content[0].text: [USER] mirror-head alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alpha alp…2419 tokens truncated…ega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega omega mirror-tail diff --git a/codex-rs/core/tests/suite/snapshots/all__suite__realtime_conversation__conversation_user_text_turn_is_sent_to_realtime_when_active.snap b/codex-rs/core/tests/suite/snapshots/all__suite__realtime_conversation__conversation_user_text_turn_is_sent_to_realtime_when_active.snap deleted file mode 100644 index 3ca82330294..00000000000 --- a/codex-rs/core/tests/suite/snapshots/all__suite__realtime_conversation__conversation_user_text_turn_is_sent_to_realtime_when_active.snap +++ /dev/null @@ -1,10 +0,0 @@ ---- -source: core/tests/suite/realtime_conversation.rs -expression: snapshot ---- -type: conversation.item.create -item.type: message -item.role: user -content[0].type: input_text -content[0].text: [USER] typed follow-up for realtime -response.create: false diff --git a/codex-rs/core/tests/suite/snapshots/all__suite__token_budget__token_budget_new_context_window_tool_full_context.snap b/codex-rs/core/tests/suite/snapshots/all__suite__token_budget__token_budget_new_context_window_tool_full_context.snap new file mode 100644 index 00000000000..e3dddb45cac --- /dev/null +++ b/codex-rs/core/tests/suite/snapshots/all__suite__token_budget__token_budget_new_context_window_tool_full_context.snap @@ -0,0 +1,14 @@ +--- +source: core/tests/suite/token_budget.rs +expression: snapshot +--- +Scenario: New context window tool installs fresh full context before the next follow-up request. + +## Final Follow-Up Request +00:message/developer[3]: + [01] + [02] + [03] \nThread id .\nCurrent context window 1.\nYou have 121600 tokens left in this context window.\n +01:message/user:> +02:function_call/update_plan +03:function_call_output:Plan updated diff --git a/codex-rs/core/tests/suite/spawn_agent_description.rs b/codex-rs/core/tests/suite/spawn_agent_description.rs index 3b581c90512..30aab8926e5 100644 --- a/codex-rs/core/tests/suite/spawn_agent_description.rs +++ b/codex-rs/core/tests/suite/spawn_agent_description.rs @@ -60,6 +60,7 @@ fn test_model_info( input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -83,6 +84,7 @@ fn test_model_info( context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), } diff --git a/codex-rs/core/tests/suite/sqlite_state.rs b/codex-rs/core/tests/suite/sqlite_state.rs index 94deeb48a0d..b4809e8a391 100644 --- a/codex-rs/core/tests/suite/sqlite_state.rs +++ b/codex-rs/core/tests/suite/sqlite_state.rs @@ -1,8 +1,12 @@ use anyhow::Result; use codex_config::types::McpServerConfig; use codex_config::types::McpServerTransportConfig; +use codex_core::config::Config; +use codex_extension_api::ExtensionRegistryBuilder; use codex_features::Feature; +use codex_login::CodexAuth; use codex_protocol::ThreadId; +use codex_protocol::config_types::WebSearchMode; use codex_protocol::dynamic_tools::DynamicToolSpec; use codex_protocol::models::PermissionProfile; use codex_protocol::protocol::AskForApproval; @@ -15,6 +19,7 @@ use codex_protocol::protocol::SessionMetaLine; use codex_protocol::protocol::SessionSource; use codex_protocol::protocol::UserMessageEvent; use codex_protocol::user_input::UserInput; +use codex_web_search_extension::install as install_web_search_extension; use core_test_support::responses; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_function_call; @@ -25,6 +30,7 @@ use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::stdio_server_bin; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -34,9 +40,14 @@ use pretty_assertions::assert_eq; use serde_json::json; use std::collections::HashMap; use std::fs; +use std::sync::Arc; use tokio::time::Duration; use tracing_subscriber::prelude::*; use uuid::Uuid; +use wiremock::Mock; +use wiremock::ResponseTemplate; +use wiremock::matchers::method; +use wiremock::matchers::path; #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn new_thread_is_recorded_in_state_db() -> Result<()> { @@ -138,7 +149,6 @@ async fn resume_restores_dynamic_tools_from_rollout_with_sqlite_enabled() -> Res started .thread .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "persist this thread".to_string(), text_elements: Vec::new(), @@ -384,6 +394,84 @@ async fn web_search_marks_thread_memory_mode_polluted_when_configured() -> Resul Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn standalone_web_search_marks_thread_memory_mode_polluted_when_configured() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + Mock::given(method("POST")) + .and(path("/v1/alpha/search")) + .respond_with(ResponseTemplate::new(200).set_body_json(json!({ + "output": "Search result", + }))) + .expect(1) + .mount(&server) + .await; + mount_sse_sequence( + &server, + vec![ + responses::sse(vec![ + ev_response_created("resp-1"), + responses::ev_function_call_with_namespace( + "web-run-1", + "web", + "run", + &json!({ + "search_query": [{"q": "standalone web search"}], + }) + .to_string(), + ), + ev_completed("resp-1"), + ]), + responses::sse(vec![ + responses::ev_assistant_message("msg-1", "done"), + ev_completed("resp-2"), + ]), + ], + ) + .await; + + let auth = CodexAuth::from_api_key("dummy"); + let auth_manager = codex_core::test_support::auth_manager_from_auth(auth.clone()); + let mut extension_builder = ExtensionRegistryBuilder::::new(); + install_web_search_extension(&mut extension_builder, auth_manager); + let mut builder = test_codex() + .with_auth(auth) + .with_extensions(Arc::new(extension_builder.build())) + .with_config(|config| { + config + .features + .enable(Feature::Sqlite) + .expect("test config should allow feature update"); + config + .features + .enable(Feature::StandaloneWebSearch) + .expect("standalone web search should be enabled"); + config.memories.disable_on_external_context = true; + config + .web_search_mode + .set(WebSearchMode::Live) + .expect("web search mode should be accepted"); + }); + let test = builder.build(&server).await?; + let db = test.codex.state_db().expect("state db enabled"); + let thread_id = test.session_configured.thread_id; + + test.submit_turn("search the web").await?; + + let mut memory_mode = None; + for _ in 0..100 { + memory_mode = db.get_thread_memory_mode(thread_id).await?; + if memory_mode.as_deref() == Some("polluted") { + break; + } + tokio::time::sleep(Duration::from_millis(25)).await; + } + + assert_eq!(memory_mode.as_deref(), Some("polluted")); + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn mcp_call_marks_thread_memory_mode_polluted_when_configured() -> Result<()> { skip_if_no_network!(Ok(())); @@ -462,7 +550,7 @@ async fn mcp_call_marks_thread_memory_mode_polluted_when_configured() -> Result< wait_for_mcp_server(&test.codex, server_name).await?; let db = test.codex.state_db().expect("state db enabled"); let thread_id = test.session_configured.thread_id; - let cwd = test.cwd_path().to_path_buf(); + let cwd = test.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::read_only(), cwd.as_path()); @@ -472,12 +560,11 @@ async fn mcp_call_marks_thread_memory_mode_polluted_when_configured() -> Result< text: "call the rmcp echo tool".to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/stream_error_allows_next_turn.rs b/codex-rs/core/tests/suite/stream_error_allows_next_turn.rs index d82692c26c9..1870feab9f0 100644 --- a/codex-rs/core/tests/suite/stream_error_allows_next_turn.rs +++ b/codex-rs/core/tests/suite/stream_error_allows_next_turn.rs @@ -94,7 +94,6 @@ async fn continue_after_stream_error() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "first message".into(), text_elements: Vec::new(), @@ -117,7 +116,6 @@ async fn continue_after_stream_error() { // error above, this submission would be rejected/queued indefinitely. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "follow up".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/stream_no_completed.rs b/codex-rs/core/tests/suite/stream_no_completed.rs index 471c60db5a9..6e028279b1b 100644 --- a/codex-rs/core/tests/suite/stream_no_completed.rs +++ b/codex-rs/core/tests/suite/stream_no_completed.rs @@ -76,7 +76,6 @@ async fn retries_on_early_close() { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/subagent_notifications.rs b/codex-rs/core/tests/suite/subagent_notifications.rs index c39a6bb39db..c3468e46538 100644 --- a/codex-rs/core/tests/suite/subagent_notifications.rs +++ b/codex-rs/core/tests/suite/subagent_notifications.rs @@ -17,6 +17,7 @@ use core_test_support::hooks::trust_discovered_hooks; use core_test_support::responses::ResponsesRequest; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; +use core_test_support::responses::ev_function_call; use core_test_support::responses::ev_function_call_with_namespace; use core_test_support::responses::ev_response_created; use core_test_support::responses::ev_tool_search_call; @@ -29,6 +30,7 @@ use core_test_support::responses::sse_response; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event_match; @@ -755,6 +757,7 @@ async fn subagent_stop_replaces_stop_and_skips_internal_subagents() -> Result<() metrics_service_name: None, parent_trace: None, environments: Vec::new(), + thread_extension_init: Default::default(), }) .await?; @@ -767,12 +770,11 @@ async fn subagent_stop_replaces_stop_and_skips_internal_subagents() -> Result<() text: INTERNAL_SUBAGENT_PROMPT.to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -1026,6 +1028,80 @@ async fn spawned_multi_agent_v2_child_inherits_parent_developer_context() -> Res Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn encrypted_multi_agent_v2_spawn_sends_agent_message_to_child() -> Result<()> { + let server = start_mock_server().await; + let encrypted_message = "opaque-encrypted-message"; + let spawn_args = serde_json::to_string(&json!({ + "message": encrypted_message, + "task_name": "worker", + }))?; + mount_sse_once_match( + &server, + |req: &wiremock::Request| body_contains(req, TURN_1_PROMPT), + sse(vec![ + ev_response_created("resp-parent-1"), + ev_function_call(SPAWN_CALL_ID, "spawn_agent", &spawn_args), + ev_completed("resp-parent-1"), + ]), + ) + .await; + let child_request_log = mount_sse_once_match( + &server, + |req: &wiremock::Request| body_contains(req, "\"type\":\"agent_message\""), + sse(vec![ + ev_response_created("resp-child-1"), + ev_completed("resp-child-1"), + ]), + ) + .await; + mount_sse_once_match( + &server, + |req: &wiremock::Request| { + body_contains(req, SPAWN_CALL_ID) && !body_contains(req, "\"type\":\"agent_message\"") + }, + sse(vec![ + ev_response_created("resp-parent-2"), + ev_assistant_message("msg-parent-2", "done"), + ev_completed("resp-parent-2"), + ]), + ) + .await; + + let mut builder = test_codex().with_model("koffing").with_config(|config| { + config + .features + .enable(Feature::Collab) + .expect("test config should allow feature update"); + config + .features + .enable(Feature::MultiAgentV2) + .expect("test config should allow feature update"); + }); + let test = builder.build(&server).await?; + + test.submit_turn(TURN_1_PROMPT).await?; + + let child_request = wait_for_requests(&child_request_log) + .await? + .pop() + .expect("child request"); + assert_eq!( + child_request.inputs_of_type("agent_message"), + vec![json!({ + "type": "agent_message", + "author": "/root", + "recipient": "/root/worker", + "content": [{ + "type": "encrypted_content", + "encrypted_content": encrypted_message, + }], + })] + ); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn skills_toggle_skips_instructions_for_parent_and_spawned_child() -> Result<()> { skip_if_no_network!(Ok(())); diff --git a/codex-rs/core/tests/suite/token_budget.rs b/codex-rs/core/tests/suite/token_budget.rs new file mode 100644 index 00000000000..c64251e24aa --- /dev/null +++ b/codex-rs/core/tests/suite/token_budget.rs @@ -0,0 +1,458 @@ +use anyhow::Result; +use codex_features::Feature; +use codex_model_provider_info::built_in_model_providers; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::Op; +use core_test_support::PathBufExt; +use core_test_support::context_snapshot; +use core_test_support::context_snapshot::ContextSnapshotOptions; +use core_test_support::responses::ResponsesRequest; +use core_test_support::responses::ev_assistant_message; +use core_test_support::responses::ev_completed; +use core_test_support::responses::ev_completed_with_tokens; +use core_test_support::responses::ev_function_call; +use core_test_support::responses::ev_response_created; +use core_test_support::responses::mount_sse_sequence; +use core_test_support::responses::sse; +use core_test_support::responses::start_mock_server; +use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local; +use core_test_support::test_codex::test_codex; +use core_test_support::wait_for_event; +use pretty_assertions::assert_eq; +use serde_json::Value; +use serde_json::json; + +const CONFIGURED_CONTEXT_WINDOW: i64 = 128_000; +const EFFECTIVE_CONTEXT_WINDOW: i64 = CONFIGURED_CONTEXT_WINDOW * 95 / 100; + +fn token_budget_texts(request: &ResponsesRequest) -> Vec { + request + .message_input_texts("developer") + .into_iter() + .filter(|text| text.starts_with("")) + .collect() +} + +fn tool_names(request: &ResponsesRequest) -> Vec { + request + .body_json() + .get("tools") + .and_then(Value::as_array) + .into_iter() + .flatten() + .filter_map(|tool| tool.get("name").and_then(Value::as_str).map(str::to_string)) + .collect() +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn token_budget_context_is_only_emitted_with_full_context() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let responses = mount_sse_sequence( + &server, + vec![ + sse(vec![ev_response_created("resp-1"), ev_completed("resp-1")]), + sse(vec![ev_response_created("resp-2"), ev_completed("resp-2")]), + ], + ) + .await; + let test = test_codex() + .with_config(|config| { + config.model_context_window = Some(CONFIGURED_CONTEXT_WINDOW); + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }) + .build(&server) + .await?; + + test.submit_turn("first turn").await?; + + let second_cwd = test.workspace_path("second-cwd"); + std::fs::create_dir_all(&second_cwd)?; + test.submit_turn_with_environments("second turn", Some(vec![local(second_cwd.abs())])) + .await?; + + let requests = responses.requests(); + assert_eq!(requests.len(), 2); + + let thread_id = test.session_configured.thread_id; + let expected = vec![format!( + "\nThread id {thread_id}.\nCurrent context window 0.\nYou have {EFFECTIVE_CONTEXT_WINDOW} tokens left in this context window.\n" + )]; + assert_eq!( + token_budget_texts(&requests[0]), + expected, + "initial full context should report context window 0" + ); + assert_eq!( + token_budget_texts(&requests[1]), + expected, + "steady-state context update should not advance the context window" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn token_budget_remaining_context_emits_on_first_threshold_crossing() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let responses = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_completed_with_tokens("resp-1", /*total_tokens*/ 2_500), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_completed_with_tokens("resp-2", /*total_tokens*/ 3_000), + ]), + sse(vec![ + ev_response_created("resp-3"), + ev_completed_with_tokens("resp-3", /*total_tokens*/ 5_000), + ]), + sse(vec![ + ev_response_created("resp-4"), + ev_completed_with_tokens("resp-4", /*total_tokens*/ 8_000), + ]), + sse(vec![ev_response_created("resp-5"), ev_completed("resp-5")]), + ], + ) + .await; + let test = test_codex() + .with_config(|config| { + config.model_context_window = Some(10_000); + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }) + .build(&server) + .await?; + + for turn in 1..=5 { + test.submit_turn(&format!("turn {turn}")).await?; + } + + let requests = responses.requests(); + assert_eq!(requests.len(), 5); + + let thread_id = test.session_configured.thread_id; + let full_context = format!( + "\nThread id {thread_id}.\nCurrent context window 0.\nYou have 9500 tokens left in this context window.\n" + ); + let threshold_25 = + "\nYou have 7000 tokens left in this context window.\n" + .to_string(); + let threshold_50 = + "\nYou have 4500 tokens left in this context window.\n" + .to_string(); + let threshold_75 = + "\nYou have 1500 tokens left in this context window.\n" + .to_string(); + + assert_eq!(token_budget_texts(&requests[0]), vec![full_context.clone()]); + assert_eq!( + token_budget_texts(&requests[1]), + vec![full_context.clone(), threshold_25.clone()] + ); + assert_eq!( + token_budget_texts(&requests[2]), + vec![full_context.clone(), threshold_25.clone()] + ); + assert_eq!( + token_budget_texts(&requests[3]), + vec![ + full_context.clone(), + threshold_25.clone(), + threshold_50.clone() + ] + ); + assert_eq!( + token_budget_texts(&requests[4]), + vec![full_context, threshold_25, threshold_50, threshold_75] + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn get_context_remaining_returns_token_budget_remaining_fragment() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let call_id = "remaining-call"; + let responses = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_assistant_message("msg-1", "noted"), + ev_completed_with_tokens("resp-1", /*total_tokens*/ 2_500), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_function_call(call_id, "get_context_remaining", "{}"), + ev_completed_with_tokens("resp-2", /*total_tokens*/ 2_500), + ]), + sse(vec![ + ev_response_created("resp-3"), + ev_assistant_message("msg-3", "done"), + ev_completed("resp-3"), + ]), + ], + ) + .await; + let test = test_codex() + .with_config(|config| { + config.model_context_window = Some(10_000); + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }) + .build(&server) + .await?; + + test.submit_turn("spend some tokens").await?; + test.submit_turn("check remaining context").await?; + + let requests = responses.requests(); + assert_eq!(requests.len(), 3); + assert!( + tool_names(&requests[1]) + .iter() + .any(|name| name == "get_context_remaining"), + "get_context_remaining should be exposed when token budget is enabled" + ); + + let thread_id = test.session_configured.thread_id; + let full_context = format!( + "\nThread id {thread_id}.\nCurrent context window 0.\nYou have 9500 tokens left in this context window.\n" + ); + let remaining_context = + "\nYou have 7000 tokens left in this context window.\n" + .to_string(); + assert_eq!( + token_budget_texts(&requests[1]), + vec![full_context, remaining_context.clone()] + ); + assert_eq!( + requests[2].function_call_output_content_and_success(call_id), + Some((Some(remaining_context), None)) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn get_context_remaining_returns_unknown_when_window_is_unavailable() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let call_id = "remaining-call"; + let responses = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_function_call(call_id, "get_context_remaining", "{}"), + ev_completed("resp-1"), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_assistant_message("msg-2", "done"), + ev_completed("resp-2"), + ]), + ], + ) + .await; + let test = test_codex() + .with_model_info_override("gpt-5.2", |model_info| { + model_info.context_window = None; + model_info.max_context_window = None; + }) + .with_config(|config| { + config.model_context_window = None; + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }) + .build(&server) + .await?; + + test.submit_turn("check remaining context").await?; + + let requests = responses.requests(); + assert_eq!(requests.len(), 2); + assert!( + tool_names(&requests[0]) + .iter() + .any(|name| name == "get_context_remaining"), + "get_context_remaining should be exposed when token budget is enabled" + ); + + assert_eq!(token_budget_texts(&requests[0]), Vec::::new()); + assert_eq!( + requests[1].function_call_output_content_and_success(call_id), + Some(( + Some( + "\nYou have unknown tokens left in this context window.\n" + .to_string() + ), + None, + )) + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn token_budget_context_uses_new_window_after_compaction() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let responses = mount_sse_sequence( + &server, + vec![ + sse(vec![ev_response_created("resp-1"), ev_completed("resp-1")]), + sse(vec![ + ev_response_created("resp-compact"), + ev_assistant_message("msg-compact", "compact summary"), + ev_completed("resp-compact"), + ]), + sse(vec![ev_response_created("resp-2"), ev_completed("resp-2")]), + ], + ) + .await; + + let mut model_provider = built_in_model_providers(/*openai_base_url*/ None)["openai"].clone(); + model_provider.name = "OpenAI-compatible test provider".to_string(); + model_provider.base_url = Some(format!("{}/v1", server.uri())); + model_provider.supports_websockets = false; + + let test = test_codex() + .with_config(move |config| { + config.model_provider = model_provider; + config.model_context_window = Some(CONFIGURED_CONTEXT_WINDOW); + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }) + .build(&server) + .await?; + + test.submit_turn("before compact").await?; + test.codex.submit(Op::Compact).await?; + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + test.submit_turn("after compact").await?; + + let requests = responses.requests(); + assert_eq!(requests.len(), 3); + + let thread_id = test.session_configured.thread_id; + assert_eq!( + token_budget_texts(&requests[2]), + vec![format!( + "\nThread id {thread_id}.\nCurrent context window 1.\nYou have {EFFECTIVE_CONTEXT_WINDOW} tokens left in this context window.\n" + )], + "post-compaction full context should report context window 1" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn new_context_tool_starts_new_window_before_follow_up() -> Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let call_id = "new-window-call"; + let continue_call_id = "continue-call"; + let continue_args = json!({ + "plan": [ + {"step": "Continue in the new context window", "status": "in_progress"} + ], + }) + .to_string(); + let responses = mount_sse_sequence( + &server, + vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_function_call(call_id, "new_context", "{}"), + ev_completed("resp-1"), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_function_call(continue_call_id, "update_plan", &continue_args), + ev_completed("resp-2"), + ]), + sse(vec![ + ev_response_created("resp-3"), + ev_assistant_message("msg-3", "done"), + ev_completed("resp-3"), + ]), + ], + ) + .await; + let test = test_codex() + .with_config(|config| { + config.model_context_window = Some(CONFIGURED_CONTEXT_WINDOW); + config + .features + .enable(Feature::TokenBudget) + .expect("test config should allow token budget"); + }) + .build(&server) + .await?; + + test.submit_turn("request new context window").await?; + + let requests = responses.requests(); + assert_eq!(requests.len(), 3); + assert!( + tool_names(&requests[0]) + .iter() + .any(|name| name == "new_context"), + "new_context should be exposed when token budget is enabled" + ); + let thread_id = test.session_configured.thread_id; + assert_eq!( + token_budget_texts(&requests[2]), + vec![format!( + "\nThread id {thread_id}.\nCurrent context window 1.\nYou have {EFFECTIVE_CONTEXT_WINDOW} tokens left in this context window.\n" + )] + ); + assert!( + !requests[2].body_contains_text("request new context window"), + "new_context should drop the prior window history before continuing the turn" + ); + assert_eq!( + requests[2].function_call_output_text(continue_call_id), + Some("Plan updated".to_string()) + ); + let snapshot = context_snapshot::format_labeled_requests_snapshot( + "New context window tool installs fresh full context before the next follow-up request.", + &[("Final Follow-Up Request", &requests[2])], + &ContextSnapshotOptions::default(), + ); + let snapshot = snapshot.replace(&thread_id.to_string(), ""); + insta::assert_snapshot!( + "token_budget_new_context_window_tool_full_context", + snapshot + ); + + Ok(()) +} diff --git a/codex-rs/core/tests/suite/tool_harness.rs b/codex-rs/core/tests/suite/tool_harness.rs index a6f808b9d79..7b3f2a69021 100644 --- a/codex-rs/core/tests/suite/tool_harness.rs +++ b/codex-rs/core/tests/suite/tool_harness.rs @@ -1,5 +1,6 @@ #![cfg(not(target_os = "windows"))] +use core_test_support::test_codex::local_selections; use std::fs; use assert_matches::assert_matches; @@ -10,6 +11,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::assert_regex_match; use core_test_support::responses; use core_test_support::responses::ResponsesRequest; @@ -97,7 +99,7 @@ async fn shell_command_tool_executes_command_and_streams_output() -> anyhow::Res let second_mock = responses::mount_sse_once(&server, second_response).await; let session_model = session_configured.model.clone(); - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); @@ -107,12 +109,11 @@ async fn shell_command_tool_executes_command_and_streams_output() -> anyhow::Res text: "please run the shell command".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -179,7 +180,7 @@ async fn update_plan_tool_emits_plan_update_event() -> anyhow::Result<()> { let second_mock = responses::mount_sse_once(&server, second_response).await; let session_model = session_configured.model.clone(); - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); @@ -189,12 +190,11 @@ async fn update_plan_tool_emits_plan_update_event() -> anyhow::Result<()> { text: "please update the plan".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -271,7 +271,7 @@ async fn update_plan_tool_rejects_malformed_payload() -> anyhow::Result<()> { let second_mock = responses::mount_sse_once(&server, second_response).await; let session_model = session_configured.model.clone(); - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); @@ -281,12 +281,11 @@ async fn update_plan_tool_rejects_malformed_payload() -> anyhow::Result<()> { text: "please update the plan".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -373,7 +372,7 @@ async fn apply_patch_tool_executes_and_emits_patch_events() -> anyhow::Result<() let second_mock = responses::mount_sse_once(&server, second_response).await; let session_model = session_configured.model.clone(); - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); @@ -383,12 +382,11 @@ async fn apply_patch_tool_executes_and_emits_patch_events() -> anyhow::Result<() text: "please apply a patch".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -512,7 +510,7 @@ async fn apply_patch_reports_parse_diagnostics() -> anyhow::Result<()> { let second_mock = responses::mount_sse_once(&server, second_response).await; let session_model = session_configured.model.clone(); - let cwd_path = cwd.path().to_path_buf(); + let cwd_path = cwd.abs(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd_path.as_path()); @@ -522,12 +520,11 @@ async fn apply_patch_reports_parse_diagnostics() -> anyhow::Result<()> { text: "please apply a patch".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd_path), + environments: Some(local_selections(cwd_path)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/tool_parallelism.rs b/codex-rs/core/tests/suite/tool_parallelism.rs index 76bb27c4230..8a9db06803f 100644 --- a/codex-rs/core/tests/suite/tool_parallelism.rs +++ b/codex-rs/core/tests/suite/tool_parallelism.rs @@ -1,6 +1,7 @@ #![cfg(not(target_os = "windows"))] #![allow(clippy::unwrap_used)] +use core_test_support::test_codex::local_selections; use std::fs; use std::time::Duration; use std::time::Instant; @@ -42,12 +43,11 @@ async fn run_turn(test: &TestCodex, prompt: &str) -> anyhow::Result<()> { text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -369,12 +369,11 @@ async fn shell_tools_start_before_response_completed_when_stream_delayed() -> an text: "stream delayed completion".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.cwd.path().to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/tools.rs b/codex-rs/core/tests/suite/tools.rs index 7949abfb605..fd19a18c76c 100644 --- a/codex-rs/core/tests/suite/tools.rs +++ b/codex-rs/core/tests/suite/tools.rs @@ -16,7 +16,6 @@ use codex_protocol::permissions::FileSystemSandboxEntry; use codex_protocol::permissions::FileSystemSandboxPolicy; use codex_protocol::permissions::NetworkSandboxPolicy; use codex_protocol::protocol::AskForApproval; -use codex_protocol::protocol::TurnEnvironmentSelection; use core_test_support::assert_regex_match; use core_test_support::responses::ev_assistant_message; use core_test_support::responses::ev_completed; @@ -29,6 +28,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::skip_if_sandbox; +use core_test_support::test_codex::local; use core_test_support::test_codex::test_codex; use regex_lite::Regex; use serde_json::Value; @@ -117,10 +117,7 @@ async fn turn_environment_selection_keeps_environment_backed_tools() -> Result<( test.submit_turn_with_environments( "which tools are available?", - Some(vec![TurnEnvironmentSelection { - environment_id: "local".to_string(), - cwd: test.config.cwd.clone(), - }]), + Some(vec![local(test.config.cwd.clone())]), ) .await?; diff --git a/codex-rs/core/tests/suite/truncation.rs b/codex-rs/core/tests/suite/truncation.rs index db90b663e09..89ce0013ebe 100644 --- a/codex-rs/core/tests/suite/truncation.rs +++ b/codex-rs/core/tests/suite/truncation.rs @@ -10,6 +10,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::assert_regex_match; use core_test_support::responses; use core_test_support::responses::ev_assistant_message; @@ -21,6 +22,7 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::stdio_server_bin; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use core_test_support::wait_for_mcp_server; @@ -523,12 +525,11 @@ async fn mcp_image_output_preserves_image_and_no_text_summary() -> Result<()> { text: "call the rmcp image tool".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(fixture.cwd.path().to_path_buf()), + environments: Some(local_selections(fixture.cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile: Some(permission_profile), diff --git a/codex-rs/core/tests/suite/unified_exec.rs b/codex-rs/core/tests/suite/unified_exec.rs index d86a0f620e1..06b5288cdc8 100644 --- a/codex-rs/core/tests/suite/unified_exec.rs +++ b/codex-rs/core/tests/suite/unified_exec.rs @@ -1,3 +1,4 @@ +use core_test_support::test_codex::local_selections; use std::collections::HashMap; use std::ffi::OsStr; use std::fs; @@ -16,6 +17,8 @@ use codex_protocol::protocol::ExecCommandSource; use codex_protocol::protocol::ExecCommandStatus; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use codex_utils_path_uri::PathUri; +use core_test_support::TempDirExt; use core_test_support::assert_regex_match; use core_test_support::managed_network_requirements_loader; use core_test_support::process::process_is_alive; @@ -197,12 +200,11 @@ async fn submit_unified_exec_turn( text: prompt.into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -227,9 +229,10 @@ async fn create_workspace_directory( rel_path: impl AsRef, ) -> Result { let abs_path = test.config.cwd.join(rel_path.as_ref()); + let abs_path_uri = PathUri::from_path(&abs_path)?; test.fs() .create_directory( - &abs_path, + &abs_path_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -278,7 +281,7 @@ async fn unified_exec_intercepts_apply_patch_exec_command() -> Result<()> { let test = harness.test(); let codex = test.codex.clone(); - let cwd = test.cwd_path().to_path_buf(); + let cwd = test.config.cwd.clone(); let session_model = test.session_configured.model.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, &cwd); @@ -289,12 +292,11 @@ async fn unified_exec_intercepts_apply_patch_exec_command() -> Result<()> { text: "apply patch via unified exec".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -1995,6 +1997,249 @@ async fn write_stdin_returns_exit_metadata_and_clears_session() -> Result<()> { Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn write_stdin_ctrl_c_interrupts_non_tty_session() -> Result<()> { + assert_write_stdin_ctrl_c_interrupts_non_tty_session( + "trap", + "trap 'echo INT-TRAP; exit 42' INT; echo READY; while true; do sleep 30; done", + /*expected_exit_code*/ 42, + Some("INT-TRAP"), + ) + .await +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn write_stdin_ctrl_c_default_interrupt_reports_130_for_non_tty_session() -> Result<()> { + assert_write_stdin_ctrl_c_interrupts_non_tty_session( + "default", + "echo READY; exec sleep 30", + /*expected_exit_code*/ 130, + /*expected_interrupt_output*/ None, + ) + .await +} + +async fn assert_write_stdin_ctrl_c_interrupts_non_tty_session( + test_name: &str, + command: &str, + expected_exit_code: i32, + expected_interrupt_output: Option<&str>, +) -> Result<()> { + skip_if_no_network!(Ok(())); + skip_if_sandbox!(Ok(())); + skip_if_windows!(Ok(())); + + let server = start_mock_server().await; + + let mut builder = test_codex().with_config(|config| { + if let Err(err) = config.features.enable(Feature::UnifiedExec) { + panic!("test config should allow feature update: {err}"); + } + }); + let test = builder.build_with_remote_env(&server).await?; + + let start_call_id = format!("uexec-non-tty-interrupt-{test_name}-start"); + let interrupt_call_id = format!("uexec-non-tty-interrupt-{test_name}"); + + let start_args = serde_json::json!({ + "cmd": command, + "yield_time_ms": 250, + "tty": false, + }); + let interrupt_args = serde_json::json!({ + "chars": "\u{3}", + "session_id": 1000, + "yield_time_ms": 1000, + }); + + let responses = vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_function_call( + &start_call_id, + "exec_command", + &serde_json::to_string(&start_args)?, + ), + ev_completed("resp-1"), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_function_call( + &interrupt_call_id, + "write_stdin", + &serde_json::to_string(&interrupt_args)?, + ), + ev_completed("resp-2"), + ]), + sse(vec![ + ev_assistant_message("msg-1", "done"), + ev_completed("resp-3"), + ]), + ]; + let request_log = mount_sse_sequence(&server, responses).await; + + submit_unified_exec_turn( + &test, + "interrupt non-tty unified exec", + PermissionProfile::Disabled, + ) + .await?; + + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let requests = request_log.requests(); + assert!(!requests.is_empty(), "expected at least one POST request"); + let bodies = requests + .into_iter() + .map(|request| request.body_json()) + .collect::>(); + + let outputs = collect_tool_outputs(&bodies)?; + + let start_output = outputs + .get(&start_call_id) + .with_context(|| format!("missing start output for exec_command {start_call_id}"))?; + assert_eq!( + start_output.process_id.as_deref(), + Some("1000"), + "exec_command should leave a running non-TTY session" + ); + assert!( + start_output.exit_code.is_none(), + "initial exec_command should not include exit_code while session is running" + ); + assert!( + start_output.output.contains("READY"), + "start output should include command readiness marker, got {:?}", + start_output.output + ); + + let interrupt_output = outputs + .get(&interrupt_call_id) + .with_context(|| format!("missing interrupt output for write_stdin {interrupt_call_id}"))?; + assert!( + interrupt_output.process_id.is_none(), + "interrupted process should be cleared from the session map" + ); + assert_eq!( + interrupt_output.exit_code, + Some(expected_exit_code), + "interrupt should preserve the process-reported exit code" + ); + if let Some(expected_interrupt_output) = expected_interrupt_output { + assert!( + interrupt_output.output.contains(expected_interrupt_output), + "interrupt should drain output from the signal handler, got {:?}", + interrupt_output.output + ); + } + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +#[cfg_attr(not(windows), ignore = "Windows-only unified exec interrupt test")] +async fn write_stdin_ctrl_c_reports_unsupported_interrupt_to_model_on_windows() -> Result<()> { + skip_if_no_network!(Ok(())); + skip_if_sandbox!(Ok(())); + + let server = start_mock_server().await; + + let mut builder = test_codex().with_config(|config| { + config + .features + .enable(Feature::UnifiedExec) + .expect("test config should allow feature update"); + }); + let test = builder.build_with_remote_env(&server).await?; + + let start_call_id = "uexec-windows-interrupt-start"; + let interrupt_call_id = "uexec-windows-interrupt"; + + let start_args = serde_json::json!({ + "shell": "cmd", + "cmd": "echo READY && ping -n 30 127.0.0.1 >NUL", + "yield_time_ms": 250, + "tty": false, + }); + let interrupt_args = serde_json::json!({ + "chars": "\u{3}", + "session_id": 1000, + "yield_time_ms": 1000, + }); + + let responses = vec![ + sse(vec![ + ev_response_created("resp-1"), + ev_function_call( + start_call_id, + "exec_command", + &serde_json::to_string(&start_args)?, + ), + ev_completed("resp-1"), + ]), + sse(vec![ + ev_response_created("resp-2"), + ev_function_call( + interrupt_call_id, + "write_stdin", + &serde_json::to_string(&interrupt_args)?, + ), + ev_completed("resp-2"), + ]), + sse(vec![ + ev_response_created("resp-3"), + ev_assistant_message("msg-1", "done"), + ev_completed("resp-3"), + ]), + ]; + let request_log = mount_sse_sequence(&server, responses).await; + + submit_unified_exec_turn( + &test, + "interrupt non-tty unified exec on Windows", + PermissionProfile::Disabled, + ) + .await?; + + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; + + let start_output = request_log + .function_call_output_text(start_call_id) + .expect("missing start output for exec_command"); + let start_output = parse_unified_exec_output(&start_output)?; + assert_eq!( + start_output.process_id.as_deref(), + Some("1000"), + "exec_command should leave a running non-TTY session" + ); + assert!( + start_output.output.contains("READY"), + "start output should include command readiness marker, got {:?}", + start_output.output + ); + + let interrupt_output = request_log + .function_call_output_text(interrupt_call_id) + .expect("missing interrupt output for write_stdin"); + assert!( + interrupt_output.contains("write_stdin failed"), + "model-visible write_stdin output should report failure, got {interrupt_output:?}" + ); + assert!( + interrupt_output.contains("process interrupt is not supported by this process backend"), + "model-visible write_stdin output should explain unsupported interrupt, got {interrupt_output:?}" + ); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn unified_exec_emits_end_event_when_session_dies_via_stdin() -> Result<()> { skip_if_no_network!(Ok(())); @@ -2135,9 +2380,9 @@ async fn unified_exec_keeps_long_running_session_after_turn_end() -> Result<()> mount_sse_sequence(&server, responses).await; let session_model = session_configured.model.clone(); - let turn_cwd = cwd.path().to_path_buf(); + let turn_cwd = cwd.abs(); let (sandbox_policy, permission_profile) = - turn_permission_fields(PermissionProfile::Disabled, &turn_cwd); + turn_permission_fields(PermissionProfile::Disabled, turn_cwd.as_path()); codex .submit(Op::UserInput { @@ -2145,12 +2390,11 @@ async fn unified_exec_keeps_long_running_session_after_turn_end() -> Result<()> text: "keep unified exec process after turn end".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(turn_cwd), + environments: Some(local_selections(turn_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -2239,9 +2483,9 @@ async fn unified_exec_interrupt_preserves_long_running_session() -> Result<()> { mount_sse_sequence(&server, responses).await; let session_model = session_configured.model.clone(); - let turn_cwd = cwd.path().to_path_buf(); + let turn_cwd = cwd.abs(); let (sandbox_policy, permission_profile) = - turn_permission_fields(PermissionProfile::Disabled, &turn_cwd); + turn_permission_fields(PermissionProfile::Disabled, turn_cwd.as_path()); codex .submit(Op::UserInput { @@ -2249,12 +2493,11 @@ async fn unified_exec_interrupt_preserves_long_running_session() -> Result<()> { text: "interrupt long-running unified exec".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(turn_cwd), + environments: Some(local_selections(turn_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -2712,9 +2955,9 @@ async fn unified_exec_runs_under_sandbox() -> Result<()> { let request_log = mount_sse_sequence(&server, responses).await; let session_model = session_configured.model.clone(); - let turn_cwd = cwd.path().to_path_buf(); + let turn_cwd = cwd.abs(); let (sandbox_policy, permission_profile) = - turn_permission_fields(PermissionProfile::read_only(), &turn_cwd); + turn_permission_fields(PermissionProfile::read_only(), turn_cwd.as_path()); codex .submit(Op::UserInput { @@ -2722,12 +2965,11 @@ async fn unified_exec_runs_under_sandbox() -> Result<()> { text: "summarize large output".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(turn_cwd), + environments: Some(local_selections(turn_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -2836,21 +3078,20 @@ async fn unified_exec_enforces_glob_deny_read_policy() -> Result<()> { let request_log = mount_sse_sequence(&server, responses).await; let session_model = session_configured.model.clone(); - let turn_cwd = cwd.path().to_path_buf(); + let turn_cwd = cwd.abs(); let (sandbox_policy, permission_profile) = - turn_permission_fields(PermissionProfile::read_only(), &turn_cwd); + turn_permission_fields(PermissionProfile::read_only(), turn_cwd.as_path()); codex .submit(Op::UserInput { items: vec![UserInput::Text { text: "read the fixture files".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(turn_cwd), + environments: Some(local_selections(turn_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -2974,9 +3215,9 @@ async fn unified_exec_python_prompt_under_seatbelt() -> Result<()> { let request_log = mount_sse_sequence(&server, responses).await; let session_model = session_configured.model.clone(); - let turn_cwd = cwd.path().to_path_buf(); + let turn_cwd = cwd.abs(); let (sandbox_policy, permission_profile) = - turn_permission_fields(PermissionProfile::read_only(), &turn_cwd); + turn_permission_fields(PermissionProfile::read_only(), turn_cwd.as_path()); codex .submit(Op::UserInput { @@ -2984,12 +3225,11 @@ async fn unified_exec_python_prompt_under_seatbelt() -> Result<()> { text: "start python under seatbelt".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(turn_cwd), + environments: Some(local_selections(turn_cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/unified_exec_zsh_fork_approvals.rs b/codex-rs/core/tests/suite/unified_exec_zsh_fork_approvals.rs new file mode 100644 index 00000000000..0d913d65419 --- /dev/null +++ b/codex-rs/core/tests/suite/unified_exec_zsh_fork_approvals.rs @@ -0,0 +1,567 @@ +use anyhow::Context; +use anyhow::Result; +use codex_config::permissions_toml::FilesystemPermissionToml; +use codex_config::permissions_toml::PermissionProfileToml; +use codex_config::types::ApprovalsReviewer; +use codex_core::sandboxing::SandboxPermissions; +use codex_protocol::config_types::CollaborationMode; +use codex_protocol::config_types::ModeKind; +use codex_protocol::config_types::Settings; +use codex_protocol::models::PermissionProfile; +use codex_protocol::permissions::FileSystemAccessMode; +use codex_protocol::permissions::FileSystemPath; +use codex_protocol::permissions::FileSystemSandboxEntry; +use codex_protocol::permissions::FileSystemSandboxPolicy; +use codex_protocol::permissions::FileSystemSpecialPath; +use codex_protocol::permissions::NetworkSandboxPolicy; +use codex_protocol::protocol::AskForApproval; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::ExecApprovalRequestEvent; +use codex_protocol::protocol::Op; +use codex_protocol::protocol::ReviewDecision; +use codex_protocol::protocol::ThreadSettingsOverrides; +use codex_protocol::user_input::UserInput; +use core_test_support::responses::ResponseMock; +use core_test_support::responses::ev_assistant_message; +use core_test_support::responses::ev_completed; +use core_test_support::responses::ev_function_call; +use core_test_support::responses::ev_response_created; +use core_test_support::responses::mount_sse_once; +use core_test_support::responses::sse; +use core_test_support::responses::start_mock_server; +use core_test_support::skip_if_no_network; +use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; +use core_test_support::test_codex::turn_permission_fields; +use core_test_support::wait_for_event; +use core_test_support::wait_for_event_with_timeout; +use core_test_support::zsh_fork::build_unified_exec_zsh_fork_test; +use core_test_support::zsh_fork::restrictive_workspace_write_profile; +use core_test_support::zsh_fork::zsh_fork_runtime; +use pretty_assertions::assert_eq; +use regex_lite::Regex; +use serde_json::Value; +use serde_json::json; +use std::fs; +use std::path::Path; +use std::time::Duration; +use toml_edit::Key as TomlKey; +use wiremock::MockServer; + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn unified_exec_zsh_fork_parent_approval_preserves_denied_reads() -> Result<()> { + skip_if_no_network!(Ok(())); + + let denied_dir = tempfile::tempdir_in(std::env::current_dir()?)?; + let denied_path = denied_dir.path().join("secret.env"); + let secret = "unified-exec-zsh-fork-denied-read-secret"; + fs::write(&denied_path, format!("{secret}\n"))?; + let permission_profile = denied_read_permission_profile(&denied_path)?; + assert!( + permission_profile + .file_system_sandbox_policy() + .has_denied_read_restrictions(), + "test must exercise a permission profile with denied reads" + ); + + let approval_policy = AskForApproval::OnRequest; + let command = format!("cat {denied_path:?}"); + let Some((server, test)) = build_unified_exec_zsh_fork_test_or_skip( + "unified-exec zsh-fork denied-read approval test", + approval_policy, + permission_profile, + move |_home| {}, + ) + .await? + else { + return Ok(()); + }; + + let call_id = "uexec-zsh-fork-parent-approval-denied-read"; + let results = mount_unified_exec_command( + &server, + "uexec-zsh-fork-denied-read", + call_id, + &command, + "attempt a denied read for the test", + ) + .await?; + submit_turn_with_session_permissions( + &test, + "run approved unified exec denied read through zsh fork", + approval_policy, + ) + .await?; + approve_expected_exec(&test, &command).await?; + wait_for_completion_without_approval(&test).await; + + let result = command_result(&results, call_id); + assert_ne!( + result.exit_code.unwrap_or(0), + 0, + "denied-read command should stay sandboxed after parent approval" + ); + assert!( + !result.stdout.contains(secret), + "denied-read command unexpectedly printed the secret: {}", + result.stdout + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn unified_exec_zsh_fork_parent_approval_escalates_intercepted_exec() -> Result<()> { + skip_if_no_network!(Ok(())); + + let approval_policy = AskForApproval::OnRequest; + let permission_profile = restrictive_workspace_write_profile(); + let outside_dir = tempfile::tempdir_in(std::env::current_dir()?)?; + let outside_path = outside_dir + .path() + .join("unified-exec-zsh-fork-parent-approval.txt"); + let command = format!("printf hi > {outside_path:?}"); + + let outside_path_for_hook = outside_path.clone(); + let Some((server, test)) = build_unified_exec_zsh_fork_test_or_skip( + "unified-exec zsh-fork parent approval test", + approval_policy, + permission_profile, + move |_home| { + let _ = fs::remove_file(&outside_path_for_hook); + }, + ) + .await? + else { + return Ok(()); + }; + + let call_id = "uexec-zsh-fork-parent-approval"; + let results = mount_unified_exec_command( + &server, + "uexec-zsh-fork-parent-approval", + call_id, + &command, + "write outside the workspace for the test", + ) + .await?; + submit_turn_with_session_permissions( + &test, + "run approved unified exec through zsh fork", + approval_policy, + ) + .await?; + approve_expected_exec(&test, &command).await?; + wait_for_completion_without_approval(&test).await; + + let result = command_result(&results, call_id); + assert_eq!( + result.exit_code.unwrap_or(0), + 0, + "approved unified exec zsh-fork command should complete: {}", + result.stdout + ); + let contents = fs::read_to_string(&outside_path) + .with_context(|| format!("read {}", outside_path.display()))?; + assert_eq!( + contents, "hi", + "approved parent sandbox override should allow zsh-fork shell redirection to write outside the workspace" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn unified_exec_zsh_fork_parent_approval_keeps_explicit_prompt_rule() -> Result<()> { + skip_if_no_network!(Ok(())); + + let approval_policy = AskForApproval::OnRequest; + let permission_profile = restrictive_workspace_write_profile(); + let outside_dir = tempfile::tempdir_in(std::env::current_dir()?)?; + let outside_path = outside_dir + .path() + .join("unified-exec-zsh-fork-explicit-prompt-rule.txt"); + let command = format!("touch {outside_path:?}"); + let rules = r#"prefix_rule(pattern=["touch"], decision="prompt")"#.to_string(); + + let outside_path_for_hook = outside_path.clone(); + let Some((server, test)) = build_unified_exec_zsh_fork_test_or_skip( + "unified-exec zsh-fork prompt rule approval test", + approval_policy, + permission_profile, + move |home| { + let _ = fs::remove_file(&outside_path_for_hook); + let rules_dir = home.join("rules"); + fs::create_dir_all(&rules_dir).unwrap(); + fs::write(rules_dir.join("default.rules"), &rules).unwrap(); + }, + ) + .await? + else { + return Ok(()); + }; + + let call_id = "uexec-zsh-fork-parent-approval-explicit-prompt-rule"; + let results = mount_unified_exec_command( + &server, + "uexec-zsh-fork-prompt-rule", + call_id, + &command, + "write outside the workspace for the test", + ) + .await?; + submit_turn_with_session_permissions( + &test, + "run approved unified exec prompt rule through zsh fork", + approval_policy, + ) + .await?; + approve_expected_exec(&test, &command).await?; + + let approval_event = wait_for_event_with_timeout( + &test.codex, + |event| { + matches!( + event, + EventMsg::ExecApprovalRequest(_) | EventMsg::TurnComplete(_) + ) + }, + Duration::from_secs(10), + ) + .await; + let EventMsg::ExecApprovalRequest(inner_approval) = approval_event else { + panic!("expected explicit prompt rule approval before completion"); + }; + assert!( + inner_approval + .command + .iter() + .any(|arg| arg.ends_with("/touch")) + && inner_approval + .command + .iter() + .any(|arg| arg == outside_path.to_string_lossy().as_ref()), + "expected explicit prompt rule approval for intercepted touch, got: {:?}", + inner_approval.command + ); + + approve_exec(&test, inner_approval.effective_approval_id()).await?; + wait_for_completion(&test).await; + + let result = command_result(&results, call_id); + assert_eq!( + result.exit_code.unwrap_or(0), + 0, + "approved unified exec zsh-fork prompt-rule command should complete: {}", + result.stdout + ); + assert!( + outside_path.exists(), + "approved intercepted touch should create the out-of-workspace file" + ); + + Ok(()) +} + +struct CommandResult { + exit_code: Option, + stdout: String, +} + +async fn build_unified_exec_zsh_fork_test_or_skip( + test_name: &str, + approval_policy: AskForApproval, + permission_profile: PermissionProfile, + pre_build_hook: F, +) -> Result> +where + F: FnOnce(&Path) + Send + 'static, +{ + let Some(runtime) = zsh_fork_runtime(test_name)? else { + return Ok(None); + }; + + let server = start_mock_server().await; + let test = build_unified_exec_zsh_fork_test( + &server, + runtime, + approval_policy, + permission_profile, + pre_build_hook, + ) + .await?; + Ok(Some((server, test))) +} + +fn denied_read_permission_profile(denied_path: &Path) -> Result { + let denied_path_key = TomlKey::new(denied_path.to_string_lossy().into_owned()); + permission_profile_from_toml(&format!( + r#" +[filesystem] +"/" = "read" +":project_roots" = "write" +{denied_path_key} = "deny" + +[network] +enabled = false +"# + )) +} + +fn permission_profile_from_toml(profile: &str) -> Result { + let profile = toml::from_str::(profile) + .context("test permission profile should deserialize")?; + let filesystem = profile + .filesystem + .as_ref() + .context("test permission profile should include filesystem entries")?; + let entries = filesystem + .entries + .iter() + .map(|(path, permission)| { + let FilesystemPermissionToml::Access(access) = permission else { + anyhow::bail!("unexpected scoped filesystem permission in test profile: {path}"); + }; + let path = match path.as_str() { + "/" => FileSystemPath::Special { + value: FileSystemSpecialPath::Root, + }, + ":project_roots" => FileSystemPath::Special { + value: FileSystemSpecialPath::project_roots(/*subpath*/ None), + }, + _ if *access == FileSystemAccessMode::Deny => FileSystemPath::GlobPattern { + pattern: path.clone(), + }, + _ => anyhow::bail!("unexpected filesystem entry in test profile: {path}"), + }; + Ok(FileSystemSandboxEntry { + path, + access: *access, + }) + }) + .collect::>>()?; + let mut file_system_sandbox_policy = FileSystemSandboxPolicy::restricted(entries); + file_system_sandbox_policy.glob_scan_max_depth = filesystem.glob_scan_max_depth; + let network_sandbox_policy = match profile.network.as_ref().and_then(|network| network.enabled) + { + Some(true) => NetworkSandboxPolicy::Enabled, + Some(false) | None => NetworkSandboxPolicy::Restricted, + }; + + Ok(PermissionProfile::from_runtime_permissions( + &file_system_sandbox_policy, + network_sandbox_policy, + )) +} + +async fn mount_unified_exec_command( + server: &MockServer, + response_prefix: &str, + call_id: &str, + command: &str, + justification: &str, +) -> Result { + let first_response_id = format!("resp-{response_prefix}-1"); + let second_response_id = format!("resp-{response_prefix}-2"); + let message_id = format!("msg-{response_prefix}-1"); + let event = exec_command_event( + call_id, + command, + Some(30_000), + SandboxPermissions::RequireEscalated, + justification, + )?; + let _ = mount_sse_once( + server, + sse(vec![ + ev_response_created(&first_response_id), + event, + ev_completed(&first_response_id), + ]), + ) + .await; + let results = mount_sse_once( + server, + sse(vec![ + ev_assistant_message(&message_id, "done"), + ev_completed(&second_response_id), + ]), + ) + .await; + Ok(results) +} + +async fn submit_turn_with_session_permissions( + test: &TestCodex, + prompt: &str, + approval_policy: AskForApproval, +) -> Result<()> { + let session_model = test.session_configured.model.clone(); + let (sandbox_policy, permission_profile) = turn_permission_fields( + test.session_configured.permission_profile.clone(), + test.cwd.path(), + ); + test.codex + .submit(Op::UserInput { + items: vec![UserInput::Text { + text: prompt.into(), + text_elements: Vec::new(), + }], + final_output_json_schema: None, + responsesapi_client_metadata: None, + additional_context: Default::default(), + thread_settings: ThreadSettingsOverrides { + environments: Some(local_selections(test.config.cwd.clone())), + approval_policy: Some(approval_policy), + approvals_reviewer: Some(ApprovalsReviewer::User), + sandbox_policy: Some(sandbox_policy), + permission_profile, + collaboration_mode: Some(CollaborationMode { + mode: ModeKind::Default, + settings: Settings { + model: session_model, + reasoning_effort: None, + developer_instructions: None, + }, + }), + ..Default::default() + }, + }) + .await?; + + Ok(()) +} + +async fn approve_expected_exec(test: &TestCodex, expected_command: &str) -> Result<()> { + let approval = expect_exec_approval(test, expected_command).await; + approve_exec(test, approval.effective_approval_id()).await +} + +async fn approve_exec(test: &TestCodex, approval_id: String) -> Result<()> { + test.codex + .submit(Op::ExecApproval { + id: approval_id, + turn_id: None, + decision: ReviewDecision::Approved, + }) + .await?; + Ok(()) +} + +fn command_result(results: &ResponseMock, call_id: &str) -> CommandResult { + parse_result(&results.single_request().function_call_output(call_id)) +} + +fn exec_command_event( + call_id: &str, + cmd: &str, + yield_time_ms: Option, + sandbox_permissions: SandboxPermissions, + justification: &str, +) -> Result { + let mut args = json!({ + "cmd": cmd.to_string(), + }); + if let Some(yield_time_ms) = yield_time_ms { + args["yield_time_ms"] = json!(yield_time_ms); + } + if sandbox_permissions.requests_sandbox_override() { + args["sandbox_permissions"] = json!(sandbox_permissions); + args["justification"] = json!(justification); + } + let args_str = serde_json::to_string(&args)?; + Ok(ev_function_call(call_id, "exec_command", &args_str)) +} + +fn parse_result(item: &Value) -> CommandResult { + let Some(output_str) = item.get("output").and_then(Value::as_str) else { + return CommandResult { + exit_code: None, + stdout: String::new(), + }; + }; + match serde_json::from_str::(output_str) { + Ok(parsed) => { + let exit_code = parsed["metadata"]["exit_code"].as_i64(); + let stdout = parsed["output"].as_str().unwrap_or_default().to_string(); + CommandResult { exit_code, stdout } + } + Err(_) => parsed_regex_result(r"(?s)^Exit code:\s*(-?\d+).*?Output:\n(.*)$", output_str) + .or_else(|| { + parsed_regex_result( + r"(?s)^.*?Process exited with code (\d+)\n.*?Output:\n(.*)$", + output_str, + ) + }) + .unwrap_or_else(|| CommandResult { + exit_code: None, + stdout: output_str.to_string(), + }), + } +} + +fn parsed_regex_result(pattern: &str, output_str: &str) -> Option { + let regex = Regex::new(pattern).ok()?; + let captures = regex.captures(output_str)?; + let exit_code = captures.get(1)?.as_str().parse::().ok()?; + let output = captures.get(2)?.as_str(); + Some(CommandResult { + exit_code: Some(exit_code), + stdout: output.to_string(), + }) +} + +async fn expect_exec_approval( + test: &TestCodex, + expected_command: &str, +) -> ExecApprovalRequestEvent { + let event = wait_for_event(&test.codex, |event| { + matches!( + event, + EventMsg::ExecApprovalRequest(_) | EventMsg::TurnComplete(_) + ) + }) + .await; + + match event { + EventMsg::ExecApprovalRequest(approval) => { + let last_arg = approval + .command + .last() + .map(std::string::String::as_str) + .unwrap_or_default(); + assert_eq!( + last_arg, expected_command, + "approval request should be for the parent unified-exec command" + ); + approval + } + EventMsg::TurnComplete(_) => panic!("expected approval request before completion"), + other => panic!("unexpected event: {other:?}"), + } +} + +async fn wait_for_completion_without_approval(test: &TestCodex) { + let event = wait_for_event(&test.codex, |event| { + matches!( + event, + EventMsg::ExecApprovalRequest(_) | EventMsg::TurnComplete(_) + ) + }) + .await; + + match event { + EventMsg::TurnComplete(_) => {} + EventMsg::ExecApprovalRequest(event) => { + panic!("unexpected approval request: {:?}", event.command) + } + other => panic!("unexpected event: {other:?}"), + } +} + +async fn wait_for_completion(test: &TestCodex) { + wait_for_event(&test.codex, |event| { + matches!(event, EventMsg::TurnComplete(_)) + }) + .await; +} diff --git a/codex-rs/core/tests/suite/user_notification.rs b/codex-rs/core/tests/suite/user_notification.rs index 054d926b2b8..328a1c972ae 100644 --- a/codex-rs/core/tests/suite/user_notification.rs +++ b/codex-rs/core/tests/suite/user_notification.rs @@ -57,7 +57,6 @@ mv "${tmp_path}" "${payload_path}""#, // 1) Normal user input – should hit server once. codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: "hello world".into(), text_elements: Vec::new(), diff --git a/codex-rs/core/tests/suite/user_shell_cmd.rs b/codex-rs/core/tests/suite/user_shell_cmd.rs index 3e2263705ab..f7aed6b473a 100644 --- a/codex-rs/core/tests/suite/user_shell_cmd.rs +++ b/codex-rs/core/tests/suite/user_shell_cmd.rs @@ -21,6 +21,7 @@ use core_test_support::responses::mount_sse_once; use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event; @@ -168,7 +169,7 @@ async fn user_shell_command_does_not_replace_active_turn() -> anyhow::Result<()> ]); let mock = responses::mount_sse_sequence(&server, vec![first, second]).await; - let cwd = fixture.cwd.path().to_path_buf(); + let cwd = fixture.config.cwd.clone(); let (sandbox_policy, permission_profile) = turn_permission_fields(PermissionProfile::Disabled, cwd.as_path()); @@ -179,12 +180,11 @@ async fn user_shell_command_does_not_replace_active_turn() -> anyhow::Result<()> text: "run model shell command".to_string(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd), + environments: Some(local_selections(cwd)), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/view_image.rs b/codex-rs/core/tests/suite/view_image.rs index 2e34475387c..3790eb19b34 100644 --- a/codex-rs/core/tests/suite/view_image.rs +++ b/codex-rs/core/tests/suite/view_image.rs @@ -7,6 +7,7 @@ use codex_exec_server::CreateDirectoryOptions; use codex_exec_server::LOCAL_ENVIRONMENT_ID; use codex_exec_server::REMOTE_ENVIRONMENT_ID; use codex_exec_server::RemoveOptions; +use codex_features::Feature; use codex_login::CodexAuth; use codex_protocol::config_types::ReasoningSummary; use codex_protocol::models::PermissionProfile; @@ -28,6 +29,7 @@ use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::protocol::TurnEnvironmentSelection; use codex_protocol::user_input::UserInput; +use codex_utils_path_uri::PathUri; use core_test_support::PathBufExt; use core_test_support::PathExt; use core_test_support::get_remote_test_env; @@ -42,6 +44,8 @@ use core_test_support::responses::sse; use core_test_support::responses::start_mock_server; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use core_test_support::wait_for_event_with_timeout; @@ -74,12 +78,11 @@ fn disabled_user_turn(test: &TestCodex, items: Vec, model: String) -> turn_permission_fields(PermissionProfile::Disabled, test.config.cwd.as_path()); Op::UserInput { items, - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(test.config.cwd.to_path_buf()), + environments: Some(local_selections(test.config.cwd.clone())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, @@ -132,9 +135,10 @@ fn png_bytes(width: u32, height: u32, rgba: [u8; 4]) -> anyhow::Result> async fn create_workspace_directory(test: &TestCodex, rel_path: &str) -> anyhow::Result { let abs_path = test.config.cwd.join(rel_path); + let abs_path_uri = PathUri::from_path(&abs_path)?; test.fs() .create_directory( - &abs_path, + &abs_path_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) @@ -149,16 +153,18 @@ async fn write_workspace_file( ) -> anyhow::Result { let abs_path = test.config.cwd.join(rel_path); if let Some(parent) = abs_path.parent() { + let parent_uri = PathUri::from_path(&parent)?; test.fs() .create_directory( - &parent, + &parent_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; } + let abs_path_uri = PathUri::from_path(&abs_path)?; test.fs() - .write_file(&abs_path, contents, /*sandbox*/ None) + .write_file(&abs_path_uri, contents, /*sandbox*/ None) .await?; Ok(abs_path.into_path_buf()) } @@ -176,10 +182,15 @@ async fn write_workspace_png( async fn assert_user_turn_local_image_resizes_to( original_dimensions: (u32, u32), expected_dimensions: (u32, u32), + resize_policy: TestImageResizePolicy, ) -> anyhow::Result<()> { let server = start_mock_server().await; - let mut builder = test_codex(); + let mut builder = test_codex().with_config(move |config| { + if resize_policy == TestImageResizePolicy::AllImages { + let _ = config.features.enable(Feature::ResizeAllImages); + } + }); let test = builder.build_with_remote_env(&server).await?; let TestCodex { codex, @@ -253,18 +264,42 @@ async fn assert_user_turn_local_image_resizes_to( Ok(()) } +#[derive(Clone, Copy, Eq, PartialEq)] +enum TestImageResizePolicy { + Legacy, + AllImages, +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn user_turn_with_local_image_attaches_image() -> anyhow::Result<()> { skip_if_no_network!(Ok(())); - assert_user_turn_local_image_resizes_to((2304, 864), (2048, 768)).await + assert_user_turn_local_image_resizes_to((2304, 864), (2048, 768), TestImageResizePolicy::Legacy) + .await } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn user_turn_with_vertical_local_image_resizes_to_square_bounds() -> anyhow::Result<()> { skip_if_no_network!(Ok(())); - assert_user_turn_local_image_resizes_to((1024, 4096), (512, 2048)).await + assert_user_turn_local_image_resizes_to( + (1024, 4096), + (512, 2048), + TestImageResizePolicy::Legacy, + ) + .await +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn resize_all_images_applies_patch_budget_to_local_user_image() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + assert_user_turn_local_image_resizes_to( + (2048, 2048), + (1600, 1600), + TestImageResizePolicy::AllImages, + ) + .await } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] @@ -456,10 +491,7 @@ async fn view_image_routes_to_selected_local_environment() -> anyhow::Result<()> test.submit_turn_with_environments( "route local view image", - Some(vec![TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: test.config.cwd.clone(), - }]), + Some(vec![local(test.config.cwd.clone())]), ) .await?; @@ -572,26 +604,25 @@ async fn view_image_routes_to_selected_remote_environment() -> anyhow::Result<() let test = builder.build_with_remote_and_local_env(&server).await?; let local_cwd = TempDir::new()?; fs::write(local_cwd.path().join("remote.png"), b"not a remote image")?; - let local_selection = TurnEnvironmentSelection { - environment_id: LOCAL_ENVIRONMENT_ID.to_string(), - cwd: local_cwd.path().abs(), - }; + let local_selection = local(local_cwd.path().abs()); let remote_cwd = PathBuf::from(format!( "/tmp/codex-view-image-routing-{}", SystemTime::now().duration_since(UNIX_EPOCH)?.as_millis() )) .abs(); let image_path = remote_cwd.join("remote.png"); + let remote_cwd_uri = PathUri::from_path(&remote_cwd)?; test.fs() .create_directory( - &remote_cwd, + &remote_cwd_uri, CreateDirectoryOptions { recursive: true }, /*sandbox*/ None, ) .await?; let png = png_bytes(/*width*/ 1, /*height*/ 1, [0, 255, 0, 255])?; + let image_path_uri = PathUri::from_path(&image_path)?; test.fs() - .write_file(&image_path, png, /*sandbox*/ None) + .write_file(&image_path_uri, png, /*sandbox*/ None) .await?; let remote_selection = TurnEnvironmentSelection { environment_id: REMOTE_ENVIRONMENT_ID.to_string(), @@ -650,7 +681,7 @@ async fn view_image_routes_to_selected_remote_environment() -> anyhow::Result<() test.fs() .remove( - &remote_cwd, + &remote_cwd_uri, RemoveOptions { recursive: true, force: true, @@ -1253,6 +1284,72 @@ async fn view_image_tool_errors_for_non_image_files() -> anyhow::Result<()> { Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn resize_all_images_turns_invalid_view_image_into_placeholder() -> anyhow::Result<()> { + skip_if_no_network!(Ok(())); + + let server = start_mock_server().await; + let mut builder = test_codex().with_config(|config| { + let _ = config.features.enable(Feature::ResizeAllImages); + }); + let test = builder.build_with_remote_env(&server).await?; + let TestCodex { + codex, + session_configured, + .. + } = &test; + + let rel_path = "assets/invalid-image.json"; + write_workspace_file(&test, rel_path, br#"{ "message": "hello" }"#.to_vec()).await?; + let call_id = "view-image-invalid-placeholder"; + let arguments = serde_json::json!({ "path": rel_path }).to_string(); + + responses::mount_sse_once( + &server, + sse(vec![ + ev_response_created("resp-1"), + ev_function_call(call_id, "view_image", &arguments), + ev_completed("resp-1"), + ]), + ) + .await; + let second_mock = responses::mount_sse_once( + &server, + sse(vec![ + ev_assistant_message("msg-1", "done"), + ev_completed("resp-2"), + ]), + ) + .await; + + codex + .submit(disabled_user_turn( + &test, + vec![UserInput::Text { + text: "please inspect the image".into(), + text_elements: Vec::new(), + }], + session_configured.model.clone(), + )) + .await?; + wait_for_event_with_timeout( + codex, + |event| matches!(event, EventMsg::TurnComplete(_)), + VIEW_IMAGE_TURN_COMPLETE_TIMEOUT, + ) + .await; + + let request = second_mock.single_request(); + assert_eq!( + request.function_call_output(call_id).get("output"), + Some(&serde_json::json!([{ + "type": "input_text", + "text": "image content omitted because it could not be processed" + }])) + ); + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 2)] async fn view_image_tool_errors_when_file_missing() -> anyhow::Result<()> { skip_if_no_network!(Ok(())); @@ -1355,6 +1452,7 @@ async fn view_image_tool_returns_unsupported_message_for_text_only_model() -> an input_modalities: vec![InputModality::Text], used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -1378,6 +1476,7 @@ async fn view_image_tool_returns_unsupported_message_for_text_only_model() -> an context_window: Some(272_000), max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), }; diff --git a/codex-rs/core/tests/suite/websocket_fallback.rs b/codex-rs/core/tests/suite/websocket_fallback.rs index be33467d6a5..cdf77694c28 100644 --- a/codex-rs/core/tests/suite/websocket_fallback.rs +++ b/codex-rs/core/tests/suite/websocket_fallback.rs @@ -5,6 +5,7 @@ use codex_protocol::protocol::AskForApproval; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; use codex_protocol::user_input::UserInput; +use core_test_support::TempDirExt; use core_test_support::responses; use core_test_support::responses::ev_completed; use core_test_support::responses::ev_response_created; @@ -13,6 +14,7 @@ use core_test_support::responses::mount_sse_sequence; use core_test_support::responses::sse; use core_test_support::skip_if_no_network; use core_test_support::test_codex::TestCodex; +use core_test_support::test_codex::local_selections; use core_test_support::test_codex::test_codex; use core_test_support::test_codex::turn_permission_fields; use pretty_assertions::assert_eq; @@ -157,12 +159,11 @@ async fn websocket_fallback_hides_first_websocket_retry_stream_error() -> Result text: "hello".into(), text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), thread_settings: codex_protocol::protocol::ThreadSettingsOverrides { - cwd: Some(cwd.path().to_path_buf()), + environments: Some(local_selections(cwd.abs())), approval_policy: Some(AskForApproval::Never), sandbox_policy: Some(sandbox_policy), permission_profile, diff --git a/codex-rs/core/tests/suite/window_headers.rs b/codex-rs/core/tests/suite/window_headers.rs index 08d8867f31c..7c28eb80a74 100644 --- a/codex-rs/core/tests/suite/window_headers.rs +++ b/codex-rs/core/tests/suite/window_headers.rs @@ -104,7 +104,6 @@ async fn window_id_advances_after_compact_persists_on_resume_and_resets_on_fork( async fn submit_user_turn(codex: &Arc, text: &str) -> Result<()> { codex .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: text.to_string(), text_elements: Vec::new(), diff --git a/codex-rs/deny.toml b/codex-rs/deny.toml index ae710a6607b..9d06651e587 100644 --- a/codex-rs/deny.toml +++ b/codex-rs/deny.toml @@ -70,16 +70,18 @@ feature-depth = 1 # A list of advisory IDs to ignore. Note that ignored advisories will still # output a note when they are encountered. ignore = [ - # Reviewed 2026-04-15. Keep this list in sync with .cargo/audit.toml. + # Reviewed 2026-06-07. Keep this list in sync with .cargo/audit.toml. # Each exception must identify the dependency path and removal condition. - { id = "RUSTSEC-2024-0388", reason = "derivative is unmaintained; pulled in via starlark v0.13.0 used by execpolicy/cli/core; no fixed release yet" }, - { id = "RUSTSEC-2025-0057", reason = "fxhash is unmaintained; pulled in via starlark_map/starlark v0.13.0 used by execpolicy/cli/core; no fixed release yet" }, + { id = "RUSTSEC-2024-0388", reason = "derivative is unmaintained; pulled in via starlark/starlark_syntax v0.14.2 used by execpolicy/cli/core; no fixed starlark release yet" }, + { id = "RUSTSEC-2025-0057", reason = "fxhash is unmaintained; pulled in via starlark_map under starlark v0.14.2 used by execpolicy/cli/core and bm25 used by core; remove when upstream dependencies drop fxhash" }, { id = "RUSTSEC-2024-0436", reason = "paste is unmaintained; pulled in via ratatui/rmcp/starlark used by tui/execpolicy; no fixed release yet" }, + { id = "RUSTSEC-2023-0089", reason = "atomic-polyfill is unmaintained; pulled in via postcard/heapless/pagable under starlark v0.14.2 used by execpolicy/cli/core; no fixed starlark release yet" }, # TODO(fcoury): remove this exception when syntect drops yaml-rust and bincode, or updates to versions that have fixed the vulnerabilities. { id = "RUSTSEC-2024-0320", reason = "yaml-rust is unmaintained; pulled in via syntect v5.3.0 used by codex-tui for syntax highlighting; no fixed release yet" }, { id = "RUSTSEC-2025-0141", reason = "bincode is unmaintained; pulled in via syntect v5.3.0 used by codex-tui for syntax highlighting; no fixed release yet" }, { id = "RUSTSEC-2026-0118", reason = "hickory-proto v0.25.2 is pulled in via rama-dns/rama-tcp used by codex-network-proxy; DNSSEC features are not enabled; remove when rama updates to hickory 0.26.1 or hickory-net" }, { id = "RUSTSEC-2026-0119", reason = "hickory-proto v0.25.2 is pulled in via rama-dns/rama-tcp used by codex-network-proxy; no fixed rama release is available yet; remove when rama updates to hickory 0.26.1 or hickory-net" }, + { id = "RUSTSEC-2026-0173", reason = "proc-macro-error2 is unmaintained; pulled in via i18n-embed-fl/age used by codex-secrets local storage; remove when codex-secrets migrates off age or age drops i18n-embed-fl" }, ] # If this is true, then cargo deny will use the git executable to fetch advisory database. # If this is false, then it uses a built-in git library. @@ -219,6 +221,16 @@ deny = [ # Wrapper crates can optionally be specified to allow the crate when it # is a direct dependency of the otherwise banned crate #{ crate = "ansi_term@0.11.0", wrappers = ["this-crate-directly-depends-on-ansi_term"] }, + # Removing async-trait materially improves debug build times: + # https://github.com/openai/codex/pull/27304 + { crate = "async-trait", wrappers = [ + "hickory-proto", + "opentelemetry-http", + "pagable", + "rmcp", + "tonic", + "zbus", + ], reason = "first-party traits must use native async trait methods with explicit Send bounds" }, ] # List of features to allow/deny diff --git a/codex-rs/docs/bazel.md b/codex-rs/docs/bazel.md index 085c15992f2..f12eeefd709 100644 --- a/codex-rs/docs/bazel.md +++ b/codex-rs/docs/bazel.md @@ -81,7 +81,10 @@ GitHub Actions routes Bazel build and output-resolution commands through `.github/scripts/run-bazel-ci.sh` and `.github/scripts/rusty_v8_bazel.py` delegate remote configuration selection to that wrapper. The wrapper reads the GitHub Actions repository and event payload rather than relying on workflow -files to duplicate tenant-selection logic. +files to duplicate tenant-selection logic. It also normalizes GitHub Actions +startup options so all Bazel launches in a job reuse the same server and +in-memory analysis cache. Target-discovery and lockfile helpers delegate to the +same wrapper so their callers do not need to select CI-specific startup options. Loading-phase target-discovery `bazel query` commands run locally because they only enumerate labels and do not need remote caches or execution. diff --git a/codex-rs/docs/codex_mcp_interface.md b/codex-rs/docs/codex_mcp_interface.md index bf2def2407c..e3eb814f36c 100644 --- a/codex-rs/docs/codex_mcp_interface.md +++ b/codex-rs/docs/codex_mcp_interface.md @@ -68,7 +68,7 @@ Each response yields: - `data` - ordered list of models. A model includes: - `id`, `model`, `displayName`, `description` - `supportedReasoningEfforts` - array of objects with: - - `reasoningEffort` - one of `none|minimal|low|medium|high|xhigh` + - `reasoningEffort` - a string value advertised by the model; common values are `none|minimal|low|medium|high|xhigh` - `description` - human-friendly label for the effort - `defaultReasoningEffort` - suggested effort for the UI - `inputModalities` - accepted input types for the model diff --git a/codex-rs/docs/protocol_v1.md b/codex-rs/docs/protocol_v1.md index 464e8187b47..f16da209f60 100644 --- a/codex-rs/docs/protocol_v1.md +++ b/codex-rs/docs/protocol_v1.md @@ -54,6 +54,7 @@ Since only 1 `Task` can be run at a time, for parallel tasks it is recommended t - These are messages sent on the `SQ` (UI -> `Codex`) - Has an string ID provided by the UI, referred to as `sub_id` - `Op` refers to the enum of all possible `Submission` payloads + - In the current codebase these are primarily in-process Rust types rather than a stable serde wire contract - This enum is `non_exhaustive`; variants can be added at future dates - `Event` - These are messages sent on the `EQ` (`Codex` -> UI) @@ -103,7 +104,7 @@ The `response_id` returned from each turn matches the OpenAI `response_id` store Can operate over any transport that supports bi-directional streaming. - cross-thread channels - IPC channels - stdin/stdout - TCP - HTTP2 - gRPC -Non-framed transports, such as stdin/stdout and TCP, should use newline-delimited JSON in sending messages. +Events still serialize cleanly to newline-delimited JSON for non-framed transports, such as stdin/stdout and TCP. Submission payloads should be treated as implementation details unless a specific transport owns an explicit adapter. ## Example Flows diff --git a/codex-rs/exec-server/Cargo.toml b/codex-rs/exec-server/Cargo.toml index d842094a162..687a1ee59c7 100644 --- a/codex-rs/exec-server/Cargo.toml +++ b/codex-rs/exec-server/Cargo.toml @@ -12,7 +12,6 @@ workspace = true [dependencies] arc-swap = { workspace = true } -async-trait = { workspace = true } axum = { workspace = true, features = ["http1", "tokio", "ws"] } base64 = { workspace = true } bytes = { workspace = true } @@ -22,7 +21,9 @@ codex-client = { workspace = true } codex-file-system = { workspace = true } codex-protocol = { workspace = true } codex-sandboxing = { workspace = true } +codex-shell-command = { workspace = true } codex-utils-absolute-path = { workspace = true } +codex-utils-path-uri = { workspace = true } codex-utils-pty = { workspace = true } codex-utils-rustls-provider = { workspace = true } futures = { workspace = true } diff --git a/codex-rs/exec-server/README.md b/codex-rs/exec-server/README.md index 8fa1a9eb75c..208e53bc202 100644 --- a/codex-rs/exec-server/README.md +++ b/codex-rs/exec-server/README.md @@ -338,13 +338,15 @@ Params: ## Filesystem RPCs -Filesystem methods use absolute paths and return JSON-RPC errors for invalid -or unavailable paths: +Filesystem methods use canonical `file:` URIs and return JSON-RPC errors for +invalid or unavailable paths. For compatibility, requests also accept native +absolute path strings and normalize them to `file:` URIs: - `fs/readFile` - `fs/writeFile` - `fs/createDirectory` - `fs/getMetadata` +- `fs/canonicalize` - `fs/readDirectory` - `fs/remove` - `fs/copy` diff --git a/codex-rs/exec-server/src/client.rs b/codex-rs/exec-server/src/client.rs index b6c56e9f5e2..978c502b7d9 100644 --- a/codex-rs/exec-server/src/client.rs +++ b/codex-rs/exec-server/src/client.rs @@ -29,13 +29,16 @@ use crate::connection::JsonRpcConnection; use crate::process::ExecProcessEvent; use crate::process::ExecProcessEventLog; use crate::process::ExecProcessEventReceiver; +use crate::protocol::ENVIRONMENT_INFO_METHOD; use crate::protocol::EXEC_CLOSED_METHOD; use crate::protocol::EXEC_EXITED_METHOD; use crate::protocol::EXEC_METHOD; use crate::protocol::EXEC_OUTPUT_DELTA_METHOD; use crate::protocol::EXEC_READ_METHOD; +use crate::protocol::EXEC_SIGNAL_METHOD; use crate::protocol::EXEC_TERMINATE_METHOD; use crate::protocol::EXEC_WRITE_METHOD; +use crate::protocol::EnvironmentInfo; use crate::protocol::ExecClosedNotification; use crate::protocol::ExecExitedNotification; use crate::protocol::ExecOutputDeltaNotification; @@ -45,8 +48,6 @@ use crate::protocol::FS_CANONICALIZE_METHOD; use crate::protocol::FS_COPY_METHOD; use crate::protocol::FS_CREATE_DIRECTORY_METHOD; use crate::protocol::FS_GET_METADATA_METHOD; -use crate::protocol::FS_JOIN_METHOD; -use crate::protocol::FS_PARENT_METHOD; use crate::protocol::FS_READ_DIRECTORY_METHOD; use crate::protocol::FS_READ_FILE_METHOD; use crate::protocol::FS_REMOVE_METHOD; @@ -59,10 +60,6 @@ use crate::protocol::FsCreateDirectoryParams; use crate::protocol::FsCreateDirectoryResponse; use crate::protocol::FsGetMetadataParams; use crate::protocol::FsGetMetadataResponse; -use crate::protocol::FsJoinParams; -use crate::protocol::FsJoinResponse; -use crate::protocol::FsParentParams; -use crate::protocol::FsParentResponse; use crate::protocol::FsReadDirectoryParams; use crate::protocol::FsReadDirectoryResponse; use crate::protocol::FsReadFileParams; @@ -78,8 +75,11 @@ use crate::protocol::INITIALIZED_METHOD; use crate::protocol::InitializeParams; use crate::protocol::InitializeResponse; use crate::protocol::ProcessOutputChunk; +use crate::protocol::ProcessSignal; use crate::protocol::ReadParams; use crate::protocol::ReadResponse; +use crate::protocol::SignalParams; +use crate::protocol::SignalResponse; use crate::protocol::TerminateParams; use crate::protocol::TerminateResponse; use crate::protocol::WriteParams; @@ -279,6 +279,12 @@ impl HttpClient for LazyRemoteExecServerClient { } } +impl LazyRemoteExecServerClient { + pub(crate) async fn environment_info(&self) -> Result { + self.get().await?.environment_info().await + } +} + #[derive(Debug, thiserror::Error)] pub enum ExecServerError { #[error("failed to spawn exec-server: {0}")] @@ -363,6 +369,10 @@ impl ExecServerClient { self.call(EXEC_METHOD, ¶ms).await } + pub async fn environment_info(&self) -> Result { + self.call(ENVIRONMENT_INFO_METHOD, &()).await + } + pub async fn read(&self, params: ReadParams) -> Result { self.call(EXEC_READ_METHOD, ¶ms).await } @@ -382,6 +392,23 @@ impl ExecServerClient { .await } + pub async fn signal( + &self, + process_id: &ProcessId, + signal: ProcessSignal, + ) -> Result<(), ExecServerError> { + let _response: SignalResponse = self + .call( + EXEC_SIGNAL_METHOD, + &SignalParams { + process_id: process_id.clone(), + signal, + }, + ) + .await?; + Ok(()) + } + pub async fn terminate( &self, process_id: &ProcessId, @@ -430,17 +457,6 @@ impl ExecServerClient { self.call(FS_CANONICALIZE_METHOD, ¶ms).await } - pub async fn fs_join(&self, params: FsJoinParams) -> Result { - self.call(FS_JOIN_METHOD, ¶ms).await - } - - pub async fn fs_parent( - &self, - params: FsParentParams, - ) -> Result { - self.call(FS_PARENT_METHOD, ¶ms).await - } - pub async fn fs_read_directory( &self, params: FsReadDirectoryParams, @@ -751,6 +767,10 @@ impl Session { self.client.write(&self.process_id, chunk).await } + pub(crate) async fn signal(&self, signal: ProcessSignal) -> Result<(), ExecServerError> { + self.client.signal(&self.process_id, signal).await + } + pub(crate) async fn terminate(&self) -> Result<(), ExecServerError> { self.client.terminate(&self.process_id).await?; Ok(()) diff --git a/codex-rs/exec-server/src/environment.rs b/codex-rs/exec-server/src/environment.rs index 55dc031273e..bc100b94227 100644 --- a/codex-rs/exec-server/src/environment.rs +++ b/codex-rs/exec-server/src/environment.rs @@ -2,6 +2,9 @@ use std::collections::HashMap; use std::sync::Arc; use std::sync::RwLock; +use futures::FutureExt; +use futures::future::BoxFuture; + use crate::ExecServerError; use crate::ExecServerRuntimePaths; use crate::ExecutorFileSystem; @@ -18,8 +21,11 @@ use crate::environment_toml::environment_provider_from_codex_home; use crate::local_file_system::LocalFileSystem; use crate::local_process::LocalProcess; use crate::process::ExecBackend; +use crate::protocol::EnvironmentInfo; +use crate::protocol::ShellInfo; use crate::remote_file_system::RemoteFileSystem; use crate::remote_process::RemoteProcess; +use codex_shell_command::shell_detect::DetectedShell; pub const CODEX_EXEC_SERVER_URL_ENV_VAR: &str = "CODEX_EXEC_SERVER_URL"; @@ -286,18 +292,49 @@ impl EnvironmentManager { pub struct Environment { exec_server_url: Option, remote_transport: Option, + info_provider: Arc, exec_backend: Arc, filesystem: Arc, http_client: Arc, local_runtime_paths: Option, } +/// Provides environment metadata from either a local environment or a remote exec-server. +trait EnvironmentInfoProvider: Send + Sync { + fn info(&self) -> BoxFuture<'_, Result>; +} + +struct LocalEnvironmentInfoProvider; + +impl EnvironmentInfoProvider for LocalEnvironmentInfoProvider { + fn info(&self) -> BoxFuture<'_, Result> { + std::future::ready(Ok(EnvironmentInfo::local())).boxed() + } +} + +struct RemoteEnvironmentInfoProvider { + client: LazyRemoteExecServerClient, +} + +impl RemoteEnvironmentInfoProvider { + fn new(client: LazyRemoteExecServerClient) -> Self { + Self { client } + } +} + +impl EnvironmentInfoProvider for RemoteEnvironmentInfoProvider { + fn info(&self) -> BoxFuture<'_, Result> { + async move { self.client.environment_info().await }.boxed() + } +} + impl Environment { /// Builds a test-only local environment without configured sandbox helper paths. pub fn default_for_tests() -> Self { Self { exec_server_url: None, remote_transport: None, + info_provider: Arc::new(LocalEnvironmentInfoProvider), exec_backend: Arc::new(LocalProcess::default()), filesystem: Arc::new(LocalFileSystem::unsandboxed()), http_client: Arc::new(ReqwestHttpClient), @@ -354,6 +391,7 @@ impl Environment { Self { exec_server_url: None, remote_transport: None, + info_provider: Arc::new(LocalEnvironmentInfoProvider), exec_backend: Arc::new(LocalProcess::default()), filesystem: Arc::new(LocalFileSystem::with_runtime_paths( local_runtime_paths.clone(), @@ -392,6 +430,7 @@ impl Environment { Self { exec_server_url, remote_transport: Some(remote_transport), + info_provider: Arc::new(RemoteEnvironmentInfoProvider::new(client.clone())), exec_backend, filesystem, http_client: Arc::new(client), @@ -412,6 +451,11 @@ impl Environment { self.local_runtime_paths.as_ref() } + /// Returns environment information from the selected execution/filesystem environment. + pub async fn info(&self) -> Result { + self.info_provider.info().await + } + pub fn get_exec_backend(&self) -> Arc { Arc::clone(&self.exec_backend) } @@ -425,6 +469,23 @@ impl Environment { } } +impl EnvironmentInfo { + pub(crate) fn local() -> Self { + Self { + shell: codex_shell_command::shell_detect::default_user_shell().into(), + } + } +} + +impl From for ShellInfo { + fn from(shell: DetectedShell) -> Self { + Self { + name: shell.name().to_string(), + path: shell.shell_path.to_string_lossy().into_owned(), + } + } +} + #[cfg(test)] mod tests { use std::sync::Arc; @@ -458,6 +519,7 @@ mod tests { assert_eq!(environment.exec_server_url(), None); assert!(!environment.is_remote()); + assert!(environment.info().await.is_ok()); } #[tokio::test] @@ -820,6 +882,7 @@ mod tests { std::env::current_exe().expect("current exe").as_path(), ) .expect("absolute current exe"); + let path = codex_utils_path_uri::PathUri::from_abs_path(&path).expect("path URI"); let sandbox = crate::FileSystemSandboxContext::from_permission_profile( codex_protocol::models::PermissionProfile::from_runtime_permissions( &codex_protocol::permissions::FileSystemSandboxPolicy::restricted(Vec::new()), diff --git a/codex-rs/exec-server/src/environment_path.rs b/codex-rs/exec-server/src/environment_path.rs deleted file mode 100644 index e9e07abef89..00000000000 --- a/codex-rs/exec-server/src/environment_path.rs +++ /dev/null @@ -1,527 +0,0 @@ -use std::fmt; -use std::hash::Hash; -use std::hash::Hasher; -use std::io; -use std::path::Path; -use std::sync::Arc; - -use codex_utils_absolute_path::AbsolutePathBuf; - -use crate::ExecutorFileSystem; -use crate::FileMetadata; -use crate::FileSystemSandboxContext; -use crate::LOCAL_FS; -use crate::ReadDirectoryEntry; - -/// Binds an absolute path to the executor filesystem that owns it. -#[derive(Clone)] -pub struct EnvironmentPathRef { - file_system: Arc, - path: AbsolutePathBuf, -} - -impl EnvironmentPathRef { - /// Creates a path ref bound to the filesystem that owns `path`. - pub fn new(file_system: Arc, path: AbsolutePathBuf) -> Self { - Self { file_system, path } - } - - /// Creates a path ref bound to the shared unsandboxed local filesystem. - pub fn local(path: AbsolutePathBuf) -> Self { - Self::new(Arc::clone(&LOCAL_FS), path) - } - - /// Returns the absolute path held by this ref. - pub fn path(&self) -> &AbsolutePathBuf { - &self.path - } - - /// Returns the filesystem that owns this path. - pub fn file_system(&self) -> Arc { - Arc::clone(&self.file_system) - } - - /// Reads this path as UTF-8 text through its bound filesystem. - pub async fn read_to_string( - &self, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result { - self.file_system.read_file_text(&self.path, sandbox).await - } - - /// Reads metadata for this path through its bound filesystem. - pub async fn metadata( - &self, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result { - self.file_system.get_metadata(&self.path, sandbox).await - } - - /// Reads directory entries for this path through its bound filesystem. - pub async fn read_directory( - &self, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result> { - self.file_system.read_directory(&self.path, sandbox).await - } - - /// Returns a ref with the same filesystem and a replacement path. - pub fn with_path(&self, path: AbsolutePathBuf) -> Self { - Self::new(Arc::clone(&self.file_system), path) - } - - /// Lexically joins `path` onto this path through its bound filesystem. - pub async fn join>(&self, path: P) -> io::Result { - self.file_system - .join(&self.path, path.as_ref()) - .await - .map(|path| self.with_path(path)) - } - - /// Returns the parent of this path through its bound filesystem. - pub async fn parent(&self) -> io::Result> { - self.file_system - .parent(&self.path) - .await - .map(|path| path.map(|path| self.with_path(path))) - } - - /// Canonicalizes this path through its bound filesystem. - pub async fn canonicalize( - &self, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result { - self.file_system - .canonicalize(&self.path, sandbox) - .await - .map(|path| self.with_path(path)) - } -} - -impl PartialEq for EnvironmentPathRef { - fn eq(&self, other: &Self) -> bool { - Arc::ptr_eq(&self.file_system, &other.file_system) && self.path == other.path - } -} - -impl Eq for EnvironmentPathRef {} - -impl Hash for EnvironmentPathRef { - fn hash(&self, state: &mut H) { - (Arc::as_ptr(&self.file_system) as *const () as usize).hash(state); - self.path.hash(state); - } -} - -impl fmt::Debug for EnvironmentPathRef { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("EnvironmentPathRef") - .field("path", &self.path) - .finish() - } -} - -#[cfg(test)] -mod tests { - use super::*; - - use async_trait::async_trait; - use codex_protocol::models::PermissionProfile; - use codex_protocol::permissions::FileSystemSandboxPolicy; - use codex_protocol::permissions::NetworkSandboxPolicy; - use codex_utils_absolute_path::test_support::PathBufExt; - use pretty_assertions::assert_eq; - use std::collections::HashSet; - use std::path::Path; - use std::sync::Mutex; - - use crate::LOCAL_FS; - - #[derive(Clone, Debug, Eq, PartialEq)] - enum RecordedMethod { - Canonicalize, - Join, - Parent, - ReadFileText, - Metadata, - ReadDirectory, - } - - #[derive(Clone, Debug, Eq, PartialEq)] - struct RecordedCall { - method: RecordedMethod, - path: AbsolutePathBuf, - sandbox: Option, - } - - struct RecordingFileSystem { - calls: Mutex>, - } - - impl Default for RecordingFileSystem { - fn default() -> Self { - Self { - calls: Mutex::new(Vec::new()), - } - } - } - - impl RecordingFileSystem { - fn recorded_calls(&self) -> Vec { - match self.calls.lock() { - Ok(calls) => calls.clone(), - Err(err) => err.into_inner().clone(), - } - } - - fn push_call(&self, call: RecordedCall) { - match self.calls.lock() { - Ok(mut calls) => calls.push(call), - Err(err) => err.into_inner().push(call), - } - } - } - - fn local_path_ref(path: AbsolutePathBuf) -> EnvironmentPathRef { - EnvironmentPathRef::new(Arc::clone(&LOCAL_FS), path) - } - - #[async_trait] - impl ExecutorFileSystem for RecordingFileSystem { - async fn canonicalize( - &self, - path: &AbsolutePathBuf, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result { - self.push_call(RecordedCall { - method: RecordedMethod::Canonicalize, - path: path.clone(), - sandbox: None, - }); - Ok(path.parent().unwrap()) - } - - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> io::Result { - self.push_call(RecordedCall { - method: RecordedMethod::Join, - path: base_path.clone(), - sandbox: None, - }); - AbsolutePathBuf::from_absolute_path_checked(base_path.as_path().join(path)) - } - - async fn parent(&self, path: &AbsolutePathBuf) -> io::Result> { - self.push_call(RecordedCall { - method: RecordedMethod::Parent, - path: path.clone(), - sandbox: None, - }); - Ok(path.parent()) - } - - async fn read_file( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result> { - self.push_call(RecordedCall { - method: RecordedMethod::ReadFileText, - path: path.clone(), - sandbox: sandbox.cloned(), - }); - Ok(b"skill contents".to_vec()) - } - - async fn write_file( - &self, - _path: &AbsolutePathBuf, - _contents: Vec, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result<()> { - unreachable!("write_file should not be called") - } - - async fn create_directory( - &self, - _path: &AbsolutePathBuf, - _create_directory_options: crate::CreateDirectoryOptions, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result<()> { - unreachable!("create_directory should not be called") - } - - async fn get_metadata( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result { - self.push_call(RecordedCall { - method: RecordedMethod::Metadata, - path: path.clone(), - sandbox: sandbox.cloned(), - }); - Ok(FileMetadata { - is_directory: true, - is_file: false, - is_symlink: false, - created_at_ms: 1, - modified_at_ms: 2, - }) - } - - async fn read_directory( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result> { - self.push_call(RecordedCall { - method: RecordedMethod::ReadDirectory, - path: path.clone(), - sandbox: sandbox.cloned(), - }); - Ok(vec![ReadDirectoryEntry { - file_name: "SKILL.md".to_string(), - is_directory: false, - is_file: true, - }]) - } - - async fn remove( - &self, - _path: &AbsolutePathBuf, - _remove_options: crate::RemoveOptions, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result<()> { - unreachable!("remove should not be called") - } - - async fn copy( - &self, - _source_path: &AbsolutePathBuf, - _destination_path: &AbsolutePathBuf, - _copy_options: crate::CopyOptions, - _sandbox: Option<&FileSystemSandboxContext>, - ) -> io::Result<()> { - unreachable!("copy should not be called") - } - } - - fn restricted_sandbox() -> FileSystemSandboxContext { - FileSystemSandboxContext::from_permission_profile( - PermissionProfile::from_runtime_permissions( - &FileSystemSandboxPolicy::restricted(Vec::new()), - NetworkSandboxPolicy::Restricted, - ), - ) - } - - #[tokio::test] - async fn environment_path_ref_forwards_sandbox_to_file_system_methods() { - let path = std::env::temp_dir().join("skills/demo").abs(); - let file_system = Arc::new(RecordingFileSystem::default()); - let path_ref = EnvironmentPathRef::new(file_system.clone(), path.clone()); - let sandbox = restricted_sandbox(); - - assert_eq!( - path_ref - .read_to_string(Some(&sandbox)) - .await - .expect("read skill contents"), - "skill contents".to_string() - ); - assert_eq!( - path_ref - .metadata(Some(&sandbox)) - .await - .expect("read metadata"), - FileMetadata { - is_directory: true, - is_file: false, - is_symlink: false, - created_at_ms: 1, - modified_at_ms: 2, - } - ); - assert_eq!( - path_ref - .read_directory(Some(&sandbox)) - .await - .expect("read directory"), - vec![ReadDirectoryEntry { - file_name: "SKILL.md".to_string(), - is_directory: false, - is_file: true, - }] - ); - assert_eq!( - file_system.recorded_calls(), - vec![ - RecordedCall { - method: RecordedMethod::ReadFileText, - path: path.clone(), - sandbox: Some(sandbox.clone()), - }, - RecordedCall { - method: RecordedMethod::Metadata, - path: path.clone(), - sandbox: Some(sandbox.clone()), - }, - RecordedCall { - method: RecordedMethod::ReadDirectory, - path, - sandbox: Some(sandbox), - }, - ] - ); - } - - #[test] - fn environment_path_ref_equality_and_hash_include_file_system_identity() { - let path = std::env::temp_dir().join("skills/demo").abs(); - let file_system = Arc::new(RecordingFileSystem::default()); - let same_file_system: Arc = file_system.clone(); - let different_file_system: Arc = - Arc::new(RecordingFileSystem::default()); - - let left = EnvironmentPathRef::new(same_file_system.clone(), path.clone()); - let same = EnvironmentPathRef::new(same_file_system, path.clone()); - let different_path = EnvironmentPathRef::new(file_system, path.parent().unwrap()); - let different_fs = EnvironmentPathRef::new(different_file_system, path); - - assert_eq!(left, same); - assert_ne!(left, different_path); - assert_ne!(left, different_fs); - - let set = HashSet::from([left, same, different_path, different_fs]); - assert_eq!(set.len(), 3); - } - #[tokio::test] - async fn canonicalize_keeps_bound_file_system_identity() { - let path = std::env::temp_dir().join("skills/demo").abs(); - let file_system = Arc::new(RecordingFileSystem::default()); - let path_ref = EnvironmentPathRef::new(file_system.clone(), path.clone()); - - let canonicalized = path_ref - .canonicalize(/*sandbox*/ None) - .await - .expect("canonicalize"); - - assert_eq!(canonicalized.path(), &path.parent().unwrap()); - assert_eq!( - canonicalized, - EnvironmentPathRef::new(file_system.clone(), path.parent().unwrap()) - ); - assert_eq!( - file_system.recorded_calls(), - vec![RecordedCall { - method: RecordedMethod::Canonicalize, - path, - sandbox: None, - }] - ); - } - - #[tokio::test] - async fn join_keeps_bound_file_system_identity() { - let path = std::env::temp_dir().join("skills").abs(); - let file_system = Arc::new(RecordingFileSystem::default()); - let path_ref = EnvironmentPathRef::new(file_system.clone(), path.clone()); - - assert_eq!( - path_ref.join(Path::new("demo")).await.ok(), - Some(EnvironmentPathRef::new( - file_system.clone(), - std::env::temp_dir().join("skills/demo").abs(), - )) - ); - assert_eq!( - file_system.recorded_calls(), - vec![RecordedCall { - method: RecordedMethod::Join, - path, - sandbox: None, - }] - ); - } - - #[tokio::test] - async fn join_matches_absolute_path_buf_for_tilde_paths() { - let path_ref = local_path_ref(std::env::temp_dir().join("skills").abs()); - - assert_eq!( - path_ref - .join(Path::new("~")) - .await - .ok() - .map(|path_ref| path_ref.path().clone()), - Some(path_ref.path().join(Path::new("~"))) - ); - } - - #[tokio::test] - async fn join_matches_absolute_path_buf_for_parent_dirs() { - let path_ref = local_path_ref(std::env::temp_dir().join("skills").abs()); - - assert_eq!( - path_ref - .join(Path::new("../outside")) - .await - .expect("join") - .path() - .clone(), - path_ref.path().join(Path::new("../outside")) - ); - } - - #[tokio::test] - async fn parent_keeps_bound_file_system_identity() { - let path = std::env::temp_dir().join("skills/demo").abs(); - let file_system = Arc::new(RecordingFileSystem::default()); - let path_ref = EnvironmentPathRef::new(file_system.clone(), path.clone()); - - assert_eq!( - path_ref.parent().await.expect("parent"), - Some(EnvironmentPathRef::new( - file_system.clone(), - std::env::temp_dir().join("skills").abs(), - )) - ); - assert_eq!( - file_system.recorded_calls(), - vec![RecordedCall { - method: RecordedMethod::Parent, - path, - sandbox: None, - }] - ); - } - - #[cfg(windows)] - #[tokio::test] - async fn join_matches_absolute_path_buf_for_windows_prefixed_and_rooted_paths() { - let path_ref = local_path_ref(std::env::temp_dir().join("skills").abs()); - - assert_eq!( - path_ref - .join(Path::new(r"C:temp")) - .await - .expect("join") - .path() - .clone(), - path_ref.path().join(Path::new(r"C:temp")) - ); - assert_eq!( - path_ref - .join(Path::new(r"\temp")) - .await - .expect("join") - .path() - .clone(), - path_ref.path().join(Path::new(r"\temp")) - ); - } -} diff --git a/codex-rs/exec-server/src/environment_provider.rs b/codex-rs/exec-server/src/environment_provider.rs index 7e132ee2b4c..ffb5cbd1161 100644 --- a/codex-rs/exec-server/src/environment_provider.rs +++ b/codex-rs/exec-server/src/environment_provider.rs @@ -1,4 +1,5 @@ -use async_trait::async_trait; +use std::future::Future; +use std::pin::Pin; use crate::Environment; use crate::ExecServerError; @@ -13,12 +14,14 @@ use crate::environment::REMOTE_ENVIRONMENT_ID; /// selection. Providers should only return provider-owned remote environments; /// `include_local` controls whether `EnvironmentManager` should add the local /// environment to the snapshot. -#[async_trait] pub trait EnvironmentProvider: Send + Sync { /// Returns the provider-owned environment startup snapshot. - async fn snapshot(&self) -> Result; + fn snapshot(&self) -> EnvironmentProviderFuture<'_>; } +pub type EnvironmentProviderFuture<'a> = + Pin> + Send + 'a>>; + #[derive(Clone, Debug)] pub struct EnvironmentProviderSnapshot { pub environments: Vec<(String, Environment)>, @@ -80,10 +83,9 @@ impl DefaultEnvironmentProvider { } } -#[async_trait] impl EnvironmentProvider for DefaultEnvironmentProvider { - async fn snapshot(&self) -> Result { - Ok(self.snapshot_inner()) + fn snapshot(&self) -> EnvironmentProviderFuture<'_> { + Box::pin(async { Ok(self.snapshot_inner()) }) } } diff --git a/codex-rs/exec-server/src/environment_toml.rs b/codex-rs/exec-server/src/environment_toml.rs index 26c178b5b8c..87d5bea8b34 100644 --- a/codex-rs/exec-server/src/environment_toml.rs +++ b/codex-rs/exec-server/src/environment_toml.rs @@ -4,13 +4,13 @@ use std::path::Path; use std::path::PathBuf; use std::time::Duration; -use async_trait::async_trait; use serde::Deserialize; use tokio_tungstenite::tungstenite::client::IntoClientRequest; use crate::DefaultEnvironmentProvider; use crate::Environment; use crate::EnvironmentProvider; +use crate::EnvironmentProviderFuture; use crate::ExecServerError; use crate::client_api::DEFAULT_REMOTE_EXEC_SERVER_CONNECT_TIMEOUT; use crate::client_api::DEFAULT_REMOTE_EXEC_SERVER_INITIALIZE_TIMEOUT; @@ -92,10 +92,7 @@ impl TomlEnvironmentProvider { environments: parsed_environments, }) } -} -#[async_trait] -impl EnvironmentProvider for TomlEnvironmentProvider { async fn snapshot(&self) -> Result { let mut environments = Vec::with_capacity(self.environments.len()); for (id, transport_params) in &self.environments { @@ -116,6 +113,12 @@ impl EnvironmentProvider for TomlEnvironmentProvider { } } +impl EnvironmentProvider for TomlEnvironmentProvider { + fn snapshot(&self) -> EnvironmentProviderFuture<'_> { + Box::pin(TomlEnvironmentProvider::snapshot(self)) + } +} + fn parse_environment_toml( item: EnvironmentToml, config_dir: Option<&Path>, diff --git a/codex-rs/exec-server/src/fs_helper.rs b/codex-rs/exec-server/src/fs_helper.rs index 0a210175b27..6f3dc92910a 100644 --- a/codex-rs/exec-server/src/fs_helper.rs +++ b/codex-rs/exec-server/src/fs_helper.rs @@ -305,23 +305,68 @@ fn map_fs_error(err: io::Error) -> JSONRPCErrorError { #[cfg(test)] mod tests { + use codex_utils_path_uri::PathUri; + use pretty_assertions::assert_eq; + use serde_json::json; + use super::*; #[test] - fn helper_requests_use_fs_method_names() -> serde_json::Result<()> { - assert_eq!( - serde_json::to_value(FsHelperRequest::WriteFile(FsWriteFileParams { - path: std::env::current_dir() - .expect("cwd") - .join("file") - .as_path() - .try_into() - .expect("absolute path"), + fn helper_protocol_uses_path_uris() -> serde_json::Result<()> { + let local_path = PathUri::from_path(std::env::current_dir().expect("cwd").join("file")) + .expect("path URI"); + let paths = [ + local_path, + PathUri::parse("file://server/share/file").expect("path URI"), + ]; + + for path in paths { + let expected_path = path.to_string(); + + let request = serde_json::to_value(FsHelperRequest::WriteFile(FsWriteFileParams { + path: path.clone(), data_base64: String::new(), sandbox: None, - }))?["operation"], - FS_WRITE_FILE_METHOD, - ); + }))?; + assert_eq!( + request, + json!({ + "operation": FS_WRITE_FILE_METHOD, + "params": { + "path": expected_path.as_str(), + "dataBase64": "", + "sandbox": null, + }, + }), + ); + let request_path = request["params"]["path"] + .as_str() + .expect("request path should be a string"); + assert_eq!(request_path, expected_path); + assert!(request_path.starts_with("file:")); + + let response = serde_json::to_value(FsHelperResponse::Ok( + FsHelperPayload::Canonicalize(FsCanonicalizeResponse { path }), + ))?; + assert_eq!( + response, + json!({ + "status": "ok", + "payload": { + "operation": FS_CANONICALIZE_METHOD, + "response": { + "path": expected_path.as_str(), + }, + }, + }), + ); + let response_path = response["payload"]["response"]["path"] + .as_str() + .expect("canonicalize response path should be a string"); + assert_eq!(response_path, expected_path); + assert!(response_path.starts_with("file:")); + } + Ok(()) } } diff --git a/codex-rs/exec-server/src/lib.rs b/codex-rs/exec-server/src/lib.rs index dea039c2883..d6a9aacb511 100644 --- a/codex-rs/exec-server/src/lib.rs +++ b/codex-rs/exec-server/src/lib.rs @@ -3,7 +3,6 @@ mod client_api; mod client_transport; mod connection; mod environment; -mod environment_path; mod environment_provider; mod environment_toml; mod fs_helper; @@ -34,6 +33,7 @@ pub use client_api::RemoteExecServerConnectArgs; pub use codex_file_system::CopyOptions; pub use codex_file_system::CreateDirectoryOptions; pub use codex_file_system::ExecutorFileSystem; +pub use codex_file_system::ExecutorFileSystemFuture; pub use codex_file_system::FileMetadata; pub use codex_file_system::FileSystemResult; pub use codex_file_system::FileSystemSandboxContext; @@ -44,19 +44,22 @@ pub use environment::Environment; pub use environment::EnvironmentManager; pub use environment::LOCAL_ENVIRONMENT_ID; pub use environment::REMOTE_ENVIRONMENT_ID; -pub use environment_path::EnvironmentPathRef; pub use environment_provider::DefaultEnvironmentProvider; pub use environment_provider::EnvironmentProvider; +pub use environment_provider::EnvironmentProviderFuture; pub use fs_helper::CODEX_FS_HELPER_ARG1; pub use fs_helper_main::main as run_fs_helper_main; pub use local_file_system::LOCAL_FS; pub use local_file_system::LocalFileSystem; pub use process::ExecBackend; +pub use process::ExecBackendFuture; pub use process::ExecProcess; pub use process::ExecProcessEvent; pub use process::ExecProcessEventReceiver; +pub use process::ExecProcessFuture; pub use process::StartedExecProcess; pub use process_id::ProcessId; +pub use protocol::EnvironmentInfo; pub use protocol::ExecClosedNotification; pub use protocol::ExecEnvPolicy; pub use protocol::ExecExitedNotification; @@ -72,10 +75,6 @@ pub use protocol::FsCreateDirectoryParams; pub use protocol::FsCreateDirectoryResponse; pub use protocol::FsGetMetadataParams; pub use protocol::FsGetMetadataResponse; -pub use protocol::FsJoinParams; -pub use protocol::FsJoinResponse; -pub use protocol::FsParentParams; -pub use protocol::FsParentResponse; pub use protocol::FsReadDirectoryEntry; pub use protocol::FsReadDirectoryParams; pub use protocol::FsReadDirectoryResponse; @@ -92,8 +91,12 @@ pub use protocol::HttpRequestResponse; pub use protocol::InitializeParams; pub use protocol::InitializeResponse; pub use protocol::ProcessOutputChunk; +pub use protocol::ProcessSignal; pub use protocol::ReadParams; pub use protocol::ReadResponse; +pub use protocol::ShellInfo; +pub use protocol::SignalParams; +pub use protocol::SignalResponse; pub use protocol::TerminateParams; pub use protocol::TerminateResponse; pub use protocol::WriteParams; diff --git a/codex-rs/exec-server/src/local_file_system.rs b/codex-rs/exec-server/src/local_file_system.rs index 3f410f926de..7b909cc8a65 100644 --- a/codex-rs/exec-server/src/local_file_system.rs +++ b/codex-rs/exec-server/src/local_file_system.rs @@ -1,5 +1,5 @@ -use async_trait::async_trait; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use std::path::Path; use std::path::PathBuf; use std::sync::Arc; @@ -12,6 +12,7 @@ use crate::CopyOptions; use crate::CreateDirectoryOptions; use crate::ExecServerRuntimePaths; use crate::ExecutorFileSystem; +use crate::ExecutorFileSystemFuture; use crate::FileMetadata; use crate::FileSystemResult; use crate::FileSystemSandboxContext; @@ -77,32 +78,19 @@ impl LocalFileSystem { } } -#[async_trait] -impl ExecutorFileSystem for LocalFileSystem { +impl LocalFileSystem { async fn canonicalize( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { + ) -> FileSystemResult { let (file_system, sandbox) = self.file_system_for(sandbox)?; file_system.canonicalize(path, sandbox).await } - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult { - self.unsandboxed.join(base_path, path).await - } - - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult> { - self.unsandboxed.parent(path).await - } - async fn read_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { let (file_system, sandbox) = self.file_system_for(sandbox)?; @@ -111,7 +99,7 @@ impl ExecutorFileSystem for LocalFileSystem { async fn write_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, contents: Vec, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -121,7 +109,7 @@ impl ExecutorFileSystem for LocalFileSystem { async fn create_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: CreateDirectoryOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -131,7 +119,7 @@ impl ExecutorFileSystem for LocalFileSystem { async fn get_metadata( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult { let (file_system, sandbox) = self.file_system_for(sandbox)?; @@ -140,7 +128,7 @@ impl ExecutorFileSystem for LocalFileSystem { async fn read_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { let (file_system, sandbox) = self.file_system_for(sandbox)?; @@ -149,7 +137,7 @@ impl ExecutorFileSystem for LocalFileSystem { async fn remove( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: RemoveOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -159,8 +147,8 @@ impl ExecutorFileSystem for LocalFileSystem { async fn copy( &self, - source_path: &AbsolutePathBuf, - destination_path: &AbsolutePathBuf, + source_path: &PathUri, + destination_path: &PathUri, options: CopyOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -171,32 +159,98 @@ impl ExecutorFileSystem for LocalFileSystem { } } -#[async_trait] -impl ExecutorFileSystem for UnsandboxedFileSystem { +impl ExecutorFileSystem for LocalFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(LocalFileSystem::canonicalize(self, path, sandbox)) + } + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(LocalFileSystem::read_file(self, path, sandbox)) + } + + fn write_file<'a>( + &'a self, + path: &'a PathUri, + contents: Vec, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(LocalFileSystem::write_file(self, path, contents, sandbox)) + } + + fn create_directory<'a>( + &'a self, + path: &'a PathUri, + options: CreateDirectoryOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(LocalFileSystem::create_directory( + self, path, options, sandbox, + )) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(LocalFileSystem::get_metadata(self, path, sandbox)) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(LocalFileSystem::read_directory(self, path, sandbox)) + } + + fn remove<'a>( + &'a self, + path: &'a PathUri, + options: RemoveOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(LocalFileSystem::remove(self, path, options, sandbox)) + } + + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, + options: CopyOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(LocalFileSystem::copy( + self, + source_path, + destination_path, + options, + sandbox, + )) + } +} + +impl UnsandboxedFileSystem { async fn canonicalize( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { + ) -> FileSystemResult { reject_platform_sandbox_context(sandbox)?; self.file_system.canonicalize(path, /*sandbox*/ None).await } - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult { - self.file_system.join(base_path, path).await - } - - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult> { - self.file_system.parent(path).await - } - async fn read_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { reject_platform_sandbox_context(sandbox)?; @@ -205,7 +259,7 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { async fn write_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, contents: Vec, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -217,7 +271,7 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { async fn create_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: CreateDirectoryOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -229,7 +283,7 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { async fn get_metadata( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult { reject_platform_sandbox_context(sandbox)?; @@ -238,7 +292,7 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { async fn read_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { reject_platform_sandbox_context(sandbox)?; @@ -249,7 +303,7 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { async fn remove( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: RemoveOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -261,8 +315,8 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { async fn copy( &self, - source_path: &AbsolutePathBuf, - destination_path: &AbsolutePathBuf, + source_path: &PathUri, + destination_path: &PathUri, options: CopyOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -278,35 +332,107 @@ impl ExecutorFileSystem for UnsandboxedFileSystem { } } -#[async_trait] -impl ExecutorFileSystem for DirectFileSystem { - async fn canonicalize( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { - reject_sandbox_context(sandbox)?; - AbsolutePathBuf::from_absolute_path(tokio::fs::canonicalize(path.as_path()).await?) +impl ExecutorFileSystem for UnsandboxedFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(UnsandboxedFileSystem::canonicalize(self, path, sandbox)) } - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult { - Ok(base_path.join(path)) + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(UnsandboxedFileSystem::read_file(self, path, sandbox)) } - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult> { - Ok(path.parent()) + fn write_file<'a>( + &'a self, + path: &'a PathUri, + contents: Vec, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(UnsandboxedFileSystem::write_file( + self, path, contents, sandbox, + )) + } + + fn create_directory<'a>( + &'a self, + path: &'a PathUri, + options: CreateDirectoryOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(UnsandboxedFileSystem::create_directory( + self, path, options, sandbox, + )) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(UnsandboxedFileSystem::get_metadata(self, path, sandbox)) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(UnsandboxedFileSystem::read_directory(self, path, sandbox)) + } + + fn remove<'a>( + &'a self, + path: &'a PathUri, + options: RemoveOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(UnsandboxedFileSystem::remove(self, path, options, sandbox)) + } + + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, + options: CopyOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(UnsandboxedFileSystem::copy( + self, + source_path, + destination_path, + options, + sandbox, + )) + } +} + +impl DirectFileSystem { + async fn canonicalize( + &self, + path: &PathUri, + sandbox: Option<&FileSystemSandboxContext>, + ) -> FileSystemResult { + reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; + let canonicalized = + AbsolutePathBuf::from_absolute_path(tokio::fs::canonicalize(path.as_path()).await?)?; + PathUri::from_abs_path(&canonicalized) } async fn read_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; let metadata = tokio::fs::metadata(path.as_path()).await?; if metadata.len() > MAX_READ_FILE_BYTES { return Err(io::Error::new( @@ -319,21 +445,23 @@ impl ExecutorFileSystem for DirectFileSystem { async fn write_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, contents: Vec, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; tokio::fs::write(path.as_path(), contents).await } async fn create_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: CreateDirectoryOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; if options.recursive { tokio::fs::create_dir_all(path.as_path()).await?; } else { @@ -344,10 +472,11 @@ impl ExecutorFileSystem for DirectFileSystem { async fn get_metadata( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult { reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; let metadata = tokio::fs::metadata(path.as_path()).await?; let symlink_metadata = tokio::fs::symlink_metadata(path.as_path()).await?; Ok(FileMetadata { @@ -361,10 +490,11 @@ impl ExecutorFileSystem for DirectFileSystem { async fn read_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; let mut entries = Vec::new(); let mut read_dir = tokio::fs::read_dir(path.as_path()).await?; while let Some(entry) = read_dir.next_entry().await? { @@ -382,11 +512,12 @@ impl ExecutorFileSystem for DirectFileSystem { async fn remove( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: RemoveOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { reject_sandbox_context(sandbox)?; + let path = path.to_abs_path()?; match tokio::fs::symlink_metadata(path.as_path()).await { Ok(metadata) => { let file_type = metadata.file_type(); @@ -408,14 +539,14 @@ impl ExecutorFileSystem for DirectFileSystem { async fn copy( &self, - source_path: &AbsolutePathBuf, - destination_path: &AbsolutePathBuf, + source_path: &PathUri, + destination_path: &PathUri, options: CopyOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { reject_sandbox_context(sandbox)?; - let source_path = source_path.to_path_buf(); - let destination_path = destination_path.to_path_buf(); + let source_path = source_path.to_abs_path()?.into_path_buf(); + let destination_path = destination_path.to_abs_path()?.into_path_buf(); tokio::task::spawn_blocking(move || -> FileSystemResult<()> { let metadata = std::fs::symlink_metadata(source_path.as_path())?; let file_type = metadata.file_type(); @@ -460,6 +591,85 @@ impl ExecutorFileSystem for DirectFileSystem { } } +impl ExecutorFileSystem for DirectFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(DirectFileSystem::canonicalize(self, path, sandbox)) + } + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(DirectFileSystem::read_file(self, path, sandbox)) + } + + fn write_file<'a>( + &'a self, + path: &'a PathUri, + contents: Vec, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(DirectFileSystem::write_file(self, path, contents, sandbox)) + } + + fn create_directory<'a>( + &'a self, + path: &'a PathUri, + options: CreateDirectoryOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(DirectFileSystem::create_directory( + self, path, options, sandbox, + )) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(DirectFileSystem::get_metadata(self, path, sandbox)) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(DirectFileSystem::read_directory(self, path, sandbox)) + } + + fn remove<'a>( + &'a self, + path: &'a PathUri, + options: RemoveOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(DirectFileSystem::remove(self, path, options, sandbox)) + } + + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, + options: CopyOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(DirectFileSystem::copy( + self, + source_path, + destination_path, + options, + sandbox, + )) + } +} + fn reject_sandbox_context(sandbox: Option<&FileSystemSandboxContext>) -> io::Result<()> { if sandbox.is_some() { return Err(io::Error::new( @@ -576,6 +786,10 @@ fn system_time_to_unix_ms(time: SystemTime) -> i64 { .unwrap_or(0) } +#[cfg(all(test, any(unix, windows)))] +#[path = "local_file_system_path_uri_tests.rs"] +mod path_uri_tests; + #[cfg(all(test, unix))] mod tests { use super::*; diff --git a/codex-rs/exec-server/src/local_file_system_path_uri_tests.rs b/codex-rs/exec-server/src/local_file_system_path_uri_tests.rs new file mode 100644 index 00000000000..dcddd98e089 --- /dev/null +++ b/codex-rs/exec-server/src/local_file_system_path_uri_tests.rs @@ -0,0 +1,27 @@ +use codex_utils_path_uri::PathUri; +use pretty_assertions::assert_eq; +use tokio::io; + +use super::*; + +#[tokio::test] +async fn direct_file_system_rejects_non_native_uri_as_invalid_input() { + let error = DirectFileSystem + .read_file(&non_native_uri(), /*sandbox*/ None) + .await + .expect_err("non-native URI should be rejected"); + + assert_eq!(error.kind(), io::ErrorKind::InvalidInput); +} + +fn non_native_uri() -> PathUri { + #[cfg(unix)] + let uri = "file://server/share/file.txt"; + #[cfg(windows)] + let uri = "file:///usr/local/file.txt"; + + match PathUri::parse(uri) { + Ok(uri) => uri, + Err(err) => panic!("valid non-native URI should parse: {err}"), + } +} diff --git a/codex-rs/exec-server/src/local_process.rs b/codex-rs/exec-server/src/local_process.rs index bc69ec6105c..60e6b8d912c 100644 --- a/codex-rs/exec-server/src/local_process.rs +++ b/codex-rs/exec-server/src/local_process.rs @@ -4,12 +4,12 @@ use std::collections::hash_map::Entry; use std::sync::Arc; use std::time::Duration; -use async_trait::async_trait; use codex_app_server_protocol::JSONRPCErrorError; use codex_protocol::config_types::EnvironmentVariablePattern; use codex_protocol::config_types::ShellEnvironmentPolicy; use codex_protocol::shell_environment; use codex_utils_pty::ExecCommandSession; +use codex_utils_pty::ProcessSignal as PtyProcessSignal; use codex_utils_pty::TerminalSize; use tokio::sync::Mutex; use tokio::sync::Notify; @@ -17,9 +17,11 @@ use tokio::sync::mpsc; use tokio::sync::watch; use crate::ExecBackend; +use crate::ExecBackendFuture; use crate::ExecProcess; use crate::ExecProcessEvent; use crate::ExecProcessEventReceiver; +use crate::ExecProcessFuture; use crate::ExecServerError; use crate::ProcessId; use crate::StartedExecProcess; @@ -33,8 +35,11 @@ use crate::protocol::ExecOutputStream; use crate::protocol::ExecParams; use crate::protocol::ExecResponse; use crate::protocol::ProcessOutputChunk; +use crate::protocol::ProcessSignal; use crate::protocol::ReadParams; use crate::protocol::ReadResponse; +use crate::protocol::SignalParams; +use crate::protocol::SignalResponse; use crate::protocol::TerminateParams; use crate::protocol::TerminateResponse; use crate::protocol::WriteParams; @@ -272,7 +277,6 @@ impl LocalProcess { &self, params: ReadParams, ) -> Result { - let _process_id = params.process_id.clone(); let after_seq = params.after_seq.unwrap_or(0); let max_bytes = params.max_bytes.unwrap_or(usize::MAX); let wait = Duration::from_millis(params.wait_ms.unwrap_or(0)); @@ -351,7 +355,6 @@ impl LocalProcess { &self, params: WriteParams, ) -> Result { - let _process_id = params.process_id.clone(); let _input_bytes = params.chunk.0.len(); let writer_tx = { let process_map = self.inner.processes.lock().await; @@ -383,11 +386,33 @@ impl LocalProcess { }) } + pub(crate) async fn signal_process( + &self, + params: SignalParams, + ) -> Result { + { + let process_map = self.inner.processes.lock().await; + match process_map.get(¶ms.process_id) { + Some(ProcessEntry::Running(process)) => { + if process.exit_code.is_some() { + return Ok(SignalResponse {}); + } + process + .session + .signal(pty_process_signal(params.signal)) + .map_err(|err| internal_error(format!("failed to signal process: {err}")))? + } + Some(ProcessEntry::Starting) | None => {} + } + } + + Ok(SignalResponse {}) + } + pub(crate) async fn terminate_process( &self, params: TerminateParams, ) -> Result { - let _process_id = params.process_id.clone(); let running = { let process_map = self.inner.processes.lock().await; match process_map.get(¶ms.process_id) { @@ -436,8 +461,7 @@ fn shell_environment_policy(env_policy: &ExecEnvPolicy) -> ShellEnvironmentPolic } } -#[async_trait] -impl ExecBackend for LocalProcess { +impl LocalProcess { async fn start(&self, params: ExecParams) -> Result { let (response, wake_tx, events) = self .start_process(params) @@ -454,7 +478,37 @@ impl ExecBackend for LocalProcess { } } -#[async_trait] +impl ExecBackend for LocalProcess { + fn start(&self, params: ExecParams) -> ExecBackendFuture<'_> { + Box::pin(LocalProcess::start(self, params)) + } +} + +impl LocalExecProcess { + async fn read( + &self, + after_seq: Option, + max_bytes: Option, + wait_ms: Option, + ) -> Result { + self.backend + .read(&self.process_id, after_seq, max_bytes, wait_ms) + .await + } + + async fn write(&self, chunk: Vec) -> Result { + self.backend.write(&self.process_id, chunk).await + } + + async fn signal(&self, signal: ProcessSignal) -> Result<(), ExecServerError> { + self.backend.signal(&self.process_id, signal).await + } + + async fn terminate(&self) -> Result<(), ExecServerError> { + self.backend.terminate(&self.process_id).await + } +} + impl ExecProcess for LocalExecProcess { fn process_id(&self) -> &ProcessId { &self.process_id @@ -468,23 +522,25 @@ impl ExecProcess for LocalExecProcess { self.events.subscribe() } - async fn read( + fn read( &self, after_seq: Option, max_bytes: Option, wait_ms: Option, - ) -> Result { - self.backend - .read(&self.process_id, after_seq, max_bytes, wait_ms) - .await + ) -> ExecProcessFuture<'_, ReadResponse> { + Box::pin(LocalExecProcess::read(self, after_seq, max_bytes, wait_ms)) } - async fn write(&self, chunk: Vec) -> Result { - self.backend.write(&self.process_id, chunk).await + fn write(&self, chunk: Vec) -> ExecProcessFuture<'_, WriteResponse> { + Box::pin(LocalExecProcess::write(self, chunk)) } - async fn terminate(&self) -> Result<(), ExecServerError> { - self.backend.terminate(&self.process_id).await + fn signal(&self, signal: ProcessSignal) -> ExecProcessFuture<'_, ()> { + Box::pin(LocalExecProcess::signal(self, signal)) + } + + fn terminate(&self) -> ExecProcessFuture<'_, ()> { + Box::pin(LocalExecProcess::terminate(self)) } } @@ -519,6 +575,20 @@ impl LocalProcess { .map_err(map_handler_error) } + async fn signal( + &self, + process_id: &ProcessId, + signal: ProcessSignal, + ) -> Result<(), ExecServerError> { + self.signal_process(SignalParams { + process_id: process_id.clone(), + signal, + }) + .await + .map_err(map_handler_error)?; + Ok(()) + } + async fn terminate(&self, process_id: &ProcessId) -> Result<(), ExecServerError> { self.terminate_process(TerminateParams { process_id: process_id.clone(), @@ -529,6 +599,12 @@ impl LocalProcess { } } +fn pty_process_signal(signal: ProcessSignal) -> PtyProcessSignal { + match signal { + ProcessSignal::Interrupt => PtyProcessSignal::Interrupt, + } +} + fn map_handler_error(error: JSONRPCErrorError) -> ExecServerError { ExecServerError::Server { code: error.code, diff --git a/codex-rs/exec-server/src/process.rs b/codex-rs/exec-server/src/process.rs index cb6c8321380..b136ef4682f 100644 --- a/codex-rs/exec-server/src/process.rs +++ b/codex-rs/exec-server/src/process.rs @@ -1,8 +1,9 @@ use std::collections::VecDeque; +use std::future::Future; +use std::pin::Pin; use std::sync::Arc; use std::sync::Mutex as StdMutex; -use async_trait::async_trait; use tokio::sync::broadcast; use tokio::sync::watch; @@ -10,6 +11,7 @@ use crate::ExecServerError; use crate::ProcessId; use crate::protocol::ExecParams; use crate::protocol::ProcessOutputChunk; +use crate::protocol::ProcessSignal; use crate::protocol::ReadResponse; use crate::protocol::WriteResponse; @@ -161,7 +163,6 @@ impl ExecProcessEventReceiver { /// `read` is the request/response API for callers that want to page through /// buffered output, while `subscribe_events` is the streaming API for callers /// that want output and lifecycle changes delivered as they happen. -#[async_trait] pub trait ExecProcess: Send + Sync { fn process_id(&self) -> &ProcessId; @@ -169,23 +170,30 @@ pub trait ExecProcess: Send + Sync { fn subscribe_events(&self) -> ExecProcessEventReceiver; - async fn read( + fn read( &self, after_seq: Option, max_bytes: Option, wait_ms: Option, - ) -> Result; + ) -> ExecProcessFuture<'_, ReadResponse>; - async fn write(&self, chunk: Vec) -> Result; + fn write(&self, chunk: Vec) -> ExecProcessFuture<'_, WriteResponse>; - async fn terminate(&self) -> Result<(), ExecServerError>; + fn signal(&self, signal: ProcessSignal) -> ExecProcessFuture<'_, ()>; + + fn terminate(&self) -> ExecProcessFuture<'_, ()>; } -#[async_trait] +pub type ExecProcessFuture<'a, T> = + Pin> + Send + 'a>>; + pub trait ExecBackend: Send + Sync { - async fn start(&self, params: ExecParams) -> Result; + fn start(&self, params: ExecParams) -> ExecBackendFuture<'_>; } +pub type ExecBackendFuture<'a> = + Pin> + Send + 'a>>; + #[cfg(test)] mod tests { use pretty_assertions::assert_eq; diff --git a/codex-rs/exec-server/src/protocol.rs b/codex-rs/exec-server/src/protocol.rs index 9ac80c188ed..8b9819b64da 100644 --- a/codex-rs/exec-server/src/protocol.rs +++ b/codex-rs/exec-server/src/protocol.rs @@ -4,7 +4,7 @@ use std::path::PathBuf; use crate::FileSystemSandboxContext; use base64::engine::general_purpose::STANDARD as BASE64_STANDARD; use codex_protocol::config_types::ShellEnvironmentPolicyInherit; -use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use serde::Deserialize; use serde::Serialize; @@ -15,17 +15,17 @@ pub const INITIALIZED_METHOD: &str = "initialized"; pub const EXEC_METHOD: &str = "process/start"; pub const EXEC_READ_METHOD: &str = "process/read"; pub const EXEC_WRITE_METHOD: &str = "process/write"; +pub const EXEC_SIGNAL_METHOD: &str = "process/signal"; pub const EXEC_TERMINATE_METHOD: &str = "process/terminate"; pub const EXEC_OUTPUT_DELTA_METHOD: &str = "process/output"; pub const EXEC_EXITED_METHOD: &str = "process/exited"; pub const EXEC_CLOSED_METHOD: &str = "process/closed"; +pub const ENVIRONMENT_INFO_METHOD: &str = "environment/info"; pub const FS_READ_FILE_METHOD: &str = "fs/readFile"; pub const FS_WRITE_FILE_METHOD: &str = "fs/writeFile"; pub const FS_CREATE_DIRECTORY_METHOD: &str = "fs/createDirectory"; pub const FS_GET_METADATA_METHOD: &str = "fs/getMetadata"; pub const FS_CANONICALIZE_METHOD: &str = "fs/canonicalize"; -pub const FS_JOIN_METHOD: &str = "fs/join"; -pub const FS_PARENT_METHOD: &str = "fs/parent"; pub const FS_READ_DIRECTORY_METHOD: &str = "fs/readDirectory"; pub const FS_REMOVE_METHOD: &str = "fs/remove"; pub const FS_COPY_METHOD: &str = "fs/copy"; @@ -64,6 +64,23 @@ pub struct InitializeResponse { pub session_id: String, } +/// Information about an execution/filesystem environment. +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct EnvironmentInfo { + pub shell: ShellInfo, +} + +/// Shell detected for an execution/filesystem environment. +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct ShellInfo { + /// Stable shell name, for example `zsh`, `bash`, `powershell`, `sh`, or `cmd`. + pub name: String, + /// Path the exec server would use for that shell. + pub path: String, +} + #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct ExecParams { @@ -148,6 +165,23 @@ pub struct WriteResponse { pub status: WriteStatus, } +#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub enum ProcessSignal { + Interrupt, +} + +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct SignalParams { + pub process_id: ProcessId, + pub signal: ProcessSignal, +} + +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] +#[serde(rename_all = "camelCase")] +pub struct SignalResponse {} + #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct TerminateParams { @@ -163,7 +197,7 @@ pub struct TerminateResponse { #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsReadFileParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub sandbox: Option, } @@ -176,7 +210,7 @@ pub struct FsReadFileResponse { #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsWriteFileParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub data_base64: String, pub sandbox: Option, } @@ -188,7 +222,7 @@ pub struct FsWriteFileResponse {} #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsCreateDirectoryParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub recursive: Option, pub sandbox: Option, } @@ -200,7 +234,7 @@ pub struct FsCreateDirectoryResponse {} #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsGetMetadataParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub sandbox: Option, } @@ -217,45 +251,20 @@ pub struct FsGetMetadataResponse { #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsCanonicalizeParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub sandbox: Option, } #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsCanonicalizeResponse { - pub path: AbsolutePathBuf, -} - -#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct FsJoinParams { - pub base_path: AbsolutePathBuf, - pub path: PathBuf, -} - -#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct FsJoinResponse { - pub path: AbsolutePathBuf, -} - -#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct FsParentParams { - pub path: AbsolutePathBuf, -} - -#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] -#[serde(rename_all = "camelCase")] -pub struct FsParentResponse { - pub path: Option, + pub path: PathUri, } #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsReadDirectoryParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub sandbox: Option, } @@ -276,7 +285,7 @@ pub struct FsReadDirectoryResponse { #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsRemoveParams { - pub path: AbsolutePathBuf, + pub path: PathUri, pub recursive: Option, pub force: Option, pub sandbox: Option, @@ -289,8 +298,8 @@ pub struct FsRemoveResponse {} #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[serde(rename_all = "camelCase")] pub struct FsCopyParams { - pub source_path: AbsolutePathBuf, - pub destination_path: AbsolutePathBuf, + pub source_path: PathUri, + pub destination_path: PathUri, pub recursive: bool, pub sandbox: Option, } @@ -439,9 +448,36 @@ mod base64_bytes { #[cfg(test)] mod tests { + use super::FsReadFileParams; use super::HttpRequestParams; + use codex_utils_path_uri::PathUri; use pretty_assertions::assert_eq; + #[test] + fn filesystem_protocol_accepts_legacy_absolute_paths_and_serializes_path_uris() { + let legacy_path = std::env::current_dir() + .expect("current directory") + .join("legacy-file.txt"); + let params: FsReadFileParams = serde_json::from_value(serde_json::json!({ + "path": legacy_path.to_string_lossy(), + "sandbox": null, + })) + .expect("legacy absolute path should deserialize"); + let expected = FsReadFileParams { + path: PathUri::from_path(legacy_path).expect("path URI"), + sandbox: None, + }; + + assert_eq!(params, expected); + assert_eq!( + serde_json::to_value(params).expect("params should serialize"), + serde_json::json!({ + "path": expected.path.to_string(), + "sandbox": null, + }) + ); + } + #[test] fn http_request_timeout_treats_omitted_and_null_as_no_timeout() { let omitted: HttpRequestParams = serde_json::from_value(serde_json::json!({ diff --git a/codex-rs/exec-server/src/remote_file_system.rs b/codex-rs/exec-server/src/remote_file_system.rs index 54198c93bac..03fe0532e97 100644 --- a/codex-rs/exec-server/src/remote_file_system.rs +++ b/codex-rs/exec-server/src/remote_file_system.rs @@ -1,8 +1,6 @@ -use async_trait::async_trait; use base64::Engine as _; use base64::engine::general_purpose::STANDARD; -use codex_utils_absolute_path::AbsolutePathBuf; -use std::path::Path; +use codex_utils_path_uri::PathUri; use tokio::io; use tracing::trace; @@ -10,6 +8,7 @@ use crate::CopyOptions; use crate::CreateDirectoryOptions; use crate::ExecServerError; use crate::ExecutorFileSystem; +use crate::ExecutorFileSystemFuture; use crate::FileMetadata; use crate::FileSystemResult; use crate::FileSystemSandboxContext; @@ -20,8 +19,6 @@ use crate::protocol::FsCanonicalizeParams; use crate::protocol::FsCopyParams; use crate::protocol::FsCreateDirectoryParams; use crate::protocol::FsGetMetadataParams; -use crate::protocol::FsJoinParams; -use crate::protocol::FsParentParams; use crate::protocol::FsReadDirectoryParams; use crate::protocol::FsReadFileParams; use crate::protocol::FsRemoveParams; @@ -39,15 +36,12 @@ impl RemoteFileSystem { trace!("remote fs new"); Self { client } } -} -#[async_trait] -impl ExecutorFileSystem for RemoteFileSystem { async fn canonicalize( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { + ) -> FileSystemResult { trace!("remote fs canonicalize"); let client = self.client.get().await.map_err(map_remote_error)?; let response = client @@ -60,36 +54,9 @@ impl ExecutorFileSystem for RemoteFileSystem { Ok(response.path) } - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult { - trace!("remote fs join"); - let client = self.client.get().await.map_err(map_remote_error)?; - let response = client - .fs_join(FsJoinParams { - base_path: base_path.clone(), - path: path.to_path_buf(), - }) - .await - .map_err(map_remote_error)?; - Ok(response.path) - } - - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult> { - trace!("remote fs parent"); - let client = self.client.get().await.map_err(map_remote_error)?; - let response = client - .fs_parent(FsParentParams { path: path.clone() }) - .await - .map_err(map_remote_error)?; - Ok(response.path) - } - async fn read_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { trace!("remote fs read_file"); @@ -111,7 +78,7 @@ impl ExecutorFileSystem for RemoteFileSystem { async fn write_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, contents: Vec, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -130,7 +97,7 @@ impl ExecutorFileSystem for RemoteFileSystem { async fn create_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: CreateDirectoryOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -149,7 +116,7 @@ impl ExecutorFileSystem for RemoteFileSystem { async fn get_metadata( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult { trace!("remote fs get_metadata"); @@ -172,7 +139,7 @@ impl ExecutorFileSystem for RemoteFileSystem { async fn read_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { trace!("remote fs read_directory"); @@ -197,7 +164,7 @@ impl ExecutorFileSystem for RemoteFileSystem { async fn remove( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: RemoveOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -217,8 +184,8 @@ impl ExecutorFileSystem for RemoteFileSystem { async fn copy( &self, - source_path: &AbsolutePathBuf, - destination_path: &AbsolutePathBuf, + source_path: &PathUri, + destination_path: &PathUri, options: CopyOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { @@ -237,6 +204,85 @@ impl ExecutorFileSystem for RemoteFileSystem { } } +impl ExecutorFileSystem for RemoteFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(RemoteFileSystem::canonicalize(self, path, sandbox)) + } + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(RemoteFileSystem::read_file(self, path, sandbox)) + } + + fn write_file<'a>( + &'a self, + path: &'a PathUri, + contents: Vec, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(RemoteFileSystem::write_file(self, path, contents, sandbox)) + } + + fn create_directory<'a>( + &'a self, + path: &'a PathUri, + options: CreateDirectoryOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(RemoteFileSystem::create_directory( + self, path, options, sandbox, + )) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(RemoteFileSystem::get_metadata(self, path, sandbox)) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(RemoteFileSystem::read_directory(self, path, sandbox)) + } + + fn remove<'a>( + &'a self, + path: &'a PathUri, + options: RemoveOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(RemoteFileSystem::remove(self, path, options, sandbox)) + } + + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, + options: CopyOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(RemoteFileSystem::copy( + self, + source_path, + destination_path, + options, + sandbox, + )) + } +} + fn remote_sandbox_context( sandbox: Option<&FileSystemSandboxContext>, ) -> Option { @@ -261,6 +307,10 @@ fn map_remote_error(error: ExecServerError) -> io::Error { } } +#[cfg(all(test, any(unix, windows)))] +#[path = "remote_file_system_path_uri_tests.rs"] +mod path_uri_tests; + #[cfg(test)] mod tests { use codex_protocol::models::PermissionProfile; @@ -270,6 +320,7 @@ mod tests { use codex_protocol::permissions::FileSystemSandboxPolicy; use codex_protocol::permissions::FileSystemSpecialPath; use codex_protocol::permissions::NetworkSandboxPolicy; + use codex_utils_absolute_path::AbsolutePathBuf; use pretty_assertions::assert_eq; use super::*; diff --git a/codex-rs/exec-server/src/remote_file_system_path_uri_tests.rs b/codex-rs/exec-server/src/remote_file_system_path_uri_tests.rs new file mode 100644 index 00000000000..47703f87094 --- /dev/null +++ b/codex-rs/exec-server/src/remote_file_system_path_uri_tests.rs @@ -0,0 +1,159 @@ +#![allow(clippy::expect_used)] + +use codex_app_server_protocol::JSONRPCMessage; +use codex_app_server_protocol::JSONRPCResponse; +use codex_utils_path_uri::PathUri; +use futures::SinkExt; +use futures::StreamExt; +use pretty_assertions::assert_eq; +use tokio::net::TcpListener; +use tokio::net::TcpStream; +use tokio::sync::oneshot; +use tokio::time::Duration; +use tokio::time::timeout; +use tokio_tungstenite::WebSocketStream; +use tokio_tungstenite::accept_async; +use tokio_tungstenite::tungstenite::Message; + +use super::*; +use crate::client_api::ExecServerTransportParams; +use crate::protocol::FS_READ_FILE_METHOD; +use crate::protocol::FsReadFileParams; +use crate::protocol::FsReadFileResponse; +use crate::protocol::INITIALIZE_METHOD; +use crate::protocol::INITIALIZED_METHOD; +use crate::protocol::InitializeResponse; + +#[tokio::test] +async fn remote_file_system_sends_path_uris_without_native_conversion() { + let (websocket_url, captured_paths, server) = + record_read_file_paths(/*expected_requests*/ 2).await; + let file_system = RemoteFileSystem::new(LazyRemoteExecServerClient::new( + ExecServerTransportParams::websocket_url(websocket_url), + )); + let paths = vec![ + PathUri::parse("file:///C:/Users/Alice/src/main.rs").expect("valid drive URI"), + PathUri::parse("file://server/share/src/main.rs").expect("valid UNC URI"), + ]; + + for path in &paths { + assert_eq!( + file_system + .read_file(path, /*sandbox*/ None) + .await + .expect("remote read should succeed"), + Vec::::new() + ); + } + + assert_eq!(captured_paths.await.expect("captured paths"), paths); + server.await.expect("recording server should succeed"); +} + +async fn record_read_file_paths( + expected_requests: usize, +) -> ( + String, + oneshot::Receiver>, + tokio::task::JoinHandle<()>, +) { + let listener = TcpListener::bind("127.0.0.1:0") + .await + .expect("listener should bind"); + let websocket_url = format!("ws://{}", listener.local_addr().expect("listener address")); + let (captured_paths_tx, captured_paths_rx) = oneshot::channel(); + let server = tokio::spawn(async move { + let (stream, _) = listener.accept().await.expect("listener should accept"); + let mut websocket = accept_async(stream) + .await + .expect("websocket handshake should succeed"); + complete_websocket_initialize(&mut websocket).await; + + let mut captured_paths = Vec::with_capacity(expected_requests); + for _ in 0..expected_requests { + let request = match read_jsonrpc_websocket(&mut websocket).await { + JSONRPCMessage::Request(request) if request.method == FS_READ_FILE_METHOD => { + request + } + other => panic!("expected fs/readFile request, got {other:?}"), + }; + let params: FsReadFileParams = + serde_json::from_value(request.params.expect("fs/readFile params should exist")) + .expect("fs/readFile params should deserialize"); + captured_paths.push(params.path); + write_jsonrpc_websocket( + &mut websocket, + JSONRPCMessage::Response(JSONRPCResponse { + id: request.id, + result: serde_json::to_value(FsReadFileResponse { + data_base64: String::new(), + }) + .expect("fs/readFile response should serialize"), + }), + ) + .await; + } + captured_paths_tx + .send(captured_paths) + .expect("captured paths receiver should stay open"); + }); + + (websocket_url, captured_paths_rx, server) +} + +async fn complete_websocket_initialize(websocket: &mut WebSocketStream) { + let request = match read_jsonrpc_websocket(websocket).await { + JSONRPCMessage::Request(request) if request.method == INITIALIZE_METHOD => request, + other => panic!("expected initialize request, got {other:?}"), + }; + write_jsonrpc_websocket( + websocket, + JSONRPCMessage::Response(JSONRPCResponse { + id: request.id, + result: serde_json::to_value(InitializeResponse { + session_id: "session-1".to_string(), + }) + .expect("initialize response should serialize"), + }), + ) + .await; + + match read_jsonrpc_websocket(websocket).await { + JSONRPCMessage::Notification(notification) if notification.method == INITIALIZED_METHOD => { + } + other => panic!("expected initialized notification, got {other:?}"), + } +} + +async fn read_jsonrpc_websocket(websocket: &mut WebSocketStream) -> JSONRPCMessage { + loop { + match timeout(Duration::from_secs(1), websocket.next()) + .await + .expect("json-rpc websocket read should not time out") + .expect("websocket should stay open") + .expect("websocket frame should read") + { + Message::Text(text) => { + return serde_json::from_str(text.as_ref()) + .expect("json-rpc text frame should parse"); + } + Message::Binary(bytes) => { + return serde_json::from_slice(bytes.as_ref()) + .expect("json-rpc binary frame should parse"); + } + Message::Ping(_) | Message::Pong(_) => {} + other => panic!("expected json-rpc websocket frame, got {other:?}"), + } + } +} + +async fn write_jsonrpc_websocket( + websocket: &mut WebSocketStream, + message: JSONRPCMessage, +) { + let encoded = serde_json::to_string(&message).expect("json-rpc should serialize"); + websocket + .send(Message::Text(encoded.into())) + .await + .expect("json-rpc websocket frame should write"); +} diff --git a/codex-rs/exec-server/src/remote_process.rs b/codex-rs/exec-server/src/remote_process.rs index d8d06735cdb..e130114cc34 100644 --- a/codex-rs/exec-server/src/remote_process.rs +++ b/codex-rs/exec-server/src/remote_process.rs @@ -1,17 +1,18 @@ use std::sync::Arc; -use async_trait::async_trait; use tokio::sync::watch; use tracing::trace; use crate::ExecBackend; +use crate::ExecBackendFuture; use crate::ExecProcess; use crate::ExecProcessEventReceiver; -use crate::ExecServerError; +use crate::ExecProcessFuture; use crate::StartedExecProcess; use crate::client::LazyRemoteExecServerClient; use crate::client::Session; use crate::protocol::ExecParams; +use crate::protocol::ProcessSignal; use crate::protocol::ReadResponse; use crate::protocol::WriteResponse; @@ -29,11 +30,11 @@ impl RemoteProcess { trace!("remote process new"); Self { client } } -} -#[async_trait] -impl ExecBackend for RemoteProcess { - async fn start(&self, params: ExecParams) -> Result { + async fn start( + &self, + params: ExecParams, + ) -> Result { let process_id = params.process_id.clone(); let client = self.client.get().await?; let session = client.register_session(&process_id).await?; @@ -48,7 +49,38 @@ impl ExecBackend for RemoteProcess { } } -#[async_trait] +impl ExecBackend for RemoteProcess { + fn start(&self, params: ExecParams) -> ExecBackendFuture<'_> { + Box::pin(RemoteProcess::start(self, params)) + } +} + +impl RemoteExecProcess { + async fn read( + &self, + after_seq: Option, + max_bytes: Option, + wait_ms: Option, + ) -> Result { + self.session.read(after_seq, max_bytes, wait_ms).await + } + + async fn write(&self, chunk: Vec) -> Result { + trace!("exec process write"); + self.session.write(chunk).await + } + + async fn signal(&self, signal: ProcessSignal) -> Result<(), crate::ExecServerError> { + trace!("exec process signal"); + self.session.signal(signal).await + } + + async fn terminate(&self) -> Result<(), crate::ExecServerError> { + trace!("exec process terminate"); + self.session.terminate().await + } +} + impl ExecProcess for RemoteExecProcess { fn process_id(&self) -> &crate::ProcessId { self.session.process_id() @@ -62,23 +94,25 @@ impl ExecProcess for RemoteExecProcess { self.session.subscribe_events() } - async fn read( + fn read( &self, after_seq: Option, max_bytes: Option, wait_ms: Option, - ) -> Result { - self.session.read(after_seq, max_bytes, wait_ms).await + ) -> ExecProcessFuture<'_, ReadResponse> { + Box::pin(RemoteExecProcess::read(self, after_seq, max_bytes, wait_ms)) } - async fn write(&self, chunk: Vec) -> Result { - trace!("exec process write"); - self.session.write(chunk).await + fn write(&self, chunk: Vec) -> ExecProcessFuture<'_, WriteResponse> { + Box::pin(RemoteExecProcess::write(self, chunk)) } - async fn terminate(&self) -> Result<(), ExecServerError> { - trace!("exec process terminate"); - self.session.terminate().await + fn signal(&self, signal: ProcessSignal) -> ExecProcessFuture<'_, ()> { + Box::pin(RemoteExecProcess::signal(self, signal)) + } + + fn terminate(&self) -> ExecProcessFuture<'_, ()> { + Box::pin(RemoteExecProcess::terminate(self)) } } diff --git a/codex-rs/exec-server/src/sandboxed_file_system.rs b/codex-rs/exec-server/src/sandboxed_file_system.rs index 00b6966c3bd..94d18aafc19 100644 --- a/codex-rs/exec-server/src/sandboxed_file_system.rs +++ b/codex-rs/exec-server/src/sandboxed_file_system.rs @@ -1,15 +1,14 @@ -use async_trait::async_trait; use base64::Engine as _; use base64::engine::general_purpose::STANDARD; use codex_app_server_protocol::JSONRPCErrorError; -use codex_utils_absolute_path::AbsolutePathBuf; -use std::path::Path; +use codex_utils_path_uri::PathUri; use tokio::io; use crate::CopyOptions; use crate::CreateDirectoryOptions; use crate::ExecServerRuntimePaths; use crate::ExecutorFileSystem; +use crate::ExecutorFileSystemFuture; use crate::FileMetadata; use crate::FileSystemResult; use crate::FileSystemSandboxContext; @@ -51,14 +50,14 @@ impl SandboxedFileSystem { } } -#[async_trait] -impl ExecutorFileSystem for SandboxedFileSystem { +impl SandboxedFileSystem { async fn canonicalize( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { + ) -> FileSystemResult { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; let response = self .run_sandboxed( sandbox, @@ -73,24 +72,13 @@ impl ExecutorFileSystem for SandboxedFileSystem { Ok(response.path) } - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult { - Ok(base_path.join(path)) - } - - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult> { - Ok(path.parent()) - } - async fn read_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; let response = self .run_sandboxed( sandbox, @@ -112,11 +100,12 @@ impl ExecutorFileSystem for SandboxedFileSystem { async fn write_file( &self, - path: &AbsolutePathBuf, + path: &PathUri, contents: Vec, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; self.run_sandboxed( sandbox, FsHelperRequest::WriteFile(FsWriteFileParams { @@ -133,11 +122,12 @@ impl ExecutorFileSystem for SandboxedFileSystem { async fn create_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, options: CreateDirectoryOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; self.run_sandboxed( sandbox, FsHelperRequest::CreateDirectory(FsCreateDirectoryParams { @@ -154,10 +144,11 @@ impl ExecutorFileSystem for SandboxedFileSystem { async fn get_metadata( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; let response = self .run_sandboxed( sandbox, @@ -180,10 +171,11 @@ impl ExecutorFileSystem for SandboxedFileSystem { async fn read_directory( &self, - path: &AbsolutePathBuf, + path: &PathUri, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult> { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; let response = self .run_sandboxed( sandbox, @@ -208,11 +200,12 @@ impl ExecutorFileSystem for SandboxedFileSystem { async fn remove( &self, - path: &AbsolutePathBuf, + path: &PathUri, remove_options: RemoveOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(path)?; self.run_sandboxed( sandbox, FsHelperRequest::Remove(FsRemoveParams { @@ -230,12 +223,14 @@ impl ExecutorFileSystem for SandboxedFileSystem { async fn copy( &self, - source_path: &AbsolutePathBuf, - destination_path: &AbsolutePathBuf, + source_path: &PathUri, + destination_path: &PathUri, options: CopyOptions, sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<()> { let sandbox = require_platform_sandbox(sandbox)?; + validate_native_path(source_path)?; + validate_native_path(destination_path)?; self.run_sandboxed( sandbox, FsHelperRequest::Copy(FsCopyParams { @@ -252,6 +247,96 @@ impl ExecutorFileSystem for SandboxedFileSystem { } } +impl ExecutorFileSystem for SandboxedFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(SandboxedFileSystem::canonicalize(self, path, sandbox)) + } + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(SandboxedFileSystem::read_file(self, path, sandbox)) + } + + fn write_file<'a>( + &'a self, + path: &'a PathUri, + contents: Vec, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(SandboxedFileSystem::write_file( + self, path, contents, sandbox, + )) + } + + fn create_directory<'a>( + &'a self, + path: &'a PathUri, + options: CreateDirectoryOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(SandboxedFileSystem::create_directory( + self, path, options, sandbox, + )) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(SandboxedFileSystem::get_metadata(self, path, sandbox)) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(SandboxedFileSystem::read_directory(self, path, sandbox)) + } + + fn remove<'a>( + &'a self, + path: &'a PathUri, + remove_options: RemoveOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(SandboxedFileSystem::remove( + self, + path, + remove_options, + sandbox, + )) + } + + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, + options: CopyOptions, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(SandboxedFileSystem::copy( + self, + source_path, + destination_path, + options, + sandbox, + )) + } +} + +fn validate_native_path(path: &PathUri) -> FileSystemResult<()> { + path.to_abs_path().map(drop) +} + fn require_platform_sandbox( sandbox: Option<&FileSystemSandboxContext>, ) -> FileSystemResult<&FileSystemSandboxContext> { @@ -272,3 +357,7 @@ fn map_sandbox_error(error: JSONRPCErrorError) -> io::Error { _ => io::Error::other(error.message), } } + +#[cfg(all(test, any(unix, windows)))] +#[path = "sandboxed_file_system_path_uri_tests.rs"] +mod path_uri_tests; diff --git a/codex-rs/exec-server/src/sandboxed_file_system_path_uri_tests.rs b/codex-rs/exec-server/src/sandboxed_file_system_path_uri_tests.rs new file mode 100644 index 00000000000..eb1a0d5dc44 --- /dev/null +++ b/codex-rs/exec-server/src/sandboxed_file_system_path_uri_tests.rs @@ -0,0 +1,43 @@ +use codex_protocol::models::PermissionProfile; +use codex_protocol::permissions::FileSystemSandboxPolicy; +use codex_protocol::permissions::NetworkSandboxPolicy; +use codex_utils_path_uri::PathUri; +use pretty_assertions::assert_eq; +use tokio::io; + +use super::*; + +#[tokio::test] +async fn sandboxed_file_system_rejects_non_native_uri_as_invalid_input() { + let runtime_paths = ExecServerRuntimePaths::new( + std::env::current_exe().expect("current exe"), + /*codex_linux_sandbox_exe*/ None, + ) + .expect("runtime paths"); + let file_system = SandboxedFileSystem::new(runtime_paths); + let sandbox = FileSystemSandboxContext::from_permission_profile( + PermissionProfile::from_runtime_permissions( + &FileSystemSandboxPolicy::restricted(Vec::new()), + NetworkSandboxPolicy::Restricted, + ), + ); + + let error = file_system + .read_file(&non_native_uri(), Some(&sandbox)) + .await + .expect_err("non-native URI should be rejected"); + + assert_eq!(error.kind(), io::ErrorKind::InvalidInput); +} + +fn non_native_uri() -> PathUri { + #[cfg(unix)] + let uri = "file://server/share/file.txt"; + #[cfg(windows)] + let uri = "file:///usr/local/file.txt"; + + match PathUri::parse(uri) { + Ok(uri) => uri, + Err(err) => panic!("valid non-native URI should parse: {err}"), + } +} diff --git a/codex-rs/exec-server/src/server/file_system_handler.rs b/codex-rs/exec-server/src/server/file_system_handler.rs index b60589d0200..1b6281f25be 100644 --- a/codex-rs/exec-server/src/server/file_system_handler.rs +++ b/codex-rs/exec-server/src/server/file_system_handler.rs @@ -19,10 +19,6 @@ use crate::protocol::FsCreateDirectoryParams; use crate::protocol::FsCreateDirectoryResponse; use crate::protocol::FsGetMetadataParams; use crate::protocol::FsGetMetadataResponse; -use crate::protocol::FsJoinParams; -use crate::protocol::FsJoinResponse; -use crate::protocol::FsParentParams; -use crate::protocol::FsParentResponse; use crate::protocol::FsReadDirectoryEntry; use crate::protocol::FsReadDirectoryParams; use crate::protocol::FsReadDirectoryResponse; @@ -124,30 +120,6 @@ impl FileSystemHandler { Ok(FsCanonicalizeResponse { path }) } - pub(crate) async fn join( - &self, - params: FsJoinParams, - ) -> Result { - let path = self - .file_system - .join(¶ms.base_path, ¶ms.path) - .await - .map_err(map_fs_error)?; - Ok(FsJoinResponse { path }) - } - - pub(crate) async fn parent( - &self, - params: FsParentParams, - ) -> Result { - let path = self - .file_system - .parent(¶ms.path) - .await - .map_err(map_fs_error)?; - Ok(FsParentResponse { path }) - } - pub(crate) async fn read_directory( &self, params: FsReadDirectoryParams, @@ -218,6 +190,7 @@ mod tests { use codex_protocol::protocol::NetworkAccess; use codex_protocol::protocol::SandboxPolicy; use codex_utils_absolute_path::AbsolutePathBuf; + use codex_utils_path_uri::PathUri; use pretty_assertions::assert_eq; use super::*; @@ -246,9 +219,7 @@ mod tests { }, ), ] { - let path = - AbsolutePathBuf::from_absolute_path(temp_dir.path().join(file_name).as_path()) - .expect("absolute path"); + let path = PathUri::from_path(temp_dir.path().join(file_name)).expect("path URI"); handler .write_file(FsWriteFileParams { @@ -262,6 +233,24 @@ mod tests { .await .expect("write file"); + let canonicalized = handler + .canonicalize(FsCanonicalizeParams { + path: path.clone(), + sandbox: Some(FileSystemSandboxContext::from_legacy_sandbox_policy( + sandbox_policy.clone(), + sandbox_cwd.clone(), + )), + }) + .await + .expect("canonicalize file"); + assert_eq!( + canonicalized.path, + PathUri::from_path( + std::fs::canonicalize(temp_dir.path().join(file_name)).expect("canonical path"), + ) + .expect("canonical path URI"), + ); + let response = handler .read_file(FsReadFileParams { path, diff --git a/codex-rs/exec-server/src/server/handler.rs b/codex-rs/exec-server/src/server/handler.rs index 5456ce41c0b..73e8f22684e 100644 --- a/codex-rs/exec-server/src/server/handler.rs +++ b/codex-rs/exec-server/src/server/handler.rs @@ -14,6 +14,7 @@ use tokio_util::task::TaskTracker; use crate::ExecServerRuntimePaths; use crate::client::http_client::PendingReqwestHttpBodyStream; use crate::client::http_client::ReqwestHttpRequestRunner; +use crate::protocol::EnvironmentInfo; use crate::protocol::ExecParams; use crate::protocol::ExecResponse; use crate::protocol::FsCanonicalizeParams; @@ -24,10 +25,6 @@ use crate::protocol::FsCreateDirectoryParams; use crate::protocol::FsCreateDirectoryResponse; use crate::protocol::FsGetMetadataParams; use crate::protocol::FsGetMetadataResponse; -use crate::protocol::FsJoinParams; -use crate::protocol::FsJoinResponse; -use crate::protocol::FsParentParams; -use crate::protocol::FsParentResponse; use crate::protocol::FsReadDirectoryParams; use crate::protocol::FsReadDirectoryResponse; use crate::protocol::FsReadFileParams; @@ -41,6 +38,8 @@ use crate::protocol::InitializeParams; use crate::protocol::InitializeResponse; use crate::protocol::ReadParams; use crate::protocol::ReadResponse; +use crate::protocol::SignalParams; +use crate::protocol::SignalResponse; use crate::protocol::TerminateParams; use crate::protocol::TerminateResponse; use crate::protocol::WriteParams; @@ -147,6 +146,11 @@ impl ExecServerHandler { session.process().exec(params).await } + pub(crate) fn environment_info(&self) -> Result { + self.require_initialized_for("environment info")?; + Ok(EnvironmentInfo::local()) + } + pub(crate) async fn exec_read( &self, params: ReadParams, @@ -165,6 +169,14 @@ impl ExecServerHandler { session.process().exec_write(params).await } + pub(crate) async fn signal( + &self, + params: SignalParams, + ) -> Result { + let session = self.require_initialized_for("exec")?; + session.process().signal(params).await + } + pub(crate) async fn terminate( &self, params: TerminateParams, @@ -254,22 +266,6 @@ impl ExecServerHandler { self.file_system.canonicalize(params).await } - pub(crate) async fn fs_join( - &self, - params: FsJoinParams, - ) -> Result { - self.require_initialized_for("filesystem")?; - self.file_system.join(params).await - } - - pub(crate) async fn fs_parent( - &self, - params: FsParentParams, - ) -> Result { - self.require_initialized_for("filesystem")?; - self.file_system.parent(params).await - } - pub(crate) async fn fs_read_directory( &self, params: FsReadDirectoryParams, diff --git a/codex-rs/exec-server/src/server/process_handler.rs b/codex-rs/exec-server/src/server/process_handler.rs index 38fbace1cd6..9fced9c166a 100644 --- a/codex-rs/exec-server/src/server/process_handler.rs +++ b/codex-rs/exec-server/src/server/process_handler.rs @@ -5,6 +5,8 @@ use crate::protocol::ExecParams; use crate::protocol::ExecResponse; use crate::protocol::ReadParams; use crate::protocol::ReadResponse; +use crate::protocol::SignalParams; +use crate::protocol::SignalResponse; use crate::protocol::TerminateParams; use crate::protocol::TerminateResponse; use crate::protocol::WriteParams; @@ -49,6 +51,13 @@ impl ProcessHandler { self.process.exec_write(params).await } + pub(crate) async fn signal( + &self, + params: SignalParams, + ) -> Result { + self.process.signal_process(params).await + } + pub(crate) async fn terminate( &self, params: TerminateParams, diff --git a/codex-rs/exec-server/src/server/registry.rs b/codex-rs/exec-server/src/server/registry.rs index 74adf905805..4ba7ce86519 100644 --- a/codex-rs/exec-server/src/server/registry.rs +++ b/codex-rs/exec-server/src/server/registry.rs @@ -1,7 +1,9 @@ use std::sync::Arc; +use crate::protocol::ENVIRONMENT_INFO_METHOD; use crate::protocol::EXEC_METHOD; use crate::protocol::EXEC_READ_METHOD; +use crate::protocol::EXEC_SIGNAL_METHOD; use crate::protocol::EXEC_TERMINATE_METHOD; use crate::protocol::EXEC_WRITE_METHOD; use crate::protocol::ExecParams; @@ -9,8 +11,6 @@ use crate::protocol::FS_CANONICALIZE_METHOD; use crate::protocol::FS_COPY_METHOD; use crate::protocol::FS_CREATE_DIRECTORY_METHOD; use crate::protocol::FS_GET_METADATA_METHOD; -use crate::protocol::FS_JOIN_METHOD; -use crate::protocol::FS_PARENT_METHOD; use crate::protocol::FS_READ_DIRECTORY_METHOD; use crate::protocol::FS_READ_FILE_METHOD; use crate::protocol::FS_REMOVE_METHOD; @@ -19,8 +19,6 @@ use crate::protocol::FsCanonicalizeParams; use crate::protocol::FsCopyParams; use crate::protocol::FsCreateDirectoryParams; use crate::protocol::FsGetMetadataParams; -use crate::protocol::FsJoinParams; -use crate::protocol::FsParentParams; use crate::protocol::FsReadDirectoryParams; use crate::protocol::FsReadFileParams; use crate::protocol::FsRemoveParams; @@ -31,6 +29,7 @@ use crate::protocol::INITIALIZE_METHOD; use crate::protocol::INITIALIZED_METHOD; use crate::protocol::InitializeParams; use crate::protocol::ReadParams; +use crate::protocol::SignalParams; use crate::protocol::TerminateParams; use crate::protocol::WriteParams; use crate::rpc::RpcRouter; @@ -60,6 +59,10 @@ pub(crate) fn build_router() -> RpcRouter { EXEC_METHOD, |handler: Arc, params: ExecParams| async move { handler.exec(params).await }, ); + router.request( + ENVIRONMENT_INFO_METHOD, + |handler: Arc, _params: ()| async move { handler.environment_info() }, + ); router.request( EXEC_READ_METHOD, |handler: Arc, params: ReadParams| async move { @@ -72,6 +75,12 @@ pub(crate) fn build_router() -> RpcRouter { handler.exec_write(params).await }, ); + router.request( + EXEC_SIGNAL_METHOD, + |handler: Arc, params: SignalParams| async move { + handler.signal(params).await + }, + ); router.request( EXEC_TERMINATE_METHOD, |handler: Arc, params: TerminateParams| async move { @@ -108,18 +117,6 @@ pub(crate) fn build_router() -> RpcRouter { handler.fs_canonicalize(params).await }, ); - router.request( - FS_JOIN_METHOD, - |handler: Arc, params: FsJoinParams| async move { - handler.fs_join(params).await - }, - ); - router.request( - FS_PARENT_METHOD, - |handler: Arc, params: FsParentParams| async move { - handler.fs_parent(params).await - }, - ); router.request( FS_READ_DIRECTORY_METHOD, |handler: Arc, params: FsReadDirectoryParams| async move { diff --git a/codex-rs/exec-server/tests/exec_process.rs b/codex-rs/exec-server/tests/exec_process.rs index e1f330fc4ed..af8e722c666 100644 --- a/codex-rs/exec-server/tests/exec_process.rs +++ b/codex-rs/exec-server/tests/exec_process.rs @@ -1,5 +1,3 @@ -#![cfg(unix)] - mod common; use std::sync::Arc; @@ -13,6 +11,7 @@ use codex_exec_server::ExecParams; use codex_exec_server::ExecProcess; use codex_exec_server::ExecProcessEvent; use codex_exec_server::ProcessId; +use codex_exec_server::ProcessSignal; use codex_exec_server::ReadResponse; use codex_exec_server::StartedExecProcess; use codex_exec_server::WriteStatus; @@ -505,6 +504,98 @@ async fn assert_exec_process_rejects_write_without_pipe_stdin(use_remote: bool) Ok(()) } +async fn assert_exec_process_signal_interrupts_process(use_remote: bool) -> Result<()> { + let context = create_process_context(use_remote).await?; + let process_id = "proc-signal".to_string(); + let session = context + .backend + .start(ExecParams { + process_id: process_id.clone().into(), + argv: vec![ + "/bin/sh".to_string(), + "-c".to_string(), + "trap 'printf \"signal:2\\n\"; exit 7' INT; printf 'ready\\n'; while :; do :; done".to_string(), + ], + cwd: std::env::current_dir()?, + env_policy: /*env_policy*/ None, + env: Default::default(), + tty: false, + pipe_stdin: false, + arg0: None, + }) + .await?; + assert_eq!(session.process.process_id().as_str(), process_id); + + let StartedExecProcess { process } = session; + let mut wake_rx = process.subscribe_wake(); + let mut ready_output = String::new(); + let mut after_seq = None; + loop { + let response = + read_process_until_change(Arc::clone(&process), &mut wake_rx, after_seq).await?; + for chunk in response.chunks { + ready_output.push_str(&String::from_utf8_lossy(&chunk.chunk.into_inner())); + after_seq = Some(chunk.seq); + } + if ready_output.contains("ready\n") { + break; + } + if response.closed { + anyhow::bail!("process closed before readiness marker: {ready_output:?}"); + } + after_seq = response.next_seq.checked_sub(1).or(after_seq); + } + + process.signal(ProcessSignal::Interrupt).await?; + let (output, exit_code, closed) = collect_process_output_from_reads(process, wake_rx).await?; + + assert!( + output.contains("signal:2"), + "expected signal handler output, got {output:?}" + ); + assert_eq!(exit_code, Some(7)); + assert!(closed); + Ok(()) +} + +async fn assert_exec_process_signal_reports_unsupported_on_windows(use_remote: bool) -> Result<()> { + let context = create_process_context(use_remote).await?; + let session = context + .backend + .start(ExecParams { + process_id: ProcessId::from("proc-windows-signal"), + argv: vec![ + "cmd".to_string(), + "/C".to_string(), + "echo ready && ping -n 30 127.0.0.1 >NUL".to_string(), + ], + cwd: std::env::current_dir()?, + env_policy: /*env_policy*/ None, + env: Default::default(), + tty: false, + pipe_stdin: false, + arg0: None, + }) + .await?; + + let err = match session.process.signal(ProcessSignal::Interrupt).await { + Ok(()) => anyhow::bail!("Windows non-TTY signal should report unsupported"), + Err(err) => err, + }; + let message = err.to_string(); + assert!( + message.contains("failed to signal process"), + "unexpected signal error: {message}" + ); + assert!( + message.contains("process interrupt is not supported by this process backend"), + "unexpected signal error: {message}" + ); + + session.process.terminate().await?; + Ok(()) +} + async fn assert_exec_process_preserves_queued_events_before_subscribe( use_remote: bool, ) -> Result<()> { @@ -539,6 +630,7 @@ async fn assert_exec_process_preserves_queued_events_before_subscribe( } #[tokio::test(flavor = "multi_thread", worker_threads = 2)] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] async fn remote_exec_process_reports_transport_disconnect() -> Result<()> { @@ -630,6 +722,7 @@ async fn remote_exec_process_reports_transport_disconnect() -> Result<()> { #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -639,6 +732,7 @@ async fn exec_process_starts_and_exits(use_remote: bool) -> Result<()> { #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -648,6 +742,7 @@ async fn exec_process_streams_output(use_remote: bool) -> Result<()> { #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -657,6 +752,7 @@ async fn exec_process_pushes_events(use_remote: bool) -> Result<()> { #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -666,6 +762,7 @@ async fn exec_process_replays_events_after_close(use_remote: bool) -> Result<()> #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -677,6 +774,7 @@ async fn exec_process_retains_output_after_exit_until_streams_close( #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -686,6 +784,7 @@ async fn exec_process_write_then_read(use_remote: bool) -> Result<()> { #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -695,6 +794,7 @@ async fn exec_process_write_then_read_without_tty(use_remote: bool) -> Result<() #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] @@ -704,6 +804,27 @@ async fn exec_process_rejects_write_without_pipe_stdin(use_remote: bool) -> Resu #[test_case(false ; "local")] #[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +// Serialize tests that launch a real exec-server process through the full CLI. +#[serial_test::serial(remote_exec_server)] +async fn exec_process_signal_interrupts_process(use_remote: bool) -> Result<()> { + assert_exec_process_signal_interrupts_process(use_remote).await +} + +#[test_case(false ; "local")] +#[test_case(true ; "remote")] +#[cfg_attr(not(windows), ignore = "Windows-only exec-server process test")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +// Serialize tests that launch a real exec-server process through the full CLI. +#[serial_test::serial(remote_exec_server)] +async fn exec_process_signal_reports_unsupported_on_windows(use_remote: bool) -> Result<()> { + assert_exec_process_signal_reports_unsupported_on_windows(use_remote).await +} + +#[test_case(false ; "local")] +#[test_case(true ; "remote")] +#[cfg_attr(not(unix), ignore = "Unix-only exec-server process test")] #[tokio::test(flavor = "multi_thread", worker_threads = 2)] // Serialize tests that launch a real exec-server process through the full CLI. #[serial_test::serial(remote_exec_server)] diff --git a/codex-rs/exec-server/tests/file_system.rs b/codex-rs/exec-server/tests/file_system.rs deleted file mode 100644 index b8d1c218943..00000000000 --- a/codex-rs/exec-server/tests/file_system.rs +++ /dev/null @@ -1,1247 +0,0 @@ -#![cfg(unix)] - -mod common; - -use std::os::unix::fs::MetadataExt; -#[cfg(target_os = "linux")] -use std::os::unix::fs::PermissionsExt; -use std::os::unix::fs::symlink; -use std::path::Path; -use std::path::PathBuf; -use std::process::Command; -use std::sync::Arc; - -use anyhow::Context; -use anyhow::Result; -use codex_exec_server::CopyOptions; -use codex_exec_server::CreateDirectoryOptions; -use codex_exec_server::Environment; -use codex_exec_server::ExecServerRuntimePaths; -use codex_exec_server::ExecutorFileSystem; -use codex_exec_server::FileSystemSandboxContext; -use codex_exec_server::LocalFileSystem; -use codex_exec_server::ReadDirectoryEntry; -use codex_exec_server::RemoveOptions; -use codex_protocol::models::AdditionalPermissionProfile; -use codex_protocol::models::FileSystemPermissions; -use codex_protocol::models::PermissionProfile; -use codex_protocol::permissions::FileSystemAccessMode; -use codex_protocol::permissions::FileSystemPath; -use codex_protocol::permissions::FileSystemSandboxEntry; -use codex_protocol::permissions::FileSystemSandboxPolicy; -use codex_protocol::permissions::NetworkSandboxPolicy; -use codex_sandboxing::policy_transforms::effective_file_system_sandbox_policy; -use codex_sandboxing::policy_transforms::effective_network_sandbox_policy; -use codex_utils_absolute_path::AbsolutePathBuf; -use pretty_assertions::assert_eq; -use tempfile::TempDir; -use test_case::test_case; - -use common::exec_server::ExecServerHarness; -use common::exec_server::TestCodexHelperPaths; -use common::exec_server::exec_server; -#[cfg(target_os = "linux")] -use common::exec_server::exec_server_with_env; -use common::exec_server::test_codex_helper_paths; - -struct FileSystemContext { - file_system: Arc, - _helper_paths: Option, - _server: Option, -} - -async fn create_file_system_context(use_remote: bool) -> Result { - if use_remote { - let server = exec_server().await?; - let environment = Environment::create_for_tests(Some(server.websocket_url().to_string()))?; - Ok(FileSystemContext { - file_system: environment.get_filesystem(), - _helper_paths: None, - _server: Some(server), - }) - } else { - let helper_paths = test_codex_helper_paths()?; - let runtime_paths = ExecServerRuntimePaths::new( - helper_paths.codex_exe.clone(), - helper_paths.codex_linux_sandbox_exe.clone(), - )?; - Ok(FileSystemContext { - file_system: Arc::new(LocalFileSystem::with_runtime_paths(runtime_paths)), - _helper_paths: Some(helper_paths), - _server: None, - }) - } -} - -fn absolute_path(path: std::path::PathBuf) -> AbsolutePathBuf { - assert!( - path.is_absolute(), - "path must be absolute: {}", - path.display() - ); - match AbsolutePathBuf::try_from(path) { - Ok(path) => path, - Err(err) => panic!("path should be absolute: {err}"), - } -} - -fn read_only_sandbox(readable_root: std::path::PathBuf) -> FileSystemSandboxContext { - let readable_root = absolute_path(readable_root); - sandbox_context(vec![FileSystemSandboxEntry { - path: FileSystemPath::Path { - path: readable_root, - }, - access: FileSystemAccessMode::Read, - }]) -} - -fn workspace_write_sandbox(writable_root: std::path::PathBuf) -> FileSystemSandboxContext { - let writable_root = absolute_path(writable_root); - sandbox_context(vec![FileSystemSandboxEntry { - path: FileSystemPath::Path { - path: writable_root, - }, - access: FileSystemAccessMode::Write, - }]) -} - -fn sandbox_context(entries: Vec) -> FileSystemSandboxContext { - FileSystemSandboxContext::from_permission_profile(PermissionProfile::from_runtime_permissions( - &FileSystemSandboxPolicy::restricted(entries), - NetworkSandboxPolicy::Restricted, - )) -} - -#[test] -fn sandbox_context_from_profile_preserves_workspace_write_read_only_subpaths() -> Result<()> { - let tmp = TempDir::new()?; - let writable_dir = tmp.path().join("writable"); - let git_dir = writable_dir.join(".git"); - std::fs::create_dir_all(&git_dir)?; - - let sandbox = workspace_write_sandbox(writable_dir.clone()); - let policy = sandbox.permissions.file_system_sandbox_policy(); - let cwd = absolute_path(writable_dir.clone()); - let writable_roots = policy.get_writable_roots_with_cwd(cwd.as_path()); - let writable_dir = absolute_path(std::fs::canonicalize(writable_dir)?); - let git_dir = absolute_path(std::fs::canonicalize(git_dir)?); - let Some(writable_root) = writable_roots - .iter() - .find(|writable_root| writable_root.root == writable_dir) - else { - panic!("writable root should be preserved"); - }; - - assert!(writable_root.read_only_subpaths.contains(&git_dir)); - - Ok(()) -} - -fn assert_sandbox_denied(error: &std::io::Error) { - match error.kind() { - std::io::ErrorKind::InvalidInput | std::io::ErrorKind::PermissionDenied => { - let message = error.to_string(); - assert!( - message.contains("is not permitted") - || message.contains("Operation not permitted") - || message.contains("Permission denied"), - "unexpected sandbox error message: {message}", - ); - } - std::io::ErrorKind::NotFound => assert!( - error.to_string().contains("No such file or directory"), - "unexpected sandbox not-found message: {error}", - ), - std::io::ErrorKind::Other => assert!( - error.to_string().contains("Read-only file system"), - "unexpected sandbox other error message: {error}", - ), - other => panic!("unexpected sandbox error kind: {other:?}: {error:?}"), - } -} - -fn assert_normalized_path_rejected(error: &std::io::Error) { - match error.kind() { - std::io::ErrorKind::NotFound => assert!( - error.to_string().contains("No such file or directory"), - "unexpected not-found message: {error}", - ), - std::io::ErrorKind::InvalidInput | std::io::ErrorKind::PermissionDenied => { - let message = error.to_string(); - assert!( - message.contains("is not permitted") - || message.contains("Operation not permitted") - || message.contains("Permission denied"), - "unexpected rejection message: {message}", - ); - } - other => panic!("unexpected normalized-path error kind: {other:?}: {error:?}"), - } -} - -fn alias_root_candidate() -> Result> { - for root in [Path::new("/tmp").to_path_buf(), std::env::temp_dir()] { - if root.is_dir() && root.canonicalize().is_ok_and(|canonical| canonical != root) { - return Ok(Some(root)); - } - } - Ok(None) -} - -#[cfg(target_os = "linux")] -fn write_fake_bwrap(bin_dir: &Path) -> Result { - std::fs::create_dir_all(bin_dir)?; - let fake_bwrap = bin_dir.join("bwrap"); - std::fs::write( - &fake_bwrap, - r#"#!/bin/bash -set -euo pipefail - -for arg in "$@"; do - if [[ "${arg}" == "--help" ]]; then - echo "Usage: bwrap --argv0 --perms" - exit 0 - fi -done - -printf '%s\n' "$*" >> "${0}.log" - -args=("$@") -argv0="" -command_start=-1 -for i in "${!args[@]}"; do - if [[ "${args[$i]}" == "--argv0" && $((i + 1)) -lt ${#args[@]} ]]; then - argv0="${args[$((i + 1))]}" - fi - if [[ "${args[$i]}" == "--" ]]; then - command_start=$((i + 1)) - break - fi -done - -if [[ "${command_start}" -lt 0 || "${command_start}" -ge "${#args[@]}" ]]; then - echo "fake bwrap did not find an inner command" >&2 - exit 125 -fi - -cmd=("${args[@]:$command_start}") -if [[ -n "${argv0}" ]]; then - exec -a "${argv0}" "${cmd[@]}" -fi -exec "${cmd[@]}" -"#, - )?; - let mut permissions = std::fs::metadata(&fake_bwrap)?.permissions(); - permissions.set_mode(0o755); - std::fs::set_permissions(&fake_bwrap, permissions)?; - Ok(fake_bwrap) -} - -#[cfg(target_os = "linux")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn sandboxed_file_system_helper_finds_bwrap_on_preserved_path() -> Result<()> { - let tmp = TempDir::new()?; - let fake_bin_dir = tmp.path().join("bin"); - let fake_bwrap = write_fake_bwrap(&fake_bin_dir)?; - let mut path_entries = vec![fake_bin_dir]; - if let Some(path) = std::env::var_os("PATH") { - path_entries.extend(std::env::split_paths(&path)); - } - let helper_path = std::env::join_paths(path_entries)?; - - let server = exec_server_with_env([("PATH", helper_path.as_os_str())]).await?; - let environment = Environment::create_for_tests(Some(server.websocket_url().to_string()))?; - let file_system = environment.get_filesystem(); - let workspace = tmp.path().join("workspace"); - std::fs::create_dir_all(&workspace)?; - let file_path = workspace.join("created.txt"); - let sandbox = workspace_write_sandbox(workspace); - - file_system - .write_file( - &absolute_path(file_path.clone()), - b"written through fs helper".to_vec(), - Some(&sandbox), - ) - .await?; - - assert_eq!(std::fs::read(&file_path)?, b"written through fs helper"); - - let bwrap_log = fake_bwrap.with_file_name("bwrap.log"); - let log = std::fs::read_to_string(&bwrap_log) - .with_context(|| format!("expected fake bwrap log at {}", bwrap_log.display()))?; - assert!( - log.contains("--argv0"), - "expected fs helper sandbox path to invoke PATH bwrap with --argv0, got: {log}" - ); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_get_metadata_returns_expected_fields(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let file_path = tmp.path().join("note.txt"); - std::fs::write(&file_path, "hello")?; - - let metadata = file_system - .get_metadata(&absolute_path(file_path.clone()), /*sandbox*/ None) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(metadata.is_directory, false); - assert_eq!(metadata.is_file, true); - assert_eq!(metadata.is_symlink, false); - assert!(metadata.modified_at_ms > 0); - - let symlink_path = tmp.path().join("note-link.txt"); - symlink(&file_path, &symlink_path)?; - let symlink_metadata = file_system - .get_metadata(&absolute_path(symlink_path.clone()), /*sandbox*/ None) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(symlink_metadata.is_directory, false); - assert_eq!(symlink_metadata.is_file, true); - assert_eq!(symlink_metadata.is_symlink, true); - assert!(symlink_metadata.modified_at_ms > 0); - - let dir_path = tmp.path().join("notes"); - std::fs::create_dir(&dir_path)?; - let dir_symlink_path = tmp.path().join("notes-link"); - symlink(&dir_path, &dir_symlink_path)?; - let dir_symlink_metadata = file_system - .get_metadata(&absolute_path(dir_symlink_path), /*sandbox*/ None) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(dir_symlink_metadata.is_directory, true); - assert_eq!(dir_symlink_metadata.is_file, false); - assert_eq!(dir_symlink_metadata.is_symlink, true); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_methods_cover_surface_area(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let source_dir = tmp.path().join("source"); - let nested_dir = source_dir.join("nested"); - let source_file = source_dir.join("root.txt"); - let nested_file = nested_dir.join("note.txt"); - let copied_dir = tmp.path().join("copied"); - let copied_file = tmp.path().join("copy.txt"); - - file_system - .create_directory( - &absolute_path(nested_dir.clone()), - CreateDirectoryOptions { recursive: true }, - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - file_system - .write_file( - &absolute_path(nested_file.clone()), - b"hello from trait".to_vec(), - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - file_system - .write_file( - &absolute_path(source_file.clone()), - b"hello from source root".to_vec(), - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - let source_link = tmp.path().join("source-link"); - symlink(&source_dir, &source_link)?; - let joined_nested = file_system - .join( - &absolute_path(source_link.clone()), - Path::new("nested/note.txt"), - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!( - joined_nested, - absolute_path(source_link.join("nested").join("note.txt")) - ); - let joined_parent = file_system - .parent(&joined_nested) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!( - joined_parent, - Some(absolute_path(source_link.join("nested"))) - ); - let joined_parent_traversal = file_system - .join(&absolute_path(source_dir.clone()), Path::new("../outside")) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!( - joined_parent_traversal, - absolute_path(source_dir.join("../outside")) - ); - let canonical_nested = file_system - .canonicalize( - &absolute_path(source_link.join("nested").join("note.txt")), - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!( - canonical_nested, - absolute_path(std::fs::canonicalize( - source_dir.join("nested").join("note.txt") - )?) - ); - - let nested_file_contents = file_system - .read_file(&absolute_path(nested_file.clone()), /*sandbox*/ None) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(nested_file_contents, b"hello from trait"); - - let nested_file_text = file_system - .read_file_text(&absolute_path(nested_file.clone()), /*sandbox*/ None) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(nested_file_text, "hello from trait"); - - file_system - .copy( - &absolute_path(nested_file), - &absolute_path(copied_file.clone()), - CopyOptions { recursive: false }, - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(std::fs::read_to_string(copied_file)?, "hello from trait"); - - file_system - .copy( - &absolute_path(source_dir.clone()), - &absolute_path(copied_dir.clone()), - CopyOptions { recursive: true }, - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!( - std::fs::read_to_string(copied_dir.join("nested").join("note.txt"))?, - "hello from trait" - ); - - symlink( - source_dir.join("missing-target"), - source_dir.join("broken-link"), - )?; - - let mut entries = file_system - .read_directory(&absolute_path(source_dir), /*sandbox*/ None) - .await - .with_context(|| format!("mode={use_remote}"))?; - entries.sort_by(|left, right| left.file_name.cmp(&right.file_name)); - assert_eq!( - entries, - vec![ - ReadDirectoryEntry { - file_name: "nested".to_string(), - is_directory: true, - is_file: false, - }, - ReadDirectoryEntry { - file_name: "root.txt".to_string(), - is_directory: false, - is_file: true, - }, - ] - ); - - file_system - .remove( - &absolute_path(copied_dir.clone()), - RemoveOptions { - recursive: true, - force: true, - }, - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert!(!copied_dir.exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_write_file_reports_missing_parent(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let missing_parent_path = tmp.path().join("missing").join("note.txt"); - - let error = match file_system - .write_file( - &absolute_path(missing_parent_path.clone()), - b"hello from trait".to_vec(), - /*sandbox*/ None, - ) - .await - { - Ok(()) => anyhow::bail!("write should fail when parent directory is absent"), - Err(error) => error, - }; - assert_eq!( - error.kind(), - std::io::ErrorKind::NotFound, - "mode={use_remote}" - ); - assert!(!missing_parent_path.exists(), "mode={use_remote}"); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_rejects_directory_without_recursive(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let source_dir = tmp.path().join("source"); - std::fs::create_dir_all(&source_dir)?; - - let error = file_system - .copy( - &absolute_path(source_dir), - &absolute_path(tmp.path().join("dest")), - CopyOptions { recursive: false }, - /*sandbox*/ None, - ) - .await; - let error = match error { - Ok(()) => panic!("copy should fail"), - Err(error) => error, - }; - assert_eq!(error.kind(), std::io::ErrorKind::InvalidInput); - assert_eq!( - error.to_string(), - "fs/copy requires recursive: true when sourcePath is a directory" - ); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_read_allows_readable_root(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let file_path = allowed_dir.join("note.txt"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::write(&file_path, "sandboxed hello")?; - let sandbox = read_only_sandbox(allowed_dir); - - let contents = file_system - .read_file(&absolute_path(file_path), Some(&sandbox)) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!(contents, b"sandboxed hello"); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_canonicalize_allows_readable_root(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let file_path = allowed_dir.join("note.txt"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::write(&file_path, "sandboxed hello")?; - let sandbox = read_only_sandbox(allowed_dir); - - let canonical_path = file_system - .canonicalize(&absolute_path(file_path.clone()), Some(&sandbox)) - .await - .with_context(|| format!("mode={use_remote}"))?; - assert_eq!( - canonical_path, - absolute_path(std::fs::canonicalize(file_path)?) - ); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_write_rejects_unwritable_path(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let blocked_path = tmp.path().join("blocked.txt"); - - let sandbox = read_only_sandbox(tmp.path().to_path_buf()); - let error = match file_system - .write_file( - &absolute_path(blocked_path.clone()), - b"nope".to_vec(), - Some(&sandbox), - ) - .await - { - Ok(()) => anyhow::bail!("write should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - assert!(!blocked_path.exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_write_allows_explicit_alias_roots(use_remote: bool) -> Result<()> { - let Some(alias_root) = alias_root_candidate()? else { - return Ok(()); - }; - - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = tempfile::Builder::new() - .prefix("codex-fs-sandbox-alias-") - .tempdir_in(&alias_root)?; - let file_path = tmp.path().join("note.txt"); - let sandbox = workspace_write_sandbox(alias_root.clone()); - - file_system - .write_file( - &absolute_path(file_path.clone()), - b"created".to_vec(), - Some(&sandbox), - ) - .await - .with_context(|| format!("write file through alias root mode={use_remote}"))?; - assert_eq!(std::fs::read(&file_path)?, b"created"); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_write_allows_additional_write_root(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let readable_dir = tmp.path().join("readable"); - let writable_dir = tmp.path().join("writable"); - let file_path = writable_dir.join("note.txt"); - std::fs::create_dir_all(&readable_dir)?; - std::fs::create_dir_all(&writable_dir)?; - - let mut sandbox = read_only_sandbox(readable_dir); - let additional_permissions = AdditionalPermissionProfile { - network: None, - file_system: Some(FileSystemPermissions::from_read_write_roots( - /*read*/ None, - Some(vec![absolute_path(writable_dir)]), - )), - }; - let file_system_policy = effective_file_system_sandbox_policy( - &sandbox.permissions.file_system_sandbox_policy(), - Some(&additional_permissions), - ); - let network_policy = effective_network_sandbox_policy( - sandbox.permissions.network_sandbox_policy(), - Some(&additional_permissions), - ); - sandbox.permissions = PermissionProfile::from_runtime_permissions_with_enforcement( - sandbox.permissions.enforcement(), - &file_system_policy, - network_policy, - ); - - file_system - .write_file( - &absolute_path(file_path.clone()), - b"created".to_vec(), - Some(&sandbox), - ) - .await - .with_context(|| format!("write file through additional root mode={use_remote}"))?; - assert_eq!(std::fs::read(&file_path)?, b"created"); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_read_rejects_symlink_escape(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(outside_dir.join("secret.txt"), "nope")?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_path = allowed_dir.join("link").join("secret.txt"); - let sandbox = read_only_sandbox(allowed_dir); - let error = match file_system - .read_file(&absolute_path(requested_path.clone()), Some(&sandbox)) - .await - { - Ok(_) => anyhow::bail!("read should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_read_rejects_symlink_parent_dotdot_escape( - use_remote: bool, -) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - let secret_path = tmp.path().join("secret.txt"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(&secret_path, "nope")?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_path = absolute_path(allowed_dir.join("link").join("..").join("secret.txt")); - let sandbox = read_only_sandbox(allowed_dir); - let error = match file_system.read_file(&requested_path, Some(&sandbox)).await { - Ok(_) => anyhow::bail!("read should fail after path normalization"), - Err(error) => error, - }; - // AbsolutePathBuf normalizes `link/../secret.txt` to `allowed/secret.txt` - // before the request reaches the filesystem layer. Depending on whether - // the platform/runtime resolves that normalized path through a top-level - // symlink alias, the request can surface as either "missing file" or an - // upfront sandbox rejection. - assert_normalized_path_rejected(&error); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_write_rejects_symlink_escape(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_path = allowed_dir.join("link").join("blocked.txt"); - let sandbox = workspace_write_sandbox(allowed_dir); - let error = match file_system - .write_file( - &absolute_path(requested_path.clone()), - b"nope".to_vec(), - Some(&sandbox), - ) - .await - { - Ok(()) => anyhow::bail!("write should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - assert!(!outside_dir.join("blocked.txt").exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_sandboxed_write_preserves_existing_hard_link(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - - let outside_file = outside_dir.join("outside.txt"); - let hard_link = allowed_dir.join("hard-link.txt"); - std::fs::write(&outside_file, "outside\n")?; - std::fs::hard_link(&outside_file, &hard_link)?; - - let sandbox = workspace_write_sandbox(allowed_dir); - file_system - .write_file( - &absolute_path(hard_link.clone()), - b"updated through existing hard link\n".to_vec(), - Some(&sandbox), - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - assert_eq!( - std::fs::read_to_string(&outside_file)?, - "updated through existing hard link\n" - ); - assert_eq!( - std::fs::read_to_string(&hard_link)?, - "updated through existing hard link\n" - ); - - let outside_metadata = std::fs::metadata(&outside_file)?; - let link_metadata = std::fs::metadata(&hard_link)?; - assert_eq!( - (link_metadata.dev(), link_metadata.ino()), - (outside_metadata.dev(), outside_metadata.ino()) - ); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_create_directory_rejects_symlink_escape(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_path = allowed_dir.join("link").join("created"); - let sandbox = workspace_write_sandbox(allowed_dir); - let error = match file_system - .create_directory( - &absolute_path(requested_path.clone()), - CreateDirectoryOptions { recursive: false }, - Some(&sandbox), - ) - .await - { - Ok(()) => anyhow::bail!("create_directory should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - assert!(!outside_dir.join("created").exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_read_directory_rejects_symlink_escape(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(outside_dir.join("secret.txt"), "nope")?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_path = allowed_dir.join("link"); - let sandbox = read_only_sandbox(allowed_dir); - let error = match file_system - .read_directory(&absolute_path(requested_path.clone()), Some(&sandbox)) - .await - { - Ok(_) => anyhow::bail!("read_directory should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_rejects_symlink_escape_destination(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(allowed_dir.join("source.txt"), "hello")?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_destination = allowed_dir.join("link").join("copied.txt"); - let sandbox = workspace_write_sandbox(allowed_dir.clone()); - let error = match file_system - .copy( - &absolute_path(allowed_dir.join("source.txt")), - &absolute_path(requested_destination.clone()), - CopyOptions { recursive: false }, - Some(&sandbox), - ) - .await - { - Ok(()) => anyhow::bail!("copy should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - assert!(!outside_dir.join("copied.txt").exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_remove_removes_symlink_not_target(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - let outside_file = outside_dir.join("keep.txt"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(&outside_file, "outside")?; - let symlink_path = allowed_dir.join("link"); - symlink(&outside_file, &symlink_path)?; - - let sandbox = workspace_write_sandbox(allowed_dir); - file_system - .remove( - &absolute_path(symlink_path.clone()), - RemoveOptions { - recursive: false, - force: false, - }, - Some(&sandbox), - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - assert!(!symlink_path.exists()); - assert!(outside_file.exists()); - assert_eq!(std::fs::read_to_string(outside_file)?, "outside"); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_preserves_symlink_source(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - let outside_file = outside_dir.join("outside.txt"); - let source_symlink = allowed_dir.join("link"); - let copied_symlink = allowed_dir.join("copied-link"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(&outside_file, "outside")?; - symlink(&outside_file, &source_symlink)?; - - let sandbox = workspace_write_sandbox(allowed_dir.clone()); - file_system - .copy( - &absolute_path(source_symlink), - &absolute_path(copied_symlink.clone()), - CopyOptions { recursive: false }, - Some(&sandbox), - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - let copied_metadata = std::fs::symlink_metadata(&copied_symlink)?; - assert!(copied_metadata.file_type().is_symlink()); - assert_eq!(std::fs::read_link(copied_symlink)?, outside_file); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_remove_rejects_symlink_escape(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - let outside_file = outside_dir.join("secret.txt"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(&outside_file, "outside")?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_path = allowed_dir.join("link").join("secret.txt"); - let sandbox = workspace_write_sandbox(allowed_dir); - let error = match file_system - .remove( - &absolute_path(requested_path.clone()), - RemoveOptions { - recursive: false, - force: false, - }, - Some(&sandbox), - ) - .await - { - Ok(()) => anyhow::bail!("remove should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - assert_eq!(std::fs::read_to_string(outside_file)?, "outside"); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_rejects_symlink_escape_source(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let allowed_dir = tmp.path().join("allowed"); - let outside_dir = tmp.path().join("outside"); - let outside_file = outside_dir.join("secret.txt"); - let requested_destination = allowed_dir.join("copied.txt"); - std::fs::create_dir_all(&allowed_dir)?; - std::fs::create_dir_all(&outside_dir)?; - std::fs::write(&outside_file, "outside")?; - symlink(&outside_dir, allowed_dir.join("link"))?; - - let requested_source = allowed_dir.join("link").join("secret.txt"); - let sandbox = workspace_write_sandbox(allowed_dir); - let error = match file_system - .copy( - &absolute_path(requested_source.clone()), - &absolute_path(requested_destination.clone()), - CopyOptions { recursive: false }, - Some(&sandbox), - ) - .await - { - Ok(()) => anyhow::bail!("copy should be blocked"), - Err(error) => error, - }; - assert_sandbox_denied(&error); - assert!(!requested_destination.exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_rejects_copying_directory_into_descendant( - use_remote: bool, -) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let source_dir = tmp.path().join("source"); - std::fs::create_dir_all(source_dir.join("nested"))?; - - let error = file_system - .copy( - &absolute_path(source_dir.clone()), - &absolute_path(source_dir.join("nested").join("copy")), - CopyOptions { recursive: true }, - /*sandbox*/ None, - ) - .await; - let error = match error { - Ok(()) => panic!("copy should fail"), - Err(error) => error, - }; - assert_eq!(error.kind(), std::io::ErrorKind::InvalidInput); - assert_eq!( - error.to_string(), - "fs/copy cannot copy a directory to itself or one of its descendants" - ); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_preserves_symlinks_in_recursive_copy(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let source_dir = tmp.path().join("source"); - let nested_dir = source_dir.join("nested"); - let copied_dir = tmp.path().join("copied"); - std::fs::create_dir_all(&nested_dir)?; - symlink("nested", source_dir.join("nested-link"))?; - - file_system - .copy( - &absolute_path(source_dir), - &absolute_path(copied_dir.clone()), - CopyOptions { recursive: true }, - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - let copied_link = copied_dir.join("nested-link"); - let metadata = std::fs::symlink_metadata(&copied_link)?; - assert!(metadata.file_type().is_symlink()); - assert_eq!( - std::fs::read_link(copied_link)?, - std::path::PathBuf::from("nested") - ); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_ignores_unknown_special_files_in_recursive_copy( - use_remote: bool, -) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let source_dir = tmp.path().join("source"); - let copied_dir = tmp.path().join("copied"); - std::fs::create_dir_all(&source_dir)?; - std::fs::write(source_dir.join("note.txt"), "hello")?; - - let fifo_path = source_dir.join("named-pipe"); - let output = Command::new("mkfifo").arg(&fifo_path).output()?; - if !output.status.success() { - anyhow::bail!( - "mkfifo failed: stdout={} stderr={}", - String::from_utf8_lossy(&output.stdout).trim(), - String::from_utf8_lossy(&output.stderr).trim() - ); - } - - file_system - .copy( - &absolute_path(source_dir), - &absolute_path(copied_dir.clone()), - CopyOptions { recursive: true }, - /*sandbox*/ None, - ) - .await - .with_context(|| format!("mode={use_remote}"))?; - - assert_eq!( - std::fs::read_to_string(copied_dir.join("note.txt"))?, - "hello" - ); - assert!(!copied_dir.join("named-pipe").exists()); - - Ok(()) -} - -#[test_case(false ; "local")] -#[test_case(true ; "remote")] -#[tokio::test(flavor = "multi_thread", worker_threads = 2)] -async fn file_system_copy_rejects_standalone_fifo_source(use_remote: bool) -> Result<()> { - let context = create_file_system_context(use_remote).await?; - let file_system = context.file_system; - - let tmp = TempDir::new()?; - let fifo_path = tmp.path().join("named-pipe"); - let output = Command::new("mkfifo").arg(&fifo_path).output()?; - if !output.status.success() { - anyhow::bail!( - "mkfifo failed: stdout={} stderr={}", - String::from_utf8_lossy(&output.stdout).trim(), - String::from_utf8_lossy(&output.stderr).trim() - ); - } - - let error = file_system - .copy( - &absolute_path(fifo_path), - &absolute_path(tmp.path().join("copied")), - CopyOptions { recursive: false }, - /*sandbox*/ None, - ) - .await; - let error = match error { - Ok(()) => panic!("copy should fail"), - Err(error) => error, - }; - assert_eq!(error.kind(), std::io::ErrorKind::InvalidInput); - assert_eq!( - error.to_string(), - "fs/copy only supports regular files, directories, and symlinks" - ); - - Ok(()) -} diff --git a/codex-rs/exec-server/tests/file_system/shared.rs b/codex-rs/exec-server/tests/file_system/shared.rs new file mode 100644 index 00000000000..0bef4aa2885 --- /dev/null +++ b/codex-rs/exec-server/tests/file_system/shared.rs @@ -0,0 +1,563 @@ +use anyhow::Context; +use anyhow::Result; +use codex_exec_server::CopyOptions; +use codex_exec_server::CreateDirectoryOptions; +use codex_exec_server::ReadDirectoryEntry; +use codex_exec_server::RemoveOptions; +use codex_protocol::models::AdditionalPermissionProfile; +use codex_protocol::models::FileSystemPermissions; +use codex_protocol::models::PermissionProfile; +use codex_sandboxing::policy_transforms::effective_file_system_sandbox_policy; +use codex_sandboxing::policy_transforms::effective_network_sandbox_policy; +use codex_utils_path_uri::PathUri; +use pretty_assertions::assert_eq; +use std::path::Path; +use tempfile::TempDir; +use test_case::test_case; + +use super::support::FileSystemImplementation; +use super::support::absolute_path; +use super::support::create_file_system_context; +use super::support::read_only_sandbox; +use super::support::workspace_write_sandbox; + +#[test] +fn sandbox_context_from_profile_preserves_workspace_write_read_only_subpaths() -> Result<()> { + let tmp = TempDir::new()?; + let writable_dir = tmp.path().join("writable"); + let git_dir = writable_dir.join(".git"); + std::fs::create_dir_all(&git_dir)?; + + let sandbox = workspace_write_sandbox(writable_dir.clone()); + let policy = sandbox.permissions.file_system_sandbox_policy(); + let cwd = absolute_path(writable_dir.clone()); + let writable_roots = policy.get_writable_roots_with_cwd(cwd.as_path()); + let writable_dir = absolute_path(std::fs::canonicalize(writable_dir)?); + let git_dir = absolute_path(std::fs::canonicalize(git_dir)?); + let Some(writable_root) = writable_roots + .iter() + .find(|writable_root| writable_root.root == writable_dir) + else { + panic!("writable root should be preserved"); + }; + + assert!(writable_root.read_only_subpaths.contains(&git_dir)); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_get_metadata_reports_files_and_directories( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let file_path = tmp.path().join("note.txt"); + let directory_path = tmp.path().join("notes"); + std::fs::write(&file_path, "hello")?; + std::fs::create_dir(&directory_path)?; + + let file_metadata = file_system + .get_metadata(&PathUri::from_path(&file_path)?, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(file_metadata.is_directory, false); + assert_eq!(file_metadata.is_file, true); + assert_eq!(file_metadata.is_symlink, false); + assert!(file_metadata.modified_at_ms > 0); + + let directory_metadata = file_system + .get_metadata(&PathUri::from_path(&directory_path)?, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(directory_metadata.is_directory, true); + assert_eq!(directory_metadata.is_file, false); + assert_eq!(directory_metadata.is_symlink, false); + assert!(directory_metadata.modified_at_ms > 0); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_create_directory_creates_nested_directories( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let nested_dir = tmp.path().join("source").join("nested"); + + file_system + .create_directory( + &PathUri::from_path(&nested_dir)?, + CreateDirectoryOptions { recursive: true }, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + assert!(nested_dir.is_dir()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_write_file_writes_bytes( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let file_path = tmp.path().join("note.txt"); + file_system + .write_file( + &PathUri::from_path(&file_path)?, + b"hello from trait".to_vec(), + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(std::fs::read(file_path)?, b"hello from trait"); + + Ok(()) +} + +#[test] +fn path_uri_join_and_parent_preserve_lexical_paths() -> Result<()> { + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + let source_dir_uri = PathUri::from_path(&source_dir)?; + let joined_nested = source_dir_uri.join("nested/note.txt")?; + assert_eq!( + joined_nested, + PathUri::from_path(source_dir.join("nested").join("note.txt"))? + ); + let joined_parent = joined_nested.parent(); + assert_eq!( + joined_parent, + Some(PathUri::from_path(source_dir.join("nested"))?) + ); + let joined_parent_traversal = source_dir_uri.join("../outside")?; + assert_eq!( + joined_parent_traversal, + PathUri::from_path(source_dir.join("../outside"))? + ); + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_read_file_returns_bytes( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let file_path = tmp.path().join("note.txt"); + std::fs::write(&file_path, "hello from trait")?; + + let contents = file_system + .read_file(&PathUri::from_path(&file_path)?, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(contents, b"hello from trait"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_read_file_text_returns_string( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let file_path = tmp.path().join("note.txt"); + std::fs::write(&file_path, "hello from trait")?; + + let contents = file_system + .read_file_text(&PathUri::from_path(&file_path)?, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(contents, "hello from trait"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_copies_file(implementation: FileSystemImplementation) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_file = tmp.path().join("source.txt"); + let copied_file = tmp.path().join("copy.txt"); + std::fs::write(&source_file, "hello from trait")?; + + file_system + .copy( + &PathUri::from_path(&source_file)?, + &PathUri::from_path(&copied_file)?, + CopyOptions { recursive: false }, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(std::fs::read_to_string(copied_file)?, "hello from trait"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_copies_directory_recursively( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + let nested_dir = source_dir.join("nested"); + let nested_file = nested_dir.join("note.txt"); + let copied_dir = tmp.path().join("copied"); + std::fs::create_dir_all(&nested_dir)?; + std::fs::write(&nested_file, "hello from trait")?; + + file_system + .copy( + &PathUri::from_path(&source_dir)?, + &PathUri::from_path(&copied_dir)?, + CopyOptions { recursive: true }, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!( + std::fs::read_to_string(copied_dir.join("nested").join("note.txt"))?, + "hello from trait" + ); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_read_directory_lists_entries( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + std::fs::create_dir_all(source_dir.join("nested"))?; + std::fs::write(source_dir.join("root.txt"), "hello")?; + + let mut entries = file_system + .read_directory(&PathUri::from_path(&source_dir)?, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + entries.sort_by(|left, right| left.file_name.cmp(&right.file_name)); + assert_eq!( + entries, + vec![ + ReadDirectoryEntry { + file_name: "nested".to_string(), + is_directory: true, + is_file: false, + }, + ReadDirectoryEntry { + file_name: "root.txt".to_string(), + is_directory: false, + is_file: true, + }, + ] + ); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_remove_removes_directory( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let directory_path = tmp.path().join("remove-me"); + std::fs::create_dir_all(directory_path.join("nested"))?; + + file_system + .remove( + &PathUri::from_path(&directory_path)?, + RemoveOptions { + recursive: true, + force: true, + }, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + assert!(!directory_path.exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_write_file_reports_missing_parent( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let missing_parent_path = tmp.path().join("missing").join("note.txt"); + + let error = match file_system + .write_file( + &PathUri::from_path(&missing_parent_path)?, + b"hello from trait".to_vec(), + /*sandbox*/ None, + ) + .await + { + Ok(()) => anyhow::bail!("write should fail when parent directory is absent"), + Err(error) => error, + }; + assert_eq!( + error.kind(), + std::io::ErrorKind::NotFound, + "mode={implementation}" + ); + assert!(!missing_parent_path.exists(), "mode={implementation}"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_rejects_directory_without_recursive( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + std::fs::create_dir_all(&source_dir)?; + + let error = file_system + .copy( + &PathUri::from_path(&source_dir)?, + &PathUri::from_path(tmp.path().join("dest"))?, + CopyOptions { recursive: false }, + /*sandbox*/ None, + ) + .await; + let error = match error { + Ok(()) => panic!("copy should fail"), + Err(error) => error, + }; + assert_eq!(error.kind(), std::io::ErrorKind::InvalidInput); + assert_eq!( + error.to_string(), + "fs/copy requires recursive: true when sourcePath is a directory" + ); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_read_allows_readable_root( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let file_path = allowed_dir.join("note.txt"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::write(&file_path, "sandboxed hello")?; + let sandbox = read_only_sandbox(allowed_dir); + + let contents = file_system + .read_file(&PathUri::from_path(&file_path)?, Some(&sandbox)) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(contents, b"sandboxed hello"); + + Ok(()) +} + +pub(crate) async fn assert_canonicalize_resolves_directory_alias( + implementation: FileSystemImplementation, + create_directory_alias: impl FnOnce(&Path, &Path) -> Result<()>, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + let nested_dir = source_dir.join("nested"); + let file_path = nested_dir.join("note.txt"); + let alias_dir = tmp.path().join("source-alias"); + std::fs::create_dir_all(&nested_dir)?; + std::fs::write(&file_path, "canonical hello")?; + create_directory_alias(&source_dir, &alias_dir)?; + + let requested_path = PathUri::from_path(alias_dir.join("nested").join("note.txt"))?; + let expected_path = PathUri::from_path(std::fs::canonicalize(&file_path)?)?; + assert_ne!(requested_path, expected_path); + + let canonical_path = file_system + .canonicalize(&requested_path, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(canonical_path, expected_path); + + Ok(()) +} + +pub(crate) async fn assert_sandboxed_canonicalize_resolves_directory_alias( + implementation: FileSystemImplementation, + create_directory_alias: impl FnOnce(&Path, &Path) -> Result<()>, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + let nested_dir = source_dir.join("nested"); + let file_path = nested_dir.join("note.txt"); + let alias_dir = tmp.path().join("source-alias"); + std::fs::create_dir_all(&nested_dir)?; + std::fs::write(&file_path, "sandboxed canonical hello")?; + create_directory_alias(&source_dir, &alias_dir)?; + let sandbox = read_only_sandbox(tmp.path().to_path_buf()); + + let requested_path = PathUri::from_path(alias_dir.join("nested").join("note.txt"))?; + let expected_path = PathUri::from_path(std::fs::canonicalize(&file_path)?)?; + assert_ne!(requested_path, expected_path); + + let canonical_path = file_system + .canonicalize(&requested_path, Some(&sandbox)) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(canonical_path, expected_path); + + Ok(()) +} + +/// Verifies that effective additional permissions extend a read-only sandbox with a writable root. +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_write_allows_additional_write_root( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let readable_dir = tmp.path().join("readable"); + let writable_dir = tmp.path().join("writable"); + let file_path = writable_dir.join("note.txt"); + std::fs::create_dir_all(&readable_dir)?; + std::fs::create_dir_all(&writable_dir)?; + + let mut sandbox = read_only_sandbox(readable_dir); + let additional_permissions = AdditionalPermissionProfile { + network: None, + file_system: Some(FileSystemPermissions::from_read_write_roots( + /*read*/ None, + Some(vec![absolute_path(writable_dir)]), + )), + }; + let file_system_policy = effective_file_system_sandbox_policy( + &sandbox.permissions.file_system_sandbox_policy(), + Some(&additional_permissions), + ); + let network_policy = effective_network_sandbox_policy( + sandbox.permissions.network_sandbox_policy(), + Some(&additional_permissions), + ); + sandbox.permissions = PermissionProfile::from_runtime_permissions_with_enforcement( + sandbox.permissions.enforcement(), + &file_system_policy, + network_policy, + ); + + file_system + .write_file( + &PathUri::from_path(&file_path)?, + b"created".to_vec(), + Some(&sandbox), + ) + .await + .with_context(|| format!("write file through additional root mode={implementation}"))?; + assert_eq!(std::fs::read(&file_path)?, b"created"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_rejects_copying_directory_into_descendant( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + std::fs::create_dir_all(source_dir.join("nested"))?; + + let error = file_system + .copy( + &PathUri::from_path(&source_dir)?, + &PathUri::from_path(source_dir.join("nested").join("copy"))?, + CopyOptions { recursive: true }, + /*sandbox*/ None, + ) + .await; + let error = match error { + Ok(()) => panic!("copy should fail"), + Err(error) => error, + }; + assert_eq!(error.kind(), std::io::ErrorKind::InvalidInput); + assert_eq!( + error.to_string(), + "fs/copy cannot copy a directory to itself or one of its descendants" + ); + + Ok(()) +} diff --git a/codex-rs/exec-server/tests/file_system/support.rs b/codex-rs/exec-server/tests/file_system/support.rs new file mode 100644 index 00000000000..715faa9965c --- /dev/null +++ b/codex-rs/exec-server/tests/file_system/support.rs @@ -0,0 +1,112 @@ +use std::fmt; +use std::sync::Arc; + +use anyhow::Result; +use codex_exec_server::Environment; +use codex_exec_server::ExecServerRuntimePaths; +use codex_exec_server::ExecutorFileSystem; +use codex_exec_server::FileSystemSandboxContext; +use codex_exec_server::LocalFileSystem; +use codex_protocol::models::PermissionProfile; +use codex_protocol::permissions::FileSystemAccessMode; +use codex_protocol::permissions::FileSystemPath; +use codex_protocol::permissions::FileSystemSandboxEntry; +use codex_protocol::permissions::FileSystemSandboxPolicy; +use codex_protocol::permissions::NetworkSandboxPolicy; +use codex_utils_absolute_path::AbsolutePathBuf; + +use crate::common::exec_server::ExecServerHarness; +use crate::common::exec_server::TestCodexHelperPaths; +use crate::common::exec_server::exec_server; +use crate::common::exec_server::test_codex_helper_paths; + +pub(crate) struct FileSystemContext { + pub(crate) file_system: Arc, + _helper_paths: Option, + _server: Option, +} + +#[derive(Clone, Copy, Debug)] +pub(crate) enum FileSystemImplementation { + Local, + Remote, +} + +impl fmt::Display for FileSystemImplementation { + fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result { + match self { + Self::Local => formatter.write_str("local"), + Self::Remote => formatter.write_str("remote"), + } + } +} + +pub(crate) async fn create_file_system_context( + implementation: FileSystemImplementation, +) -> Result { + match implementation { + FileSystemImplementation::Local => { + let helper_paths = test_codex_helper_paths()?; + let runtime_paths = ExecServerRuntimePaths::new( + helper_paths.codex_exe.clone(), + helper_paths.codex_linux_sandbox_exe.clone(), + )?; + Ok(FileSystemContext { + file_system: Arc::new(LocalFileSystem::with_runtime_paths(runtime_paths)), + _helper_paths: Some(helper_paths), + _server: None, + }) + } + FileSystemImplementation::Remote => { + let server = exec_server().await?; + let environment = + Environment::create_for_tests(Some(server.websocket_url().to_string()))?; + Ok(FileSystemContext { + file_system: environment.get_filesystem(), + _helper_paths: None, + _server: Some(server), + }) + } + } +} + +pub(crate) fn absolute_path(path: std::path::PathBuf) -> AbsolutePathBuf { + assert!( + path.is_absolute(), + "path must be absolute: {}", + path.display() + ); + match AbsolutePathBuf::try_from(path) { + Ok(path) => path, + Err(err) => panic!("path should be absolute: {err}"), + } +} + +pub(crate) fn read_only_sandbox(readable_root: std::path::PathBuf) -> FileSystemSandboxContext { + let readable_root = absolute_path(readable_root); + sandbox_context(vec![FileSystemSandboxEntry { + path: FileSystemPath::Path { + path: readable_root, + }, + access: FileSystemAccessMode::Read, + }]) +} + +pub(crate) fn workspace_write_sandbox( + writable_root: std::path::PathBuf, +) -> FileSystemSandboxContext { + let writable_root = absolute_path(writable_root); + sandbox_context(vec![FileSystemSandboxEntry { + path: FileSystemPath::Path { + path: writable_root, + }, + access: FileSystemAccessMode::Write, + }]) +} + +fn sandbox_context(entries: Vec) -> FileSystemSandboxContext { + FileSystemSandboxContext::from_permission_profile(PermissionProfile::from_runtime_permissions( + &FileSystemSandboxPolicy::restricted(entries), + NetworkSandboxPolicy::Restricted, + )) +} diff --git a/codex-rs/exec-server/tests/file_system_unix.rs b/codex-rs/exec-server/tests/file_system_unix.rs new file mode 100644 index 00000000000..3538f323662 --- /dev/null +++ b/codex-rs/exec-server/tests/file_system_unix.rs @@ -0,0 +1,839 @@ +#![cfg(unix)] + +mod common; + +#[path = "file_system/shared.rs"] +mod shared; +#[path = "file_system/support.rs"] +mod support; + +use std::os::unix::fs::MetadataExt; +#[cfg(target_os = "linux")] +use std::os::unix::fs::PermissionsExt; +use std::os::unix::fs::symlink; +use std::path::Path; +use std::path::PathBuf; +use std::process::Command; + +use anyhow::Context; +use anyhow::Result; +use codex_exec_server::CopyOptions; +use codex_exec_server::CreateDirectoryOptions; +#[cfg(target_os = "linux")] +use codex_exec_server::Environment; +use codex_exec_server::RemoveOptions; +use codex_utils_path_uri::PathUri; +use pretty_assertions::assert_eq; +use tempfile::TempDir; +use test_case::test_case; + +#[cfg(target_os = "linux")] +use crate::common::exec_server::exec_server_with_env; + +use crate::support::FileSystemImplementation; +use crate::support::create_file_system_context; +use crate::support::read_only_sandbox; +use crate::support::workspace_write_sandbox; + +fn assert_sandbox_denied(error: &std::io::Error) { + match error.kind() { + std::io::ErrorKind::InvalidInput | std::io::ErrorKind::PermissionDenied => { + let message = error.to_string(); + assert!( + message.contains("is not permitted") + || message.contains("Operation not permitted") + || message.contains("Permission denied"), + "unexpected sandbox error message: {message}", + ); + } + std::io::ErrorKind::NotFound => assert!( + error.to_string().contains("No such file or directory"), + "unexpected sandbox not-found message: {error}", + ), + std::io::ErrorKind::Other => assert!( + error.to_string().contains("Read-only file system"), + "unexpected sandbox other error message: {error}", + ), + other => panic!("unexpected sandbox error kind: {other:?}: {error:?}"), + } +} + +fn assert_normalized_path_rejected(error: &std::io::Error) { + match error.kind() { + std::io::ErrorKind::NotFound => assert!( + error.to_string().contains("No such file or directory"), + "unexpected not-found message: {error}", + ), + std::io::ErrorKind::InvalidInput | std::io::ErrorKind::PermissionDenied => { + let message = error.to_string(); + assert!( + message.contains("is not permitted") + || message.contains("Operation not permitted") + || message.contains("Permission denied"), + "unexpected rejection message: {message}", + ); + } + other => panic!("unexpected normalized-path error kind: {other:?}: {error:?}"), + } +} + +fn alias_root_candidate() -> Result> { + for root in [Path::new("/tmp").to_path_buf(), std::env::temp_dir()] { + if root.is_dir() && root.canonicalize().is_ok_and(|canonical| canonical != root) { + return Ok(Some(root)); + } + } + Ok(None) +} + +fn create_directory_symlink(target: &Path, alias: &Path) -> Result<()> { + symlink(target, alias)?; + Ok(()) +} + +#[cfg(target_os = "linux")] +fn write_fake_bwrap(bin_dir: &Path) -> Result { + std::fs::create_dir_all(bin_dir)?; + let fake_bwrap = bin_dir.join("bwrap"); + std::fs::write( + &fake_bwrap, + r#"#!/bin/bash +set -euo pipefail + +for arg in "$@"; do + if [[ "${arg}" == "--help" ]]; then + echo "Usage: bwrap --argv0 --perms" + exit 0 + fi +done + +printf '%s\n' "$*" >> "${0}.log" + +args=("$@") +argv0="" +command_start=-1 +for i in "${!args[@]}"; do + if [[ "${args[$i]}" == "--argv0" && $((i + 1)) -lt ${#args[@]} ]]; then + argv0="${args[$((i + 1))]}" + fi + if [[ "${args[$i]}" == "--" ]]; then + command_start=$((i + 1)) + break + fi +done + +if [[ "${command_start}" -lt 0 || "${command_start}" -ge "${#args[@]}" ]]; then + echo "fake bwrap did not find an inner command" >&2 + exit 125 +fi + +cmd=("${args[@]:$command_start}") +if [[ -n "${argv0}" ]]; then + exec -a "${argv0}" "${cmd[@]}" +fi +exec "${cmd[@]}" +"#, + )?; + let mut permissions = std::fs::metadata(&fake_bwrap)?.permissions(); + permissions.set_mode(0o755); + std::fs::set_permissions(&fake_bwrap, permissions)?; + Ok(fake_bwrap) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_canonicalize_resolves_directory_symlink( + implementation: FileSystemImplementation, +) -> Result<()> { + shared::assert_canonicalize_resolves_directory_alias(implementation, create_directory_symlink) + .await +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_canonicalize_resolves_directory_symlink( + implementation: FileSystemImplementation, +) -> Result<()> { + shared::assert_sandboxed_canonicalize_resolves_directory_alias( + implementation, + create_directory_symlink, + ) + .await +} + +#[cfg(target_os = "linux")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn sandboxed_file_system_helper_finds_bwrap_on_preserved_path() -> Result<()> { + let tmp = TempDir::new()?; + let fake_bin_dir = tmp.path().join("bin"); + let fake_bwrap = write_fake_bwrap(&fake_bin_dir)?; + let mut path_entries = vec![fake_bin_dir]; + if let Some(path) = std::env::var_os("PATH") { + path_entries.extend(std::env::split_paths(&path)); + } + let helper_path = std::env::join_paths(path_entries)?; + + let server = exec_server_with_env([("PATH", helper_path.as_os_str())]).await?; + let environment = Environment::create_for_tests(Some(server.websocket_url().to_string()))?; + let file_system = environment.get_filesystem(); + let workspace = tmp.path().join("workspace"); + std::fs::create_dir_all(&workspace)?; + let file_path = workspace.join("created.txt"); + let sandbox = workspace_write_sandbox(workspace); + + file_system + .write_file( + &PathUri::from_path(&file_path)?, + b"written through fs helper".to_vec(), + Some(&sandbox), + ) + .await?; + + assert_eq!(std::fs::read(&file_path)?, b"written through fs helper"); + + let bwrap_log = fake_bwrap.with_file_name("bwrap.log"); + let log = std::fs::read_to_string(&bwrap_log) + .with_context(|| format!("expected fake bwrap log at {}", bwrap_log.display()))?; + assert!( + log.contains("--argv0"), + "expected fs helper sandbox path to invoke PATH bwrap with --argv0, got: {log}" + ); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_get_metadata_reports_symlink_targets( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let file_path = tmp.path().join("note.txt"); + std::fs::write(&file_path, "hello")?; + let symlink_path = tmp.path().join("note-link.txt"); + symlink(&file_path, &symlink_path)?; + let symlink_metadata = file_system + .get_metadata(&PathUri::from_path(&symlink_path)?, /*sandbox*/ None) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(symlink_metadata.is_directory, false); + assert_eq!(symlink_metadata.is_file, true); + assert_eq!(symlink_metadata.is_symlink, true); + assert!(symlink_metadata.modified_at_ms > 0); + + let dir_path = tmp.path().join("notes"); + std::fs::create_dir(&dir_path)?; + let dir_symlink_path = tmp.path().join("notes-link"); + symlink(&dir_path, &dir_symlink_path)?; + let dir_symlink_metadata = file_system + .get_metadata( + &PathUri::from_path(&dir_symlink_path)?, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + assert_eq!(dir_symlink_metadata.is_directory, true); + assert_eq!(dir_symlink_metadata.is_file, false); + assert_eq!(dir_symlink_metadata.is_symlink, true); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_write_rejects_unwritable_path( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let blocked_path = tmp.path().join("blocked.txt"); + + let sandbox = read_only_sandbox(tmp.path().to_path_buf()); + let error = match file_system + .write_file( + &PathUri::from_path(&blocked_path)?, + b"nope".to_vec(), + Some(&sandbox), + ) + .await + { + Ok(()) => anyhow::bail!("write should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + assert!(!blocked_path.exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_write_allows_explicit_alias_roots( + implementation: FileSystemImplementation, +) -> Result<()> { + let Some(alias_root) = alias_root_candidate()? else { + return Ok(()); + }; + + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = tempfile::Builder::new() + .prefix("codex-fs-sandbox-alias-") + .tempdir_in(&alias_root)?; + let file_path = tmp.path().join("note.txt"); + let sandbox = workspace_write_sandbox(alias_root.clone()); + + file_system + .write_file( + &PathUri::from_path(&file_path)?, + b"created".to_vec(), + Some(&sandbox), + ) + .await + .with_context(|| format!("write file through alias root mode={implementation}"))?; + assert_eq!(std::fs::read(&file_path)?, b"created"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_read_rejects_symlink_escape( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(outside_dir.join("secret.txt"), "nope")?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_path = allowed_dir.join("link").join("secret.txt"); + let sandbox = read_only_sandbox(allowed_dir); + let error = match file_system + .read_file(&PathUri::from_path(&requested_path)?, Some(&sandbox)) + .await + { + Ok(_) => anyhow::bail!("read should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_read_rejects_symlink_parent_dotdot_escape( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + let secret_path = tmp.path().join("secret.txt"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(&secret_path, "nope")?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_path = + PathUri::from_path(allowed_dir.join("link").join("..").join("secret.txt"))?; + let sandbox = read_only_sandbox(allowed_dir); + let error = match file_system.read_file(&requested_path, Some(&sandbox)).await { + Ok(_) => anyhow::bail!("read should fail after path normalization"), + Err(error) => error, + }; + // PathUri's native path constructor normalizes `link/../secret.txt` to + // `allowed/secret.txt` before the request reaches the filesystem layer. + // Depending on whether the platform/runtime resolves that normalized path + // through a top-level symlink alias, the request can surface as either + // "missing file" or an upfront sandbox rejection. + assert_normalized_path_rejected(&error); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_write_rejects_symlink_escape( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_path = allowed_dir.join("link").join("blocked.txt"); + let sandbox = workspace_write_sandbox(allowed_dir); + let error = match file_system + .write_file( + &PathUri::from_path(&requested_path)?, + b"nope".to_vec(), + Some(&sandbox), + ) + .await + { + Ok(()) => anyhow::bail!("write should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + assert!(!outside_dir.join("blocked.txt").exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_write_preserves_existing_hard_link( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + + let outside_file = outside_dir.join("outside.txt"); + let hard_link = allowed_dir.join("hard-link.txt"); + std::fs::write(&outside_file, "outside\n")?; + std::fs::hard_link(&outside_file, &hard_link)?; + + let sandbox = workspace_write_sandbox(allowed_dir); + file_system + .write_file( + &PathUri::from_path(&hard_link)?, + b"updated through existing hard link\n".to_vec(), + Some(&sandbox), + ) + .await + .with_context(|| format!("mode={implementation}"))?; + + assert_eq!( + std::fs::read_to_string(&outside_file)?, + "updated through existing hard link\n" + ); + assert_eq!( + std::fs::read_to_string(&hard_link)?, + "updated through existing hard link\n" + ); + + let outside_metadata = std::fs::metadata(&outside_file)?; + let link_metadata = std::fs::metadata(&hard_link)?; + assert_eq!( + (link_metadata.dev(), link_metadata.ino()), + (outside_metadata.dev(), outside_metadata.ino()) + ); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_create_directory_rejects_symlink_escape( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_path = allowed_dir.join("link").join("created"); + let sandbox = workspace_write_sandbox(allowed_dir); + let error = match file_system + .create_directory( + &PathUri::from_path(&requested_path)?, + CreateDirectoryOptions { recursive: false }, + Some(&sandbox), + ) + .await + { + Ok(()) => anyhow::bail!("create_directory should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + assert!(!outside_dir.join("created").exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_read_directory_rejects_symlink_escape( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(outside_dir.join("secret.txt"), "nope")?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_path = allowed_dir.join("link"); + let sandbox = read_only_sandbox(allowed_dir); + let error = match file_system + .read_directory(&PathUri::from_path(&requested_path)?, Some(&sandbox)) + .await + { + Ok(_) => anyhow::bail!("read_directory should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_rejects_symlink_escape_destination( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(allowed_dir.join("source.txt"), "hello")?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_destination = allowed_dir.join("link").join("copied.txt"); + let sandbox = workspace_write_sandbox(allowed_dir.clone()); + let error = match file_system + .copy( + &PathUri::from_path(allowed_dir.join("source.txt"))?, + &PathUri::from_path(&requested_destination)?, + CopyOptions { recursive: false }, + Some(&sandbox), + ) + .await + { + Ok(()) => anyhow::bail!("copy should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + assert!(!outside_dir.join("copied.txt").exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_remove_removes_symlink_not_target( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + let outside_file = outside_dir.join("keep.txt"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(&outside_file, "outside")?; + let symlink_path = allowed_dir.join("link"); + symlink(&outside_file, &symlink_path)?; + + let sandbox = workspace_write_sandbox(allowed_dir); + file_system + .remove( + &PathUri::from_path(&symlink_path)?, + RemoveOptions { + recursive: false, + force: false, + }, + Some(&sandbox), + ) + .await + .with_context(|| format!("mode={implementation}"))?; + + assert!(!symlink_path.exists()); + assert!(outside_file.exists()); + assert_eq!(std::fs::read_to_string(outside_file)?, "outside"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_preserves_symlink_source( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + let outside_file = outside_dir.join("outside.txt"); + let source_symlink = allowed_dir.join("link"); + let copied_symlink = allowed_dir.join("copied-link"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(&outside_file, "outside")?; + symlink(&outside_file, &source_symlink)?; + + let sandbox = workspace_write_sandbox(allowed_dir.clone()); + file_system + .copy( + &PathUri::from_path(&source_symlink)?, + &PathUri::from_path(&copied_symlink)?, + CopyOptions { recursive: false }, + Some(&sandbox), + ) + .await + .with_context(|| format!("mode={implementation}"))?; + + let copied_metadata = std::fs::symlink_metadata(&copied_symlink)?; + assert!(copied_metadata.file_type().is_symlink()); + assert_eq!(std::fs::read_link(copied_symlink)?, outside_file); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_remove_rejects_symlink_escape( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + let outside_file = outside_dir.join("secret.txt"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(&outside_file, "outside")?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_path = allowed_dir.join("link").join("secret.txt"); + let sandbox = workspace_write_sandbox(allowed_dir); + let error = match file_system + .remove( + &PathUri::from_path(&requested_path)?, + RemoveOptions { + recursive: false, + force: false, + }, + Some(&sandbox), + ) + .await + { + Ok(()) => anyhow::bail!("remove should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + assert_eq!(std::fs::read_to_string(outside_file)?, "outside"); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_rejects_symlink_escape_source( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let allowed_dir = tmp.path().join("allowed"); + let outside_dir = tmp.path().join("outside"); + let outside_file = outside_dir.join("secret.txt"); + let requested_destination = allowed_dir.join("copied.txt"); + std::fs::create_dir_all(&allowed_dir)?; + std::fs::create_dir_all(&outside_dir)?; + std::fs::write(&outside_file, "outside")?; + symlink(&outside_dir, allowed_dir.join("link"))?; + + let requested_source = allowed_dir.join("link").join("secret.txt"); + let sandbox = workspace_write_sandbox(allowed_dir); + let error = match file_system + .copy( + &PathUri::from_path(&requested_source)?, + &PathUri::from_path(&requested_destination)?, + CopyOptions { recursive: false }, + Some(&sandbox), + ) + .await + { + Ok(()) => anyhow::bail!("copy should be blocked"), + Err(error) => error, + }; + assert_sandbox_denied(&error); + assert!(!requested_destination.exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_preserves_symlinks_in_recursive_copy( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + let nested_dir = source_dir.join("nested"); + let copied_dir = tmp.path().join("copied"); + std::fs::create_dir_all(&nested_dir)?; + symlink("nested", source_dir.join("nested-link"))?; + + file_system + .copy( + &PathUri::from_path(&source_dir)?, + &PathUri::from_path(&copied_dir)?, + CopyOptions { recursive: true }, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + + let copied_link = copied_dir.join("nested-link"); + let metadata = std::fs::symlink_metadata(&copied_link)?; + assert!(metadata.file_type().is_symlink()); + assert_eq!( + std::fs::read_link(copied_link)?, + std::path::PathBuf::from("nested") + ); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_ignores_unknown_special_files_in_recursive_copy( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let source_dir = tmp.path().join("source"); + let copied_dir = tmp.path().join("copied"); + std::fs::create_dir_all(&source_dir)?; + std::fs::write(source_dir.join("note.txt"), "hello")?; + + let fifo_path = source_dir.join("named-pipe"); + let output = Command::new("mkfifo").arg(&fifo_path).output()?; + if !output.status.success() { + anyhow::bail!( + "mkfifo failed: stdout={} stderr={}", + String::from_utf8_lossy(&output.stdout).trim(), + String::from_utf8_lossy(&output.stderr).trim() + ); + } + + file_system + .copy( + &PathUri::from_path(&source_dir)?, + &PathUri::from_path(&copied_dir)?, + CopyOptions { recursive: true }, + /*sandbox*/ None, + ) + .await + .with_context(|| format!("mode={implementation}"))?; + + assert_eq!( + std::fs::read_to_string(copied_dir.join("note.txt"))?, + "hello" + ); + assert!(!copied_dir.join("named-pipe").exists()); + + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_copy_rejects_standalone_fifo_source( + implementation: FileSystemImplementation, +) -> Result<()> { + let context = create_file_system_context(implementation).await?; + let file_system = context.file_system; + + let tmp = TempDir::new()?; + let fifo_path = tmp.path().join("named-pipe"); + let output = Command::new("mkfifo").arg(&fifo_path).output()?; + if !output.status.success() { + anyhow::bail!( + "mkfifo failed: stdout={} stderr={}", + String::from_utf8_lossy(&output.stdout).trim(), + String::from_utf8_lossy(&output.stderr).trim() + ); + } + + let error = file_system + .copy( + &PathUri::from_path(&fifo_path)?, + &PathUri::from_path(tmp.path().join("copied"))?, + CopyOptions { recursive: false }, + /*sandbox*/ None, + ) + .await; + let error = match error { + Ok(()) => panic!("copy should fail"), + Err(error) => error, + }; + assert_eq!(error.kind(), std::io::ErrorKind::InvalidInput); + assert_eq!( + error.to_string(), + "fs/copy only supports regular files, directories, and symlinks" + ); + + Ok(()) +} diff --git a/codex-rs/exec-server/tests/file_system_windows.rs b/codex-rs/exec-server/tests/file_system_windows.rs new file mode 100644 index 00000000000..68d826ced34 --- /dev/null +++ b/codex-rs/exec-server/tests/file_system_windows.rs @@ -0,0 +1,55 @@ +#![cfg(windows)] + +mod common; + +#[path = "file_system/shared.rs"] +mod shared; +#[path = "file_system/support.rs"] +mod support; + +use std::path::Path; +use std::process::Command; + +use anyhow::Result; +use test_case::test_case; + +use crate::support::FileSystemImplementation; + +fn create_directory_junction(target: &Path, alias: &Path) -> Result<()> { + let output = Command::new("cmd") + .args(["/C", "mklink", "/J"]) + .arg(alias) + .arg(target) + .output()?; + if !output.status.success() { + anyhow::bail!( + "mklink /J failed: stdout={} stderr={}", + String::from_utf8_lossy(&output.stdout).trim(), + String::from_utf8_lossy(&output.stderr).trim() + ); + } + Ok(()) +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_canonicalize_resolves_directory_junction( + implementation: FileSystemImplementation, +) -> Result<()> { + shared::assert_canonicalize_resolves_directory_alias(implementation, create_directory_junction) + .await +} + +#[test_case(FileSystemImplementation::Local ; "local")] +#[test_case(FileSystemImplementation::Remote ; "remote")] +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn file_system_sandboxed_canonicalize_resolves_directory_junction( + implementation: FileSystemImplementation, +) -> Result<()> { + shared::assert_sandboxed_canonicalize_resolves_directory_alias( + implementation, + create_directory_junction, + ) + .await +} diff --git a/codex-rs/exec-server/tests/health.rs b/codex-rs/exec-server/tests/health.rs index 91b3806a22b..1fcfb049b5e 100644 --- a/codex-rs/exec-server/tests/health.rs +++ b/codex-rs/exec-server/tests/health.rs @@ -2,6 +2,7 @@ mod common; +use codex_exec_server::Environment; use common::exec_server::exec_server; use pretty_assertions::assert_eq; @@ -19,3 +20,17 @@ async fn exec_server_serves_readyz_alongside_websocket_endpoint() -> anyhow::Res server.shutdown().await?; Ok(()) } + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn remote_environment_fetches_info_from_exec_server() -> anyhow::Result<()> { + let mut server = exec_server().await?; + let environment = Environment::create_for_tests(Some(server.websocket_url().to_string()))?; + assert!(environment.is_remote()); + + let remote_info = environment.info().await?; + let local_info = Environment::default_for_tests().info().await?; + assert_eq!(remote_info, local_info); + + server.shutdown().await?; + Ok(()) +} diff --git a/codex-rs/exec/src/event_processor_with_human_output.rs b/codex-rs/exec/src/event_processor_with_human_output.rs index c3190b87406..60667bb5dfa 100644 --- a/codex-rs/exec/src/event_processor_with_human_output.rs +++ b/codex-rs/exec/src/event_processor_with_human_output.rs @@ -239,6 +239,7 @@ impl EventProcessor for EventProcessorWithHumanOutput { ); CodexStatus::Running } + ServerNotification::Warning(notification) => self.process_warning(notification.message), ServerNotification::Error(notification) => { eprintln!( "{} {}", @@ -446,7 +447,8 @@ fn config_summary_entries( "reasoning effort", config .model_reasoning_effort - .map(|effort| effort.to_string()) + .as_ref() + .map(std::string::ToString::to_string) .unwrap_or_else(|| "none".to_string()), )); entries.push(( diff --git a/codex-rs/exec/src/event_processor_with_jsonl_output.rs b/codex-rs/exec/src/event_processor_with_jsonl_output.rs index 89e41eacb16..79bf88eaaf6 100644 --- a/codex-rs/exec/src/event_processor_with_jsonl_output.rs +++ b/codex-rs/exec/src/event_processor_with_jsonl_output.rs @@ -430,6 +430,11 @@ impl EventProcessorWithJsonOutput { })); CodexStatus::Running } + ServerNotification::Warning(notification) => { + let warning = self.collect_warning(notification.message); + events.extend(warning.events); + warning.status + } ServerNotification::Error(notification) => { let message = match notification.error.additional_details { Some(details) if !details.is_empty() => { diff --git a/codex-rs/exec/src/event_processor_with_jsonl_output_tests.rs b/codex-rs/exec/src/event_processor_with_jsonl_output_tests.rs index b8b0267fc4d..f8521071e3e 100644 --- a/codex-rs/exec/src/event_processor_with_jsonl_output_tests.rs +++ b/codex-rs/exec/src/event_processor_with_jsonl_output_tests.rs @@ -59,6 +59,33 @@ fn failed_turn_does_not_overwrite_output_last_message_file() { ); } +#[test] +fn runtime_warning_emits_a_non_fatal_error_item() { + let mut processor = EventProcessorWithJsonOutput::new(/*last_message_path*/ None); + + let collected = processor.collect_thread_events(ServerNotification::Warning( + codex_app_server_protocol::WarningNotification { + thread_id: Some("thread-1".to_string()), + message: "invalid global instructions".to_string(), + }, + )); + + assert_eq!( + collected, + CollectedThreadEvents { + events: vec![ThreadEvent::ItemCompleted(ItemCompletedEvent { + item: ExecThreadItem { + id: "item_0".to_string(), + details: ThreadItemDetails::Error(ErrorItem { + message: "invalid global instructions".to_string(), + }), + }, + })], + status: CodexStatus::Running, + } + ); +} + #[test] fn mcp_tool_call_result_preserves_meta_in_jsonl_event() { let mut processor = EventProcessorWithJsonOutput::new(/*last_message_path*/ None); diff --git a/codex-rs/exec/src/lib.rs b/codex-rs/exec/src/lib.rs index 406197d7204..5dce65d715e 100644 --- a/codex-rs/exec/src/lib.rs +++ b/codex-rs/exec/src/lib.rs @@ -694,7 +694,7 @@ async fn run_exec_session(args: ExecRunArgs) -> anyhow::Result<()> { let default_cwd = config.cwd.to_path_buf(); let default_approval_policy = config.permissions.approval_policy.value(); - let default_effort = config.model_reasoning_effort; + let default_effort = config.model_reasoning_effort.clone(); let (initial_operation, prompt_summary) = match (command.as_ref(), prompt, images) { (Some(ExecCommand::Review(review_cli)), _, _) => { @@ -1044,13 +1044,7 @@ fn thread_start_params_from_config(config: &Config) -> ThreadStartParams { model: config.model.clone(), model_provider: Some(config.model_provider_id.clone()), cwd: Some(config.cwd.to_string_lossy().to_string()), - runtime_workspace_roots: Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect(), - ), + runtime_workspace_roots: Some(config.workspace_roots.clone()), approval_policy: Some(config.permissions.approval_policy.value().into()), approvals_reviewer: approvals_reviewer_override_from_config(config), sandbox: sandbox.flatten(), @@ -1075,13 +1069,7 @@ fn thread_resume_params_from_config(config: &Config, thread_id: String) -> Threa model: config.model.clone(), model_provider: Some(config.model_provider_id.clone()), cwd: Some(config.cwd.to_string_lossy().to_string()), - runtime_workspace_roots: Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect(), - ), + runtime_workspace_roots: Some(config.workspace_roots.clone()), approval_policy: Some(config.permissions.approval_policy.value().into()), approvals_reviewer: approvals_reviewer_override_from_config(config), sandbox: sandbox.flatten(), @@ -1158,7 +1146,7 @@ fn session_configured_from_thread_start_response( &response.thread.session_id, &response.thread.id, response.thread.parent_thread_id.as_deref(), - response.thread.thread_source.map(Into::into), + response.thread.thread_source.clone().map(Into::into), response.thread.name.clone(), response.thread.path.clone(), response.model.clone(), @@ -1169,7 +1157,7 @@ fn session_configured_from_thread_start_response( config.permissions.effective_permission_profile(), response.active_permission_profile.clone().map(Into::into), response.cwd.clone(), - response.reasoning_effort, + response.reasoning_effort.clone(), ) } @@ -1181,7 +1169,7 @@ fn session_configured_from_thread_resume_response( &response.thread.session_id, &response.thread.id, response.thread.parent_thread_id.as_deref(), - response.thread.thread_source.map(Into::into), + response.thread.thread_source.clone().map(Into::into), response.thread.name.clone(), response.thread.path.clone(), response.model.clone(), @@ -1192,7 +1180,7 @@ fn session_configured_from_thread_resume_response( config.permissions.effective_permission_profile(), response.active_permission_profile.clone().map(Into::into), response.cwd.clone(), - response.reasoning_effort, + response.reasoning_effort.clone(), ) } @@ -1268,6 +1256,11 @@ fn should_process_notification( ) -> bool { match notification { ServerNotification::ConfigWarning(_) | ServerNotification::DeprecationNotice(_) => true, + // TODO(anp) resolve duplicate startup warnings + ServerNotification::Warning(notification) => notification + .thread_id + .as_deref() + .is_none_or(|candidate| candidate == thread_id), ServerNotification::Error(notification) => { notification.thread_id == thread_id && notification.turn_id == turn_id } diff --git a/codex-rs/exec/src/lib_tests.rs b/codex-rs/exec/src/lib_tests.rs index 8b2f214987f..de81f60d70f 100644 --- a/codex-rs/exec/src/lib_tests.rs +++ b/codex-rs/exec/src/lib_tests.rs @@ -267,6 +267,35 @@ fn lagged_event_warning_message_is_explicit() { ); } +#[test] +fn runtime_warnings_are_filtered_to_the_primary_thread() { + let primary_thread_id = "thread-1"; + let turn_id = "turn-1"; + let outcomes = [ + codex_app_server_protocol::WarningNotification { + thread_id: None, + message: "global warning".to_string(), + }, + codex_app_server_protocol::WarningNotification { + thread_id: Some(primary_thread_id.to_string()), + message: "primary warning".to_string(), + }, + codex_app_server_protocol::WarningNotification { + thread_id: Some("thread-2".to_string()), + message: "other warning".to_string(), + }, + ] + .map(|warning| { + should_process_notification( + &ServerNotification::Warning(warning), + primary_thread_id, + turn_id, + ) + }); + + assert_eq!(outcomes, [true, true, false]); +} + #[tokio::test] async fn resume_lookup_model_providers_filters_only_last_lookup() { let codex_home = tempdir().expect("create temp codex home"); diff --git a/codex-rs/exec/tests/suite/agents_md.rs b/codex-rs/exec/tests/suite/agents_md.rs new file mode 100644 index 00000000000..d4a765f5c6a --- /dev/null +++ b/codex-rs/exec/tests/suite/agents_md.rs @@ -0,0 +1,176 @@ +#![allow(clippy::expect_used, clippy::unwrap_used)] + +use core_test_support::responses; +use core_test_support::test_codex_exec::test_codex_exec; +use predicates::prelude::PredicateBooleanExt; +use predicates::str::contains; + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn exec_includes_workspace_agents_md_in_request() -> anyhow::Result<()> { + let test = test_codex_exec(); + std::fs::write(test.cwd_path().join("AGENTS.md"), "workspace instructions")?; + + let server = responses::start_mock_server().await; + let body = responses::sse(vec![ + responses::ev_response_created("resp1"), + responses::ev_assistant_message("m1", "fixture hello"), + responses::ev_completed("resp1"), + ]); + let response_mock = responses::mount_sse_once(&server, body).await; + + test.cmd_with_server(&server) + .arg("--skip-git-repo-check") + .arg("tell me something") + .assert() + .success(); + + let user_messages = response_mock.single_request().message_input_texts("user"); + assert!( + user_messages + .iter() + .any(|text| text.contains("workspace instructions")), + "request should include workspace AGENTS.md instructions: {user_messages:?}" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn exec_prefers_workspace_agents_override_md() -> anyhow::Result<()> { + let test = test_codex_exec(); + std::fs::write(test.cwd_path().join("AGENTS.md"), "base instructions")?; + std::fs::write( + test.cwd_path().join("AGENTS.override.md"), + "override instructions", + )?; + + let server = responses::start_mock_server().await; + let body = responses::sse(vec![ + responses::ev_response_created("resp1"), + responses::ev_assistant_message("m1", "fixture hello"), + responses::ev_completed("resp1"), + ]); + let response_mock = responses::mount_sse_once(&server, body).await; + + test.cmd_with_server(&server) + .arg("--skip-git-repo-check") + .arg("tell me something") + .assert() + .success(); + + let user_messages = response_mock.single_request().message_input_texts("user"); + assert!( + user_messages + .iter() + .any(|text| text.contains("override instructions")), + "request should include AGENTS.override.md instructions: {user_messages:?}" + ); + assert!( + user_messages + .iter() + .all(|text| !text.contains("base instructions")), + "request should exclude shadowed AGENTS.md instructions: {user_messages:?}" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn exec_surfaces_project_instruction_loading_warnings() -> anyhow::Result<()> { + let test = test_codex_exec(); + let project_agents_path = test.cwd_path().join("AGENTS.md"); + std::fs::write(&project_agents_path, b"project\xFFinstructions")?; + + let server = responses::start_mock_server().await; + let body = responses::sse(vec![ + responses::ev_response_created("resp1"), + responses::ev_assistant_message("m1", "fixture hello"), + responses::ev_completed("resp1"), + ]); + responses::mount_sse_once(&server, body).await; + + test.cmd_with_server(&server) + .arg("--skip-git-repo-check") + .arg("tell me something") + .assert() + .success() + .stderr(contains("invalid UTF-8").and(contains(project_agents_path.display().to_string()))); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn exec_json_surfaces_project_instruction_loading_warnings() -> anyhow::Result<()> { + let test = test_codex_exec(); + let project_agents_path = test.cwd_path().join("AGENTS.md"); + std::fs::write(&project_agents_path, b"project\xFFinstructions")?; + + let server = responses::start_mock_server().await; + let body = responses::sse(vec![ + responses::ev_response_created("resp1"), + responses::ev_assistant_message("m1", "fixture hello"), + responses::ev_completed("resp1"), + ]); + responses::mount_sse_once(&server, body).await; + + let output = test + .cmd_with_server(&server) + .arg("--skip-git-repo-check") + .arg("--json") + .arg("tell me something") + .assert() + .success() + .get_output() + .stdout + .clone(); + let events = String::from_utf8(output)? + .lines() + .map(serde_json::from_str::) + .collect::, _>>()?; + + assert!( + events.iter().any(|event| { + event["type"] == "item.completed" + && event["item"]["type"] == "error" + && event["item"]["message"].as_str().is_some_and(|message| { + message.contains("invalid UTF-8") + && message.contains(project_agents_path.display().to_string().as_str()) + }) + }), + "expected a JSONL warning event; observed: {events:?}" + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn exec_surfaces_global_instruction_loading_warnings() -> anyhow::Result<()> { + let test = test_codex_exec(); + let global_agents_path = test.home_path().join("AGENTS.md"); + let global_agents_source_suffix = format!( + "{}{}AGENTS.md", + test.home_path() + .file_name() + .expect("temporary Codex home should have a file name") + .to_string_lossy(), + std::path::MAIN_SEPARATOR, + ); + std::fs::write(&global_agents_path, b"global\xFFinstructions")?; + + let server = responses::start_mock_server().await; + let body = responses::sse(vec![ + responses::ev_response_created("resp1"), + responses::ev_assistant_message("m1", "fixture hello"), + responses::ev_completed("resp1"), + ]); + responses::mount_sse_once(&server, body).await; + + test.cmd_with_server(&server) + .arg("--skip-git-repo-check") + .arg("tell me something") + .assert() + .success() + .stderr(contains("invalid UTF-8").and(contains(global_agents_source_suffix))); + + Ok(()) +} diff --git a/codex-rs/exec/tests/suite/mod.rs b/codex-rs/exec/tests/suite/mod.rs index 6f868563273..e7452cc17a6 100644 --- a/codex-rs/exec/tests/suite/mod.rs +++ b/codex-rs/exec/tests/suite/mod.rs @@ -1,5 +1,6 @@ // Aggregates all former standalone integration tests as modules. mod add_dir; +mod agents_md; mod apply_patch; mod approval_policy; mod auth_env; diff --git a/codex-rs/execpolicy-legacy/src/arg_matcher.rs b/codex-rs/execpolicy-legacy/src/arg_matcher.rs index 3d413fe7ff0..f8248d20ecb 100644 --- a/codex-rs/execpolicy-legacy/src/arg_matcher.rs +++ b/codex-rs/execpolicy-legacy/src/arg_matcher.rs @@ -95,7 +95,7 @@ impl ArgMatcherCardinality { } impl<'v> AllocValue<'v> for ArgMatcher { - fn alloc_value(self, heap: &'v Heap) -> Value<'v> { + fn alloc_value(self, heap: Heap<'v>) -> Value<'v> { heap.alloc_simple(self) } } diff --git a/codex-rs/execpolicy-legacy/src/opt.rs b/codex-rs/execpolicy-legacy/src/opt.rs index 2325d998047..06ed3ae42d6 100644 --- a/codex-rs/execpolicy-legacy/src/opt.rs +++ b/codex-rs/execpolicy-legacy/src/opt.rs @@ -66,7 +66,7 @@ impl<'v> UnpackValue<'v> for Opt { } impl<'v> AllocValue<'v> for Opt { - fn alloc_value(self, heap: &'v Heap) -> Value<'v> { + fn alloc_value(self, heap: Heap<'v>) -> Value<'v> { heap.alloc_simple(self) } } diff --git a/codex-rs/execpolicy-legacy/src/policy_parser.rs b/codex-rs/execpolicy-legacy/src/policy_parser.rs index 2580e5b6799..3e54872cf9a 100644 --- a/codex-rs/execpolicy-legacy/src/policy_parser.rs +++ b/codex-rs/execpolicy-legacy/src/policy_parser.rs @@ -15,7 +15,6 @@ use starlark::environment::Module; use starlark::eval::Evaluator; use starlark::syntax::AstModule; use starlark::syntax::Dialect; -use starlark::values::Heap; use starlark::values::list::UnpackList; use starlark::values::none::NoneType; use std::cell::RefCell; @@ -41,31 +40,28 @@ impl PolicyParser { let globals = GlobalsBuilder::extended_by(&[LibraryExtension::Typing]) .with(policy_builtins) .build(); - let module = Module::new(); - - let heap = Heap::new(); - - module.set("ARG_OPAQUE_VALUE", heap.alloc(ArgMatcher::OpaqueNonFile)); - module.set("ARG_RFILE", heap.alloc(ArgMatcher::ReadableFile)); - module.set("ARG_WFILE", heap.alloc(ArgMatcher::WriteableFile)); - module.set("ARG_RFILES", heap.alloc(ArgMatcher::ReadableFiles)); - module.set( - "ARG_RFILES_OR_CWD", - heap.alloc(ArgMatcher::ReadableFilesOrCwd), - ); - module.set("ARG_POS_INT", heap.alloc(ArgMatcher::PositiveInteger)); - module.set("ARG_SED_COMMAND", heap.alloc(ArgMatcher::SedCommand)); - module.set( - "ARG_UNVERIFIED_VARARGS", - heap.alloc(ArgMatcher::UnverifiedVarargs), - ); - let policy_builder = PolicyBuilder::new(); - { + Module::with_temp_heap(|module| { + let heap = module.heap(); + module.set("ARG_OPAQUE_VALUE", heap.alloc(ArgMatcher::OpaqueNonFile)); + module.set("ARG_RFILE", heap.alloc(ArgMatcher::ReadableFile)); + module.set("ARG_WFILE", heap.alloc(ArgMatcher::WriteableFile)); + module.set("ARG_RFILES", heap.alloc(ArgMatcher::ReadableFiles)); + module.set( + "ARG_RFILES_OR_CWD", + heap.alloc(ArgMatcher::ReadableFilesOrCwd), + ); + module.set("ARG_POS_INT", heap.alloc(ArgMatcher::PositiveInteger)); + module.set("ARG_SED_COMMAND", heap.alloc(ArgMatcher::SedCommand)); + module.set( + "ARG_UNVERIFIED_VARARGS", + heap.alloc(ArgMatcher::UnverifiedVarargs), + ); + let mut eval = Evaluator::new(&module); eval.extra = Some(&policy_builder); - eval.eval_module(ast, &globals)?; - } + eval.eval_module(ast, &globals).map(|_| ()) + })?; let policy = policy_builder.build(); policy.map_err(|e| starlark::Error::new_kind(starlark::ErrorKind::Other(e.into()))) } diff --git a/codex-rs/execpolicy/Cargo.toml b/codex-rs/execpolicy/Cargo.toml index b22226a79e4..b87af084d7d 100644 --- a/codex-rs/execpolicy/Cargo.toml +++ b/codex-rs/execpolicy/Cargo.toml @@ -21,6 +21,7 @@ workspace = true anyhow = { workspace = true } clap = { workspace = true, features = ["derive"] } codex-utils-absolute-path = { workspace = true } +codex-utils-file-lock = { workspace = true } multimap = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } diff --git a/codex-rs/execpolicy/src/amend.rs b/codex-rs/execpolicy/src/amend.rs index e25fd1bd914..1ef36b1ff5d 100644 --- a/codex-rs/execpolicy/src/amend.rs +++ b/codex-rs/execpolicy/src/amend.rs @@ -6,6 +6,10 @@ use std::io::Write; use std::path::Path; use std::path::PathBuf; +use codex_utils_file_lock::FileLockOutcome; +use codex_utils_file_lock::acquire_sibling_lock_dir; +use codex_utils_file_lock::lock_exclusive_optional; + use crate::decision::Decision; use crate::rule::NetworkRuleProtocol; use crate::rule::normalize_network_rule_host; @@ -154,10 +158,21 @@ fn append_locked_line(policy_path: &Path, line: &str) -> Result<(), AmendError> path: policy_path.to_path_buf(), source, })?; - file.lock().map_err(|source| AmendError::LockPolicyFile { - path: policy_path.to_path_buf(), - source, - })?; + let _lock_dir_guard = + match lock_exclusive_optional(&file).map_err(|source| AmendError::LockPolicyFile { + path: policy_path.to_path_buf(), + source, + })? { + FileLockOutcome::Acquired => None, + FileLockOutcome::Unsupported => { + Some(acquire_sibling_lock_dir(policy_path).map_err(|source| { + AmendError::LockPolicyFile { + path: policy_path.to_path_buf(), + source, + } + })?) + } + }; file.seek(SeekFrom::Start(0)) .map_err(|source| AmendError::SeekPolicyFile { diff --git a/codex-rs/execpolicy/src/parser.rs b/codex-rs/execpolicy/src/parser.rs index 5d01df18bb9..33262db1b3a 100644 --- a/codex-rs/execpolicy/src/parser.rs +++ b/codex-rs/execpolicy/src/parser.rs @@ -65,12 +65,13 @@ impl PolicyParser { ) .map_err(Error::Starlark)?; let globals = GlobalsBuilder::standard().with(policy_builtins).build(); - let module = Module::new(); - { + Module::with_temp_heap(|module| { let mut eval = Evaluator::new(&module); eval.extra = Some(&self.builder); - eval.eval_module(ast, &globals).map_err(Error::Starlark)?; - } + eval.eval_module(ast, &globals) + .map(|_| ()) + .map_err(Error::Starlark) + })?; self.builder .borrow() .validate_pending_examples_from(pending_validation_count)?; diff --git a/codex-rs/ext/extension-api/Cargo.toml b/codex-rs/ext/extension-api/Cargo.toml index 85c7d8f98ec..1a5a9742fbe 100644 --- a/codex-rs/ext/extension-api/Cargo.toml +++ b/codex-rs/ext/extension-api/Cargo.toml @@ -14,7 +14,12 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } +codex-config = { workspace = true } codex-context-fragments = { workspace = true } codex-protocol = { workspace = true } codex-tools = { workspace = true } +codex-utils-absolute-path = { workspace = true } + +[dev-dependencies] +pretty_assertions = { workspace = true } +tokio = { workspace = true, features = ["macros", "rt-multi-thread"] } diff --git a/codex-rs/ext/extension-api/src/contributors.rs b/codex-rs/ext/extension-api/src/contributors.rs index 8706e8ee7a3..efc22f5fd9b 100644 --- a/codex-rs/ext/extension-api/src/contributors.rs +++ b/codex-rs/ext/extension-api/src/contributors.rs @@ -1,4 +1,5 @@ use std::future::Future; +use std::pin::Pin; use std::sync::Arc; use codex_context_fragments::ContextualUserFragment; @@ -10,12 +11,14 @@ use codex_tools::ToolExecutor; use crate::ExtensionData; +mod mcp; mod prompt; mod thread_lifecycle; mod tool_lifecycle; mod turn_input; mod turn_lifecycle; +pub use mcp::McpServerContribution; pub use prompt::PromptFragment; pub use prompt::PromptSlot; pub use thread_lifecycle::ThreadIdleInput; @@ -34,13 +37,30 @@ pub use turn_lifecycle::TurnErrorInput; pub use turn_lifecycle::TurnStartInput; pub use turn_lifecycle::TurnStopInput; +/// Boxed, sendable future returned by asynchronous extension contributors. +pub type ExtensionFuture<'a, T> = Pin + Send + 'a>>; + +/// Extension contribution that resolves runtime MCP servers from host config. +/// +/// Contributors run in registration order. Later contributions for the same +/// name replace earlier ones. Implementations must contribute only names they +/// own and must apply any source-specific policy before returning a server. +/// Plugin-owned servers and their provenance continue to be resolved by the +/// plugin manager until that ownership moves into an extension explicitly. +pub trait McpServerContributor: Send + Sync { + /// Stable identity used for registration provenance and conflict diagnostics. + fn id(&self) -> &'static str; + + fn contribute<'a>(&'a self, config: &'a C) -> ExtensionFuture<'a, Vec>; +} + /// Extension contribution that adds prompt fragments during prompt assembly. pub trait ContextContributor: Send + Sync { fn contribute<'a>( &'a self, session_store: &'a ExtensionData, thread_store: &'a ExtensionData, - ) -> std::pin::Pin> + Send + 'a>>; + ) -> ExtensionFuture<'a, Vec>; } /// Contributor for host-owned thread lifecycle gates. @@ -48,24 +68,43 @@ pub trait ContextContributor: Send + Sync { /// Implementations should use these callbacks to seed, rehydrate, or flush /// extension-private thread state. Heavy dependencies belong on the extension /// value created by the host, not in these inputs. -#[async_trait::async_trait] pub trait ThreadLifecycleContributor: Send + Sync { /// Called after thread-scoped extension stores are created, before later /// contributors can read from them. - async fn on_thread_start(&self, _input: ThreadStartInput<'_, C>) {} + fn on_thread_start<'a>(&'a self, input: ThreadStartInput<'a, C>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } /// Called after the host constructs a runtime from persisted history. - async fn on_thread_resume(&self, _input: ThreadResumeInput<'_>) {} + fn on_thread_resume<'a>(&'a self, input: ThreadResumeInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } /// Called after the host has drained immediately pending thread work. /// /// Implementations may use host capabilities captured by the extension to /// submit follow-up input. The host remains responsible for deciding /// whether that input starts a turn, is queued, or is ignored. - async fn on_thread_idle(&self, _input: ThreadIdleInput<'_>) {} + fn on_thread_idle<'a>(&'a self, input: ThreadIdleInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } /// Called before the host drops the thread runtime and thread-scoped store. - async fn on_thread_stop(&self, _input: ThreadStopInput<'_>) {} + fn on_thread_stop<'a>(&'a self, input: ThreadStopInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } } /// Contributor for host-owned turn lifecycle gates. @@ -73,20 +112,39 @@ pub trait ThreadLifecycleContributor: Send + Sync { /// Implementations should use these callbacks to seed, observe, or clear /// extension-private turn state. The host exposes stable identifiers and /// extension stores instead of core runtime objects. -#[async_trait::async_trait] pub trait TurnLifecycleContributor: Send + Sync { /// Called after turn-scoped extension stores are created, before the task /// for the turn starts running. - async fn on_turn_start(&self, _input: TurnStartInput<'_>) {} + fn on_turn_start<'a>(&'a self, input: TurnStartInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } /// Called before the host drops the completed turn runtime and turn store. - async fn on_turn_stop(&self, _input: TurnStopInput<'_>) {} + fn on_turn_stop<'a>(&'a self, input: TurnStopInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } /// Called after the host aborts a running turn. - async fn on_turn_abort(&self, _input: TurnAbortInput<'_>) {} + fn on_turn_abort<'a>(&'a self, input: TurnAbortInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } /// Called when the host observes an error for a running turn. - async fn on_turn_error(&self, _input: TurnErrorInput<'_>) {} + fn on_turn_error<'a>(&'a self, input: TurnErrorInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _input = input; + }) + } } /// Extension contribution that can add turn-local model input. @@ -95,16 +153,15 @@ pub trait TurnLifecycleContributor: Send + Sync { /// must preserve authority boundaries for external resources. Expensive or /// host-specific dependencies belong on the extension value installed by the /// host, not in this input. -#[async_trait::async_trait] pub trait TurnInputContributor: Send + Sync { /// Returns additional contextual fragments for one submitted turn. - async fn contribute( - &self, + fn contribute<'a>( + &'a self, input: TurnInputContext, - session_store: &ExtensionData, - thread_store: &ExtensionData, - turn_store: &ExtensionData, - ) -> Vec>; + session_store: &'a ExtensionData, + thread_store: &'a ExtensionData, + turn_store: &'a ExtensionData, + ) -> ExtensionFuture<'a, Vec>>; } /// Contributor for host-owned configuration changes. @@ -128,16 +185,19 @@ pub trait ConfigContributor: Send + Sync { /// Implementations should keep this callback cheap. The host calls it after /// updating cached token usage and before emitting the corresponding client /// token-count notification. -#[async_trait::async_trait] pub trait TokenUsageContributor: Send + Sync { /// Called each time the host records token usage from a model response. - async fn on_token_usage( - &self, - _session_store: &ExtensionData, - _thread_store: &ExtensionData, - _turn_store: &ExtensionData, - _token_usage: &TokenUsageInfo, - ) { + fn on_token_usage<'a>( + &'a self, + _session_store: &'a ExtensionData, + _thread_store: &'a ExtensionData, + _turn_store: &'a ExtensionData, + _token_usage: &'a TokenUsageInfo, + ) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let _self = self; + let _inputs = (_session_store, _thread_store, _turn_store, _token_usage); + }) } } @@ -169,14 +229,13 @@ pub trait ToolLifecycleContributor: Send + Sync { } /// Extension contribution that can claim rendered approval-review prompts. -#[async_trait::async_trait] pub trait ApprovalReviewContributor: Send + Sync { - async fn contribute( - &self, - session_store: &ExtensionData, - thread_store: &ExtensionData, - prompt: &str, - ) -> Option; + fn contribute<'a>( + &'a self, + session_store: &'a ExtensionData, + thread_store: &'a ExtensionData, + prompt: &'a str, + ) -> ExtensionFuture<'a, Option>; } /// Ordered post-processing contribution for one parsed turn item. @@ -184,12 +243,11 @@ pub trait ApprovalReviewContributor: Send + Sync { /// Implementations may mutate the item before it is emitted and may use the /// explicitly exposed thread- and turn-lifetime stores when they need durable /// extension-private state. -#[async_trait::async_trait] pub trait TurnItemContributor: Send + Sync { - async fn contribute( - &self, - thread_store: &ExtensionData, - turn_store: &ExtensionData, - item: &mut TurnItem, - ) -> Result<(), String>; + fn contribute<'a>( + &'a self, + thread_store: &'a ExtensionData, + turn_store: &'a ExtensionData, + item: &'a mut TurnItem, + ) -> ExtensionFuture<'a, Result<(), String>>; } diff --git a/codex-rs/ext/extension-api/src/contributors/mcp.rs b/codex-rs/ext/extension-api/src/contributors/mcp.rs new file mode 100644 index 00000000000..7fdedcdda75 --- /dev/null +++ b/codex-rs/ext/extension-api/src/contributors/mcp.rs @@ -0,0 +1,13 @@ +use codex_config::McpServerConfig; + +/// One extension-owned overlay for the runtime MCP server configuration. +#[derive(Clone, Debug)] +pub enum McpServerContribution { + /// Adds or replaces a named MCP server. + Set { + name: String, + config: Box, + }, + /// Removes a named MCP server. + Remove { name: String }, +} diff --git a/codex-rs/ext/extension-api/src/lib.rs b/codex-rs/ext/extension-api/src/lib.rs index 7fa60c0fe79..829ef295b99 100644 --- a/codex-rs/ext/extension-api/src/lib.rs +++ b/codex-rs/ext/extension-api/src/lib.rs @@ -2,6 +2,7 @@ mod capabilities; mod contributors; mod registry; mod state; +mod user_instructions; pub use capabilities::AgentSpawnFuture; pub use capabilities::AgentSpawner; @@ -19,7 +20,9 @@ pub use codex_tools::JsonToolOutput; pub use codex_tools::NoopTurnItemEmitter; pub use codex_tools::ResponsesApiTool; pub use codex_tools::ToolCall; +pub use codex_tools::ToolEnvironment; pub use codex_tools::ToolExecutor; +pub use codex_tools::ToolExecutorFuture; pub use codex_tools::ToolName; pub use codex_tools::ToolOutput; pub use codex_tools::ToolPayload; @@ -31,6 +34,9 @@ pub use codex_tools::parse_tool_input_schema_without_compaction; pub use contributors::ApprovalReviewContributor; pub use contributors::ConfigContributor; pub use contributors::ContextContributor; +pub use contributors::ExtensionFuture; +pub use contributors::McpServerContribution; +pub use contributors::McpServerContributor; pub use contributors::PromptFragment; pub use contributors::PromptSlot; pub use contributors::ThreadIdleInput; @@ -59,3 +65,8 @@ pub use registry::ExtensionRegistry; pub use registry::ExtensionRegistryBuilder; pub use registry::empty_extension_registry; pub use state::ExtensionData; +pub use state::ExtensionDataInit; +pub use user_instructions::LoadUserInstructionsFuture; +pub use user_instructions::LoadedUserInstructions; +pub use user_instructions::UserInstructions; +pub use user_instructions::UserInstructionsProvider; diff --git a/codex-rs/ext/extension-api/src/registry.rs b/codex-rs/ext/extension-api/src/registry.rs index 08493871108..e8cc9893373 100644 --- a/codex-rs/ext/extension-api/src/registry.rs +++ b/codex-rs/ext/extension-api/src/registry.rs @@ -7,6 +7,7 @@ use crate::ConfigContributor; use crate::ContextContributor; use crate::ExtensionData; use crate::ExtensionEventSink; +use crate::McpServerContributor; use crate::NoopExtensionEventSink; use crate::ThreadLifecycleContributor; use crate::TokenUsageContributor; @@ -24,6 +25,7 @@ pub struct ExtensionRegistryBuilder { config_contributors: Vec>>, token_usage_contributors: Vec>, context_contributors: Vec>, + mcp_server_contributors: Vec>>, turn_input_contributors: Vec>, tool_contributors: Vec>, tool_lifecycle_contributors: Vec>, @@ -41,6 +43,7 @@ impl Default for ExtensionRegistryBuilder { token_usage_contributors: Vec::new(), approval_review_contributors: Vec::new(), context_contributors: Vec::new(), + mcp_server_contributors: Vec::new(), turn_input_contributors: Vec::new(), tool_contributors: Vec::new(), tool_lifecycle_contributors: Vec::new(), @@ -101,6 +104,11 @@ impl ExtensionRegistryBuilder { self.context_contributors.push(contributor); } + /// Registers one runtime MCP server contributor. + pub fn mcp_server_contributor(&mut self, contributor: Arc>) { + self.mcp_server_contributors.push(contributor); + } + /// Registers one turn-input contributor. pub fn turn_input_contributor(&mut self, contributor: Arc) { self.turn_input_contributors.push(contributor); @@ -131,6 +139,7 @@ impl ExtensionRegistryBuilder { token_usage_contributors: self.token_usage_contributors, approval_review_contributors: self.approval_review_contributors, context_contributors: self.context_contributors, + mcp_server_contributors: self.mcp_server_contributors, turn_input_contributors: self.turn_input_contributors, tool_contributors: self.tool_contributors, tool_lifecycle_contributors: self.tool_lifecycle_contributors, @@ -147,6 +156,7 @@ pub struct ExtensionRegistry { config_contributors: Vec>>, token_usage_contributors: Vec>, context_contributors: Vec>, + mcp_server_contributors: Vec>>, turn_input_contributors: Vec>, tool_contributors: Vec>, tool_lifecycle_contributors: Vec>, @@ -205,6 +215,11 @@ impl ExtensionRegistry { &self.context_contributors } + /// Returns the registered runtime MCP server contributors. + pub fn mcp_server_contributors(&self) -> &[Arc>] { + &self.mcp_server_contributors + } + /// Returns the registered turn-input contributors. pub fn turn_input_contributors(&self) -> &[Arc] { &self.turn_input_contributors diff --git a/codex-rs/ext/extension-api/src/state.rs b/codex-rs/ext/extension-api/src/state.rs index aab37f5059f..97152df5a3f 100644 --- a/codex-rs/ext/extension-api/src/state.rs +++ b/codex-rs/ext/extension-api/src/state.rs @@ -7,6 +7,32 @@ use std::sync::PoisonError; type ErasedData = Arc; +/// Typed values supplied before an [`ExtensionData`] scope is created. +/// +/// Hosts consume this value once to seed a scope before lifecycle contributors +/// run. It does not install extensions or provide persistence. +#[derive(Debug, Default)] +pub struct ExtensionDataInit { + entries: HashMap, +} + +impl ExtensionDataInit { + /// Creates an empty extension data initializer. + pub fn new() -> Self { + Self::default() + } + + /// Stores `value` as the initial attachment of type `T`. + pub fn insert(&mut self, value: T) -> Option> + where + T: Any + Send + Sync, + { + self.entries + .insert(TypeId::of::(), Arc::new(value)) + .map(downcast_data) + } +} + /// Typed extension-owned data attached to one host object. #[derive(Debug)] pub struct ExtensionData { @@ -17,9 +43,14 @@ pub struct ExtensionData { impl ExtensionData { /// Creates an empty attachment map for one host-owned scope. pub fn new(level_id: impl Into) -> Self { + Self::new_with_init(level_id, ExtensionDataInit::default()) + } + + /// Creates an attachment map seeded with host-supplied initial data. + pub fn new_with_init(level_id: impl Into, init: ExtensionDataInit) -> Self { Self { level_id: level_id.into(), - entries: Mutex::new(HashMap::new()), + entries: Mutex::new(init.entries), } } diff --git a/codex-rs/ext/extension-api/src/user_instructions.rs b/codex-rs/ext/extension-api/src/user_instructions.rs new file mode 100644 index 00000000000..d5fd63c1971 --- /dev/null +++ b/codex-rs/ext/extension-api/src/user_instructions.rs @@ -0,0 +1,41 @@ +use std::future::Future; +use std::pin::Pin; + +use codex_utils_absolute_path::AbsolutePathBuf; + +/// User instructions supplied by the host. +/// +/// `source` must be an absolute filesystem path because the app-server +/// `instructionSources` API currently exposes instruction sources as +/// `AbsolutePathBuf` values. +// TODO(anp): Replace the absolute path with a more general instruction-source +// abstraction when non-filesystem providers need first-class attribution. +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct UserInstructions { + /// Model-visible user instruction text. + pub text: String, + /// Absolute filesystem path reported through `instructionSources`. + pub source: AbsolutePathBuf, +} + +/// Result of loading host-provided user instructions. +#[derive(Clone, Debug, Default, Eq, PartialEq)] +pub struct LoadedUserInstructions { + /// Loaded instructions, or `None` when the provider has no applicable text. + pub instructions: Option, + /// Recoverable loading problems that should be surfaced during startup. + pub warnings: Vec, +} + +/// Future returned by a [`UserInstructionsProvider`]. +pub type LoadUserInstructionsFuture<'a> = + Pin + Send + 'a>>; + +/// Loads the user instructions that apply when a root thread runtime starts. +/// +/// Implementations should return any recoverable loading problems as warnings +/// while still returning usable fallback instructions when available. +pub trait UserInstructionsProvider: Send + Sync { + /// Loads the snapshot to use for a newly created root runtime. + fn load_user_instructions(&self) -> LoadUserInstructionsFuture<'_>; +} diff --git a/codex-rs/ext/extension-api/tests/capabilities.rs b/codex-rs/ext/extension-api/tests/capabilities.rs new file mode 100644 index 00000000000..c01b8f57231 --- /dev/null +++ b/codex-rs/ext/extension-api/tests/capabilities.rs @@ -0,0 +1,56 @@ +use std::sync::Arc; +use std::sync::Mutex; + +use codex_extension_api::AgentSpawnFuture; +use codex_extension_api::AgentSpawner; +use codex_extension_api::NoopResponseItemInjector; +use codex_extension_api::ResponseItemInjector; +use codex_protocol::ThreadId; +use codex_protocol::models::ContentItem; +use codex_protocol::models::ResponseInputItem; +use pretty_assertions::assert_eq; + +#[tokio::test] +async fn noop_response_item_injector_returns_original_items() { + let items = vec![ResponseInputItem::Message { + role: "user".to_string(), + content: vec![ContentItem::InputText { + text: "keep this input".to_string(), + }], + phase: None, + }]; + + let returned_items = NoopResponseItemInjector + .inject_response_items(items.clone()) + .await + .expect_err("noop injector should reject same-turn injection"); + + assert_eq!(returned_items, items); +} + +#[tokio::test] +async fn closure_agent_spawner_forwards_arguments_and_result() { + let calls = Arc::new(Mutex::new(Vec::new())); + let recorded_calls = Arc::clone(&calls); + let spawner = move |thread_id: ThreadId, + request: String| + -> AgentSpawnFuture<'static, usize, &'static str> { + recorded_calls + .lock() + .expect("agent spawn calls lock") + .push((thread_id, request.clone())); + Box::pin(async move { Ok(request.len()) }) + }; + let thread_id = + ThreadId::from_string("11111111-1111-4111-8111-111111111111").expect("valid thread id"); + + let spawned = spawner + .spawn_subagent(thread_id, "delegate this".to_string()) + .await; + + assert_eq!(spawned, Ok(13)); + assert_eq!( + calls.lock().expect("agent spawn calls lock").as_slice(), + [(thread_id, "delegate this".to_string())] + ); +} diff --git a/codex-rs/ext/extension-api/tests/registry.rs b/codex-rs/ext/extension-api/tests/registry.rs new file mode 100644 index 00000000000..42cb18af629 --- /dev/null +++ b/codex-rs/ext/extension-api/tests/registry.rs @@ -0,0 +1,375 @@ +use std::sync::Arc; +use std::sync::Mutex; + +use codex_extension_api::ApprovalReviewContributor; +use codex_extension_api::ConfigContributor; +use codex_extension_api::ContextContributor; +use codex_extension_api::ContextualUserFragment; +use codex_extension_api::ExtensionData; +use codex_extension_api::ExtensionEventSink; +use codex_extension_api::ExtensionFuture; +use codex_extension_api::ExtensionRegistryBuilder; +use codex_extension_api::PromptFragment; +use codex_extension_api::ThreadLifecycleContributor; +use codex_extension_api::TokenUsageContributor; +use codex_extension_api::ToolCall; +use codex_extension_api::ToolContributor; +use codex_extension_api::ToolExecutor; +use codex_extension_api::ToolLifecycleContributor; +use codex_extension_api::TurnInputContext; +use codex_extension_api::TurnInputContributor; +use codex_extension_api::TurnItemContributor; +use codex_extension_api::TurnLifecycleContributor; +use codex_extension_api::empty_extension_registry; +use codex_protocol::items::HookPromptItem; +use codex_protocol::items::TurnItem; +use codex_protocol::protocol::Event; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::ReviewDecision; +use codex_protocol::protocol::WarningEvent; +use pretty_assertions::assert_eq; + +struct AllContributors; + +impl ContextContributor for AllContributors { + fn contribute<'a>( + &'a self, + _session_store: &'a ExtensionData, + _thread_store: &'a ExtensionData, + ) -> ExtensionFuture<'a, Vec> { + Box::pin(std::future::ready(Vec::new())) + } +} + +impl ThreadLifecycleContributor<()> for AllContributors {} + +impl TurnLifecycleContributor for AllContributors {} + +impl ConfigContributor<()> for AllContributors {} + +impl TokenUsageContributor for AllContributors {} + +impl TurnInputContributor for AllContributors { + fn contribute<'a>( + &'a self, + input: TurnInputContext, + _session_store: &'a ExtensionData, + _thread_store: &'a ExtensionData, + _turn_store: &'a ExtensionData, + ) -> ExtensionFuture<'a, Vec>> { + Box::pin(async move { + let _self = self; + let _input = input; + Vec::new() + }) + } +} + +impl ToolContributor for AllContributors { + fn tools( + &self, + _session_store: &ExtensionData, + _thread_store: &ExtensionData, + ) -> Vec>> { + Vec::new() + } +} + +impl ToolLifecycleContributor for AllContributors {} + +impl TurnItemContributor for AllContributors { + fn contribute<'a>( + &'a self, + _thread_store: &'a ExtensionData, + _turn_store: &'a ExtensionData, + _item: &'a mut TurnItem, + ) -> ExtensionFuture<'a, Result<(), String>> { + Box::pin(async move { + let _self = self; + Ok(()) + }) + } +} + +impl ApprovalReviewContributor for AllContributors { + fn contribute<'a>( + &'a self, + _session_store: &'a ExtensionData, + _thread_store: &'a ExtensionData, + _prompt: &'a str, + ) -> ExtensionFuture<'a, Option> { + Box::pin(async move { + let _self = self; + Some(ReviewDecision::ApprovedForSession) + }) + } +} + +#[tokio::test] +async fn build_round_trips_every_contributor_category() { + let contributor = Arc::new(AllContributors); + let mut builder = ExtensionRegistryBuilder::<()>::new(); + builder.thread_lifecycle_contributor(contributor.clone()); + builder.turn_lifecycle_contributor(contributor.clone()); + builder.config_contributor(contributor.clone()); + builder.token_usage_contributor(contributor.clone()); + builder.prompt_contributor(contributor.clone()); + builder.turn_input_contributor(contributor.clone()); + builder.tool_contributor(contributor.clone()); + builder.tool_lifecycle_contributor(contributor.clone()); + builder.turn_item_contributor(contributor.clone()); + builder.approval_review_contributor(contributor); + let registry = builder.build(); + + assert_eq!(registry.thread_lifecycle_contributors().len(), 1); + assert_eq!(registry.turn_lifecycle_contributors().len(), 1); + assert_eq!(registry.config_contributors().len(), 1); + assert_eq!(registry.token_usage_contributors().len(), 1); + assert_eq!(registry.context_contributors().len(), 1); + assert_eq!(registry.turn_input_contributors().len(), 1); + assert_eq!(registry.tool_contributors().len(), 1); + assert_eq!(registry.tool_lifecycle_contributors().len(), 1); + assert_eq!(registry.turn_item_contributors().len(), 1); + assert_eq!( + registry + .approval_review( + &ExtensionData::new("session"), + &ExtensionData::new("thread"), + "review this", + ) + .await, + Some(ReviewDecision::ApprovedForSession) + ); +} + +struct NamedContextContributor(&'static str); + +impl ContextContributor for NamedContextContributor { + fn contribute<'a>( + &'a self, + _session_store: &'a ExtensionData, + _thread_store: &'a ExtensionData, + ) -> ExtensionFuture<'a, Vec> { + Box::pin(std::future::ready(vec![PromptFragment::developer_policy( + self.0, + )])) + } +} + +struct RecordingTurnItemContributor { + name: &'static str, + calls: Arc>>, +} + +impl TurnItemContributor for RecordingTurnItemContributor { + fn contribute<'a>( + &'a self, + _thread_store: &'a ExtensionData, + _turn_store: &'a ExtensionData, + _item: &'a mut TurnItem, + ) -> ExtensionFuture<'a, Result<(), String>> { + Box::pin(async move { + self.calls + .lock() + .unwrap_or_else(|error| panic!("turn item calls lock poisoned: {error}")) + .push(self.name); + Ok(()) + }) + } +} + +#[tokio::test] +async fn contributors_preserve_registration_order() { + let turn_item_calls = Arc::new(Mutex::new(Vec::new())); + let mut builder = ExtensionRegistryBuilder::<()>::new(); + builder.prompt_contributor(Arc::new(NamedContextContributor("first"))); + builder.prompt_contributor(Arc::new(NamedContextContributor("second"))); + for name in ["first", "second"] { + builder.turn_item_contributor(Arc::new(RecordingTurnItemContributor { + name, + calls: Arc::clone(&turn_item_calls), + })); + } + let registry = builder.build(); + let session_store = ExtensionData::new("session"); + let thread_store = ExtensionData::new("thread"); + let turn_store = ExtensionData::new("turn"); + + let mut fragments = Vec::new(); + for contributor in registry.context_contributors() { + fragments.extend(contributor.contribute(&session_store, &thread_store).await); + } + let mut item = TurnItem::HookPrompt(HookPromptItem { + id: "item".to_string(), + fragments: Vec::new(), + }); + for contributor in registry.turn_item_contributors() { + contributor + .contribute(&thread_store, &turn_store, &mut item) + .await + .expect("turn item contribution should succeed"); + } + + assert_eq!( + fragments, + vec![ + PromptFragment::developer_policy("first"), + PromptFragment::developer_policy("second"), + ] + ); + assert_eq!( + turn_item_calls + .lock() + .expect("turn item calls lock") + .as_slice(), + ["first", "second"] + ); +} + +#[derive(Debug, PartialEq, Eq)] +struct ApprovalCall { + contributor: &'static str, + session_id: String, + thread_id: String, + prompt: String, +} + +struct RecordingApprovalContributor { + name: &'static str, + decision: Option, + calls: Arc>>, +} + +impl ApprovalReviewContributor for RecordingApprovalContributor { + fn contribute<'a>( + &'a self, + session_store: &'a ExtensionData, + thread_store: &'a ExtensionData, + prompt: &'a str, + ) -> ExtensionFuture<'a, Option> { + Box::pin(async move { + self.calls + .lock() + .unwrap_or_else(|error| panic!("approval calls lock poisoned: {error}")) + .push(ApprovalCall { + contributor: self.name, + session_id: session_store.level_id().to_string(), + thread_id: thread_store.level_id().to_string(), + prompt: prompt.to_string(), + }); + self.decision.clone() + }) + } +} + +#[tokio::test] +async fn approval_review_returns_first_claim_and_short_circuits() { + let calls = Arc::new(Mutex::new(Vec::new())); + let mut builder = ExtensionRegistryBuilder::<()>::new(); + for (name, decision) in [ + ("first", None), + ("second", Some(ReviewDecision::Approved)), + ("third", Some(ReviewDecision::Denied)), + ] { + builder.approval_review_contributor(Arc::new(RecordingApprovalContributor { + name, + decision, + calls: Arc::clone(&calls), + })); + } + let registry = builder.build(); + + let decision = registry + .approval_review( + &ExtensionData::new("session-1"), + &ExtensionData::new("thread-1"), + "allow command?", + ) + .await; + + assert_eq!(decision, Some(ReviewDecision::Approved)); + assert_eq!( + calls.lock().expect("approval calls lock").as_slice(), + [ + ApprovalCall { + contributor: "first", + session_id: "session-1".to_string(), + thread_id: "thread-1".to_string(), + prompt: "allow command?".to_string(), + }, + ApprovalCall { + contributor: "second", + session_id: "session-1".to_string(), + thread_id: "thread-1".to_string(), + prompt: "allow command?".to_string(), + }, + ] + ); +} + +#[derive(Default)] +struct RecordingEventSink { + events: Mutex>, +} + +impl ExtensionEventSink for RecordingEventSink { + fn emit(&self, event: Event) { + let EventMsg::Warning(warning) = event.msg else { + panic!("test sink only accepts warning events"); + }; + self.events + .lock() + .unwrap_or_else(|error| panic!("recording event sink lock poisoned: {error}")) + .push((event.id, warning.message)); + } +} + +#[test] +fn custom_event_sink_survives_registry_build() { + let sink = Arc::new(RecordingEventSink::default()); + let builder = ExtensionRegistryBuilder::<()>::with_event_sink(sink.clone()); + + builder + .event_sink() + .emit(warning_event("builder", "before")); + let registry = builder.build(); + registry + .event_sink() + .emit(warning_event("registry", "after")); + + assert_eq!( + sink.events + .lock() + .expect("recording event sink lock") + .as_slice(), + [ + ("builder".to_string(), "before".to_string()), + ("registry".to_string(), "after".to_string()), + ] + ); +} + +#[tokio::test] +async fn empty_registry_does_not_claim_approval_review() { + let registry = empty_extension_registry::<()>(); + + assert_eq!( + registry + .approval_review( + &ExtensionData::new("session"), + &ExtensionData::new("thread"), + "unclaimed", + ) + .await, + None + ); +} + +fn warning_event(id: &str, message: &str) -> Event { + Event { + id: id.to_string(), + msg: EventMsg::Warning(WarningEvent { + message: message.to_string(), + }), + } +} diff --git a/codex-rs/ext/extension-api/tests/state.rs b/codex-rs/ext/extension-api/tests/state.rs new file mode 100644 index 00000000000..31b643c29b4 --- /dev/null +++ b/codex-rs/ext/extension-api/tests/state.rs @@ -0,0 +1,109 @@ +use std::panic::AssertUnwindSafe; +use std::sync::Arc; +use std::sync::atomic::AtomicUsize; +use std::sync::atomic::Ordering; + +use codex_extension_api::ExtensionData; +use pretty_assertions::assert_eq; + +#[test] +fn typed_values_can_be_inserted_replaced_and_removed() { + let data = ExtensionData::new("thread-1"); + + assert_eq!(data.insert(/*value*/ 41_u64), None); + assert_eq!(data.insert("alpha".to_string()), None); + assert_eq!(data.get::().as_deref(), Some(&41)); + assert_eq!( + data.get::().map(|value| value.as_str().to_string()), + Some("alpha".to_string()) + ); + + assert_eq!(data.insert(/*value*/ 42_u64).as_deref(), Some(&41)); + assert_eq!(data.get::().as_deref(), Some(&42)); + assert_eq!( + data.remove::() + .map(|value| value.as_str().to_string()), + Some("alpha".to_string()) + ); + assert_eq!(data.get::(), None); + assert_eq!(data.get::().as_deref(), Some(&42)); +} + +#[test] +fn get_or_init_initializes_once_and_returns_shared_value() { + const CALLER_COUNT: usize = 8; + + #[derive(Debug, PartialEq, Eq)] + struct SharedValue(usize); + + let data = Arc::new(ExtensionData::new("session")); + let callers_started = Arc::new(AtomicUsize::new(0)); + let initialization_count = Arc::new(AtomicUsize::new(0)); + + let handles: [_; CALLER_COUNT] = std::array::from_fn(|_| { + let data = Arc::clone(&data); + let callers_started = Arc::clone(&callers_started); + let initialization_count = Arc::clone(&initialization_count); + std::thread::spawn(move || { + callers_started.fetch_add(1, Ordering::SeqCst); + data.get_or_init(|| { + initialization_count.fetch_add(1, Ordering::SeqCst); + // Keep the first initializer active until every worker has attempted + // get_or_init, forcing callers to overlap on the same missing entry. + while callers_started.load(Ordering::SeqCst) < CALLER_COUNT { + std::thread::yield_now(); + } + SharedValue(7) + }) + }) + }); + let values = handles + .into_iter() + .map(|handle| handle.join().expect("initializer thread should succeed")) + .collect::>(); + + assert_eq!(initialization_count.load(Ordering::SeqCst), 1); + assert_eq!( + values.iter().map(Arc::as_ref).collect::>(), + vec![&SharedValue(7); CALLER_COUNT] + ); + assert!( + values + .iter() + .skip(1) + .all(|value| Arc::ptr_eq(&values[0], value)) + ); +} + +#[test] +fn stores_are_isolated_and_preserve_level_id() { + let session_data = ExtensionData::new("root-1"); + let thread_data = ExtensionData::new("root-1"); + + session_data.insert(/*value*/ 17_u32); + thread_data.insert("thread value".to_string()); + + assert_eq!(session_data.level_id(), "root-1"); + assert_eq!(thread_data.level_id(), "root-1"); + assert_eq!(session_data.get::().as_deref(), Some(&17)); + assert_eq!(session_data.get::(), None); + assert_eq!(thread_data.get::(), None); + assert_eq!( + thread_data + .get::() + .map(|value| value.as_str().to_string()), + Some("thread value".to_string()) + ); +} + +#[test] +fn store_remains_usable_after_panicking_initializer() { + let data = ExtensionData::new("turn-1"); + + let result = std::panic::catch_unwind(AssertUnwindSafe(|| { + data.get_or_init::(|| panic!("initializer failed")); + })); + + assert!(result.is_err()); + assert_eq!(*data.get_or_init(|| 99_u64), 99); +} diff --git a/codex-rs/ext/goal/Cargo.toml b/codex-rs/ext/goal/Cargo.toml index 6116383243a..4d75ba2f26a 100644 --- a/codex-rs/ext/goal/Cargo.toml +++ b/codex-rs/ext/goal/Cargo.toml @@ -14,7 +14,7 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } +codex-analytics = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } codex-otel = { workspace = true } diff --git a/codex-rs/ext/goal/src/analytics.rs b/codex-rs/ext/goal/src/analytics.rs new file mode 100644 index 00000000000..82d34962d19 --- /dev/null +++ b/codex-rs/ext/goal/src/analytics.rs @@ -0,0 +1,77 @@ +use codex_analytics::AnalyticsEventsClient; +use codex_analytics::CodexGoalEvent; +use codex_analytics::GoalEventKind; + +#[derive(Clone)] +pub(crate) struct GoalAnalytics { + client: AnalyticsEventsClient, +} + +pub(crate) enum GoalEventAttribution<'a> { + Turn(&'a str), + NoTurn, +} + +impl GoalAnalytics { + pub(crate) fn new(client: AnalyticsEventsClient) -> Self { + Self { client } + } + + pub(crate) fn created( + &self, + goal: &codex_state::ThreadGoal, + attribution: GoalEventAttribution<'_>, + ) { + self.track(goal, attribution, GoalEventKind::Created); + } + + pub(crate) fn usage_accounted( + &self, + goal: &codex_state::ThreadGoal, + attribution: GoalEventAttribution<'_>, + ) { + self.track(goal, attribution, GoalEventKind::UsageAccounted); + } + + pub(crate) fn status_changed( + &self, + goal: &codex_state::ThreadGoal, + previous_status: Option, + attribution: GoalEventAttribution<'_>, + ) { + if previous_status.is_some_and(|status| status != goal.status) { + self.track(goal, attribution, GoalEventKind::StatusChanged); + } + } + + pub(crate) fn cleared(&self, goal: &codex_state::ThreadGoal) { + self.track(goal, GoalEventAttribution::NoTurn, GoalEventKind::Cleared); + } + + fn track( + &self, + goal: &codex_state::ThreadGoal, + attribution: GoalEventAttribution<'_>, + event_kind: GoalEventKind, + ) { + let (cumulative_tokens_accounted, cumulative_time_accounted_seconds) = match event_kind { + GoalEventKind::UsageAccounted => (Some(goal.tokens_used), Some(goal.time_used_seconds)), + GoalEventKind::Created | GoalEventKind::StatusChanged | GoalEventKind::Cleared => { + (None, None) + } + }; + self.client.track_goal_event(CodexGoalEvent { + thread_id: goal.thread_id.to_string(), + turn_id: match attribution { + GoalEventAttribution::Turn(turn_id) => Some(turn_id.to_string()), + GoalEventAttribution::NoTurn => None, + }, + goal_id: goal.goal_id.clone(), + event_kind, + goal_status: goal.status, + has_token_budget: goal.token_budget.is_some(), + cumulative_tokens_accounted, + cumulative_time_accounted_seconds, + }); + } +} diff --git a/codex-rs/ext/goal/src/api.rs b/codex-rs/ext/goal/src/api.rs index 0e23c295a21..a4dc93409ee 100644 --- a/codex-rs/ext/goal/src/api.rs +++ b/codex-rs/ext/goal/src/api.rs @@ -124,7 +124,19 @@ impl GoalService { .map_err(GoalServiceError::InvalidRequest)?; } - if let Some(runtime) = self.runtime_for_thread(thread_id) + let runtime = self.runtime_for_thread(thread_id); + // Hold this through the prepare/write window so idle continuation cannot + // launch from goal state that this external mutation is about to change. + let _goal_state_permit = match runtime.as_ref() { + Some(runtime) => Some( + runtime + .goal_state_permit() + .await + .map_err(GoalServiceError::Internal)?, + ), + None => None, + }; + if let Some(runtime) = runtime.as_ref() && let Err(err) = runtime.prepare_external_goal_mutation().await { tracing::warn!("failed to prepare external goal mutation: {err}"); @@ -229,23 +241,37 @@ impl GoalService { state_db: &codex_state::StateRuntime, thread_id: ThreadId, ) -> Result { - if let Some(runtime) = self.runtime_for_thread(thread_id) + let runtime = self.runtime_for_thread(thread_id); + // Hold this through the prepare/write window so idle continuation cannot + // launch from goal state that this external mutation is about to change. + let goal_state_permit = match runtime.as_ref() { + Some(runtime) => Some( + runtime + .goal_state_permit() + .await + .map_err(GoalServiceError::Internal)?, + ), + None => None, + }; + if let Some(runtime) = runtime.as_ref() && let Err(err) = runtime.prepare_external_goal_mutation().await { tracing::warn!("failed to prepare external goal mutation: {err}"); } - let cleared = state_db + let cleared_goal = state_db .thread_goals() .delete_thread_goal(thread_id) .await .map_err(|err| { GoalServiceError::Internal(format!("failed to clear thread goal: {err}")) })?; + let cleared = cleared_goal.is_some(); + drop(goal_state_permit); + drop(runtime); - if cleared - && let Some(runtime) = self.runtime_for_thread(thread_id) - && let Err(err) = runtime.apply_external_goal_clear().await + if let (Some(runtime), Some(goal)) = (self.runtime_for_thread(thread_id), cleared_goal) + && let Err(err) = runtime.apply_external_goal_clear(goal).await { tracing::warn!("failed to apply external goal clear runtime effects: {err}"); } diff --git a/codex-rs/ext/goal/src/extension.rs b/codex-rs/ext/goal/src/extension.rs index 563c40b5033..8e5b20e7f5b 100644 --- a/codex-rs/ext/goal/src/extension.rs +++ b/codex-rs/ext/goal/src/extension.rs @@ -1,11 +1,12 @@ use std::sync::Arc; use std::sync::Weak; -use async_trait::async_trait; +use codex_analytics::AnalyticsEventsClient; use codex_core::ThreadManager; use codex_extension_api::ConfigContributor; use codex_extension_api::ExtensionData; use codex_extension_api::ExtensionEventSink; +use codex_extension_api::ExtensionFuture; use codex_extension_api::ExtensionRegistryBuilder; use codex_extension_api::ThreadIdleInput; use codex_extension_api::ThreadLifecycleContributor; @@ -33,9 +34,11 @@ use codex_protocol::protocol::TokenUsageInfo; use crate::accounting::BudgetLimitedGoalDisposition; use crate::accounting::GoalAccountingState; +use crate::analytics::GoalAnalytics; use crate::api::GoalService; use crate::events::GoalEventEmitter; use crate::metrics::GoalMetrics; +use crate::runtime::ActiveGoalStopReason; use crate::runtime::GoalRuntimeConfig; use crate::runtime::GoalRuntimeHandle; use crate::spec::UPDATE_GOAL_TOOL_NAME; @@ -56,6 +59,7 @@ impl GoalExtensionConfig { #[derive(Clone)] pub struct GoalExtension { state_dbs: Arc, + analytics: GoalAnalytics, event_emitter: GoalEventEmitter, metrics: GoalMetrics, thread_manager: Weak, @@ -72,6 +76,7 @@ impl std::fmt::Debug for GoalExtension { impl GoalExtension { pub(crate) fn new_with_host_capabilities( state_dbs: Arc, + analytics_events_client: AnalyticsEventsClient, event_sink: Arc, metrics_client: Option, thread_manager: Weak, @@ -80,6 +85,7 @@ impl GoalExtension { ) -> Self { Self { state_dbs, + analytics: GoalAnalytics::new(analytics_events_client), event_emitter: GoalEventEmitter::new(event_sink), metrics: GoalMetrics::new(metrics_client), thread_manager, @@ -89,75 +95,83 @@ impl GoalExtension { } } -#[async_trait] impl ThreadLifecycleContributor for GoalExtension where C: Send + Sync + 'static, { - async fn on_thread_start(&self, input: ThreadStartInput<'_, C>) { - let enabled = (self.goals_enabled)(input.config); - let tools_available_for_thread = input.persistent_thread_state_available - && !matches!( - input.session_source, - SessionSource::SubAgent(SubAgentSource::Review) - ); - input - .thread_store - .insert(GoalExtensionConfig::from_enabled(enabled)); - let accounting_state = input - .thread_store - .get_or_init::(GoalAccountingState::default); - let Ok(thread_id) = ThreadId::from_string(input.thread_store.level_id()) else { - return; - }; - let runtime = input.thread_store.get_or_init::(|| { - GoalRuntimeHandle::new( - thread_id, - Arc::clone(&self.state_dbs), - self.event_emitter.clone(), - self.metrics.clone(), - self.thread_manager.clone(), - accounting_state, - GoalRuntimeConfig { - enabled, - tools_available_for_thread, - }, - ) - }); - runtime.set_enabled(enabled); - self.goal_service.register_runtime(&runtime); + fn on_thread_start<'a>(&'a self, input: ThreadStartInput<'a, C>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let enabled = (self.goals_enabled)(input.config); + let tools_available_for_thread = input.persistent_thread_state_available + && !matches!( + input.session_source, + SessionSource::SubAgent(SubAgentSource::Review) + ); + input + .thread_store + .insert(GoalExtensionConfig::from_enabled(enabled)); + let accounting_state = input + .thread_store + .get_or_init::(GoalAccountingState::default); + let Ok(thread_id) = ThreadId::from_string(input.thread_store.level_id()) else { + return; + }; + let runtime = input.thread_store.get_or_init::(|| { + GoalRuntimeHandle::new( + thread_id, + Arc::clone(&self.state_dbs), + self.event_emitter.clone(), + self.metrics.clone(), + self.thread_manager.clone(), + accounting_state, + GoalRuntimeConfig { + analytics: self.analytics.clone(), + enabled, + tools_available_for_thread, + }, + ) + }); + runtime.set_enabled(enabled); + self.goal_service.register_runtime(&runtime); + }) } - async fn on_thread_resume(&self, input: ThreadResumeInput<'_>) { - let Some(runtime) = goal_runtime_handle(input.thread_store) else { - return; - }; + fn on_thread_resume<'a>(&'a self, input: ThreadResumeInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(input.thread_store) else { + return; + }; - if let Err(err) = runtime.restore_after_resume().await { - tracing::warn!( - "failed to restore goal runtime after thread resume for {}: {err}", - runtime.thread_id() - ); - } + if let Err(err) = runtime.restore_after_resume().await { + tracing::warn!( + "failed to restore goal runtime after thread resume for {}: {err}", + runtime.thread_id() + ); + } + }) } - async fn on_thread_idle(&self, input: ThreadIdleInput<'_>) { - let Some(runtime) = goal_runtime_handle(input.thread_store) else { - return; - }; + fn on_thread_idle<'a>(&'a self, input: ThreadIdleInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(input.thread_store) else { + return; + }; - if let Err(err) = runtime.continue_if_idle().await { - tracing::warn!( - "failed to continue active goal for idle thread {}: {err}", - runtime.thread_id() - ); - } + if let Err(err) = runtime.continue_if_idle().await { + tracing::warn!( + "failed to continue active goal for idle thread {}: {err}", + runtime.thread_id() + ); + } + }) } - async fn on_thread_stop(&self, input: ThreadStopInput<'_>) { - if let Some(runtime) = goal_runtime_handle(input.thread_store) { - self.goal_service.unregister_runtime(&runtime); - } + fn on_thread_stop<'a>(&'a self, input: ThreadStopInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + if let Some(runtime) = goal_runtime_handle(input.thread_store) { + self.goal_service.unregister_runtime(&runtime); + } + }) } } @@ -180,145 +194,161 @@ where } } -#[async_trait] impl TurnLifecycleContributor for GoalExtension where C: Send + Sync + 'static, { - async fn on_turn_start(&self, input: TurnStartInput<'_>) { - let Some(runtime) = goal_runtime_handle(input.thread_store) else { - return; - }; - if !runtime.is_enabled() { - return; - } + fn on_turn_start<'a>(&'a self, input: TurnStartInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(input.thread_store) else { + return; + }; + if !runtime.is_enabled() { + return; + } - let accounting = runtime.accounting_state(); - accounting.start_turn( - input.turn_id, - input.collaboration_mode.mode, - input.token_usage_at_turn_start, - ); - if matches!( - input.collaboration_mode.mode, - codex_protocol::config_types::ModeKind::Plan - ) { - accounting.clear_current_turn_goal(); - return; - } - let Ok(goal) = self - .state_dbs - .thread_goals() - .get_thread_goal(runtime.thread_id()) - .await - else { - return; - }; - if let Some(goal) = goal - && matches!( - goal.status, - codex_state::ThreadGoalStatus::Active - | codex_state::ThreadGoalStatus::BudgetLimited - ) - { - accounting.mark_turn_goal_active(input.turn_id, goal.goal_id); - } + let accounting = runtime.accounting_state(); + accounting.start_turn( + input.turn_id, + input.collaboration_mode.mode, + input.token_usage_at_turn_start, + ); + if matches!( + input.collaboration_mode.mode, + codex_protocol::config_types::ModeKind::Plan + ) { + accounting.clear_current_turn_goal(); + return; + } + let Ok(goal) = self + .state_dbs + .thread_goals() + .get_thread_goal(runtime.thread_id()) + .await + else { + return; + }; + if let Some(goal) = goal + && matches!( + goal.status, + codex_state::ThreadGoalStatus::Active + | codex_state::ThreadGoalStatus::BudgetLimited + ) + { + accounting.mark_turn_goal_active(input.turn_id, goal.goal_id); + } + }) } - async fn on_turn_stop(&self, input: TurnStopInput<'_>) { - let Some(runtime) = goal_runtime_handle(input.thread_store) else { - return; - }; - if !runtime.is_enabled() { - return; - } + fn on_turn_stop<'a>(&'a self, input: TurnStopInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(input.thread_store) else { + return; + }; + if !runtime.is_enabled() { + return; + } - let turn_id = input.turn_store.level_id(); - if let Err(err) = runtime - .account_active_goal_progress( - turn_id, - &format!("{turn_id}:turn-stop"), - codex_state::GoalAccountingMode::ActiveOnly, - BudgetLimitedGoalDisposition::ClearActive, - ) - .await - { - tracing::warn!( - "failed to account active goal progress at turn stop for {turn_id}: {err}" - ); - return; - } - runtime.accounting_state().finish_turn(turn_id); + let turn_id = input.turn_store.level_id(); + if let Err(err) = runtime + .account_active_goal_progress( + turn_id, + &format!("{turn_id}:turn-stop"), + codex_state::GoalAccountingMode::ActiveOnly, + BudgetLimitedGoalDisposition::ClearActive, + ) + .await + { + tracing::warn!( + "failed to account active goal progress at turn stop for {turn_id}: {err}" + ); + return; + } + runtime.accounting_state().finish_turn(turn_id); + }) } - async fn on_turn_abort(&self, input: TurnAbortInput<'_>) { - let Some(runtime) = goal_runtime_handle(input.thread_store) else { - return; - }; - if !runtime.is_enabled() { - return; - } + fn on_turn_abort<'a>(&'a self, input: TurnAbortInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(input.thread_store) else { + return; + }; + if !runtime.is_enabled() { + return; + } - let turn_id = input.turn_store.level_id(); - if let Err(err) = runtime - .account_active_goal_progress( - turn_id, - &format!("{turn_id}:turn-abort"), - codex_state::GoalAccountingMode::ActiveOnly, - BudgetLimitedGoalDisposition::ClearActive, - ) - .await - { - tracing::warn!( - "failed to account active goal progress after turn abort for {turn_id}: {err}" - ); - return; - } - runtime.accounting_state().finish_turn(turn_id); + let turn_id = input.turn_store.level_id(); + if let Err(err) = runtime + .account_active_goal_progress( + turn_id, + &format!("{turn_id}:turn-abort"), + codex_state::GoalAccountingMode::ActiveOnly, + BudgetLimitedGoalDisposition::ClearActive, + ) + .await + { + tracing::warn!( + "failed to account active goal progress after turn abort for {turn_id}: {err}" + ); + return; + } + runtime.accounting_state().finish_turn(turn_id); + }) } - async fn on_turn_error(&self, input: TurnErrorInput<'_>) { - if input.error != CodexErrorInfo::UsageLimitExceeded { - return; - } - let Some(runtime) = goal_runtime_handle(input.thread_store) else { - return; - }; + fn on_turn_error<'a>(&'a self, input: TurnErrorInput<'a>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(input.thread_store) else { + return; + }; - if let Err(err) = runtime - .usage_limit_active_goal_for_turn(input.turn_id) - .await - { - tracing::warn!("failed to usage-limit active goal after usage-limit error: {err}"); - } + let reason = match input.error { + CodexErrorInfo::UsageLimitExceeded => ActiveGoalStopReason::UsageLimit, + // The turn has ended because the error was non-retryable or its + // retries were exhausted. Block the goal to prevent automatic + // continuation from looping and consuming tokens, as can happen + // with compaction errors. + _ => ActiveGoalStopReason::TurnError, + }; + if let Err(err) = runtime + .stop_active_goal_for_turn(input.turn_id, reason) + .await + { + tracing::warn!( + error = ?input.error, + "failed to stop active goal after turn error: {err}" + ); + } + }) } } -#[async_trait] impl TokenUsageContributor for GoalExtension where C: Send + Sync + 'static, { - async fn on_token_usage( - &self, - _session_store: &ExtensionData, - thread_store: &ExtensionData, - turn_store: &ExtensionData, - token_usage: &TokenUsageInfo, - ) { - let Some(runtime) = goal_runtime_handle(thread_store) else { - return; - }; - if !runtime.is_enabled() { - return; - } + fn on_token_usage<'a>( + &'a self, + _session_store: &'a ExtensionData, + thread_store: &'a ExtensionData, + turn_store: &'a ExtensionData, + token_usage: &'a TokenUsageInfo, + ) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Some(runtime) = goal_runtime_handle(thread_store) else { + return; + }; + if !runtime.is_enabled() { + return; + } - let Some(_recorded) = runtime - .accounting_state() - .record_token_usage(turn_store.level_id(), &token_usage.total_token_usage) - else { - return; - }; + let Some(_recorded) = runtime + .accounting_state() + .record_token_usage(turn_store.level_id(), &token_usage.total_token_usage) + else { + return; + }; + }) } } @@ -394,6 +424,7 @@ where runtime.thread_id(), Arc::clone(&self.state_dbs), runtime.accounting_state(), + self.analytics.clone(), self.event_emitter.clone(), self.metrics.clone(), )), @@ -401,6 +432,7 @@ where runtime.thread_id(), Arc::clone(&self.state_dbs), runtime.accounting_state(), + self.analytics.clone(), self.event_emitter.clone(), self.metrics.clone(), )), @@ -408,6 +440,7 @@ where runtime.thread_id(), Arc::clone(&self.state_dbs), runtime.accounting_state(), + self.analytics.clone(), self.event_emitter.clone(), self.metrics.clone(), )), @@ -418,6 +451,7 @@ where pub fn install_with_backend( registry: &mut ExtensionRegistryBuilder, state_dbs: Arc, + analytics_events_client: AnalyticsEventsClient, metrics_client: Option, thread_manager: Weak, goal_service: Arc, @@ -427,6 +461,7 @@ pub fn install_with_backend( { let extension = Arc::new(GoalExtension::new_with_host_capabilities( state_dbs, + analytics_events_client, registry.event_sink(), metrics_client, thread_manager, diff --git a/codex-rs/ext/goal/src/lib.rs b/codex-rs/ext/goal/src/lib.rs index 8433e1f7df7..ccd091affce 100644 --- a/codex-rs/ext/goal/src/lib.rs +++ b/codex-rs/ext/goal/src/lib.rs @@ -1,10 +1,7 @@ -//! Extension crate sketch for the `/goal` feature. -//! -//! This crate is intentionally not wired into the host yet. It contains the -//! goal tool specs, extension registration shape, and the parts of runtime -//! accounting that can be represented with today's extension API. +//! Extension crate for the `/goal` feature. mod accounting; +mod analytics; mod api; mod events; mod extension; diff --git a/codex-rs/ext/goal/src/runtime.rs b/codex-rs/ext/goal/src/runtime.rs index b58d1244e6b..2f2202cbb86 100644 --- a/codex-rs/ext/goal/src/runtime.rs +++ b/codex-rs/ext/goal/src/runtime.rs @@ -10,11 +10,15 @@ use codex_protocol::protocol::ThreadGoal; use crate::accounting::BudgetLimitedGoalDisposition; use crate::accounting::GoalAccountingState; +use crate::analytics::GoalAnalytics; +use crate::analytics::GoalEventAttribution; use crate::events::GoalEventEmitter; use crate::metrics::GoalMetrics; use crate::steering::continuation_steering_item; use crate::steering::objective_updated_steering_item; use crate::tool::protocol_goal_from_state; +use tokio::sync::Semaphore; +use tokio::sync::SemaphorePermit; #[derive(Clone)] pub struct GoalRuntimeHandle { @@ -22,19 +26,27 @@ pub struct GoalRuntimeHandle { } pub(crate) struct GoalRuntimeConfig { + pub(crate) analytics: GoalAnalytics, pub(crate) enabled: bool, pub(crate) tools_available_for_thread: bool, } +pub(crate) enum ActiveGoalStopReason { + TurnError, + UsageLimit, +} + struct GoalRuntimeInner { thread_id: ThreadId, state_dbs: Arc, + analytics: GoalAnalytics, event_emitter: GoalEventEmitter, metrics: GoalMetrics, thread_manager: Weak, accounting_state: Arc, enabled: AtomicBool, tools_available_for_thread: bool, + goal_state_lock: Semaphore, } pub(crate) struct AccountedGoalProgress { @@ -79,12 +91,14 @@ impl GoalRuntimeHandle { inner: Arc::new(GoalRuntimeInner { thread_id, state_dbs, + analytics: config.analytics, event_emitter, metrics, thread_manager, accounting_state, enabled: AtomicBool::new(config.enabled), tools_available_for_thread: config.tools_available_for_thread, + goal_state_lock: Semaphore::new(/*permits*/ 1), }), } } @@ -109,6 +123,14 @@ impl GoalRuntimeHandle { Arc::clone(&self.inner.accounting_state) } + pub(crate) async fn goal_state_permit(&self) -> Result, String> { + self.inner + .goal_state_lock + .acquire() + .await + .map_err(|err| err.to_string()) + } + pub async fn prepare_external_goal_mutation(&self) -> Result<(), String> { if !self.is_enabled() { return Ok(()); @@ -148,6 +170,9 @@ impl GoalRuntimeHandle { .is_some_and(|previous_goal| previous_goal.goal_id != goal.goal_id); if previous_goal.is_none() || replaced_existing_goal { self.inner.metrics.record_created(); + self.inner + .analytics + .created(&goal, GoalEventAttribution::NoTurn); } let previous_status = previous_goal .as_ref() @@ -158,6 +183,9 @@ impl GoalRuntimeHandle { self.inner .metrics .record_terminal_if_status_changed(previous_status, &goal); + self.inner + .analytics + .status_changed(&goal, previous_status, GoalEventAttribution::NoTurn); let objective_changed = previous_goal.as_ref().is_some_and(|previous_goal| { !replaced_existing_goal && previous_goal.objective != goal.objective }); @@ -194,20 +222,37 @@ impl GoalRuntimeHandle { Ok(()) } - pub async fn apply_external_goal_clear(&self) -> Result<(), String> { + pub async fn apply_external_goal_clear( + &self, + goal: codex_state::ThreadGoal, + ) -> Result<(), String> { if !self.is_enabled() { return Ok(()); } + self.inner.analytics.cleared(&goal); self.inner.accounting_state.clear_active_goal(); Ok(()) } pub async fn usage_limit_active_goal_for_turn(&self, turn_id: &str) -> Result<(), String> { + self.stop_active_goal_for_turn(turn_id, ActiveGoalStopReason::UsageLimit) + .await + } + + /// Accounts the ending turn and stops its active goal after a terminal error. + pub(crate) async fn stop_active_goal_for_turn( + &self, + turn_id: &str, + reason: ActiveGoalStopReason, + ) -> Result<(), String> { if !self.is_enabled() { return Ok(()); } + // Hold this through accounting and the status update so external goal + // mutations and idle continuation cannot interleave between them. + let _goal_state_permit = self.goal_state_permit().await?; if !self .inner .accounting_state @@ -216,23 +261,54 @@ impl GoalRuntimeHandle { return Ok(()); } - let progress_event_id = format!("{turn_id}:usage-limit-progress"); + let (event_name, status) = match reason { + ActiveGoalStopReason::TurnError => { + ("turn-error", codex_state::ThreadGoalStatus::Blocked) + } + ActiveGoalStopReason::UsageLimit => { + ("usage-limit", codex_state::ThreadGoalStatus::UsageLimited) + } + }; self.account_active_goal_progress( turn_id, - progress_event_id.as_str(), + &format!("{turn_id}:{event_name}-progress"), codex_state::GoalAccountingMode::ActiveOnly, BudgetLimitedGoalDisposition::ClearActive, ) .await?; - let previous_status = self - .current_goal_status_for_metrics(/*expected_goal_id*/ None) - .await?; + let Some(active_goal) = self + .inner + .state_dbs + .thread_goals() + .get_thread_goal(self.thread_id()) + .await + .map_err(|err| err.to_string())? + else { + self.inner.accounting_state.clear_active_goal(); + return Ok(()); + }; + let can_stop = active_goal.status == codex_state::ThreadGoalStatus::Active + || (active_goal.status == codex_state::ThreadGoalStatus::BudgetLimited + && status == codex_state::ThreadGoalStatus::UsageLimited); + if !can_stop { + self.inner.accounting_state.clear_active_goal(); + return Ok(()); + } + let previous_status = Some(active_goal.status); let Some(goal) = self .inner .state_dbs .thread_goals() - .usage_limit_active_thread_goal(self.thread_id()) + .update_thread_goal( + self.thread_id(), + codex_state::GoalUpdate { + objective: None, + status: Some(status), + token_budget: None, + expected_goal_id: Some(active_goal.goal_id), + }, + ) .await .map_err(|err| err.to_string())? else { @@ -241,10 +317,15 @@ impl GoalRuntimeHandle { self.inner .metrics .record_terminal_if_status_changed(previous_status, &goal); + self.inner.analytics.status_changed( + &goal, + previous_status, + GoalEventAttribution::Turn(turn_id), + ); self.inner.accounting_state.clear_active_goal(); let goal = protocol_goal_from_state(goal); self.inner.event_emitter.thread_goal_updated( - format!("{turn_id}:usage-limit"), + format!("{turn_id}:{event_name}"), Some(turn_id.to_string()), goal, ); @@ -280,6 +361,18 @@ impl GoalRuntimeHandle { self.inner.accounting_state.clear_active_goal(); return Ok(()); } + // Hold this through the read/start window so external set/clear cannot + // change the goal after we read it but before the continuation launches. + let _goal_state_permit = self.goal_state_permit().await?; + + let Some(thread_manager) = self.inner.thread_manager.upgrade() else { + tracing::debug!("skipping goal continuation because thread manager is unavailable"); + return Ok(()); + }; + let Ok(thread) = thread_manager.get_thread(self.inner.thread_id).await else { + tracing::debug!("skipping goal continuation because live thread is unavailable"); + return Ok(()); + }; let Some(goal) = self .inner @@ -296,16 +389,7 @@ impl GoalRuntimeHandle { self.inner.accounting_state.clear_active_goal(); return Ok(()); } - let item = continuation_steering_item(&protocol_goal_from_state(goal)); - let Some(thread_manager) = self.inner.thread_manager.upgrade() else { - tracing::debug!("skipping goal continuation because thread manager is unavailable"); - return Ok(()); - }; - let Ok(thread) = thread_manager.get_thread(self.inner.thread_id).await else { - tracing::debug!("skipping goal continuation because live thread is unavailable"); - return Ok(()); - }; if let Err(err) = thread.try_start_turn_if_idle(vec![item]).await { let reason = err.reason(); @@ -381,6 +465,14 @@ impl GoalRuntimeHandle { self.inner .metrics .record_terminal_if_status_changed(previous_status, &goal); + self.inner + .analytics + .usage_accounted(&goal, GoalEventAttribution::Turn(turn_id)); + self.inner.analytics.status_changed( + &goal, + previous_status, + GoalEventAttribution::Turn(turn_id), + ); accounting.mark_progress_accounted_for_status( turn_id, &snapshot, @@ -435,6 +527,14 @@ impl GoalRuntimeHandle { self.inner .metrics .record_terminal_if_status_changed(previous_status, &goal); + self.inner + .analytics + .usage_accounted(&goal, GoalEventAttribution::NoTurn); + self.inner.analytics.status_changed( + &goal, + previous_status, + GoalEventAttribution::NoTurn, + ); accounting.mark_idle_progress_accounted_for_status( &snapshot, goal.status, diff --git a/codex-rs/ext/goal/src/spec.rs b/codex-rs/ext/goal/src/spec.rs index 70e89e4fbb6..6b97a24e9cd 100644 --- a/codex-rs/ext/goal/src/spec.rs +++ b/codex-rs/ext/goal/src/spec.rs @@ -27,14 +27,15 @@ pub fn create_create_goal_tool() -> ToolSpec { ( "objective".to_string(), JsonSchema::string(Some( - "Required. The concrete objective to start pursuing. This starts a new active goal only when no goal is currently defined; if a goal already exists, this tool fails." + "Required. The concrete objective to start pursuing. This starts a new active goal when no goal exists or replaces the current goal when it is complete." .to_string(), )), ), ( "token_budget".to_string(), JsonSchema::integer(Some( - "Optional positive token budget for the new active goal.".to_string(), + "Positive token budget for the new goal. Omit unless explicitly requested." + .to_string(), )), ), ]); @@ -43,7 +44,7 @@ pub fn create_create_goal_tool() -> ToolSpec { name: CREATE_GOAL_TOOL_NAME.to_string(), description: format!( r#"Create a goal only when explicitly requested by the user or system/developer instructions; do not infer goals from ordinary tasks. -Set token_budget only when an explicit token budget is requested. Fails if a goal exists; use {UPDATE_GOAL_TOOL_NAME} only for status."# +Set token_budget only when an explicit token budget is requested. Fails if an unfinished goal exists; use {UPDATE_GOAL_TOOL_NAME} only for status."# ), strict: false, defer_loading: None, @@ -62,7 +63,7 @@ pub fn create_update_goal_tool() -> ToolSpec { JsonSchema::string_enum( vec![json!("complete"), json!("blocked")], Some( - "Required. Set to complete only when the objective is achieved and no required work remains. Set to blocked only when the goal cannot currently proceed without a user decision, missing dependency, or external unblock." + "Required. Set to `complete` only when the objective is achieved and no required work remains. Set to `blocked` only after the same blocking condition has recurred for at least three consecutive goal turns and the agent is at an impasse. After a previously blocked goal is resumed, the resumed run starts a fresh blocked audit." .to_string(), ), ), @@ -71,11 +72,14 @@ pub fn create_update_goal_tool() -> ToolSpec { ToolSpec::Function(ResponsesApiTool { name: UPDATE_GOAL_TOOL_NAME.to_string(), description: r#"Update the existing goal. -Use this tool only to mark the goal achieved or blocked. +Use this tool only to mark the goal achieved or genuinely blocked. Set status to `complete` only when the objective has actually been achieved and no required work remains. -Set status to `blocked` only when the goal cannot currently proceed until something external changes. +Set status to `blocked` only when the same blocking condition has repeated for at least three consecutive goal turns, counting the original/user-triggered turn and any automatic continuations, and the agent cannot make meaningful progress without user input or an external-state change. +If the user resumes a goal that was previously marked `blocked`, treat the resumed run as a fresh blocked audit. If the same blocking condition then repeats for at least three consecutive resumed goal turns, set status to `blocked` again. +Once the blocked threshold is satisfied, do not keep reporting that you are still blocked while leaving the goal active; set status to `blocked`. +Do not use `blocked` merely because the work is hard, slow, uncertain, incomplete, or would benefit from clarification. Do not mark a goal complete merely because its budget is nearly exhausted or because you are stopping work. -You cannot use this tool to pause, resume, or budget-limit a goal; those status changes are controlled by the user or system. +You cannot use this tool to pause, resume, budget-limit, or usage-limit a goal; those status changes are controlled by the user or system. When marking a budgeted goal achieved with status `complete`, report the final token usage from the tool result to the user."# .to_string(), strict: false, diff --git a/codex-rs/ext/goal/src/tool.rs b/codex-rs/ext/goal/src/tool.rs index 17947aa343f..d280f6e04b6 100644 --- a/codex-rs/ext/goal/src/tool.rs +++ b/codex-rs/ext/goal/src/tool.rs @@ -1,6 +1,5 @@ use std::sync::Arc; -use async_trait::async_trait; use codex_extension_api::FunctionCallError; use codex_extension_api::JsonToolOutput; use codex_extension_api::ToolCall; @@ -17,6 +16,8 @@ use serde::Serialize; use crate::accounting::BudgetLimitedGoalDisposition; use crate::accounting::GoalAccountingState; +use crate::analytics::GoalAnalytics; +use crate::analytics::GoalEventAttribution; use crate::events::GoalEventEmitter; use crate::metrics::GoalMetrics; use crate::spec::CREATE_GOAL_TOOL_NAME; @@ -32,6 +33,7 @@ pub(crate) struct GoalToolExecutor { thread_id: ThreadId, state_db: Arc, accounting_state: Arc, + analytics: GoalAnalytics, event_emitter: GoalEventEmitter, metrics: GoalMetrics, } @@ -75,6 +77,7 @@ impl GoalToolExecutor { thread_id: ThreadId, state_db: Arc, accounting_state: Arc, + analytics: GoalAnalytics, event_emitter: GoalEventEmitter, metrics: GoalMetrics, ) -> Self { @@ -83,6 +86,7 @@ impl GoalToolExecutor { thread_id, state_db, accounting_state, + analytics, event_emitter, metrics, } @@ -92,6 +96,7 @@ impl GoalToolExecutor { thread_id: ThreadId, state_db: Arc, accounting_state: Arc, + analytics: GoalAnalytics, event_emitter: GoalEventEmitter, metrics: GoalMetrics, ) -> Self { @@ -100,6 +105,7 @@ impl GoalToolExecutor { thread_id, state_db, accounting_state, + analytics, event_emitter, metrics, } @@ -109,6 +115,7 @@ impl GoalToolExecutor { thread_id: ThreadId, state_db: Arc, accounting_state: Arc, + analytics: GoalAnalytics, event_emitter: GoalEventEmitter, metrics: GoalMetrics, ) -> Self { @@ -117,13 +124,13 @@ impl GoalToolExecutor { thread_id, state_db, accounting_state, + analytics, event_emitter, metrics, } } } -#[async_trait] impl ToolExecutor for GoalToolExecutor { fn tool_name(&self) -> ToolName { ToolName::plain(match self.kind { @@ -141,12 +148,14 @@ impl ToolExecutor for GoalToolExecutor { } } - async fn handle(&self, invocation: ToolCall) -> Result, FunctionCallError> { - match self.kind { - GoalToolKind::Get => self.handle_get(invocation).await, - GoalToolKind::Create => self.handle_create(invocation).await, - GoalToolKind::Update => self.handle_update(invocation).await, - } + fn handle(&self, invocation: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(async move { + match self.kind { + GoalToolKind::Get => self.handle_get(invocation).await, + GoalToolKind::Create => self.handle_create(invocation).await, + GoalToolKind::Update => self.handle_update(invocation).await, + } + }) } } @@ -191,7 +200,7 @@ impl GoalToolExecutor { .map_err(|err| FunctionCallError::RespondToModel(format!("failed to create goal: {err}")))? .ok_or_else(|| { FunctionCallError::RespondToModel( - "cannot create a new goal because this thread already has a goal; use update_goal only when the existing goal is complete" + "cannot create a new goal because this thread has an unfinished goal; complete the existing goal first" .to_string(), ) })?; @@ -200,6 +209,10 @@ impl GoalToolExecutor { .accounting_state .mark_current_turn_goal_active(goal.goal_id.clone()); self.metrics.record_created(); + self.analytics.created( + &goal, + GoalEventAttribution::Turn(invocation.turn_id.as_str()), + ); let goal = protocol_goal_from_state(goal); self.emit_goal_updated_from_tool_call(&invocation, turn_id, goal.clone()); goal_response(Some(goal), CompletionBudgetReport::Omit) @@ -259,6 +272,11 @@ impl GoalToolExecutor { })?; self.metrics .record_terminal_if_status_changed(previous_status, &goal); + self.analytics.status_changed( + &goal, + previous_status, + GoalEventAttribution::Turn(invocation.turn_id.as_str()), + ); let goal = protocol_goal_from_state(goal); let turn_id = self.accounting_state.clear_current_turn_goal(); self.emit_goal_updated_from_tool_call(&invocation, turn_id, goal.clone()); @@ -324,6 +342,13 @@ impl GoalToolExecutor { codex_state::GoalAccountingOutcome::Updated(goal) => { self.metrics .record_terminal_if_status_changed(previous_status, &goal); + self.analytics + .usage_accounted(&goal, GoalEventAttribution::Turn(turn_id.as_str())); + self.analytics.status_changed( + &goal, + previous_status, + GoalEventAttribution::Turn(turn_id.as_str()), + ); self.accounting_state.mark_progress_accounted_for_status( turn_id.as_str(), &snapshot, diff --git a/codex-rs/ext/goal/tests/goal_extension_backend.rs b/codex-rs/ext/goal/tests/goal_extension_backend.rs index 3c437a08896..13492a66992 100644 --- a/codex-rs/ext/goal/tests/goal_extension_backend.rs +++ b/codex-rs/ext/goal/tests/goal_extension_backend.rs @@ -4,6 +4,7 @@ use std::sync::PoisonError; use std::sync::Weak; use std::time::Duration; +use codex_analytics::AnalyticsEventsClient; use codex_extension_api::ExtensionData; use codex_extension_api::ExtensionEventSink; use codex_extension_api::ExtensionRegistryBuilder; @@ -124,7 +125,7 @@ async fn goal_tools_hidden_for_review_subagents() -> anyhow::Result<()> { } #[tokio::test] -async fn installed_goal_tools_reject_duplicate_goal_creation() -> anyhow::Result<()> { +async fn installed_goal_tools_only_replace_complete_goal() -> anyhow::Result<()> { let runtime = test_runtime().await?; let thread_id = test_thread_id()?; seed_thread_metadata(runtime.as_ref(), thread_id).await?; @@ -152,10 +153,31 @@ async fn installed_goal_tools_reject_duplicate_goal_creation() -> anyhow::Result assert_eq!( err, FunctionCallError::RespondToModel( - "cannot create a new goal because this thread already has a goal; use update_goal only when the existing goal is complete" + "cannot create a new goal because this thread has an unfinished goal; complete the existing goal first" .to_string() ) ); + + let update_tool = tool_by_name(&tools, "update_goal"); + update_tool + .handle(tool_call( + "update_goal", + "call-complete-goal", + json!({ "status": "complete" }), + )) + .await?; + + let invocation = tool_call( + "create_goal", + "call-create-goal-3", + json!({ "objective": "replacement goal" }), + ); + let output = create_tool.handle(invocation.clone()).await?; + let result = output.code_mode_result(&invocation.payload); + + assert_eq!(json!("replacement goal"), result["goal"]["objective"]); + assert_eq!(json!("active"), result["goal"]["status"]); + assert_eq!(json!(0), result["goal"]["tokensUsed"]); Ok(()) } @@ -494,18 +516,9 @@ async fn turn_error_usage_limit_accounts_progress_and_clears_accounting() -> any ), ) .await; - let turn_store = ExtensionData::new("turn-1"); - for contributor in harness.registry.turn_lifecycle_contributors() { - contributor - .on_turn_error(TurnErrorInput { - turn_id: "turn-1", - error: CodexErrorInfo::UsageLimitExceeded, - session_store: &harness.session_store, - thread_store: &harness.thread_store, - turn_store: &turn_store, - }) - .await; - } + harness + .notify_turn_error("turn-1", CodexErrorInfo::UsageLimitExceeded) + .await; let goal = runtime .thread_goals() @@ -557,6 +570,36 @@ async fn turn_error_usage_limit_accounts_progress_and_clears_accounting() -> any Ok(()) } +#[tokio::test] +async fn turn_error_blocks_goal() -> anyhow::Result<()> { + let runtime = test_runtime().await?; + let thread_id = test_thread_id()?; + seed_thread_metadata(runtime.as_ref(), thread_id).await?; + let harness = GoalExtensionHarness::new(runtime.clone(), thread_id).await?; + harness.start_turn("turn-1", &TokenUsage::default()).await; + + let tools = harness.tools(); + tool_by_name(&tools, "create_goal") + .handle(tool_call( + "create_goal", + "call-create-goal", + json!({ "objective": "ship goal extension backend" }), + )) + .await?; + + harness + .notify_turn_error("turn-1", CodexErrorInfo::Other) + .await; + + let goal = runtime + .thread_goals() + .get_thread_goal(thread_id) + .await? + .ok_or_else(|| anyhow::anyhow!("goal should exist"))?; + assert_eq!(codex_state::ThreadGoalStatus::Blocked, goal.status); + Ok(()) +} + #[tokio::test] async fn usage_limit_budget_limited_goal_accounts_remaining_progress() -> anyhow::Result<()> { let runtime = test_runtime().await?; @@ -1072,6 +1115,7 @@ async fn installed_tools_with_start( install_with_backend( &mut builder, runtime, + AnalyticsEventsClient::disabled(), /*metrics_client*/ None, Weak::new(), goal_service, @@ -1122,6 +1166,7 @@ impl GoalExtensionHarness { install_with_backend( &mut builder, runtime, + AnalyticsEventsClient::disabled(), /*metrics_client*/ None, Weak::new(), Arc::clone(&goal_service), @@ -1255,6 +1300,21 @@ impl GoalExtensionHarness { } } + async fn notify_turn_error(&self, turn_id: &str, error: CodexErrorInfo) { + let turn_store = ExtensionData::new(turn_id); + for contributor in self.registry.turn_lifecycle_contributors() { + contributor + .on_turn_error(TurnErrorInput { + turn_id, + error: error.clone(), + session_store: &self.session_store, + thread_store: &self.thread_store, + turn_store: &turn_store, + }) + .await; + } + } + fn runtime_handle(&self) -> Arc { self.thread_store .get::() @@ -1281,6 +1341,7 @@ fn tool_call(tool_name: &str, call_id: &str, arguments: serde_json::Value) -> To truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload: ToolPayload::Function { arguments: arguments.to_string(), }, diff --git a/codex-rs/ext/guardian/Cargo.toml b/codex-rs/ext/guardian/Cargo.toml index 53e553ec1c5..513254b7cf7 100644 --- a/codex-rs/ext/guardian/Cargo.toml +++ b/codex-rs/ext/guardian/Cargo.toml @@ -14,7 +14,6 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } codex-protocol = { workspace = true } diff --git a/codex-rs/ext/guardian/src/lib.rs b/codex-rs/ext/guardian/src/lib.rs index 0591887c25d..a64cf4fed40 100644 --- a/codex-rs/ext/guardian/src/lib.rs +++ b/codex-rs/ext/guardian/src/lib.rs @@ -3,6 +3,7 @@ use std::sync::Arc; use codex_core::config::Config; use codex_extension_api::AgentSpawnFuture; use codex_extension_api::AgentSpawner; +use codex_extension_api::ExtensionFuture; use codex_extension_api::ExtensionRegistryBuilder; use codex_extension_api::ThreadLifecycleContributor; use codex_extension_api::ThreadStartInput; @@ -47,18 +48,23 @@ impl GuardianThreadContext { } } -#[async_trait::async_trait] impl ThreadLifecycleContributor for GuardianExtension where S: Send + Sync, { - async fn on_thread_start(&self, input: ThreadStartInput<'_, Config>) { - let Ok(forked_from_thread_id) = ThreadId::from_string(input.thread_store.level_id()) else { - return; - }; - input.thread_store.insert(GuardianThreadContext { - forked_from_thread_id, - }); + fn on_thread_start<'a>( + &'a self, + input: ThreadStartInput<'a, Config>, + ) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let Ok(forked_from_thread_id) = ThreadId::from_string(input.thread_store.level_id()) + else { + return; + }; + input.thread_store.insert(GuardianThreadContext { + forked_from_thread_id, + }); + }) } } diff --git a/codex-rs/ext/image-generation/Cargo.toml b/codex-rs/ext/image-generation/Cargo.toml index 995f1786bc5..393709a82d1 100644 --- a/codex-rs/ext/image-generation/Cargo.toml +++ b/codex-rs/ext/image-generation/Cargo.toml @@ -13,16 +13,17 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } codex-api = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } -codex-features = { workspace = true } codex-login = { workspace = true } codex-model-provider = { workspace = true } codex-model-provider-info = { workspace = true } codex-protocol = { workspace = true } codex-tools = { workspace = true } +codex-utils-absolute-path = { workspace = true } +codex-utils-image = { workspace = true } +codex-utils-path-uri = { workspace = true } http = { workspace = true } schemars = { workspace = true } serde = { workspace = true, features = ["derive"] } @@ -30,3 +31,4 @@ serde_json = { workspace = true } [dev-dependencies] pretty_assertions = { workspace = true } +tokio = { workspace = true, features = ["macros", "rt"] } diff --git a/codex-rs/ext/image-generation/imagegen_description.md b/codex-rs/ext/image-generation/imagegen_description.md index 7ae6ecb5fa9..53e66201353 100644 --- a/codex-rs/ext/image-generation/imagegen_description.md +++ b/codex-rs/ext/image-generation/imagegen_description.md @@ -4,8 +4,14 @@ The `image_gen.imagegen` tool enables image generation from descriptions and edi - The user wants to modify an attached or previously generated image with specific changes, including adding or removing elements, altering colors, improving quality/resolution, or transforming the style (e.g., cartoon, oil painting). Guidelines: -- Set `action` to `generate` when the user asks for a brand new image. -- Set `action` to `edit` when the user asks to modify an existing image from the conversation history. -- Directly generate the image without reconfirmation or clarification. +- In code mode, pass the result to `generatedImage(result)`. +- Omit both `referenced_image_paths` and `num_last_images_to_include` when generating a brand new image. +- For edits, use `referenced_image_paths` when every target image has a local file path. +- If you have not seen a local image yet, use `view_image` to inspect it before editing. +- Use `num_last_images_to_include` only when at least one target image has no local file path. +- Set `num_last_images_to_include` to the smallest number of recent conversation images that includes every target image, up to 5. +- Never provide both `referenced_image_paths` and `num_last_images_to_include`. +- If neither mechanism can include every target image, ask the user to attach the missing images again. +- Directly generate the image without reconfirmation or clarification unless required images must be attached again. - After each image generation, do not mention anything related to download. Do not summarize the image. Do not ask followup question. Do not say ANYTHING after you generate an image. - Always use this tool for image editing unless the user explicitly requests otherwise. Do not use the `python` tool for image editing unless specifically instructed. diff --git a/codex-rs/ext/image-generation/src/extension.rs b/codex-rs/ext/image-generation/src/extension.rs index f7a9f2406f1..6a0016c037f 100644 --- a/codex-rs/ext/image-generation/src/extension.rs +++ b/codex-rs/ext/image-generation/src/extension.rs @@ -3,16 +3,17 @@ use std::sync::Arc; use codex_core::config::Config; use codex_extension_api::ConfigContributor; use codex_extension_api::ExtensionData; +use codex_extension_api::ExtensionFuture; use codex_extension_api::ExtensionRegistryBuilder; use codex_extension_api::ThreadLifecycleContributor; use codex_extension_api::ThreadStartInput; use codex_extension_api::ToolCall; use codex_extension_api::ToolContributor; use codex_extension_api::ToolExecutor; -use codex_features::Feature; use codex_login::AuthManager; use codex_model_provider::create_model_provider; use codex_model_provider_info::ModelProviderInfo; +use codex_utils_absolute_path::AbsolutePathBuf; use crate::backend::CodexImagesBackend; use crate::tool::ImageGenerationTool; @@ -24,28 +25,34 @@ struct ImageGenerationExtension { #[derive(Clone)] struct ImageGenerationExtensionConfig { - enabled: bool, + available: bool, provider: ModelProviderInfo, + codex_home: AbsolutePathBuf, } impl From<&Config> for ImageGenerationExtensionConfig { /// Resolves whether standalone image generation should be available for a thread. fn from(config: &Config) -> Self { Self { - enabled: config.features.enabled(Feature::ImageGenExt) - && config.model_provider.is_openai(), + // Core selects this executor per turn using the feature flag or model metadata. + available: config.model_provider.is_openai(), provider: config.model_provider.clone(), + codex_home: config.codex_home.clone(), } } } -#[async_trait::async_trait] impl ThreadLifecycleContributor for ImageGenerationExtension { /// Seeds image-generation availability when a thread begins. - async fn on_thread_start(&self, input: ThreadStartInput<'_, Config>) { - input - .thread_store - .insert(ImageGenerationExtensionConfig::from(input.config)); + fn on_thread_start<'a>( + &'a self, + input: ThreadStartInput<'a, Config>, + ) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + input + .thread_store + .insert(ImageGenerationExtensionConfig::from(input.config)); + }) } } @@ -72,17 +79,22 @@ impl ToolContributor for ImageGenerationExtension { let Some(config) = thread_store.get::() else { return Vec::new(); }; - if !config.enabled || !self.auth_manager.current_auth_uses_codex_backend() { + if !config.available || !self.auth_manager.current_auth_uses_codex_backend() { return Vec::new(); } - vec![Arc::new(ImageGenerationTool::new(CodexImagesBackend::new( - create_model_provider(config.provider.clone(), Some(self.auth_manager.clone())), - )))] + vec![Arc::new(ImageGenerationTool::new( + CodexImagesBackend::new(create_model_provider( + config.provider.clone(), + Some(self.auth_manager.clone()), + )), + config.codex_home.clone(), + thread_store.level_id().to_string(), + ))] } } -/// Installs the feature-gated standalone image-generation extension contributors. +/// Installs the standalone image-generation extension contributors. pub fn install(registry: &mut ExtensionRegistryBuilder, auth_manager: Arc) { let extension = Arc::new(ImageGenerationExtension { auth_manager }); registry.thread_lifecycle_contributor(extension.clone()); diff --git a/codex-rs/ext/image-generation/src/tests.rs b/codex-rs/ext/image-generation/src/tests.rs index 44f2d80ebe1..f0f483a2aad 100644 --- a/codex-rs/ext/image-generation/src/tests.rs +++ b/codex-rs/ext/image-generation/src/tests.rs @@ -3,6 +3,7 @@ use codex_api::ImageEditRequest; use codex_api::ImageGenerationRequest; use codex_api::ImageQuality; use codex_api::ImageUrl; +use codex_core::context::extension_image_generation_output_hint; use codex_extension_api::ToolOutput; use codex_extension_api::ToolPayload; use codex_extension_api::ToolSpec; @@ -18,10 +19,9 @@ use pretty_assertions::assert_eq; use super::GeneratedImageOutput; use super::ImageRequest; -use super::ImagegenAction; use super::ImagegenArgs; use super::imagegen_tool_spec; -use super::request_for_action; +use super::request_for_call_args; use crate::IMAGE_GEN_NAMESPACE; use crate::IMAGEGEN_TOOL_NAME; @@ -37,11 +37,20 @@ fn uses_reserved_image_gen_namespace() { assert_eq!(function.name, IMAGEGEN_TOOL_NAME); } -#[test] -fn generate_uses_fixed_request_defaults() { +#[tokio::test] +async fn omitted_references_generate_with_fixed_defaults() { assert_eq!( - request_for_action(&args(ImagegenAction::Generate, "paint a moonlit lake"), &[]) - .expect("generation request should build"), + request_for_call_args( + &ImagegenArgs { + prompt: "paint a moonlit lake".to_string(), + referenced_image_paths: None, + num_last_images_to_include: None, + }, + &[], + &[], + ) + .await + .expect("generation request should build"), ImageRequest::Generate(ImageGenerationRequest { prompt: "paint a moonlit lake".to_string(), background: Some(ImageBackground::Auto), @@ -53,220 +62,246 @@ fn generate_uses_fixed_request_defaults() { ); } -#[test] -fn generated_output_returns_image_input() { - let output = GeneratedImageOutput { - result: RESULT.to_string(), - }; - - let ResponseInputItem::FunctionCallOutput { - output: response_output, - .. - } = output.to_response_item("call-1", &function_payload()) - else { - panic!("imagegen should return function tool output"); - }; - let FunctionCallOutputBody::ContentItems(content_items) = response_output.body else { - panic!("imagegen output should contain generated image bytes"); - }; - assert_eq!( - content_items, - vec![FunctionCallOutputContentItem::InputImage { - image_url: format!("data:image/png;base64,{RESULT}"), - detail: Some(DEFAULT_IMAGE_DETAIL), - }] - ); -} - -#[test] -fn edit_matches_context_selector_for_generated_images_after_latest_user_anchor() { +#[tokio::test] +async fn recent_image_fallback_selects_newest_images_in_chronological_order() { let history = vec![ - generated_item("g1"), - generated_item("g2"), - generated_item("g3"), ResponseItem::Message { id: None, role: "user".to_string(), content: vec![ - ContentItem::InputImage { - image_url: "data:image/png;base64,u1".to_string(), - detail: None, - }, - ContentItem::InputImage { - image_url: "data:image/png;base64,u2".to_string(), - detail: None, + input_image("user-1"), + input_image("user-2"), + ContentItem::InputText { + text: "edit these".to_string(), }, ], phase: None, }, - generated_item("g4"), - generated_item("g5"), - generated_item("g6"), - generated_item("g7"), + ResponseItem::FunctionCall { + id: None, + name: "mcp_image".to_string(), + namespace: None, + arguments: "{}".to_string(), + call_id: "mcp-call".to_string(), + }, + ResponseItem::FunctionCallOutput { + call_id: "mcp-call".to_string(), + output: image_output("mcp"), + }, + ResponseItem::CustomToolCall { + id: None, + status: Some("completed".to_string()), + call_id: "code-mode-call".to_string(), + name: "exec".to_string(), + input: String::new(), + }, + ResponseItem::CustomToolCallOutput { + call_id: "code-mode-call".to_string(), + name: Some("exec".to_string()), + output: image_output("code-mode"), + }, + ResponseItem::ImageGenerationCall { + id: "generated-call".to_string(), + status: "completed".to_string(), + revised_prompt: None, + result: "generated".to_string(), + }, + ResponseItem::FunctionCallOutput { + call_id: "orphan-call".to_string(), + output: image_output("orphan"), + }, ]; assert_eq!( - edit_request("change the lighting", &history), - expected_edit_request( - "change the lighting", - &[ - "data:image/png;base64,u1", - "data:image/png;base64,u2", - "data:image/png;base64,g5", - "data:image/png;base64,g6", - "data:image/png;base64,g7", - ] + request_for_call_args( + &ImagegenArgs { + prompt: "change the lighting".to_string(), + referenced_image_paths: None, + num_last_images_to_include: Some(4), + }, + &history, + &[], ) + .await + .expect("history-backed edit request should build"), + ImageRequest::Edit(expected_edit_request( + "change the lighting", + &["user-2", "mcp", "code-mode", "generated"], + )) ); } -#[test] -fn edit_preserves_a_generated_image_when_user_anchor_fills_the_limit() { - let history = vec![ - ResponseItem::Message { - id: None, - role: "user".to_string(), - content: ["a", "b", "c", "d", "e"] - .into_iter() - .map(|image| ContentItem::InputImage { - image_url: format!("data:image/png;base64,{image}"), - detail: None, - }) - .collect(), - phase: None, +#[tokio::test] +async fn conflicting_image_selectors_return_tool_error() { + let error = request_for_call_args( + &ImagegenArgs { + prompt: "change the lighting".to_string(), + referenced_image_paths: Some(vec![ + "/tmp/image.png" + .try_into() + .expect("test path should be absolute"), + ]), + num_last_images_to_include: Some(1), }, - generated_item("generated"), - ]; + &[], + &[], + ) + .await + .expect_err("conflicting selectors should fail"); assert_eq!( - edit_request("edit the last generated image", &history), - expected_edit_request( - "edit the last generated image", - &[ - "data:image/png;base64,b", - "data:image/png;base64,c", - "data:image/png;base64,d", - "data:image/png;base64,e", - "data:image/png;base64,generated", - ] - ) + error.to_string(), + "provide only one of `referenced_image_paths` or `num_last_images_to_include`" ); } -#[test] -fn edit_uses_latest_user_upload_before_a_text_only_follow_up() { - let history = vec![ - ResponseItem::Message { - id: None, - role: "user".to_string(), - content: vec![ContentItem::InputImage { - image_url: "data:image/png;base64,user".to_string(), - detail: None, - }], - phase: None, +#[tokio::test] +async fn too_many_referenced_image_paths_return_tool_error() { + let error = request_for_call_args( + &ImagegenArgs { + prompt: "change the lighting".to_string(), + referenced_image_paths: Some( + (0..6) + .map(|index| { + format!("/tmp/image-{index}.png") + .try_into() + .expect("test path should be absolute") + }) + .collect(), + ), + num_last_images_to_include: None, }, - ResponseItem::Message { + &[], + &[], + ) + .await + .expect_err("too many paths should fail before reading files"); + + assert_eq!( + error.to_string(), + "`referenced_image_paths` must contain at most 5 paths" + ); +} + +#[tokio::test] +async fn recent_image_fallback_requires_requested_count() { + let error = request_for_call_args( + &ImagegenArgs { + prompt: "change the lighting".to_string(), + referenced_image_paths: None, + num_last_images_to_include: Some(2), + }, + &[ResponseItem::Message { id: None, role: "user".to_string(), - content: vec![ContentItem::InputText { - text: "edit this image".to_string(), - }], + content: vec![input_image("only-image")], phase: None, - }, - ]; + }], + &[], + ) + .await + .expect_err("history-backed edit should require the requested image count"); assert_eq!( - edit_request("change the lighting", &history), - expected_edit_request("change the lighting", &["data:image/png;base64,user"]) + error.to_string(), + "requested the last 2 conversation images, but only 1 were available" ); } #[test] -fn edit_reuses_images_from_prior_standalone_imagegen_calls() { - let history = vec![ - ResponseItem::FunctionCall { - id: None, - name: IMAGEGEN_TOOL_NAME.to_string(), - namespace: Some(IMAGE_GEN_NAMESPACE.to_string()), - arguments: "{}".to_string(), - call_id: "imagegen-1".to_string(), - }, - generated_function_output("imagegen-1", "standalone"), - ]; +fn generated_output_returns_image_input_and_output_hint() { + let output_hint = + extension_image_generation_output_hint("/tmp", "/tmp/call-1.png").expect("hint should fit"); + let output = GeneratedImageOutput { + result: RESULT.to_string(), + output_hint: Some(output_hint.clone()), + }; + let ResponseInputItem::FunctionCallOutput { + output: response_output, + .. + } = output.to_response_item("call-1", &function_payload()) + else { + panic!("imagegen should return function tool output"); + }; + let FunctionCallOutputBody::ContentItems(content_items) = response_output.body else { + panic!("imagegen output should contain generated image bytes"); + }; assert_eq!( - edit_request("change the lighting", &history), - expected_edit_request("change the lighting", &["data:image/png;base64,standalone"]) + content_items, + vec![ + FunctionCallOutputContentItem::InputImage { + image_url: format!("data:image/png;base64,{RESULT}"), + detail: Some(DEFAULT_IMAGE_DETAIL), + }, + FunctionCallOutputContentItem::InputText { text: output_hint }, + ] ); } #[test] -fn edit_keeps_newest_standalone_generated_images_when_over_limit() { - let history = (1..=6) - .flat_map(|index| { - let call_id = format!("imagegen-{index}"); - vec![ - ResponseItem::FunctionCall { - id: None, - name: IMAGEGEN_TOOL_NAME.to_string(), - namespace: Some(IMAGE_GEN_NAMESPACE.to_string()), - arguments: "{}".to_string(), - call_id: call_id.clone(), - }, - generated_function_output(&call_id, &index.to_string()), - ] - }) - .collect::>(); +fn generated_output_returns_generated_image_helper_input_in_code_mode() { + let output = GeneratedImageOutput { + result: RESULT.to_string(), + output_hint: Some("generated image save hint".to_string()), + }; assert_eq!( - edit_request("change the lighting", &history), - expected_edit_request( - "change the lighting", - &[ - "data:image/png;base64,2", - "data:image/png;base64,3", - "data:image/png;base64,4", - "data:image/png;base64,5", - "data:image/png;base64,6", - ] - ) + output.code_mode_result(&function_payload()), + serde_json::json!({ + "image_url": format!("data:image/png;base64,{RESULT}"), + "output_hint": "generated image save hint", + }) ); } #[test] -fn edit_without_image_history_returns_tool_error() { - let error = request_for_action(&args(ImagegenAction::Edit, "change the lighting"), &[]) - .expect_err("edit should require image context"); +fn generated_output_omits_oversized_output_hint() { + let long_path = "x".repeat(1024); + let output = GeneratedImageOutput { + result: RESULT.to_string(), + output_hint: extension_image_generation_output_hint("/tmp", long_path), + }; + let ResponseInputItem::FunctionCallOutput { + output: response_output, + .. + } = output.to_response_item("call-1", &function_payload()) + else { + panic!("imagegen should return function tool output"); + }; + let FunctionCallOutputBody::ContentItems(content_items) = response_output.body else { + panic!("imagegen output should contain generated image bytes"); + }; assert_eq!( - error.to_string(), - "image edit requested without any usable image in conversation history" + content_items, + vec![FunctionCallOutputContentItem::InputImage { + image_url: format!("data:image/png;base64,{RESULT}"), + detail: Some(DEFAULT_IMAGE_DETAIL), + }] ); } -fn args(action: ImagegenAction, prompt: &str) -> ImagegenArgs { - ImagegenArgs { - prompt: prompt.to_string(), - action, +fn input_image(image: &str) -> ContentItem { + ContentItem::InputImage { + image_url: format!("data:image/png;base64,{image}"), + detail: None, } } -fn edit_request(prompt: &str, history: &[ResponseItem]) -> ImageEditRequest { - let ImageRequest::Edit(request) = - request_for_action(&args(ImagegenAction::Edit, prompt), history) - .expect("edit request should build") - else { - panic!("expected edit request"); - }; - request +fn image_output(image: &str) -> FunctionCallOutputPayload { + FunctionCallOutputPayload::from_content_items(vec![FunctionCallOutputContentItem::InputImage { + image_url: format!("data:image/png;base64,{image}"), + detail: None, + }]) } fn expected_edit_request(prompt: &str, images: &[&str]) -> ImageEditRequest { ImageEditRequest { images: images .iter() - .map(|image_url| ImageUrl { - image_url: (*image_url).to_string(), + .map(|image| ImageUrl { + image_url: format!("data:image/png;base64,{image}"), }) .collect(), prompt: prompt.to_string(), @@ -278,33 +313,6 @@ fn expected_edit_request(prompt: &str, images: &[&str]) -> ImageEditRequest { } } -fn generated_item(result: &str) -> ResponseItem { - ResponseItem::ImageGenerationCall { - id: format!("id-{result}"), - status: "completed".to_string(), - revised_prompt: None, - result: result.to_string(), - } -} - -fn generated_function_output(call_id: &str, result: &str) -> ResponseItem { - ResponseItem::FunctionCallOutput { - call_id: call_id.to_string(), - output: FunctionCallOutputPayload { - body: FunctionCallOutputBody::ContentItems(vec![ - FunctionCallOutputContentItem::InputImage { - image_url: format!("data:image/png;base64,{result}"), - detail: Some(DEFAULT_IMAGE_DETAIL), - }, - FunctionCallOutputContentItem::InputText { - text: "generated image save hint".to_string(), - }, - ]), - success: Some(true), - }, - } -} - fn function_payload() -> ToolPayload { ToolPayload::Function { arguments: "{}".to_string(), diff --git a/codex-rs/ext/image-generation/src/tool.rs b/codex-rs/ext/image-generation/src/tool.rs index e4e8e13135a..2cbb0ab9f38 100644 --- a/codex-rs/ext/image-generation/src/tool.rs +++ b/codex-rs/ext/image-generation/src/tool.rs @@ -1,11 +1,16 @@ +use std::collections::HashSet; + use codex_api::ImageBackground; use codex_api::ImageEditRequest; use codex_api::ImageGenerationRequest; use codex_api::ImageQuality; use codex_api::ImageUrl; +use codex_core::context::extension_image_generation_output_hint; +use codex_core::image_generation_artifact_path; use codex_extension_api::ExtensionTurnItem; use codex_extension_api::FunctionCallError; use codex_extension_api::ToolCall; +use codex_extension_api::ToolEnvironment; use codex_extension_api::ToolExecutor; use codex_extension_api::ToolName; use codex_extension_api::ToolOutput; @@ -25,6 +30,10 @@ use codex_tools::ResponsesApiNamespaceTool; use codex_tools::ResponsesApiTool; use codex_tools::ToolExposure; use codex_tools::default_namespace_description; +use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_image::PromptImageMode; +use codex_utils_image::load_for_prompt_bytes; +use codex_utils_path_uri::PathUri; use schemars::JsonSchema; use schemars::r#gen::SchemaSettings; use serde::Deserialize; @@ -42,12 +51,22 @@ const IMAGEGEN_DESCRIPTION: &str = include_str!("../imagegen_description.md"); #[derive(Clone)] pub(crate) struct ImageGenerationTool { backend: CodexImagesBackend, + codex_home: AbsolutePathBuf, + thread_id: String, } impl ImageGenerationTool { /// Creates an image-generation tool backed by an image API executor. - pub(crate) fn new(backend: CodexImagesBackend) -> Self { - Self { backend } + pub(crate) fn new( + backend: CodexImagesBackend, + codex_home: AbsolutePathBuf, + thread_id: String, + ) -> Self { + Self { + backend, + codex_home, + thread_id, + } } } @@ -55,24 +74,19 @@ impl ImageGenerationTool { #[serde(deny_unknown_fields)] struct ImagegenArgs { prompt: String, - action: ImagegenAction, -} - -#[derive(Debug, Deserialize, JsonSchema)] -#[serde(rename_all = "lowercase")] -enum ImagegenAction { - Generate, - Edit, + #[schemars(length(max = 5))] + referenced_image_paths: Option>, + #[schemars(range(min = 1, max = 5))] + num_last_images_to_include: Option, } -#[async_trait::async_trait] impl ToolExecutor for ImageGenerationTool { /// Keeps the tool in the existing image-generation Responses namespace. fn tool_name(&self) -> ToolName { ToolName::namespaced(IMAGE_GEN_NAMESPACE, IMAGEGEN_TOOL_NAME) } - /// Advertises the model contract: a rewritten prompt and semantic action. + /// Advertises the model contract: a rewritten prompt and optional edit references. fn spec(&self) -> ToolSpec { imagegen_tool_spec() } @@ -83,9 +97,17 @@ impl ToolExecutor for ImageGenerationTool { } /// Executes the selected image operation and returns the completed image result. - async fn handle(&self, call: ToolCall) -> Result, FunctionCallError> { + fn handle(&self, call: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl ImageGenerationTool { + async fn handle_call(&self, call: ToolCall) -> Result, FunctionCallError> { let args = parse_args(&call)?; - let request = request_for_action(&args, call.conversation_history.items())?; + let request = + request_for_call_args(&args, call.conversation_history.items(), &call.environments) + .await?; call.turn_item_emitter .emit_started(ExtensionTurnItem::ImageGeneration(ImageGenerationItem { id: call.call_id.clone(), @@ -116,7 +138,17 @@ impl ToolExecutor for ImageGenerationTool { saved_path: None, })) .await; - Ok(Box::new(GeneratedImageOutput { result })) + let output_path = + image_generation_artifact_path(&self.codex_home, &self.thread_id, &call.call_id); + let output_dir = output_path + .parent() + .unwrap_or_else(|| self.codex_home.clone()); + let output_hint = + extension_image_generation_output_hint(output_dir.display(), output_path.display()); + Ok(Box::new(GeneratedImageOutput { + result, + output_hint, + })) } } @@ -126,105 +158,135 @@ enum ImageRequest { Edit(ImageEditRequest), } -/// Maps the model-selected action to the fixed image API request parameters. -fn request_for_action( +async fn request_for_call_args( args: &ImagegenArgs, history: &[ResponseItem], + environments: &[ToolEnvironment], ) -> Result { - match args.action { - ImagegenAction::Generate => Ok(ImageRequest::Generate(ImageGenerationRequest { - prompt: args.prompt.clone(), - background: Some(ImageBackground::Auto), - model: IMAGE_MODEL.to_string(), - n: None, - quality: Some(ImageQuality::Auto), - size: Some("auto".to_string()), - })), - ImagegenAction::Edit => { - let images = edit_images(history); - if images.is_empty() { - return Err(FunctionCallError::RespondToModel( - "image edit requested without any usable image in conversation history" - .to_string(), - )); - } - Ok(ImageRequest::Edit(ImageEditRequest { - images, + let paths = args.referenced_image_paths.as_deref().unwrap_or_default(); + if paths.len() > MAX_EDIT_IMAGES { + return Err(FunctionCallError::RespondToModel(format!( + "`referenced_image_paths` must contain at most {MAX_EDIT_IMAGES} paths" + ))); + } + let images = match (paths.is_empty(), args.num_last_images_to_include) { + (true, None) => { + return Ok(ImageRequest::Generate(ImageGenerationRequest { prompt: args.prompt.clone(), background: Some(ImageBackground::Auto), model: IMAGE_MODEL.to_string(), n: None, quality: Some(ImageQuality::Auto), size: Some("auto".to_string()), - })) + })); } - } + (false, None) => { + let Some(environment) = environments.first() else { + return Err(FunctionCallError::RespondToModel( + "referenced image paths are unavailable in this session".to_string(), + )); + }; + let mut images = Vec::with_capacity(paths.len()); + for path in paths { + images.push(image_url(path, environment).await?); + } + images + } + (true, Some(count)) => { + if !(1..=MAX_EDIT_IMAGES).contains(&count) { + return Err(FunctionCallError::RespondToModel(format!( + "`num_last_images_to_include` must be between 1 and {MAX_EDIT_IMAGES}" + ))); + } + // Pathless images have no stable reference, so this bounded window may include newer + // unrelated images. This remains best-effort until the harness provides stable refs. + let images = recent_images(history, count); + if images.len() != count { + return Err(FunctionCallError::RespondToModel(format!( + "requested the last {count} conversation images, but only {} were available", + images.len() + ))); + } + images + } + (false, Some(_)) => { + return Err(FunctionCallError::RespondToModel( + "provide only one of `referenced_image_paths` or \ + `num_last_images_to_include`" + .to_string(), + )); + } + }; + + Ok(ImageRequest::Edit(ImageEditRequest { + images, + prompt: args.prompt.clone(), + background: Some(ImageBackground::Auto), + model: IMAGE_MODEL.to_string(), + n: None, + quality: Some(ImageQuality::Auto), + size: Some("auto".to_string()), + })) } -/// Selects edit context using the hosted imagegen anchor and truncation behavior. -fn edit_images(history: &[ResponseItem]) -> Vec { - let latest_uploaded_images = history.iter().enumerate().rev().find_map(|(index, item)| { - let ResponseItem::Message { role, content, .. } = item else { - return None; - }; - if role != "user" { - return None; +fn recent_images(history: &[ResponseItem], count: usize) -> Vec { + let mut function_call_ids = HashSet::new(); + let mut custom_tool_call_ids = HashSet::new(); + for item in history { + match item { + ResponseItem::FunctionCall { call_id, .. } => { + function_call_ids.insert(call_id.as_str()); + } + ResponseItem::CustomToolCall { call_id, .. } => { + custom_tool_call_ids.insert(call_id.as_str()); + } + ResponseItem::Message { .. } + | ResponseItem::AgentMessage { .. } + | ResponseItem::Reasoning { .. } + | ResponseItem::LocalShellCall { .. } + | ResponseItem::ToolSearchCall { .. } + | ResponseItem::FunctionCallOutput { .. } + | ResponseItem::CustomToolCallOutput { .. } + | ResponseItem::ToolSearchOutput { .. } + | ResponseItem::WebSearchCall { .. } + | ResponseItem::ImageGenerationCall { .. } + | ResponseItem::Compaction { .. } + | ResponseItem::CompactionTrigger + | ResponseItem::ContextCompaction { .. } + | ResponseItem::Other => {} } - let images = content - .iter() - .filter_map(|item| match item { - ContentItem::InputImage { image_url, .. } => Some(ImageUrl { - image_url: image_url.clone(), - }), - ContentItem::InputText { .. } | ContentItem::OutputText { .. } => None, - }) - .collect::>(); - (!images.is_empty()).then_some((index, images)) - }); - let (user_images, follow_up_start) = latest_uploaded_images - .map_or_else(|| (Vec::new(), 0), |(index, images)| (images, index + 1)); - let mut generated_images = Vec::new(); - for item in &history[follow_up_start..] { + } + + let mut images = Vec::with_capacity(count); + 'history: for item in history.iter().rev() { + let mut image_urls = Vec::new(); match item { - ResponseItem::ImageGenerationCall { result, .. } if !result.is_empty() => { - generated_images.push(ImageUrl { - image_url: format!("data:image/png;base64,{result}"), - }); + ResponseItem::Message { content, .. } => { + image_urls.extend(content.iter().rev().filter_map(|item| match item { + ContentItem::InputImage { image_url, .. } => Some(image_url.clone()), + ContentItem::InputText { .. } | ContentItem::OutputText { .. } => None, + })); } ResponseItem::FunctionCallOutput { call_id, output } - if history.iter().any(|item| { - matches!( - item, - ResponseItem::FunctionCall { - name, - namespace: Some(namespace), - call_id: function_call_id, - .. - } if function_call_id == call_id - && name == IMAGEGEN_TOOL_NAME - && namespace == IMAGE_GEN_NAMESPACE - ) - }) => + if function_call_ids.contains(call_id.as_str()) => { - generated_images.extend(output.content_items().into_iter().flatten().filter_map( - |item| match item { - FunctionCallOutputContentItem::InputImage { image_url, .. } => { - Some(ImageUrl { - image_url: image_url.clone(), - }) - } - FunctionCallOutputContentItem::InputText { .. } - | FunctionCallOutputContentItem::EncryptedContent { .. } => None, - }, - )); + image_urls.extend(output_image_urls(output)); } - ResponseItem::Message { .. } - | ResponseItem::Reasoning { .. } + ResponseItem::CustomToolCallOutput { + call_id, output, .. + } if custom_tool_call_ids.contains(call_id.as_str()) => { + image_urls.extend(output_image_urls(output)); + } + ResponseItem::ImageGenerationCall { result, .. } if !result.is_empty() => { + image_urls.push(format!("data:image/png;base64,{result}")); + } + ResponseItem::Reasoning { .. } + | ResponseItem::AgentMessage { .. } | ResponseItem::LocalShellCall { .. } | ResponseItem::FunctionCall { .. } | ResponseItem::ToolSearchCall { .. } - | ResponseItem::FunctionCallOutput { .. } | ResponseItem::CustomToolCall { .. } + | ResponseItem::FunctionCallOutput { .. } | ResponseItem::CustomToolCallOutput { .. } | ResponseItem::ToolSearchOutput { .. } | ResponseItem::WebSearchCall { .. } @@ -234,26 +296,62 @@ fn edit_images(history: &[ResponseItem]) -> Vec { | ResponseItem::ContextCompaction { .. } | ResponseItem::Other => {} } + for image_url in image_urls { + images.push(ImageUrl { image_url }); + if images.len() == count { + break 'history; + } + } } - truncate_images(user_images, generated_images) + images.reverse(); + images } -/// Truncates edit inputs while preserving the newest generated image when possible. -fn truncate_images( - mut user_images: Vec, - mut generated_images: Vec, -) -> Vec { - let mut excess = (user_images.len() + generated_images.len()).saturating_sub(MAX_EDIT_IMAGES); - let drop_generated = excess.min(generated_images.len().saturating_sub(1)); - generated_images.drain(..drop_generated); - excess -= drop_generated; - let drop_user = excess.min(user_images.len()); - user_images.drain(..drop_user); - excess -= drop_user; - generated_images.drain(..excess); +/// Extracts image URLs from a tool output in newest-first order. +fn output_image_urls(output: &FunctionCallOutputPayload) -> impl Iterator + '_ { + output + .content_items() + .into_iter() + .flatten() + .rev() + .filter_map(|item| match item { + FunctionCallOutputContentItem::InputImage { image_url, .. } => Some(image_url.clone()), + FunctionCallOutputContentItem::InputText { .. } + | FunctionCallOutputContentItem::EncryptedContent { .. } => None, + }) +} - user_images.extend(generated_images); - user_images +async fn image_url( + path: &AbsolutePathBuf, + environment: &ToolEnvironment, +) -> Result { + let path_uri = PathUri::from_abs_path(path).map_err(|error| { + FunctionCallError::RespondToModel(format!( + "unable to read referenced image at `{}`: {error}", + path.display() + )) + })?; + let bytes = environment + .file_system + .read_file(&path_uri, Some(&environment.file_system_sandbox_context)) + .await + .map_err(|error| { + FunctionCallError::RespondToModel(format!( + "unable to read referenced image at `{}`: {error}", + path.display() + )) + })?; + let image = load_for_prompt_bytes(path.as_path(), bytes, PromptImageMode::Original).map_err( + |error| { + FunctionCallError::RespondToModel(format!( + "unable to process referenced image at `{}`: {error}", + path.display() + )) + }, + )?; + Ok(ImageUrl { + image_url: image.into_data_url(), + }) } /// Parses the strict model-facing arguments for an image-generation call. @@ -297,6 +395,7 @@ fn imagegen_tool_spec() -> ToolSpec { struct GeneratedImageOutput { result: String, + output_hint: Option, } impl ToolOutput for GeneratedImageOutput { @@ -310,12 +409,32 @@ impl ToolOutput for GeneratedImageOutput { true } - /// Returns generated bytes for model follow-up. + /// Returns the object consumed by the code-mode `generatedImage()` helper. + fn code_mode_result(&self, _payload: &ToolPayload) -> Value { + let mut result = Map::from_iter([( + "image_url".to_string(), + Value::String(format!("data:image/png;base64,{}", self.result)), + )]); + if let Some(output_hint) = &self.output_hint { + result.insert( + "output_hint".to_string(), + Value::String(output_hint.clone()), + ); + } + Value::Object(result) + } + + /// Returns generated bytes and persisted-artifact context for model follow-up. fn to_response_item(&self, call_id: &str, _payload: &ToolPayload) -> ResponseInputItem { - let content = vec![FunctionCallOutputContentItem::InputImage { + let mut content = vec![FunctionCallOutputContentItem::InputImage { image_url: format!("data:image/png;base64,{}", self.result), detail: Some(DEFAULT_IMAGE_DETAIL), }]; + if let Some(output_hint) = &self.output_hint { + content.push(FunctionCallOutputContentItem::InputText { + text: output_hint.clone(), + }); + } ResponseInputItem::FunctionCallOutput { call_id: call_id.to_string(), output: FunctionCallOutputPayload { diff --git a/codex-rs/ext/mcp/BUILD.bazel b/codex-rs/ext/mcp/BUILD.bazel new file mode 100644 index 00000000000..30aefba6925 --- /dev/null +++ b/codex-rs/ext/mcp/BUILD.bazel @@ -0,0 +1,6 @@ +load("//:defs.bzl", "codex_rust_crate") + +codex_rust_crate( + name = "mcp", + crate_name = "codex_mcp_extension", +) diff --git a/codex-rs/ext/mcp/Cargo.toml b/codex-rs/ext/mcp/Cargo.toml new file mode 100644 index 00000000000..2d0e508b5ef --- /dev/null +++ b/codex-rs/ext/mcp/Cargo.toml @@ -0,0 +1,28 @@ +[package] +edition.workspace = true +license.workspace = true +name = "codex-mcp-extension" +version.workspace = true + +[lib] +name = "codex_mcp_extension" +path = "src/lib.rs" +test = false +doctest = false + +[lints] +workspace = true + +[dependencies] +codex-core = { workspace = true } +codex-extension-api = { workspace = true } +codex-features = { workspace = true } +codex-mcp = { workspace = true } + +[dev-dependencies] +codex-config = { workspace = true } +codex-core-plugins = { workspace = true } +codex-login = { workspace = true } +pretty_assertions = { workspace = true } +tempfile = { workspace = true } +tokio = { workspace = true, features = ["macros", "rt-multi-thread"] } diff --git a/codex-rs/ext/mcp/src/lib.rs b/codex-rs/ext/mcp/src/lib.rs new file mode 100644 index 00000000000..3843e068403 --- /dev/null +++ b/codex-rs/ext/mcp/src/lib.rs @@ -0,0 +1,39 @@ +use codex_core::config::Config; +use codex_extension_api::ExtensionFuture; +use codex_extension_api::ExtensionRegistryBuilder; +use codex_extension_api::McpServerContribution; +use codex_extension_api::McpServerContributor; +use codex_mcp::CODEX_APPS_MCP_SERVER_NAME; +use codex_mcp::hosted_plugin_runtime_mcp_server_config; + +struct HostedPluginRuntimeExtension; + +impl McpServerContributor for HostedPluginRuntimeExtension { + fn id(&self) -> &'static str { + "hosted_plugin_runtime" + } + + fn contribute<'a>( + &'a self, + config: &'a Config, + ) -> ExtensionFuture<'a, Vec> { + Box::pin(async move { + let name = CODEX_APPS_MCP_SERVER_NAME.to_string(); + if !config.features.enabled(codex_features::Feature::Apps) { + return vec![McpServerContribution::Remove { name }]; + } + + vec![McpServerContribution::Set { + name, + config: Box::new(hosted_plugin_runtime_mcp_server_config( + &config.chatgpt_base_url, + config.apps_mcp_product_sku.as_deref(), + )), + }] + }) + } +} + +pub fn install(builder: &mut ExtensionRegistryBuilder) { + builder.mcp_server_contributor(std::sync::Arc::new(HostedPluginRuntimeExtension)); +} diff --git a/codex-rs/ext/mcp/tests/hosted_apps_mcp.rs b/codex-rs/ext/mcp/tests/hosted_apps_mcp.rs new file mode 100644 index 00000000000..4a3902630bc --- /dev/null +++ b/codex-rs/ext/mcp/tests/hosted_apps_mcp.rs @@ -0,0 +1,202 @@ +use std::sync::Arc; + +use codex_config::McpServerTransportConfig; +use codex_core::McpManager; +use codex_core::config::Config; +use codex_core::config::ConfigBuilder; +use codex_core_plugins::PluginsManager; +use codex_extension_api::ExtensionRegistryBuilder; +use codex_extension_api::McpServerContribution; +use codex_extension_api::McpServerContributor; +use codex_login::CodexAuth; +use codex_mcp::CODEX_APPS_MCP_SERVER_NAME; +use pretty_assertions::assert_eq; + +type TestResult = Result<(), Box>; + +#[tokio::test] +async fn contributes_hosted_plugin_runtime_without_an_executor() -> TestResult { + let codex_home = tempfile::tempdir()?; + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .cli_overrides(vec![ + ("features.apps".to_string(), true.into()), + ("chatgpt_base_url".to_string(), "https://chatgpt.com".into()), + ]) + .build() + .await?; + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let manager = installed_manager(&config); + + let servers = manager.effective_servers(&config, Some(&auth)).await; + let server = servers + .get(CODEX_APPS_MCP_SERVER_NAME) + .and_then(|server| server.configured_config()) + .ok_or("hosted plugin runtime should be contributed as a configured server")?; + let McpServerTransportConfig::StreamableHttp { url, .. } = &server.transport else { + panic!("hosted plugin runtime should use streamable HTTP"); + }; + assert_eq!(url, "https://chatgpt.com/backend-api/ps/mcp"); + + Ok(()) +} + +#[tokio::test] +async fn runtime_overlay_preserves_disabled_server() -> TestResult { + let codex_home = tempfile::tempdir()?; + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .cli_overrides(vec![ + ("features.apps".to_string(), true.into()), + ( + "mcp_servers.codex_apps.url".to_string(), + "https://example.com/mcp".into(), + ), + ("mcp_servers.codex_apps.enabled".to_string(), false.into()), + ]) + .build() + .await?; + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let manager = installed_manager(&config); + + let servers = manager.effective_servers(&config, Some(&auth)).await; + let server = servers + .get(CODEX_APPS_MCP_SERVER_NAME) + .ok_or("hosted plugin runtime should remain configured")?; + + assert!(!server.enabled()); + Ok(()) +} + +#[tokio::test] +async fn legacy_fallback_overwrites_reserved_config_without_an_extension() -> TestResult { + let codex_home = tempfile::tempdir()?; + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .cli_overrides(vec![ + ("features.apps".to_string(), true.into()), + ( + "mcp_servers.codex_apps.url".to_string(), + "https://example.com/mcp".into(), + ), + ]) + .build() + .await?; + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let manager = McpManager::new(Arc::new(PluginsManager::new( + config.codex_home.to_path_buf(), + ))); + + let servers = manager.effective_servers(&config, Some(&auth)).await; + let server = servers + .get(CODEX_APPS_MCP_SERVER_NAME) + .and_then(|server| server.configured_config()) + .ok_or("legacy Apps MCP should be present")?; + let McpServerTransportConfig::StreamableHttp { url, .. } = &server.transport else { + panic!("legacy Apps MCP should use streamable HTTP"); + }; + assert_eq!(url, "https://chatgpt.com/backend-api/wham/apps"); + + Ok(()) +} + +#[tokio::test] +async fn later_extension_can_remove_same_name_registration() -> TestResult { + let codex_home = tempfile::tempdir()?; + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .cli_overrides(vec![("features.apps".to_string(), true.into())]) + .build() + .await?; + let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing(); + let mut builder = ExtensionRegistryBuilder::new(); + codex_mcp_extension::install(&mut builder); + builder.mcp_server_contributor(Arc::new(RemoveCodexApps)); + let manager = McpManager::new_with_extensions( + Arc::new(PluginsManager::new(config.codex_home.to_path_buf())), + Arc::new(builder.build()), + ); + + let servers = manager.effective_servers(&config, Some(&auth)).await; + + assert!(!servers.contains_key(CODEX_APPS_MCP_SERVER_NAME)); + Ok(()) +} + +#[tokio::test] +async fn hosted_apps_mcp_requires_chatgpt_auth() -> TestResult { + let codex_home = tempfile::tempdir()?; + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .cli_overrides(vec![("features.apps".to_string(), true.into())]) + .build() + .await?; + let auth = CodexAuth::from_api_key("test"); + let manager = installed_manager(&config); + + let servers = manager.effective_servers(&config, Some(&auth)).await; + assert!(!servers.contains_key(CODEX_APPS_MCP_SERVER_NAME)); + + Ok(()) +} + +#[tokio::test] +async fn disabled_apps_remove_reserved_server_config_for_all_hosts() -> TestResult { + let codex_home = tempfile::tempdir()?; + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .fallback_cwd(Some(codex_home.path().to_path_buf())) + .cli_overrides(vec![ + ("features.apps".to_string(), false.into()), + ( + "mcp_servers.codex_apps.url".to_string(), + "https://example.com/mcp".into(), + ), + ]) + .build() + .await?; + let managers = [ + installed_manager(&config), + McpManager::new(Arc::new(PluginsManager::new( + config.codex_home.to_path_buf(), + ))), + ]; + for manager in managers { + let servers = manager.runtime_servers(&config).await; + assert!(!servers.contains_key(CODEX_APPS_MCP_SERVER_NAME)); + } + Ok(()) +} + +fn installed_manager(config: &Config) -> McpManager { + let mut builder = ExtensionRegistryBuilder::new(); + codex_mcp_extension::install(&mut builder); + McpManager::new_with_extensions( + Arc::new(PluginsManager::new(config.codex_home.to_path_buf())), + Arc::new(builder.build()), + ) +} + +struct RemoveCodexApps; + +impl McpServerContributor for RemoveCodexApps { + fn id(&self) -> &'static str { + "remove_codex_apps" + } + + fn contribute<'a>( + &'a self, + _config: &'a Config, + ) -> codex_extension_api::ExtensionFuture<'a, Vec> { + Box::pin(async move { + vec![McpServerContribution::Remove { + name: CODEX_APPS_MCP_SERVER_NAME.to_string(), + }] + }) + } +} diff --git a/codex-rs/ext/memories/Cargo.toml b/codex-rs/ext/memories/Cargo.toml index 68eeaf8ec1b..e283140b15e 100644 --- a/codex-rs/ext/memories/Cargo.toml +++ b/codex-rs/ext/memories/Cargo.toml @@ -13,7 +13,6 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } codex-features = { workspace = true } diff --git a/codex-rs/ext/memories/src/extension.rs b/codex-rs/ext/memories/src/extension.rs index 0be773b4c73..23c80a8779d 100644 --- a/codex-rs/ext/memories/src/extension.rs +++ b/codex-rs/ext/memories/src/extension.rs @@ -4,6 +4,7 @@ use codex_core::config::Config; use codex_extension_api::ConfigContributor; use codex_extension_api::ContextContributor; use codex_extension_api::ExtensionData; +use codex_extension_api::ExtensionFuture; use codex_extension_api::ExtensionRegistryBuilder; use codex_extension_api::PromptFragment; use codex_extension_api::ThreadLifecycleContributor; @@ -69,12 +70,16 @@ impl ContextContributor for MemoriesExtension { } } -#[async_trait::async_trait] impl ThreadLifecycleContributor for MemoriesExtension { - async fn on_thread_start(&self, input: ThreadStartInput<'_, Config>) { - input - .thread_store - .insert(MemoriesExtensionConfig::from_config(input.config)); + fn on_thread_start<'a>( + &'a self, + input: ThreadStartInput<'a, Config>, + ) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + input + .thread_store + .insert(MemoriesExtensionConfig::from_config(input.config)); + }) } } diff --git a/codex-rs/ext/memories/src/tests.rs b/codex-rs/ext/memories/src/tests.rs index ce03d749652..b78c20c9f1b 100644 --- a/codex-rs/ext/memories/src/tests.rs +++ b/codex-rs/ext/memories/src/tests.rs @@ -215,6 +215,7 @@ async fn add_ad_hoc_note_tool_creates_note_file() { truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload: payload.clone(), }) .await @@ -258,6 +259,7 @@ async fn add_ad_hoc_note_tool_rejects_paths_as_filenames() { truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload, }) .await; @@ -302,6 +304,7 @@ async fn read_tool_reads_memory_file() { truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload: payload.clone(), }) .await @@ -349,6 +352,7 @@ async fn search_tool_accepts_multiple_queries() { truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload: payload.clone(), }) .await @@ -422,6 +426,7 @@ async fn search_tool_accepts_windowed_all_match_mode() { truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload: payload.clone(), }) .await @@ -475,6 +480,7 @@ async fn search_tool_rejects_legacy_single_query() { truncation_policy: TruncationPolicy::Bytes(1024), conversation_history: codex_extension_api::ConversationHistory::default(), turn_item_emitter: Arc::new(NoopTurnItemEmitter), + environments: Vec::new(), payload, }) .await; diff --git a/codex-rs/ext/memories/src/tools/ad_hoc_note.rs b/codex-rs/ext/memories/src/tools/ad_hoc_note.rs index a6712a40229..0ce9cade676 100644 --- a/codex-rs/ext/memories/src/tools/ad_hoc_note.rs +++ b/codex-rs/ext/memories/src/tools/ad_hoc_note.rs @@ -41,7 +41,6 @@ pub(super) struct AddAdHocNoteTool { pub(super) metrics_client: Option, } -#[async_trait::async_trait] impl ToolExecutor for AddAdHocNoteTool where B: MemoriesBackend, @@ -57,7 +56,16 @@ where ) } - async fn handle( + fn handle(&self, call: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl AddAdHocNoteTool +where + B: MemoriesBackend, +{ + async fn handle_call( &self, call: ToolCall, ) -> Result, codex_extension_api::FunctionCallError> diff --git a/codex-rs/ext/memories/src/tools/list.rs b/codex-rs/ext/memories/src/tools/list.rs index 301c7cab71b..b7b9ad05862 100644 --- a/codex-rs/ext/memories/src/tools/list.rs +++ b/codex-rs/ext/memories/src/tools/list.rs @@ -39,7 +39,6 @@ pub(super) struct ListTool { pub(super) metrics_client: Option, } -#[async_trait::async_trait] impl ToolExecutor for ListTool where B: MemoriesBackend, @@ -55,7 +54,16 @@ where ) } - async fn handle( + fn handle(&self, call: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl ListTool +where + B: MemoriesBackend, +{ + async fn handle_call( &self, call: ToolCall, ) -> Result, codex_extension_api::FunctionCallError> diff --git a/codex-rs/ext/memories/src/tools/read.rs b/codex-rs/ext/memories/src/tools/read.rs index 33ede3c6003..6625cdaf8bd 100644 --- a/codex-rs/ext/memories/src/tools/read.rs +++ b/codex-rs/ext/memories/src/tools/read.rs @@ -38,7 +38,6 @@ pub(super) struct ReadTool { pub(super) metrics_client: Option, } -#[async_trait::async_trait] impl ToolExecutor for ReadTool where B: MemoriesBackend, @@ -54,7 +53,16 @@ where ) } - async fn handle( + fn handle(&self, call: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl ReadTool +where + B: MemoriesBackend, +{ + async fn handle_call( &self, call: ToolCall, ) -> Result, codex_extension_api::FunctionCallError> diff --git a/codex-rs/ext/memories/src/tools/search.rs b/codex-rs/ext/memories/src/tools/search.rs index 1d050727030..928c98b475d 100644 --- a/codex-rs/ext/memories/src/tools/search.rs +++ b/codex-rs/ext/memories/src/tools/search.rs @@ -47,7 +47,6 @@ pub(super) struct SearchTool { pub(super) metrics_client: Option, } -#[async_trait::async_trait] impl ToolExecutor for SearchTool where B: MemoriesBackend, @@ -63,7 +62,16 @@ where ) } - async fn handle( + fn handle(&self, call: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl SearchTool +where + B: MemoriesBackend, +{ + async fn handle_call( &self, call: ToolCall, ) -> Result, codex_extension_api::FunctionCallError> diff --git a/codex-rs/ext/skills/Cargo.toml b/codex-rs/ext/skills/Cargo.toml index 29767d58fec..afd5111e959 100644 --- a/codex-rs/ext/skills/Cargo.toml +++ b/codex-rs/ext/skills/Cargo.toml @@ -14,11 +14,21 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } -codex-core = { workspace = true } codex-core-skills = { workspace = true } +codex-exec-server = { workspace = true } codex-extension-api = { workspace = true } +codex-mcp = { workspace = true } codex-protocol = { workspace = true } +codex-tools = { workspace = true } +codex-utils-absolute-path = { workspace = true } +codex-utils-path-uri = { workspace = true } +codex-utils-string = { workspace = true } +schemars = { workspace = true } +serde = { workspace = true, features = ["derive"] } +serde_json = { workspace = true } +tokio = { workspace = true, features = ["sync", "time"] } +tracing = { workspace = true } +url = { workspace = true } [dev-dependencies] pretty_assertions = { workspace = true } diff --git a/codex-rs/ext/skills/src/catalog.rs b/codex-rs/ext/skills/src/catalog.rs index a09a81ff799..96b8fec10f8 100644 --- a/codex-rs/ext/skills/src/catalog.rs +++ b/codex-rs/ext/skills/src/catalog.rs @@ -1,4 +1,5 @@ use codex_core_skills::model::SkillDependencies; +use codex_utils_absolute_path::AbsolutePathBuf; /// Source authority that owns a skill package and must be used to read it. #[derive(Clone, Debug, PartialEq, Eq, Hash)] @@ -8,8 +9,8 @@ pub enum SkillSourceKind { Host, /// Skills owned by an execution environment. Executor, - /// Skills read through an authenticated remote catalog/API. - Remote, + /// Skills owned by the orchestrator rather than an execution environment. + Orchestrator, /// Extension-private source kind for future providers that do not fit an /// existing transport category. Custom(String), @@ -24,7 +25,7 @@ impl SkillSourceKind { match self { Self::Host => "host", Self::Executor => "executor", - Self::Remote => "remote", + Self::Orchestrator => "orchestrator", Self::Custom(kind) => kind, } } @@ -56,9 +57,52 @@ impl SkillAuthority { #[derive(Clone, Debug, PartialEq, Eq, Hash)] pub struct SkillPackageId(pub String); -/// Opaque resource id inside a skill package. +/// Opaque resource id inside a skill package, optionally bound to the +/// environment path that owns its contents. #[derive(Clone, Debug, PartialEq, Eq, Hash)] -pub struct SkillResourceId(pub String); +pub struct SkillResourceId { + id: String, + environment_path: Option, +} + +impl SkillResourceId { + pub fn new(id: impl Into) -> Self { + Self { + id: id.into(), + environment_path: None, + } + } + + pub fn environment( + id: impl Into, + environment_id: impl Into, + path: AbsolutePathBuf, + ) -> Self { + Self { + id: id.into(), + environment_path: Some(EnvironmentSkillResource { + environment_id: environment_id.into(), + path, + }), + } + } + + pub fn as_str(&self) -> &str { + &self.id + } + + pub(crate) fn environment_path(&self) -> Option<(&str, &AbsolutePathBuf)> { + self.environment_path + .as_ref() + .map(|resource| (resource.environment_id.as_str(), &resource.path)) + } +} + +#[derive(Clone, Debug, PartialEq, Eq, Hash)] +struct EnvironmentSkillResource { + environment_id: String, + path: AbsolutePathBuf, +} /// Metadata shown in the always-visible skills catalog. #[derive(Clone, Debug, PartialEq, Eq)] @@ -125,7 +169,7 @@ impl SkillCatalogEntry { pub(crate) fn rendered_path(&self) -> &str { self.display_path .as_deref() - .unwrap_or(self.main_prompt.0.as_str()) + .unwrap_or_else(|| self.main_prompt.as_str()) } } diff --git a/codex-rs/ext/skills/src/config.rs b/codex-rs/ext/skills/src/config.rs new file mode 100644 index 00000000000..e883f0c5f51 --- /dev/null +++ b/codex-rs/ext/skills/src/config.rs @@ -0,0 +1,8 @@ +/// Host-supplied configuration used by the skills extension. +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct SkillsExtensionConfig { + /// Whether the available-skills catalog is included in model context. + pub include_instructions: bool, + /// Whether bundled skills are eligible for discovery. + pub bundled_skills_enabled: bool, +} diff --git a/codex-rs/ext/skills/src/extension.rs b/codex-rs/ext/skills/src/extension.rs index 3961d7d85dc..23dee27ebbc 100644 --- a/codex-rs/ext/skills/src/extension.rs +++ b/codex-rs/ext/skills/src/extension.rs @@ -1,174 +1,302 @@ use std::sync::Arc; -use codex_core::config::Config; use codex_core_skills::HostLoadedSkills; -use codex_core_skills::SkillInstructions; use codex_core_skills::injection::InjectedHostSkillPrompts; -use codex_core_skills::injection::SkillInjection; use codex_extension_api::ConfigContributor; +use codex_extension_api::ContextContributor; use codex_extension_api::ContextualUserFragment; use codex_extension_api::ExtensionData; use codex_extension_api::ExtensionEventSink; +use codex_extension_api::ExtensionFuture; use codex_extension_api::ExtensionRegistryBuilder; +use codex_extension_api::PromptFragment; use codex_extension_api::ThreadLifecycleContributor; use codex_extension_api::ThreadStartInput; +use codex_extension_api::ToolCall; +use codex_extension_api::ToolContributor; +use codex_extension_api::ToolExecutor; use codex_extension_api::TurnInputContext; use codex_extension_api::TurnInputContributor; +use codex_mcp::McpResourceClient; +use codex_protocol::capabilities::SelectedCapabilityRoot; use codex_protocol::protocol::Event; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::WarningEvent; -use crate::catalog::SkillAuthority; +use crate::SkillsExtensionConfig; +use crate::catalog::SkillCatalog; use crate::catalog::SkillCatalogEntry; use crate::catalog::SkillReadResult; use crate::catalog::SkillSourceKind; +use crate::fragments::SkillInstructions; use crate::provider::HostSkillProvider; use crate::provider::SkillListQuery; use crate::provider::SkillReadRequest; +use crate::render::MAX_SKILL_NAME_BYTES; +use crate::render::MAX_SKILL_PATH_BYTES; use crate::render::available_skills_fragment; use crate::render::truncate_main_prompt_contents; +use crate::render::truncate_utf8_to_bytes; use crate::selection::collect_explicit_skill_mentions; use crate::sources::SkillProviders; -use crate::state::SkillsExtensionConfig; use crate::state::SkillsThreadState; use crate::state::SkillsTurnState; +use crate::tools::skill_tools; -#[derive(Clone)] -struct SkillsExtension { +struct SkillsExtension { providers: SkillProviders, event_sink: Arc, + config_from_host: Arc SkillsExtensionConfig + Send + Sync>, } -#[async_trait::async_trait] -impl ThreadLifecycleContributor for SkillsExtension { - async fn on_thread_start(&self, input: ThreadStartInput<'_, Config>) { - input - .thread_store - .insert(SkillsThreadState::new(SkillsExtensionConfig::from_config( - input.config, - ))); +impl ThreadLifecycleContributor for SkillsExtension +where + C: Send + Sync + 'static, +{ + fn on_thread_start<'a>(&'a self, input: ThreadStartInput<'a, C>) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + let selected_roots = input + .thread_store + .get::>() + .map(|selected_roots| selected_roots.as_ref().clone()) + .unwrap_or_default(); + input.thread_store.insert(SkillsThreadState::new( + (self.config_from_host)(input.config), + selected_roots, + )); + }) } } -impl ConfigContributor for SkillsExtension { +impl ConfigContributor for SkillsExtension +where + C: Send + Sync + 'static, +{ fn on_config_changed( &self, _session_store: &ExtensionData, thread_store: &ExtensionData, - _previous_config: &Config, - new_config: &Config, + _previous_config: &C, + new_config: &C, ) { - let next_config = SkillsExtensionConfig::from_config(new_config); + let next_config = (self.config_from_host)(new_config); if let Some(state) = thread_store.get::() { state.set_config(next_config); } else { - thread_store.insert(SkillsThreadState::new(next_config)); + thread_store.insert(SkillsThreadState::new(next_config, Vec::new())); } } } -#[async_trait::async_trait] -impl TurnInputContributor for SkillsExtension { - async fn contribute( +impl ContextContributor for SkillsExtension +where + C: Send + Sync + 'static, +{ + fn contribute<'a>( + &'a self, + session_store: &'a ExtensionData, + thread_store: &'a ExtensionData, + ) -> std::pin::Pin> + Send + 'a>> { + Box::pin(async move { + let Some(thread_state) = thread_store.get::() else { + return Vec::new(); + }; + let config = thread_state.config(); + if !config.include_instructions { + return Vec::new(); + } + let catalog = self + .list_skills( + SkillListQuery { + turn_id: thread_store.level_id().to_string(), + executor_roots: thread_state.selected_roots().to_vec(), + host: None, + include_host_skills: false, + include_bundled_skills: config.bundled_skills_enabled, + include_orchestrator_skills: true, + mcp_resources: session_store.get::(), + }, + &thread_state, + ) + .await; + for warning in &catalog.warnings { + self.emit_warning(thread_store.level_id(), warning.clone()); + } + available_skills_fragment(&catalog) + .map(|fragment| PromptFragment::developer_capability(fragment.render())) + .into_iter() + .collect() + }) + } +} + +impl ToolContributor for SkillsExtension +where + C: Send + Sync + 'static, +{ + fn tools( &self, - input: TurnInputContext, - _session_store: &ExtensionData, - thread_store: &ExtensionData, - turn_store: &ExtensionData, - ) -> Vec> { - let Some(thread_state) = thread_store.get::() else { + session_store: &ExtensionData, + _thread_store: &ExtensionData, + ) -> Vec>> { + if !self.providers.has_orchestrator_provider() { return Vec::new(); - }; - - let config = thread_state.config(); - let host_loaded_skills = turn_store.get::(); - let query = SkillListQuery { - turn_id: input.turn_id.clone(), - executor_authorities: input - .environments - .iter() - .map(|environment| { - SkillAuthority::new( - SkillSourceKind::Executor, - environment.environment_id.clone(), - ) - }) - .collect(), - host: host_loaded_skills.clone(), - include_host_skills: true, - include_bundled_skills: config.bundled_skills_enabled, - include_remote_skills: true, - }; - let catalog = self.providers.list_for_turn(query).await; - for warning in &catalog.warnings { - self.emit_warning(&input.turn_id, warning.clone()); } - let selected_entries = collect_explicit_skill_mentions(&input.user_input, &catalog); - let mut fragments: Vec> = Vec::new(); - if config.include_instructions - && let Some(fragment) = available_skills_fragment(&catalog) - { - fragments.push(Box::new(fragment)); - } + skill_tools( + self.providers.clone(), + session_store.get::(), + ) + } +} + +impl TurnInputContributor for SkillsExtension +where + C: Send + Sync + 'static, +{ + fn contribute<'a>( + &'a self, + input: TurnInputContext, + session_store: &'a ExtensionData, + thread_store: &'a ExtensionData, + turn_store: &'a ExtensionData, + ) -> ExtensionFuture<'a, Vec>> { + Box::pin(async move { + let Some(thread_state) = thread_store.get::() else { + return Vec::new(); + }; + + let config = thread_state.config(); + let host_loaded_skills = turn_store.get::(); + let query = SkillListQuery { + turn_id: input.turn_id.clone(), + executor_roots: thread_state.selected_roots().to_vec(), + host: host_loaded_skills.clone(), + include_host_skills: true, + include_bundled_skills: config.bundled_skills_enabled, + include_orchestrator_skills: true, + mcp_resources: session_store.get::(), + }; + let catalog = self.list_skills(query, &thread_state).await; + for warning in &catalog.warnings { + self.emit_warning(&input.turn_id, warning.clone()); + } + + let selected_entries = collect_explicit_skill_mentions(&input.user_input, &catalog); + let mut fragments: Vec> = Vec::new(); + if config.include_instructions { + let mut turn_catalog = catalog.clone(); + turn_catalog.entries.retain(|entry| { + entry.authority.kind != SkillSourceKind::Executor + && entry.authority.kind != SkillSourceKind::Orchestrator + }); + if let Some(fragment) = available_skills_fragment(&turn_catalog) { + fragments.push(Box::new(fragment)); + } + } - let mut warnings = catalog.warnings.clone(); - let mut main_prompts_injected = false; - let mut injected_host_skill_prompts = InjectedHostSkillPrompts::default(); - for entry in &selected_entries { - match self - .read_main_prompt(entry, host_loaded_skills.clone()) - .await - { - Ok(read_result) => { - let (contents, truncated) = - truncate_main_prompt_contents(read_result.contents.as_str()); - if truncated { - let warning = format!( - "Skill `{}` exceeded the main prompt context limit and was truncated.", - entry.name - ); + let mut warnings = catalog.warnings.clone(); + let mut main_prompts_injected = false; + let mut injected_host_skill_prompts = InjectedHostSkillPrompts::default(); + for entry in &selected_entries { + match self + .read_main_prompt(entry, host_loaded_skills.clone(), session_store) + .await + { + Ok(read_result) => { + let (contents, truncated) = + truncate_main_prompt_contents(read_result.contents.as_str()); + if truncated { + let warning = format!( + "Skill `{}` exceeded the main prompt context limit and was truncated.", + entry.name + ); + self.emit_warning(&input.turn_id, warning.clone()); + warnings.push(warning); + } + let fragment = SkillInstructions { + name: truncate_utf8_to_bytes(&entry.name, MAX_SKILL_NAME_BYTES).0, + path: truncate_utf8_to_bytes( + entry.rendered_path(), + MAX_SKILL_PATH_BYTES, + ) + .0, + contents, + }; + fragments.push(Box::new(fragment)); + main_prompts_injected = true; + if entry.authority.kind == SkillSourceKind::Host { + injected_host_skill_prompts.insert_path(entry.main_prompt.as_str()); + } + } + Err(message) => { + let warning = format!("Failed to load skill `{}`: {message}", entry.name); self.emit_warning(&input.turn_id, warning.clone()); warnings.push(warning); } - let injection = SkillInjection { - name: entry.name.clone(), - path: entry.rendered_path().to_string(), - contents, - }; - fragments.push(Box::new(SkillInstructions::from(&injection))); - main_prompts_injected = true; - if entry.authority.kind == SkillSourceKind::Host { - injected_host_skill_prompts.insert_path(entry.main_prompt.0.clone()); - } } - Err(message) => { - let warning = format!("Failed to load skill `{}`: {message}", entry.name); - self.emit_warning(&input.turn_id, warning.clone()); - warnings.push(warning); + } + + if let Some(host_loaded_skills) = &host_loaded_skills { + for entry in selected_entries + .iter() + .filter(|entry| entry.authority.kind != SkillSourceKind::Host) + { + for host_skill in host_loaded_skills + .outcome() + .skills + .iter() + .filter(|host_skill| host_skill.name == entry.name) + { + injected_host_skill_prompts + .insert_path(host_skill.path_to_skills_md.to_string_lossy()); + } } } - } - turn_store.insert(SkillsTurnState { - catalog, - selected_entries, - warnings, - main_prompts_injected, - }); - if !injected_host_skill_prompts.is_empty() { - turn_store.insert(injected_host_skill_prompts); - } + turn_store.insert(SkillsTurnState { + catalog, + selected_entries, + warnings, + main_prompts_injected, + }); + if !injected_host_skill_prompts.is_empty() { + turn_store.insert(injected_host_skill_prompts); + } - fragments + fragments + }) } } -impl SkillsExtension { +impl SkillsExtension { + async fn list_skills( + &self, + mut query: SkillListQuery, + thread_state: &SkillsThreadState, + ) -> SkillCatalog { + let include_orchestrator_skills = query.include_orchestrator_skills; + let orchestrator_query = query.clone(); + query.include_orchestrator_skills = false; + + let mut catalog = self.providers.list_for_turn(query).await; + if include_orchestrator_skills { + let orchestrator_catalog = thread_state + .orchestrator_catalog_snapshot( + self.providers + .list_orchestrator_for_turn(orchestrator_query), + ) + .await; + catalog.extend(orchestrator_catalog); + } + catalog + } + async fn read_main_prompt( &self, entry: &SkillCatalogEntry, host_loaded_skills: Option>, + session_store: &ExtensionData, ) -> Result { self.providers .read(SkillReadRequest { @@ -176,6 +304,7 @@ impl SkillsExtension { package: entry.id.clone(), resource: entry.main_prompt.clone(), host: host_loaded_skills, + mcp_resources: session_store.get::(), }) .await .map_err(|err| err.message) @@ -189,22 +318,34 @@ impl SkillsExtension { } } -pub fn install(registry: &mut ExtensionRegistryBuilder) { +pub fn install( + registry: &mut ExtensionRegistryBuilder, + config_from_host: impl Fn(&C) -> SkillsExtensionConfig + Send + Sync + 'static, +) where + C: Send + Sync + 'static, +{ install_with_providers( registry, SkillProviders::new().with_host_provider(Arc::new(HostSkillProvider::new())), + config_from_host, ); } -pub fn install_with_providers( - registry: &mut ExtensionRegistryBuilder, +pub fn install_with_providers( + registry: &mut ExtensionRegistryBuilder, providers: SkillProviders, -) { + config_from_host: impl Fn(&C) -> SkillsExtensionConfig + Send + Sync + 'static, +) where + C: Send + Sync + 'static, +{ let extension = Arc::new(SkillsExtension { providers, event_sink: registry.event_sink(), + config_from_host: Arc::new(config_from_host), }); registry.thread_lifecycle_contributor(extension.clone()); registry.config_contributor(extension.clone()); - registry.turn_input_contributor(extension); + registry.prompt_contributor(extension.clone()); + registry.turn_input_contributor(extension.clone()); + registry.tool_contributor(extension); } diff --git a/codex-rs/ext/skills/src/fragments.rs b/codex-rs/ext/skills/src/fragments.rs new file mode 100644 index 00000000000..0a24b48b5a3 --- /dev/null +++ b/codex-rs/ext/skills/src/fragments.rs @@ -0,0 +1,61 @@ +use codex_core_skills::render_available_skills_body; +use codex_extension_api::ContextualUserFragment; +use codex_protocol::protocol::SKILLS_INSTRUCTIONS_CLOSE_TAG; +use codex_protocol::protocol::SKILLS_INSTRUCTIONS_OPEN_TAG; + +#[derive(Clone, Debug, Eq, PartialEq)] +pub(crate) struct AvailableSkillsInstructions { + skill_lines: Vec, +} + +impl AvailableSkillsInstructions { + pub(crate) fn from_skill_lines(skill_lines: Vec) -> Self { + Self { skill_lines } + } +} + +impl ContextualUserFragment for AvailableSkillsInstructions { + fn role(&self) -> &'static str { + "developer" + } + + fn markers(&self) -> (&'static str, &'static str) { + Self::type_markers() + } + + fn type_markers() -> (&'static str, &'static str) { + (SKILLS_INSTRUCTIONS_OPEN_TAG, SKILLS_INSTRUCTIONS_CLOSE_TAG) + } + + fn body(&self) -> String { + render_available_skills_body(&[], &self.skill_lines) + } +} + +#[derive(Clone, Debug, Eq, PartialEq)] +pub(crate) struct SkillInstructions { + pub(crate) name: String, + pub(crate) path: String, + pub(crate) contents: String, +} + +impl ContextualUserFragment for SkillInstructions { + fn role(&self) -> &'static str { + "user" + } + + fn markers(&self) -> (&'static str, &'static str) { + Self::type_markers() + } + + fn type_markers() -> (&'static str, &'static str) { + ("", "") + } + + fn body(&self) -> String { + let name = &self.name; + let path = &self.path; + let contents = &self.contents; + format!("\n{name}\n{path}\n{contents}\n") + } +} diff --git a/codex-rs/ext/skills/src/lib.rs b/codex-rs/ext/skills/src/lib.rs index 3a28c5fbdf9..8abdf6a93e6 100644 --- a/codex-rs/ext/skills/src/lib.rs +++ b/codex-rs/ext/skills/src/lib.rs @@ -1,13 +1,20 @@ pub mod catalog; +mod config; mod extension; +mod fragments; pub mod provider; mod render; mod selection; mod sources; mod state; +mod tools; +pub use config::SkillsExtensionConfig; pub use extension::install; pub use extension::install_with_providers; +pub use provider::ExecutorSkillProvider; pub use provider::HostSkillProvider; +pub use provider::OrchestratorSkillProvider; +pub use provider::SkillProvider; pub use sources::SkillProviderSource; pub use sources::SkillProviders; diff --git a/codex-rs/ext/skills/src/provider.rs b/codex-rs/ext/skills/src/provider.rs index a968774afd4..329c0c5813c 100644 --- a/codex-rs/ext/skills/src/provider.rs +++ b/codex-rs/ext/skills/src/provider.rs @@ -2,9 +2,13 @@ use std::future::Future; use std::pin::Pin; use std::sync::Arc; +mod executor; mod host; +mod orchestrator; use codex_core_skills::HostLoadedSkills; +use codex_mcp::McpResourceClient; +use codex_protocol::capabilities::SelectedCapabilityRoot; use crate::catalog::SkillAuthority; use crate::catalog::SkillCatalog; @@ -14,16 +18,19 @@ use crate::catalog::SkillReadResult; use crate::catalog::SkillResourceId; use crate::catalog::SkillSearchResult; +pub use executor::ExecutorSkillProvider; pub use host::HostSkillProvider; +pub use orchestrator::OrchestratorSkillProvider; #[derive(Clone, Debug)] pub struct SkillListQuery { pub turn_id: String, - pub executor_authorities: Vec, + pub executor_roots: Vec, pub host: Option>, pub include_host_skills: bool, pub include_bundled_skills: bool, - pub include_remote_skills: bool, + pub include_orchestrator_skills: bool, + pub mcp_resources: Option>, } #[derive(Clone, Debug)] @@ -32,6 +39,7 @@ pub struct SkillReadRequest { pub package: SkillPackageId, pub resource: SkillResourceId, pub host: Option>, + pub mcp_resources: Option>, } #[derive(Clone, Debug, PartialEq, Eq)] diff --git a/codex-rs/ext/skills/src/provider/executor.rs b/codex-rs/ext/skills/src/provider/executor.rs new file mode 100644 index 00000000000..1ed1d11fa0d --- /dev/null +++ b/codex-rs/ext/skills/src/provider/executor.rs @@ -0,0 +1,210 @@ +use std::path::PathBuf; +use std::sync::Arc; + +use codex_core_skills::SkillMetadata; +use codex_core_skills::filter_skill_load_outcome_for_product; +use codex_core_skills::loader::SkillRoot; +use codex_core_skills::loader::load_skills_from_roots; +use codex_exec_server::EnvironmentManager; +use codex_protocol::capabilities::CapabilityRootLocation; +use codex_protocol::protocol::Product; +use codex_protocol::protocol::SkillScope; +use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; + +use crate::catalog::SkillAuthority; +use crate::catalog::SkillCatalog; +use crate::catalog::SkillCatalogEntry; +use crate::catalog::SkillPackageId; +use crate::catalog::SkillProviderError; +use crate::catalog::SkillReadResult; +use crate::catalog::SkillResourceId; +use crate::catalog::SkillSearchResult; +use crate::catalog::SkillSourceKind; +use crate::provider::SkillListQuery; +use crate::provider::SkillProvider; +use crate::provider::SkillProviderFuture; +use crate::provider::SkillReadRequest; +use crate::provider::SkillSearchRequest; + +/// Discovers and reads skills through the filesystem owned by an execution environment. +#[derive(Clone, Debug)] +pub struct ExecutorSkillProvider { + environment_manager: Arc, + restriction_product: Option, +} + +impl ExecutorSkillProvider { + pub fn new_with_restriction_product( + environment_manager: Arc, + restriction_product: Option, + ) -> Self { + Self { + environment_manager, + restriction_product, + } + } +} + +impl SkillProvider for ExecutorSkillProvider { + fn list(&self, query: SkillListQuery) -> SkillProviderFuture<'_, SkillCatalog> { + Box::pin(async move { + let mut catalog = SkillCatalog::default(); + for selected_root in query.executor_roots { + let selected_root_id = selected_root.id; + let CapabilityRootLocation::Environment { + environment_id, + path, + } = selected_root.location; + let authority = + SkillAuthority::new(SkillSourceKind::Executor, selected_root_id.clone()); + let Some(environment) = self.environment_manager.get_environment(&environment_id) + else { + catalog.warnings.push(format!( + "Selected capability root `{selected_root_id}` references unavailable environment `{environment_id}`." + )); + continue; + }; + let root_path = match executor_absolute_path(&path) { + Ok(root_path) => root_path, + Err(err) => { + catalog.warnings.push(format!( + "Selected capability root `{selected_root_id}` has invalid path `{path}`: {err}" + )); + continue; + } + }; + let file_system = environment.get_filesystem(); + let outcome = filter_skill_load_outcome_for_product( + load_skills_from_roots([SkillRoot { + path: root_path.clone(), + scope: SkillScope::User, + file_system: Arc::clone(&file_system), + plugin_id: None, + plugin_root: None, + }]) + .await, + self.restriction_product, + ); + catalog.warnings.extend(outcome.errors.iter().map(|err| { + format!( + "Failed to load executor skill at {}: {}", + err.path.display(), + err.message + ) + })); + for (skill, enabled) in outcome.skills_with_enabled() { + catalog.push_entry(catalog_entry_from_skill( + skill, + enabled, + authority.clone(), + &selected_root_id, + &environment_id, + )); + } + } + + Ok(catalog) + }) + } + + fn read(&self, request: SkillReadRequest) -> SkillProviderFuture<'_, SkillReadResult> { + Box::pin(async move { + if request.authority.kind != SkillSourceKind::Executor { + return Err(SkillProviderError::new(format!( + "executor skill provider cannot read {} resources", + request.authority.kind + ))); + } + if request.package.0 != request.resource.as_str() { + return Err(SkillProviderError::new( + "executor skill resource does not match its package", + )); + } + let Some((environment_id, resource_path)) = request.resource.environment_path() else { + return Err(SkillProviderError::new( + "executor skill resource is not bound to an environment", + )); + }; + let Some(environment) = self.environment_manager.get_environment(environment_id) else { + return Err(SkillProviderError::new(format!( + "executor skill resource references unavailable environment `{environment_id}`" + ))); + }; + let resource_path = PathUri::from_abs_path(resource_path).map_err(|err| { + SkillProviderError::new(format!( + "failed to read executor skill resource {}: {err}", + request.resource.as_str() + )) + })?; + let contents = environment + .get_filesystem() + .read_file_text(&resource_path, /*sandbox*/ None) + .await + .map_err(|err| { + SkillProviderError::new(format!( + "failed to read executor skill resource {}: {err}", + request.resource.as_str() + )) + })?; + + Ok(SkillReadResult { + resource: request.resource, + contents, + }) + }) + } + + fn search(&self, _request: SkillSearchRequest) -> SkillProviderFuture<'_, SkillSearchResult> { + Box::pin(async { Ok(SkillSearchResult::default()) }) + } +} + +fn catalog_entry_from_skill( + skill: &SkillMetadata, + enabled: bool, + authority: SkillAuthority, + selected_root_id: &str, + environment_id: &str, +) -> SkillCatalogEntry { + let skill_path = skill.path_to_skills_md.to_string_lossy().into_owned(); + let normalized_path = skill_path.replace('\\', "/"); + let display_path = format!( + "skill://{selected_root_id}/{}", + normalized_path.trim_start_matches('/') + ); + let mut entry = SkillCatalogEntry::new( + SkillPackageId(display_path.clone()), + authority, + skill.name.clone(), + skill.description.clone(), + SkillResourceId::environment( + display_path.clone(), + environment_id, + skill.path_to_skills_md.clone(), + ), + ) + .with_short_description(skill.short_description.clone()) + .with_display_path(display_path) + .with_dependencies(skill.dependencies.clone()); + + if !enabled { + entry = entry.disabled(); + } + if !skill.allows_implicit_invocation() { + entry = entry.hidden_from_prompt(); + } + + entry +} + +fn executor_absolute_path(path: &str) -> std::io::Result { + let path = PathBuf::from(path); + if !path.is_absolute() { + return Err(std::io::Error::new( + std::io::ErrorKind::InvalidInput, + "executor path must be absolute", + )); + } + AbsolutePathBuf::from_absolute_path_checked(path) +} diff --git a/codex-rs/ext/skills/src/provider/host.rs b/codex-rs/ext/skills/src/provider/host.rs index 27293aa1d50..63d0d4588c8 100644 --- a/codex-rs/ext/skills/src/provider/host.rs +++ b/codex-rs/ext/skills/src/provider/host.rs @@ -55,12 +55,12 @@ impl SkillProvider for HostSkillProvider { }; let Some(skill) = host_loaded_skills.outcome().skills.iter().find(|skill| { let skill_path = skill.path_to_skills_md.to_string_lossy(); - skill_path == request.resource.0.as_str() - || skill_path.replace('\\', "/") == request.resource.0 + skill_path == request.resource.as_str() + || skill_path.replace('\\', "/") == request.resource.as_str() }) else { return Err(SkillProviderError::new(format!( "host skill resource is not loaded: {}", - request.resource.0 + request.resource.as_str() ))); }; @@ -70,7 +70,7 @@ impl SkillProvider for HostSkillProvider { .map_err(|err| { SkillProviderError::new(format!( "failed to read host skill resource {}: {err}", - request.resource.0 + request.resource.as_str() )) })?; @@ -117,7 +117,7 @@ fn catalog_entry_from_skill(skill: &SkillMetadata, enabled: bool) -> SkillCatalo SkillAuthority::new(SkillSourceKind::Host, HOST_AUTHORITY_ID), skill.name.clone(), skill.description.clone(), - SkillResourceId(skill_path), + SkillResourceId::new(skill_path), ) .with_short_description(skill.short_description.clone()) .with_display_path(display_path) diff --git a/codex-rs/ext/skills/src/provider/orchestrator.rs b/codex-rs/ext/skills/src/provider/orchestrator.rs new file mode 100644 index 00000000000..045b67de62c --- /dev/null +++ b/codex-rs/ext/skills/src/provider/orchestrator.rs @@ -0,0 +1,327 @@ +use std::collections::HashSet; +use std::time::Duration; + +use codex_mcp::CODEX_APPS_MCP_SERVER_NAME; +use codex_protocol::mcp::Resource; +use codex_protocol::mcp::ResourceContent; +use url::Url; + +use crate::catalog::SkillAuthority; +use crate::catalog::SkillCatalog; +use crate::catalog::SkillCatalogEntry; +use crate::catalog::SkillPackageId; +use crate::catalog::SkillProviderError; +use crate::catalog::SkillReadResult; +use crate::catalog::SkillResourceId; +use crate::catalog::SkillSearchResult; +use crate::catalog::SkillSourceKind; +use crate::provider::SkillListQuery; +use crate::provider::SkillProvider; +use crate::provider::SkillProviderFuture; +use crate::provider::SkillReadRequest; +use crate::provider::SkillSearchRequest; + +const ORCHESTRATOR_SKILL_MIME_TYPE: &str = "mcp/skill"; +const ORCHESTRATOR_SKILL_DISCOVERY_TIMEOUT: Duration = Duration::from_secs(10); +const ORCHESTRATOR_SKILL_READ_TIMEOUT: Duration = Duration::from_secs(10); +const MAX_RESOURCE_PAGES: usize = 10; +const MAX_ORCHESTRATOR_SKILLS: usize = 100; +const MAX_SKILL_NAME_CHARS: usize = 64; +const MAX_QUALIFIED_SKILL_NAME_CHARS: usize = 128; +const MAX_SKILL_DESCRIPTION_CHARS: usize = 1_024; +const MAX_SKILL_PACKAGE_URI_CHARS: usize = 1_024; +const MAX_SKILL_RESOURCE_URI_CHARS: usize = 2_048; +const MAX_SKILL_RESOURCE_CONTENT_BYTES: usize = 1024 * 1024; + +/// Discovers and reads skills owned by the orchestrator. +/// +/// The provider uses session-scoped resources without exposing the transport or +/// resource server to callers that configure the skills extension. +#[derive(Clone, Debug, Default)] +pub struct OrchestratorSkillProvider; + +impl OrchestratorSkillProvider { + pub fn new() -> Self { + Self + } +} + +impl SkillProvider for OrchestratorSkillProvider { + fn list(&self, query: SkillListQuery) -> SkillProviderFuture<'_, SkillCatalog> { + Box::pin(async move { + let Some(client) = query.mcp_resources else { + return Ok(SkillCatalog::default()); + }; + if !client.has_server(CODEX_APPS_MCP_SERVER_NAME).await { + return Ok(SkillCatalog::default()); + } + + let discovery_deadline = + tokio::time::Instant::now() + ORCHESTRATOR_SKILL_DISCOVERY_TIMEOUT; + let mut catalog = SkillCatalog::default(); + let mut cursor = None; + let mut seen_cursors = HashSet::new(); + let mut skill_resources_seen = 0usize; + let mut skipped_resources = 0usize; + let mut truncated = false; + let mut completed_pages = 0usize; + + for _ in 0..MAX_RESOURCE_PAGES { + let page = match tokio::time::timeout_at( + discovery_deadline, + client.list_resources(CODEX_APPS_MCP_SERVER_NAME, cursor.clone()), + ) + .await + { + Ok(result) => result.map_err(|err| { + SkillProviderError::new(format!( + "failed to list orchestrator skill resources: {err:#}" + )) + }), + Err(_) => Err(SkillProviderError::new(format!( + "orchestrator skill discovery timed out after {ORCHESTRATOR_SKILL_DISCOVERY_TIMEOUT:?}" + ))), + }; + let result = match page { + Ok(result) => result, + Err(err) if completed_pages == 0 => return Err(err), + Err(err) => { + let page_word = if completed_pages == 1 { + "page" + } else { + "pages" + }; + catalog.warnings.push(format!( + "Orchestrator skill discovery stopped after {completed_pages} resource {page_word}: {}", + err.message + )); + cursor = None; + break; + } + }; + completed_pages = completed_pages.saturating_add(1); + + for resource in &result.resources { + if resource.mime_type.as_deref() != Some(ORCHESTRATOR_SKILL_MIME_TYPE) { + continue; + } + if skill_resources_seen >= MAX_ORCHESTRATOR_SKILLS { + truncated = true; + break; + } + skill_resources_seen = skill_resources_seen.saturating_add(1); + match catalog_entry_from_resource(resource) { + Some(entry) => catalog.push_entry(entry), + None => skipped_resources = skipped_resources.saturating_add(1), + } + } + + if truncated { + break; + } + let Some(next_cursor) = result.next_cursor else { + cursor = None; + break; + }; + if !seen_cursors.insert(next_cursor.clone()) { + catalog.warnings.push( + "Orchestrator skill resource pagination returned a duplicate cursor." + .to_string(), + ); + cursor = None; + break; + } + cursor = Some(next_cursor); + } + + if cursor.is_some() || truncated { + catalog.warnings.push(format!( + "Orchestrator skill discovery was truncated at {MAX_ORCHESTRATOR_SKILLS} skills or {MAX_RESOURCE_PAGES} resource pages." + )); + } + if skipped_resources > 0 { + catalog.warnings.push(format!( + "Skipped {skipped_resources} malformed orchestrator skill resources." + )); + } + + Ok(catalog) + }) + } + + fn read(&self, request: SkillReadRequest) -> SkillProviderFuture<'_, SkillReadResult> { + Box::pin(async move { + if request.authority + != SkillAuthority::new(SkillSourceKind::Orchestrator, CODEX_APPS_MCP_SERVER_NAME) + { + return Err(SkillProviderError::new(format!( + "orchestrator skill provider cannot read authority {}", + request.authority.id + ))); + } + if !resource_belongs_to_package(&request.package.0, request.resource.as_str()) { + return Err(SkillProviderError::new( + "orchestrator skill resource does not match its package", + )); + } + + let Some(client) = request.mcp_resources.as_ref() else { + return Err(SkillProviderError::new( + "session MCP resource client is not configured", + )); + }; + let result = tokio::time::timeout( + ORCHESTRATOR_SKILL_READ_TIMEOUT, + client.read_resource(CODEX_APPS_MCP_SERVER_NAME, request.resource.as_str()), + ) + .await + .map_err(|_| { + SkillProviderError::new(format!( + "orchestrator skill read timed out after {ORCHESTRATOR_SKILL_READ_TIMEOUT:?}" + )) + })? + .map_err(|err| { + SkillProviderError::new(format!( + "failed to read orchestrator skill resource {}: {err:#}", + request.resource.as_str() + )) + })?; + let contents = result + .contents + .into_iter() + .find_map(|contents| match contents { + ResourceContent::Text { uri, text, .. } if uri == request.resource.as_str() => { + Some(text) + } + ResourceContent::Text { .. } | ResourceContent::Blob { .. } => None, + }); + let Some(contents) = contents else { + return Err(SkillProviderError::new(format!( + "orchestrator skill resource {} did not return matching text contents", + request.resource.as_str() + ))); + }; + if contents.len() > MAX_SKILL_RESOURCE_CONTENT_BYTES { + return Err(SkillProviderError::new(format!( + "orchestrator skill resource {} exceeds the {MAX_SKILL_RESOURCE_CONTENT_BYTES}-byte read limit", + request.resource.as_str() + ))); + } + + Ok(SkillReadResult { + resource: request.resource, + contents, + }) + }) + } + + fn search(&self, _request: SkillSearchRequest) -> SkillProviderFuture<'_, SkillSearchResult> { + Box::pin(async { Ok(SkillSearchResult::default()) }) + } +} + +fn catalog_entry_from_resource(resource: &Resource) -> Option { + let uri = validated_skill_uri(resource.uri.as_str(), MAX_SKILL_PACKAGE_URI_CHARS)?; + let meta = resource.meta.as_ref()?.as_object()?; + let skill_name = normalized_label(meta.get("skill_name")?.as_str()?, MAX_SKILL_NAME_CHARS)?; + let name = if meta.get("source").and_then(|value| value.as_str()) == Some("user") { + skill_name + } else { + let plugin_name = + normalized_label(meta.get("plugin_name")?.as_str()?, MAX_SKILL_NAME_CHARS)?; + let qualified_name = format!("{plugin_name}:{skill_name}"); + (qualified_name.chars().count() <= MAX_QUALIFIED_SKILL_NAME_CHARS) + .then_some(qualified_name)? + }; + let description = normalized_description(resource.description.as_deref().unwrap_or_default())?; + let main_prompt = main_prompt_uri(uri); + + Some( + SkillCatalogEntry::new( + SkillPackageId(uri.to_string()), + SkillAuthority::new(SkillSourceKind::Orchestrator, CODEX_APPS_MCP_SERVER_NAME), + name, + description, + SkillResourceId::new(main_prompt), + ) + .with_display_path(uri), + ) +} + +fn validated_skill_uri(uri: &str, max_chars: usize) -> Option<&str> { + validated_skill_url(uri, max_chars).map(|_| uri) +} + +fn validated_skill_url(uri: &str, max_chars: usize) -> Option { + if uri.chars().count() > max_chars + || uri + .chars() + .any(|ch| ch.is_control() || ch.is_whitespace() || matches!(ch, '<' | '>')) + { + return None; + } + + let url = Url::parse(uri).ok()?; + let path_is_valid = url.path_segments().is_some_and(|segments| { + let segments = segments.collect::>(); + !segments.is_empty() && segments.iter().all(|segment| !segment.is_empty()) + }); + (url.scheme() == "skill" + && url.as_str() == uri + && url.host_str().is_some_and(|host| !host.is_empty()) + && url.username().is_empty() + && url.password().is_none() + && url.port().is_none() + && url.query().is_none() + && url.fragment().is_none() + && path_is_valid) + .then_some(url) +} + +fn resource_belongs_to_package(package: &str, resource: &str) -> bool { + let Some(package) = validated_skill_url(package, MAX_SKILL_PACKAGE_URI_CHARS) else { + return false; + }; + let Some(resource) = validated_skill_url(resource, MAX_SKILL_RESOURCE_URI_CHARS) else { + return false; + }; + + let Some(package_segments) = package.path_segments() else { + return false; + }; + let Some(resource_segments) = resource.path_segments() else { + return false; + }; + let package_segments = package_segments.collect::>(); + let resource_segments = resource_segments.collect::>(); + + package.scheme() == resource.scheme() + && package.host_str() == resource.host_str() + && resource_segments.len() > package_segments.len() + && resource_segments.starts_with(&package_segments) +} + +fn normalized_label(value: &str, max_chars: usize) -> Option { + let value = normalized_single_line(value, max_chars)?; + let invalid = value.is_empty() || value.chars().any(|ch| matches!(ch, '&' | '<' | '>')); + (!invalid).then_some(value) +} + +fn normalized_description(value: &str) -> Option { + normalized_single_line(value, MAX_SKILL_DESCRIPTION_CHARS).map(|value| { + value + .replace('&', "&") + .replace('<', "<") + .replace('>', ">") + }) +} + +fn normalized_single_line(value: &str, max_chars: usize) -> Option { + let value = value.split_whitespace().collect::>().join(" "); + let valid = value.chars().count() <= max_chars && !value.chars().any(char::is_control); + valid.then_some(value) +} + +fn main_prompt_uri(package_uri: &str) -> String { + format!("{}/SKILL.md", package_uri.trim_end_matches('/')) +} diff --git a/codex-rs/ext/skills/src/render.rs b/codex-rs/ext/skills/src/render.rs index 157ae4bff31..d913e4161cf 100644 --- a/codex-rs/ext/skills/src/render.rs +++ b/codex-rs/ext/skills/src/render.rs @@ -1,38 +1,19 @@ -use codex_core_skills::render_available_skills_body; -use codex_extension_api::ContextualUserFragment; -use codex_protocol::protocol::SKILLS_INSTRUCTIONS_CLOSE_TAG; -use codex_protocol::protocol::SKILLS_INSTRUCTIONS_OPEN_TAG; +use codex_utils_string::take_bytes_at_char_boundary; use crate::catalog::SkillCatalog; +use crate::catalog::SkillCatalogEntry; +use crate::catalog::SkillSourceKind; +use crate::fragments::AvailableSkillsInstructions; -const MAX_AVAILABLE_SKILLS_CHARS: usize = 8_000; -const MAX_MAIN_PROMPT_CHARS: usize = 40_000; +const MAX_AVAILABLE_SKILLS_BYTES: usize = 8_000; +const MAX_MAIN_PROMPT_BYTES: usize = 8_000; +pub(crate) const MAX_SKILL_NAME_BYTES: usize = 256; +pub(crate) const MAX_SKILL_PATH_BYTES: usize = 1_024; -#[derive(Debug, Clone, PartialEq, Eq)] -pub(crate) struct AvailableSkillsFragment { - body: String, -} - -impl ContextualUserFragment for AvailableSkillsFragment { - fn role(&self) -> &'static str { - "developer" - } - - fn markers(&self) -> (&'static str, &'static str) { - Self::type_markers() - } - - fn body(&self) -> String { - self.body.clone() - } - - fn type_markers() -> (&'static str, &'static str) { - (SKILLS_INSTRUCTIONS_OPEN_TAG, SKILLS_INSTRUCTIONS_CLOSE_TAG) - } -} - -pub(crate) fn available_skills_fragment(catalog: &SkillCatalog) -> Option { - let mut total_chars = 0usize; +pub(crate) fn available_skills_fragment( + catalog: &SkillCatalog, +) -> Option { + let mut total_bytes = 0usize; let mut omitted = 0usize; let mut skill_lines = Vec::new(); @@ -45,13 +26,13 @@ pub(crate) fn available_skills_fragment(catalog: &SkillCatalog) -> Option MAX_AVAILABLE_SKILLS_CHARS { + let line = render_skill_line(entry, description); + let next_bytes = total_bytes.saturating_add(line.len()); + if next_bytes > MAX_AVAILABLE_SKILLS_BYTES { omitted = omitted.saturating_add(1); continue; } - total_chars = next_chars; + total_bytes = next_bytes; skill_lines.push(line); } @@ -65,26 +46,30 @@ pub(crate) fn available_skills_fragment(catalog: &SkillCatalog) -> Option String { +fn render_skill_line(entry: &SkillCatalogEntry, description: &str) -> String { + let locator_kind = match &entry.authority.kind { + SkillSourceKind::Host => "file", + SkillSourceKind::Executor => "environment resource", + SkillSourceKind::Orchestrator => "orchestrator resource", + SkillSourceKind::Custom(_) => "custom resource", + }; + let name = entry.name.as_str(); + let path = entry.rendered_path(); if description.is_empty() { - format!("- {name}: (file: {path})") + format!("- {name}: ({locator_kind}: {path})") } else { - format!("- {name}: {description} (file: {path})") + format!("- {name}: {description} ({locator_kind}: {path})") } } pub(crate) fn truncate_main_prompt_contents(contents: &str) -> (String, bool) { - let mut chars = 0usize; - for (index, _) in contents.char_indices() { - if chars == MAX_MAIN_PROMPT_CHARS { - return (contents[..index].to_string(), true); - } - chars = chars.saturating_add(1); - } - (contents.to_string(), false) + truncate_utf8_to_bytes(contents, MAX_MAIN_PROMPT_BYTES) +} + +pub(crate) fn truncate_utf8_to_bytes(contents: &str, max_bytes: usize) -> (String, bool) { + let truncated = take_bytes_at_char_boundary(contents, max_bytes); + (truncated.to_string(), truncated.len() < contents.len()) } diff --git a/codex-rs/ext/skills/src/selection.rs b/codex-rs/ext/skills/src/selection.rs index c4405142e53..cfea2e3abd9 100644 --- a/codex-rs/ext/skills/src/selection.rs +++ b/codex-rs/ext/skills/src/selection.rs @@ -93,12 +93,12 @@ fn push_selected( } fn entry_matches_path(entry: &SkillCatalogEntry, path: &str) -> bool { - entry.main_prompt.0 == path + entry.main_prompt.as_str() == path || entry.id.0 == path || entry .display_path .as_deref() - .is_some_and(|display_path| display_path == path) + .is_some_and(|display_path| normalize_skill_path(display_path) == path) } fn path_is_skill(path: &str) -> bool { diff --git a/codex-rs/ext/skills/src/sources.rs b/codex-rs/ext/skills/src/sources.rs index 9049fcb5504..d558c13b3ba 100644 --- a/codex-rs/ext/skills/src/sources.rs +++ b/codex-rs/ext/skills/src/sources.rs @@ -3,6 +3,7 @@ use std::sync::Arc; use crate::catalog::SkillCatalog; use crate::catalog::SkillProviderError; +use crate::catalog::SkillProviderResult; use crate::catalog::SkillReadResult; use crate::catalog::SkillSearchResult; use crate::catalog::SkillSourceKind; @@ -39,15 +40,15 @@ impl SkillProviderSource { Self::new(SkillSourceKind::Executor, label, provider) } - pub fn remote(label: impl Into, provider: Arc) -> Self { - Self::new(SkillSourceKind::Remote, label, provider) + pub fn orchestrator(label: impl Into, provider: Arc) -> Self { + Self::new(SkillSourceKind::Orchestrator, label, provider) } fn should_list(&self, query: &SkillListQuery) -> bool { match &self.kind { SkillSourceKind::Host => query.include_host_skills, - SkillSourceKind::Executor => !query.executor_authorities.is_empty(), - SkillSourceKind::Remote => query.include_remote_skills, + SkillSourceKind::Executor => !query.executor_roots.is_empty(), + SkillSourceKind::Orchestrator => query.include_orchestrator_skills, SkillSourceKind::Custom(_) => true, } } @@ -94,20 +95,54 @@ impl SkillProviders { self } - pub fn with_remote_provider(mut self, provider: Arc) -> Self { + pub fn with_orchestrator_provider(mut self, provider: Arc) -> Self { self.sources - .push(SkillProviderSource::remote("remote", provider)); + .push(SkillProviderSource::orchestrator("orchestrator", provider)); self } + pub(crate) fn has_orchestrator_provider(&self) -> bool { + self.sources + .iter() + .any(|source| source.kind == SkillSourceKind::Orchestrator) + } + pub(crate) async fn list_for_turn(&self, query: SkillListQuery) -> SkillCatalog { + self.list_matching(&query, |source| source.should_list(&query)) + .await + } + + pub(crate) async fn list_orchestrator_for_turn( + &self, + query: SkillListQuery, + ) -> SkillProviderResult { let mut catalog = SkillCatalog::default(); for source in self .sources .iter() - .filter(|source| source.should_list(&query)) + .filter(|source| source.kind == SkillSourceKind::Orchestrator) { + let source_catalog = source.provider.list(query.clone()).await.map_err(|err| { + SkillProviderError::new(format!( + "{} skills unavailable: {}", + source.label, err.message + )) + })?; + catalog.extend(source_catalog); + } + + Ok(catalog) + } + + async fn list_matching( + &self, + query: &SkillListQuery, + should_list: impl Fn(&SkillProviderSource) -> bool, + ) -> SkillCatalog { + let mut catalog = SkillCatalog::default(); + + for source in self.sources.iter().filter(|source| should_list(source)) { extend_catalog( &mut catalog, source.provider.list(query.clone()).await, diff --git a/codex-rs/ext/skills/src/state.rs b/codex-rs/ext/skills/src/state.rs index 4a639eb5f02..0616ae4d712 100644 --- a/codex-rs/ext/skills/src/state.rs +++ b/codex-rs/ext/skills/src/state.rs @@ -1,33 +1,29 @@ -use codex_core::config::Config; +use codex_protocol::capabilities::SelectedCapabilityRoot; +use std::future::Future; use std::sync::Mutex; +use tokio::sync::OnceCell; +use crate::SkillsExtensionConfig; use crate::catalog::SkillCatalog; use crate::catalog::SkillCatalogEntry; - -#[derive(Clone, Debug, PartialEq, Eq)] -pub(crate) struct SkillsExtensionConfig { - pub(crate) include_instructions: bool, - pub(crate) bundled_skills_enabled: bool, -} - -impl SkillsExtensionConfig { - pub(crate) fn from_config(config: &Config) -> Self { - Self { - include_instructions: config.include_skill_instructions, - bundled_skills_enabled: config.bundled_skills_enabled(), - } - } -} +use crate::catalog::SkillProviderError; #[derive(Debug)] pub(crate) struct SkillsThreadState { config: Mutex, + selected_roots: Vec, + orchestrator_catalog: OnceCell, } impl SkillsThreadState { - pub(crate) fn new(config: SkillsExtensionConfig) -> Self { + pub(crate) fn new( + config: SkillsExtensionConfig, + selected_roots: Vec, + ) -> Self { Self { config: Mutex::new(config), + selected_roots, + orchestrator_catalog: OnceCell::new(), } } @@ -44,6 +40,25 @@ impl SkillsThreadState { .lock() .unwrap_or_else(std::sync::PoisonError::into_inner) = config; } + + pub(crate) fn selected_roots(&self) -> &[SelectedCapabilityRoot] { + &self.selected_roots + } + + pub(crate) async fn orchestrator_catalog_snapshot( + &self, + initialize: impl Future> + Send, + ) -> SkillCatalog { + self.orchestrator_catalog + .get_or_init(|| async { + initialize.await.unwrap_or_else(|err| SkillCatalog { + warnings: vec![err.message], + ..Default::default() + }) + }) + .await + .clone() + } } #[derive(Clone, Debug, Default, PartialEq, Eq)] diff --git a/codex-rs/ext/skills/src/tools/list.rs b/codex-rs/ext/skills/src/tools/list.rs new file mode 100644 index 00000000000..31cb68003d6 --- /dev/null +++ b/codex-rs/ext/skills/src/tools/list.rs @@ -0,0 +1,112 @@ +use codex_extension_api::ToolCall; +use codex_extension_api::ToolExecutor; +use codex_extension_api::ToolExecutorFuture; +use codex_extension_api::ToolName; +use codex_extension_api::ToolSpec; +use schemars::JsonSchema; +use serde::Deserialize; +use serde::Serialize; + +use crate::catalog::SkillCatalogEntry; +use crate::render::truncate_utf8_to_bytes; + +use super::MAX_HANDLE_BYTES; +use super::SkillToolAuthority; +use super::SkillToolContext; +use super::external_json_output; +use super::is_bounded_handle; +use super::parse_args; +use super::skill_function_tool; +use super::skill_tool_name; + +const TOOL_NAME: &str = "list"; +const MAX_WARNINGS: usize = 4; +const MAX_WARNING_BYTES: usize = 256; + +#[derive(Deserialize, JsonSchema)] +#[serde(deny_unknown_fields)] +struct ListArgs { + authority: SkillToolAuthority, +} + +#[derive(Debug, Eq, JsonSchema, PartialEq, Serialize)] +#[schemars(deny_unknown_fields)] +struct ListedSkill { + authority: SkillToolAuthority, + package: String, + name: String, + description: String, + main_resource: String, +} + +#[derive(Debug, Eq, JsonSchema, PartialEq, Serialize)] +#[schemars(deny_unknown_fields)] +struct ListResponse { + skills: Vec, + warnings: Vec, +} + +#[derive(Clone)] +pub(super) struct ListTool { + pub(super) context: SkillToolContext, +} + +impl ToolExecutor for ListTool { + fn tool_name(&self) -> ToolName { + skill_tool_name(TOOL_NAME) + } + + fn spec(&self) -> ToolSpec { + skill_function_tool::( + TOOL_NAME, + "List enabled skills owned by the requested authority. Only orchestrator-owned skills are currently supported. Returns the opaque package and main-resource handles required by skills.read.", + ) + } + + fn handle(&self, call: ToolCall) -> ToolExecutorFuture<'_> { + Box::pin(async move { + let args: ListArgs = parse_args(&call)?; + let authority = args.authority.into_authority(); + let catalog = self.context.catalog(&call.turn_id, args.authority).await; + let response = ListResponse { + skills: catalog + .entries + .into_iter() + .filter(|entry| entry.enabled && entry.authority == authority) + .filter_map(listed_skill) + .collect(), + warnings: bounded_warnings(catalog.warnings), + }; + + external_json_output(&response) + }) + } +} + +fn listed_skill(entry: SkillCatalogEntry) -> Option { + let authority = SkillToolAuthority::from_authority(&entry.authority)?; + if !is_bounded_handle(&entry.id.0, MAX_HANDLE_BYTES) + || !is_bounded_handle(entry.main_prompt.as_str(), MAX_HANDLE_BYTES) + { + return None; + } + + Some(ListedSkill { + authority, + package: entry.id.0, + name: entry.name, + description: entry.description, + main_resource: entry.main_prompt.as_str().to_string(), + }) +} + +fn bounded_warnings(warnings: Vec) -> Vec { + warnings + .into_iter() + .take(MAX_WARNINGS) + .map(|warning| { + let (warning, _) = truncate_utf8_to_bytes(&warning, MAX_WARNING_BYTES); + warning + }) + .collect() +} diff --git a/codex-rs/ext/skills/src/tools/mod.rs b/codex-rs/ext/skills/src/tools/mod.rs new file mode 100644 index 00000000000..12b050338e7 --- /dev/null +++ b/codex-rs/ext/skills/src/tools/mod.rs @@ -0,0 +1,160 @@ +use std::sync::Arc; + +use codex_extension_api::FunctionCallError; +use codex_extension_api::JsonToolOutput; +use codex_extension_api::ResponsesApiTool; +use codex_extension_api::ToolCall; +use codex_extension_api::ToolExecutor; +use codex_extension_api::ToolName; +use codex_extension_api::ToolOutput; +use codex_extension_api::ToolSpec; +use codex_extension_api::parse_tool_input_schema; +use codex_mcp::CODEX_APPS_MCP_SERVER_NAME; +use codex_mcp::McpResourceClient; +use codex_tools::ResponsesApiNamespace; +use codex_tools::ResponsesApiNamespaceTool; +use codex_tools::default_namespace_description; +use schemars::JsonSchema; +use serde::Deserialize; +use serde::Serialize; +use serde_json::Value; + +use crate::catalog::SkillAuthority; +use crate::catalog::SkillCatalog; +use crate::catalog::SkillSourceKind; +use crate::provider::SkillListQuery; +use crate::sources::SkillProviders; + +mod list; +mod read; +mod schema; + +const SKILLS_NAMESPACE: &str = "skills"; +const MAX_HANDLE_BYTES: usize = 2_048; + +pub(crate) fn skill_tools( + providers: SkillProviders, + mcp_resources: Option>, +) -> Vec>> { + let context = SkillToolContext { + providers, + mcp_resources, + }; + vec![ + Arc::new(list::ListTool { + context: context.clone(), + }), + Arc::new(read::ReadTool { context }), + ] +} + +#[derive(Clone)] +struct SkillToolContext { + providers: SkillProviders, + mcp_resources: Option>, +} + +impl SkillToolContext { + async fn catalog(&self, turn_id: &str, authority: SkillToolAuthority) -> SkillCatalog { + match authority { + SkillToolAuthority::Orchestrator => match self + .providers + .list_orchestrator_for_turn(SkillListQuery { + turn_id: turn_id.to_string(), + executor_roots: Vec::new(), + host: None, + include_host_skills: false, + include_bundled_skills: false, + include_orchestrator_skills: true, + mcp_resources: self.mcp_resources.clone(), + }) + .await + { + Ok(catalog) => catalog, + Err(err) => SkillCatalog { + warnings: vec![err.message], + ..Default::default() + }, + }, + } + } +} + +#[derive(Clone, Copy, Debug, Deserialize, Eq, JsonSchema, PartialEq, Serialize)] +#[serde(tag = "kind", rename_all = "snake_case", deny_unknown_fields)] +enum SkillToolAuthority { + Orchestrator, +} + +impl SkillToolAuthority { + fn from_authority(authority: &SkillAuthority) -> Option { + if authority + != &SkillAuthority::new(SkillSourceKind::Orchestrator, CODEX_APPS_MCP_SERVER_NAME) + { + return None; + } + Some(Self::Orchestrator) + } + + fn into_authority(self) -> SkillAuthority { + match self { + Self::Orchestrator => { + SkillAuthority::new(SkillSourceKind::Orchestrator, CODEX_APPS_MCP_SERVER_NAME) + } + } + } +} + +fn skill_tool_name(name: &str) -> ToolName { + ToolName::namespaced(SKILLS_NAMESPACE, name) +} + +fn skill_function_tool(name: &str, description: &str) -> ToolSpec { + let tool = ResponsesApiTool { + name: name.to_string(), + description: description.to_string(), + strict: false, + defer_loading: None, + parameters: parse_tool_input_schema(&schema::input_schema_for::()) + .unwrap_or_else(|err| panic!("generated input schema for {name} should parse: {err}")), + output_schema: Some(schema::output_schema_for::()), + }; + + ToolSpec::Namespace(ResponsesApiNamespace { + name: SKILLS_NAMESPACE.to_string(), + description: default_namespace_description(SKILLS_NAMESPACE), + tools: vec![ResponsesApiNamespaceTool::Function(tool)], + }) +} + +fn parse_args Deserialize<'de>>(call: &ToolCall) -> Result { + let arguments = call.function_arguments()?; + let value = if arguments.trim().is_empty() { + Value::Object(serde_json::Map::new()) + } else { + serde_json::from_str(arguments) + .map_err(|err| FunctionCallError::RespondToModel(err.to_string()))? + }; + serde_json::from_value(value).map_err(|err| FunctionCallError::RespondToModel(err.to_string())) +} + +fn validate_handle(name: &str, value: &str, max_bytes: usize) -> Result<(), FunctionCallError> { + if is_bounded_handle(value, max_bytes) { + return Ok(()); + } + + Err(FunctionCallError::RespondToModel(format!( + "{name} must be non-empty, contain no control characters, and be at most {max_bytes} bytes" + ))) +} + +fn is_bounded_handle(value: &str, max_bytes: usize) -> bool { + !value.is_empty() && value.len() <= max_bytes && !value.chars().any(char::is_control) +} + +fn external_json_output(value: &T) -> Result, FunctionCallError> { + let value = serde_json::to_value(value).map_err(|err| { + FunctionCallError::Fatal(format!("failed to serialize tool output: {err}")) + })?; + Ok(Box::new(JsonToolOutput::new(value).with_external_context())) +} diff --git a/codex-rs/ext/skills/src/tools/read.rs b/codex-rs/ext/skills/src/tools/read.rs new file mode 100644 index 00000000000..e8b29905b27 --- /dev/null +++ b/codex-rs/ext/skills/src/tools/read.rs @@ -0,0 +1,109 @@ +use codex_extension_api::FunctionCallError; +use codex_extension_api::ToolCall; +use codex_extension_api::ToolExecutor; +use codex_extension_api::ToolExecutorFuture; +use codex_extension_api::ToolName; +use codex_extension_api::ToolSpec; +use schemars::JsonSchema; +use serde::Deserialize; +use serde::Serialize; + +use crate::catalog::SkillPackageId; +use crate::catalog::SkillResourceId; +use crate::provider::SkillReadRequest; + +use super::MAX_HANDLE_BYTES; +use super::SkillToolAuthority; +use super::SkillToolContext; +use super::external_json_output; +use super::parse_args; +use super::skill_function_tool; +use super::skill_tool_name; +use super::validate_handle; + +const TOOL_NAME: &str = "read"; + +#[derive(Deserialize, JsonSchema)] +#[serde(deny_unknown_fields)] +struct ReadArgs { + authority: SkillToolAuthority, + package: String, + resource: String, +} + +#[derive(Debug, Eq, JsonSchema, PartialEq, Serialize)] +#[schemars(deny_unknown_fields)] +struct ReadResponse { + resource: String, + contents: String, +} + +#[derive(Clone)] +pub(super) struct ReadTool { + pub(super) context: SkillToolContext, +} + +impl ToolExecutor for ReadTool { + fn tool_name(&self) -> ToolName { + skill_tool_name(TOOL_NAME) + } + + fn spec(&self) -> ToolSpec { + skill_function_tool::( + TOOL_NAME, + "Read one complete resource from an enabled skill. Pass the exact authority and package returned by skills.list; resource identifiers remain opaque and are routed to that authority.", + ) + } + + fn handle(&self, call: ToolCall) -> ToolExecutorFuture<'_> { + Box::pin(async move { + let args: ReadArgs = parse_args(&call)?; + let authority = args.authority.into_authority(); + validate_handle("package", &args.package, MAX_HANDLE_BYTES)?; + validate_handle("resource", &args.resource, MAX_HANDLE_BYTES)?; + + let catalog = self.context.catalog(&call.turn_id, args.authority).await; + let package_is_available = catalog.entries.iter().any(|entry| { + entry.enabled && entry.authority == authority && entry.id.0 == args.package + }); + if !package_is_available { + return Err(FunctionCallError::RespondToModel( + "skill package is not available from the requested authority".to_string(), + )); + } + + let requested_resource = SkillResourceId::new(args.resource); + let result = self + .context + .providers + .read(SkillReadRequest { + authority, + package: SkillPackageId(args.package), + resource: requested_resource.clone(), + host: None, + mcp_resources: self.context.mcp_resources.clone(), + }) + .await + .map_err(|err| { + tracing::warn!( + error = %err, + turn_id = %call.turn_id, + call_id = %call.call_id, + resource = requested_resource.as_str(), + "skills.read provider request failed" + ); + FunctionCallError::RespondToModel("failed to read skill resource".to_string()) + })?; + if result.resource != requested_resource { + return Err(FunctionCallError::Fatal( + "skill provider returned a different resource".to_string(), + )); + } + + external_json_output(&ReadResponse { + resource: result.resource.as_str().to_string(), + contents: result.contents, + }) + }) + } +} diff --git a/codex-rs/ext/skills/src/tools/schema.rs b/codex-rs/ext/skills/src/tools/schema.rs new file mode 100644 index 00000000000..d0e9425e470 --- /dev/null +++ b/codex-rs/ext/skills/src/tools/schema.rs @@ -0,0 +1,42 @@ +use schemars::JsonSchema; +use schemars::r#gen::SchemaSettings; +use serde_json::Map; +use serde_json::Value; + +pub(super) fn input_schema_for() -> Value { + schema_for::(/*option_add_null_type*/ false) +} + +pub(super) fn output_schema_for() -> Value { + schema_for::(/*option_add_null_type*/ true) +} + +fn schema_for(option_add_null_type: bool) -> Value { + let schema = SchemaSettings::draft2019_09() + .with(|settings| { + settings.inline_subschemas = true; + settings.option_add_null_type = option_add_null_type; + }) + .into_generator() + .into_root_schema_for::(); + let schema_value = serde_json::to_value(schema) + .unwrap_or_else(|err| panic!("generated skill tool schema should serialize: {err}")); + let Value::Object(mut schema_object) = schema_value else { + unreachable!("root tool schema must be an object"); + }; + + let mut tool_schema = Map::new(); + for key in [ + "properties", + "required", + "type", + "additionalProperties", + "$defs", + "definitions", + ] { + if let Some(value) = schema_object.remove(key) { + tool_schema.insert(key.to_string(), value); + } + } + Value::Object(tool_schema) +} diff --git a/codex-rs/ext/skills/tests/executor_file_system_authority.rs b/codex-rs/ext/skills/tests/executor_file_system_authority.rs new file mode 100644 index 00000000000..d5387abce26 --- /dev/null +++ b/codex-rs/ext/skills/tests/executor_file_system_authority.rs @@ -0,0 +1,279 @@ +use std::io; +use std::sync::Arc; +use std::sync::atomic::AtomicUsize; +use std::sync::atomic::Ordering; + +use codex_core_skills::HostLoadedSkills; +use codex_core_skills::loader::SkillRoot; +use codex_core_skills::loader::load_skills_from_roots; +use codex_exec_server::CopyOptions; +use codex_exec_server::CreateDirectoryOptions; +use codex_exec_server::EnvironmentManager; +use codex_exec_server::ExecutorFileSystem; +use codex_exec_server::ExecutorFileSystemFuture; +use codex_exec_server::FileMetadata; +use codex_exec_server::FileSystemSandboxContext; +use codex_exec_server::ReadDirectoryEntry; +use codex_exec_server::RemoveOptions; +use codex_protocol::capabilities::CapabilityRootLocation; +use codex_protocol::capabilities::SelectedCapabilityRoot; +use codex_protocol::protocol::SkillScope; +use codex_skills_extension::ExecutorSkillProvider; +use codex_skills_extension::provider::SkillListQuery; +use codex_skills_extension::provider::SkillProvider; +use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; +use pretty_assertions::assert_eq; + +const SKILL_CONTENTS: &str = + "---\nname: synthetic\ndescription: Synthetic executor skill.\n---\n\nEXECUTOR_ONLY_BODY\n"; +static NEXT_TEST_ROOT_ID: AtomicUsize = AtomicUsize::new(0); + +struct SyntheticFileSystem { + alias_root: AbsolutePathBuf, + canonical_root: AbsolutePathBuf, +} + +impl SyntheticFileSystem { + async fn canonicalize(&self, path: &PathUri) -> io::Result { + let path = path.to_abs_path()?; + if path == self.alias_root { + return PathUri::from_abs_path(&self.canonical_root); + } + self.metadata(&path)?; + PathUri::from_abs_path(&path) + } + + async fn read_file(&self, path: &PathUri) -> io::Result> { + if path.to_abs_path()? == self.canonical_root.join("skill/SKILL.md") { + Ok(SKILL_CONTENTS.as_bytes().to_vec()) + } else { + Err(io::Error::new(io::ErrorKind::NotFound, "not found")) + } + } + + async fn read_directory(&self, path: &PathUri) -> io::Result> { + let path = path.to_abs_path()?; + if path == self.canonical_root { + Ok(vec![ReadDirectoryEntry { + file_name: "skill".to_string(), + is_directory: true, + is_file: false, + }]) + } else if path == self.canonical_root.join("skill") { + Ok(vec![ReadDirectoryEntry { + file_name: "SKILL.md".to_string(), + is_directory: false, + is_file: true, + }]) + } else { + Err(io::Error::new(io::ErrorKind::NotFound, "not found")) + } + } + + fn metadata(&self, path: &AbsolutePathBuf) -> io::Result { + let skill_dir = self.canonical_root.join("skill"); + let skill_path = skill_dir.join("SKILL.md"); + let (is_directory, is_file) = if path == &self.canonical_root || path == &skill_dir { + (true, false) + } else if path == &skill_path { + (false, true) + } else { + return Err(io::Error::new(io::ErrorKind::NotFound, "not found")); + }; + Ok(FileMetadata { + is_directory, + is_file, + is_symlink: false, + created_at_ms: 0, + modified_at_ms: 0, + }) + } +} + +impl ExecutorFileSystem for SyntheticFileSystem { + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri> { + Box::pin(SyntheticFileSystem::canonicalize(self, path)) + } + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(SyntheticFileSystem::read_file(self, path)) + } + + fn write_file<'a>( + &'a self, + _path: &'a PathUri, + _contents: Vec, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { Err(io::Error::new(io::ErrorKind::Unsupported, "read only")) }) + } + + fn create_directory<'a>( + &'a self, + _path: &'a PathUri, + _options: CreateDirectoryOptions, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { Err(io::Error::new(io::ErrorKind::Unsupported, "read only")) }) + } + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata> { + Box::pin(async move { self.metadata(&path.to_abs_path()?) }) + } + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec> { + Box::pin(SyntheticFileSystem::read_directory(self, path)) + } + + fn remove<'a>( + &'a self, + _path: &'a PathUri, + _options: RemoveOptions, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { Err(io::Error::new(io::ErrorKind::Unsupported, "read only")) }) + } + + fn copy<'a>( + &'a self, + _source_path: &'a PathUri, + _destination_path: &'a PathUri, + _options: CopyOptions, + _sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()> { + Box::pin(async move { Err(io::Error::new(io::ErrorKind::Unsupported, "read only")) }) + } +} + +#[tokio::test] +async fn skill_loading_and_reads_use_the_supplied_executor_file_system() { + let test_root = + std::env::temp_dir().join(format!("codex-executor-skill-fs-{}", std::process::id())); + let alias_root = AbsolutePathBuf::from_absolute_path_checked(test_root.join("alias")) + .expect("absolute path"); + let canonical_root = AbsolutePathBuf::from_absolute_path_checked(test_root.join("canonical")) + .expect("absolute path"); + assert!(!alias_root.as_path().exists()); + assert!(!canonical_root.as_path().exists()); + + let outcome = load_skills_from_roots([SkillRoot { + path: alias_root.clone(), + scope: SkillScope::User, + file_system: Arc::new(SyntheticFileSystem { + alias_root, + canonical_root: canonical_root.clone(), + }), + plugin_id: None, + plugin_root: None, + }]) + .await; + assert_eq!(outcome.errors, Vec::new()); + assert_eq!(outcome.skills.len(), 1); + + let skill = outcome.skills[0].clone(); + assert_eq!(skill.name, "synthetic"); + assert_eq!( + skill.path_to_skills_md, + canonical_root.join("skill/SKILL.md") + ); + let loaded = HostLoadedSkills::new(Arc::new(outcome)); + assert_eq!( + loaded.read_skill_text(&skill).await.expect("skill body"), + SKILL_CONTENTS + ); +} + +#[tokio::test] +async fn selected_root_id_distinguishes_identical_executor_paths() { + let test_root = create_local_skill_root("root-identity").expect("create local skill root"); + let root_path = test_root.to_string_lossy().into_owned(); + let canonical_root = AbsolutePathBuf::from_absolute_path_checked(&test_root) + .expect("absolute skill root") + .canonicalize() + .expect("canonicalize skill root") + .to_string_lossy() + .replace('\\', "/"); + let provider = ExecutorSkillProvider::new_with_restriction_product( + Arc::new(EnvironmentManager::default_for_tests()), + /*restriction_product*/ None, + ); + let catalog = provider + .list(SkillListQuery { + turn_id: "turn-1".to_string(), + executor_roots: ["root-a", "root-b"] + .into_iter() + .map(|id| SelectedCapabilityRoot { + id: id.to_string(), + location: CapabilityRootLocation::Environment { + environment_id: "local".to_string(), + path: root_path.clone(), + }, + }) + .collect(), + host: None, + include_host_skills: false, + include_bundled_skills: true, + include_orchestrator_skills: false, + mcp_resources: None, + }) + .await + .expect("list executor skills"); + + assert_eq!( + catalog + .entries + .iter() + .map(|entry| ( + entry.authority.id.clone(), + entry.display_path.clone().expect("display path"), + )) + .collect::>(), + vec![ + ( + "root-a".to_string(), + format!( + "skill://root-a/{}/skill/SKILL.md", + canonical_root.trim_start_matches('/') + ), + ), + ( + "root-b".to_string(), + format!( + "skill://root-b/{}/skill/SKILL.md", + canonical_root.trim_start_matches('/') + ), + ), + ] + ); + + std::fs::remove_dir_all(test_root).expect("remove skill directory"); +} + +fn create_local_skill_root(label: &str) -> io::Result { + let id = NEXT_TEST_ROOT_ID.fetch_add(1, Ordering::Relaxed); + let test_root = std::env::temp_dir().join(format!( + "codex-executor-skill-{label}-{}-{id}", + std::process::id() + )); + let skill_dir = test_root.join("skill"); + std::fs::create_dir_all(&skill_dir)?; + std::fs::write(skill_dir.join("SKILL.md"), SKILL_CONTENTS)?; + Ok(test_root) +} diff --git a/codex-rs/ext/skills/tests/skills_extension.rs b/codex-rs/ext/skills/tests/skills_extension.rs index 1e2a2f0b60c..dcbd828fceb 100644 --- a/codex-rs/ext/skills/tests/skills_extension.rs +++ b/codex-rs/ext/skills/tests/skills_extension.rs @@ -4,25 +4,33 @@ use std::sync::Mutex; use std::sync::atomic::AtomicUsize; use std::sync::atomic::Ordering; -use codex_core::config::Config; -use codex_core::config::ConfigBuilder; use codex_core_skills::HostLoadedSkills; -use codex_core_skills::SkillsLoadInput; -use codex_core_skills::SkillsManager; +use codex_core_skills::SKILLS_HOW_TO_USE_WITH_ABSOLUTE_PATHS; +use codex_core_skills::SKILLS_INTRO_WITH_ABSOLUTE_PATHS; +use codex_core_skills::SkillLoadOutcome; +use codex_core_skills::SkillMetadata; use codex_core_skills::injection::InjectedHostSkillPrompts; use codex_extension_api::ExtensionData; +use codex_extension_api::ExtensionEventSink; use codex_extension_api::ExtensionRegistryBuilder; use codex_extension_api::ThreadStartInput; use codex_extension_api::TurnInputContext; -use codex_extension_api::TurnInputEnvironment; +use codex_protocol::capabilities::CapabilityRootLocation; +use codex_protocol::capabilities::SelectedCapabilityRoot; +use codex_protocol::protocol::Event; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::SKILLS_INSTRUCTIONS_CLOSE_TAG; use codex_protocol::protocol::SKILLS_INSTRUCTIONS_OPEN_TAG; use codex_protocol::protocol::SessionSource; +use codex_protocol::protocol::SkillScope; use codex_protocol::user_input::UserInput; use codex_skills_extension::SkillProviders; +use codex_skills_extension::SkillsExtensionConfig; use codex_skills_extension::catalog::SkillAuthority; use codex_skills_extension::catalog::SkillCatalog; use codex_skills_extension::catalog::SkillCatalogEntry; use codex_skills_extension::catalog::SkillPackageId; +use codex_skills_extension::catalog::SkillProviderError; use codex_skills_extension::catalog::SkillReadResult; use codex_skills_extension::catalog::SkillResourceId; use codex_skills_extension::catalog::SkillSearchResult; @@ -34,14 +42,17 @@ use codex_skills_extension::provider::SkillProvider; use codex_skills_extension::provider::SkillProviderFuture; use codex_skills_extension::provider::SkillReadRequest; use codex_skills_extension::provider::SkillSearchRequest; +use codex_utils_absolute_path::AbsolutePathBuf; use pretty_assertions::assert_eq; type TestResult = Result<(), Box>; static NEXT_CODEX_HOME_ID: AtomicUsize = AtomicUsize::new(0); +const DEMO_SKILL_CONTENTS: &str = + "---\nname: demo\ndescription: Demo skill.\n---\n# Demo\n\nUse the demo skill.\n"; #[tokio::test] -async fn installed_extension_loads_host_skills_from_legacy_roots() -> TestResult { +async fn installed_extension_uses_host_loaded_skills() -> TestResult { let codex_home = test_codex_home(); let skill_path = codex_home.join("skills").join("demo").join("SKILL.md"); std::fs::create_dir_all( @@ -49,18 +60,11 @@ async fn installed_extension_loads_host_skills_from_legacy_roots() -> TestResult .parent() .ok_or("skill path should have a parent")?, )?; - std::fs::write( - &skill_path, - "---\nname: demo\ndescription: Demo skill.\n---\n# Demo\n\nUse the demo skill.\n", - )?; - let config = ConfigBuilder::default() - .codex_home(codex_home.clone()) - .fallback_cwd(Some(codex_home.clone())) - .build() - .await?; + std::fs::write(&skill_path, DEMO_SKILL_CONTENTS)?; + let config = default_config(); let mut builder = ExtensionRegistryBuilder::new(); - install(&mut builder); + install(&mut builder, skills_extension_config); let registry = builder.build(); let session_store = ExtensionData::new("session"); let thread_store = ExtensionData::new("thread"); @@ -75,22 +79,21 @@ async fn installed_extension_loads_host_skills_from_legacy_roots() -> TestResult }) .await; - let manager = SkillsManager::new(config.codex_home.clone(), config.bundled_skills_enabled()); - let input = SkillsLoadInput::new( - config.cwd.clone(), - Vec::new(), - config.config_layer_stack.clone(), - config.bundled_skills_enabled(), - ); - let loaded_skills = Arc::new(manager.skills_for_config(&input, /*fs*/ None).await); - let skill_path_string = loaded_skills - .skills - .iter() - .find(|skill| skill.name == "demo") - .ok_or("demo skill should load")? - .path_to_skills_md - .to_string_lossy() - .into_owned(); + let skill_path = AbsolutePathBuf::try_from(skill_path)?; + let skill_path_string = skill_path.to_string_lossy().into_owned(); + let mut outcome = SkillLoadOutcome::default(); + outcome.skills.push(SkillMetadata { + name: "demo".to_string(), + description: "Demo skill.".to_string(), + short_description: None, + interface: None, + dependencies: None, + policy: None, + path_to_skills_md: skill_path, + scope: SkillScope::User, + plugin_id: None, + }); + let loaded_skills = Arc::new(outcome); let skill_prompt_path = skill_path_string.replace('\\', "/"); let turn_store = ExtensionData::new("turn-1"); turn_store.insert(HostLoadedSkills::new(Arc::clone(&loaded_skills))); @@ -111,13 +114,19 @@ async fn installed_extension_loads_host_skills_from_legacy_roots() -> TestResult ) .await; - assert_eq!(2, fragments.len()); - assert!(fragments[0].render().contains("demo")); - assert!(fragments[0].render().contains(&skill_prompt_path)); - assert_eq!("user", fragments[1].role()); - assert!(fragments[1].render().contains("demo")); - assert!(fragments[1].render().contains("# Demo")); - assert!(fragments[1].render().contains(&skill_prompt_path)); + let expected_catalog = format!( + "{SKILLS_INSTRUCTIONS_OPEN_TAG}\n## Skills\n{SKILLS_INTRO_WITH_ABSOLUTE_PATHS}\n### Available skills\n- demo: Demo skill. (file: {skill_prompt_path})\n### How to use skills\n{SKILLS_HOW_TO_USE_WITH_ABSOLUTE_PATHS}\n{SKILLS_INSTRUCTIONS_CLOSE_TAG}" + ); + let expected_skill = format!( + "\ndemo\n{skill_prompt_path}\n{DEMO_SKILL_CONTENTS}\n" + ); + assert_eq!( + vec![("developer", expected_catalog), ("user", expected_skill),], + fragments + .iter() + .map(|fragment| (fragment.role(), fragment.render())) + .collect::>() + ); let injected_host_skill_prompts = turn_store .get::() .ok_or("host skill prompt marker should be set")?; @@ -128,44 +137,39 @@ async fn installed_extension_loads_host_skills_from_legacy_roots() -> TestResult } #[tokio::test] -async fn installed_extension_injects_available_catalog_and_selected_entrypoint() -> TestResult { - let host_read_requests = Arc::new(Mutex::new(Vec::new())); - let remote_read_requests = Arc::new(Mutex::new(Vec::new())); - let host_provider = Arc::new(StaticSkillProvider { - catalog: SkillCatalog { - entries: vec![test_entry( - SkillSourceKind::Host, - "host", - "host/lint-fix", - "lint-fix/SKILL.md", - )], - warnings: Vec::new(), - }, - read_requests: Arc::clone(&host_read_requests), - }); - let remote_provider = Arc::new(StaticSkillProvider { +async fn selected_executor_catalog_is_context_and_selected_entrypoint_is_turn_input() -> TestResult +{ + let read_requests = Arc::new(Mutex::new(Vec::new())); + let executor_provider = Arc::new(StaticSkillProvider { catalog: SkillCatalog { entries: vec![test_entry( - SkillSourceKind::Remote, - "remote", - "remote/lint-fix", + SkillSourceKind::Executor, + "env-1", + "executor/lint-fix", "lint-fix/SKILL.md", )], warnings: Vec::new(), }, - read_requests: Arc::clone(&remote_read_requests), + read_requests: Arc::clone(&read_requests), + list_calls: None, + fail_first_list: false, }); - let providers = SkillProviders::new() - .with_host_provider(host_provider) - .with_remote_provider(remote_provider); + let providers = SkillProviders::new().with_executor_provider(executor_provider); let mut builder = ExtensionRegistryBuilder::new(); - install_with_providers(&mut builder, providers); + install_with_providers(&mut builder, providers, skills_extension_config); let registry = builder.build(); let session_store = ExtensionData::new("session"); let thread_store = ExtensionData::new("thread"); + thread_store.insert(vec![SelectedCapabilityRoot { + id: "lint-fix".to_string(), + location: CapabilityRootLocation::Environment { + environment_id: "env-1".to_string(), + path: "/skills/lint-fix".to_string(), + }, + }]); let session_source = SessionSource::Cli; - let config = default_config().await?; + let config = default_config(); registry.thread_lifecycle_contributors()[0] .on_thread_start(ThreadStartInput { config: &config, @@ -176,6 +180,22 @@ async fn installed_extension_injects_available_catalog_and_selected_entrypoint() }) .await; + let prompt_fragments = registry.context_contributors()[0] + .contribute(&session_store, &thread_store) + .await; + assert_eq!(1, prompt_fragments.len()); + assert!( + prompt_fragments[0] + .text() + .starts_with(SKILLS_INSTRUCTIONS_OPEN_TAG) + ); + assert!(prompt_fragments[0].text().contains("lint-fix")); + assert!( + prompt_fragments[0] + .text() + .contains("(environment resource: skill://executor/lint-fix/SKILL.md)") + ); + let turn_store = ExtensionData::new("turn-1"); let fragments = registry.turn_input_contributors()[0] .contribute( @@ -185,11 +205,7 @@ async fn installed_extension_injects_available_catalog_and_selected_entrypoint() text: "$lint-fix please".to_string(), text_elements: Vec::new(), }], - environments: vec![TurnInputEnvironment { - environment_id: "env-1".to_string(), - cwd: std::env::temp_dir(), - is_primary: true, - }], + environments: Vec::new(), }, &session_store, &thread_store, @@ -197,31 +213,23 @@ async fn installed_extension_injects_available_catalog_and_selected_entrypoint() ) .await; - assert_eq!(2, fragments.len()); - assert_eq!("developer", fragments[0].role()); - assert!( - fragments[0] - .render() - .starts_with(SKILLS_INSTRUCTIONS_OPEN_TAG) - ); - assert!(fragments[0].render().contains("lint-fix")); - assert_eq!("user", fragments[1].role()); - assert!(fragments[1].render().contains("lint-fix")); - assert!(fragments[1].render().contains("# Lint Fix")); + assert_eq!(1, fragments.len()); + assert_eq!("user", fragments[0].role()); + assert!(fragments[0].render().contains("lint-fix")); + assert!(fragments[0].render().contains("# Lint Fix")); assert_eq!( vec![( - SkillAuthority::new(SkillSourceKind::Host, "host"), - SkillPackageId("host/lint-fix".to_string()), - SkillResourceId("lint-fix/SKILL.md".to_string()), + SkillAuthority::new(SkillSourceKind::Executor, "env-1"), + SkillPackageId("executor/lint-fix".to_string()), + SkillResourceId::new("lint-fix/SKILL.md"), )], - read_request_keys(&host_read_requests) - ); - assert!( - remote_read_requests - .lock() - .unwrap_or_else(std::sync::PoisonError::into_inner) - .is_empty() + read_request_keys(&read_requests) ); + let rebuilt_prompt_fragments = registry.context_contributors()[0] + .contribute(&session_store, &thread_store) + .await; + assert_eq!(1, rebuilt_prompt_fragments.len()); + assert!(rebuilt_prompt_fragments[0].text().contains("lint-fix")); let next_turn_store = ExtensionData::new("turn-2"); let next_fragments = registry.turn_input_contributors()[0] @@ -240,9 +248,165 @@ async fn installed_extension_injects_available_catalog_and_selected_entrypoint() ) .await; - assert_eq!(1, next_fragments.len()); - assert_eq!("developer", next_fragments[0].role()); - assert!(next_fragments[0].render().contains("lint-fix")); + assert!(next_fragments.is_empty()); + + Ok(()) +} + +#[tokio::test] +async fn orchestrator_catalog_snapshot_caches_failure() -> TestResult { + let list_calls = Arc::new(AtomicUsize::new(0)); + let providers = + SkillProviders::new().with_orchestrator_provider(Arc::new(StaticSkillProvider { + catalog: SkillCatalog { + entries: vec![test_entry( + SkillSourceKind::Orchestrator, + "codex_apps", + "orchestrator/first", + "skill://orchestrator/first/SKILL.md", + )], + warnings: Vec::new(), + }, + read_requests: Arc::new(Mutex::new(Vec::new())), + list_calls: Some(Arc::clone(&list_calls)), + fail_first_list: true, + })); + let (event_tx, event_rx) = std::sync::mpsc::channel(); + let mut builder = + ExtensionRegistryBuilder::with_event_sink(Arc::new(ChannelEventSink(event_tx))); + install_with_providers(&mut builder, providers, skills_extension_config); + let registry = builder.build(); + let session_store = ExtensionData::new("session"); + let thread_store = ExtensionData::new("thread"); + let session_source = SessionSource::Cli; + let config = default_config(); + registry.thread_lifecycle_contributors()[0] + .on_thread_start(ThreadStartInput { + config: &config, + session_source: &session_source, + persistent_thread_state_available: true, + session_store: &session_store, + thread_store: &thread_store, + }) + .await; + + let initial_fragments = registry.context_contributors()[0] + .contribute(&session_store, &thread_store) + .await; + assert!(initial_fragments.is_empty()); + let EventMsg::Warning(warning) = event_rx.try_recv()?.msg else { + panic!("expected warning event"); + }; + assert_eq!( + warning.message, + "orchestrator skills unavailable: temporary orchestrator failure" + ); + + for turn_id in ["turn-1", "turn-2"] { + let fragments = registry.turn_input_contributors()[0] + .contribute( + TurnInputContext { + turn_id: turn_id.to_string(), + user_input: vec![UserInput::Text { + text: "$first".to_string(), + text_elements: Vec::new(), + }], + environments: Vec::new(), + }, + &session_store, + &thread_store, + &ExtensionData::new(turn_id), + ) + .await; + assert!(fragments.is_empty()); + } + assert_eq!(1, list_calls.load(Ordering::Relaxed)); + + Ok(()) +} + +#[tokio::test] +async fn root_qualified_locator_selects_only_the_matching_executor_skill() -> TestResult { + let read_requests = Arc::new(Mutex::new(Vec::new())); + let root_a_locator = "skill://root-a/shared/lint-fix/SKILL.md"; + let root_b_locator = "skill://root-b/shared/lint-fix/SKILL.md"; + let executor_provider = Arc::new(StaticSkillProvider { + catalog: SkillCatalog { + entries: [("root-a", root_a_locator), ("root-b", root_b_locator)] + .into_iter() + .map(|(root_id, locator)| { + SkillCatalogEntry::new( + SkillPackageId(locator.to_string()), + SkillAuthority::new(SkillSourceKind::Executor, root_id), + "lint-fix", + "Fix lint errors.", + SkillResourceId::new(locator), + ) + .with_display_path(locator) + }) + .collect(), + warnings: Vec::new(), + }, + read_requests: Arc::clone(&read_requests), + list_calls: None, + fail_first_list: false, + }); + let providers = SkillProviders::new().with_executor_provider(executor_provider); + let mut builder = ExtensionRegistryBuilder::new(); + install_with_providers(&mut builder, providers, skills_extension_config); + let registry = builder.build(); + let session_store = ExtensionData::new("session"); + let thread_store = ExtensionData::new("thread"); + thread_store.insert( + [("root-a", "/skills/root-a"), ("root-b", "/skills/root-b")] + .into_iter() + .map(|(id, path)| SelectedCapabilityRoot { + id: id.to_string(), + location: CapabilityRootLocation::Environment { + environment_id: "env-1".to_string(), + path: path.to_string(), + }, + }) + .collect::>(), + ); + let session_source = SessionSource::Cli; + let config = default_config(); + registry.thread_lifecycle_contributors()[0] + .on_thread_start(ThreadStartInput { + config: &config, + session_source: &session_source, + persistent_thread_state_available: true, + session_store: &session_store, + thread_store: &thread_store, + }) + .await; + + let fragments = registry.turn_input_contributors()[0] + .contribute( + TurnInputContext { + turn_id: "turn-1".to_string(), + user_input: vec![UserInput::Mention { + name: "lint-fix".to_string(), + path: root_b_locator.to_string(), + }], + environments: Vec::new(), + }, + &session_store, + &thread_store, + &ExtensionData::new("turn-1"), + ) + .await; + + assert_eq!(1, fragments.len()); + assert!(fragments[0].render().contains(root_b_locator)); + assert_eq!( + vec![( + SkillAuthority::new(SkillSourceKind::Executor, "root-b"), + SkillPackageId(root_b_locator.to_string()), + SkillResourceId::new(root_b_locator), + )], + read_request_keys(&read_requests) + ); Ok(()) } @@ -270,15 +434,17 @@ async fn prompt_hidden_skill_can_still_be_invoked() -> TestResult { warnings: Vec::new(), }, read_requests: Arc::clone(&read_requests), + list_calls: None, + fail_first_list: false, }); let providers = SkillProviders::new().with_host_provider(provider); let mut builder = ExtensionRegistryBuilder::new(); - install_with_providers(&mut builder, providers); + install_with_providers(&mut builder, providers, skills_extension_config); let registry = builder.build(); let session_store = ExtensionData::new("session"); let thread_store = ExtensionData::new("thread"); let session_source = SessionSource::Cli; - let config = default_config().await?; + let config = default_config(); registry.thread_lifecycle_contributors()[0] .on_thread_start(ThreadStartInput { config: &config, @@ -306,15 +472,14 @@ async fn prompt_hidden_skill_can_still_be_invoked() -> TestResult { .await; assert_eq!(2, fragments.len()); - let catalog_fragment = fragments[0].render(); - assert!(catalog_fragment.contains("visible-skill")); - assert!(!catalog_fragment.contains("hidden-skill")); + assert!(fragments[0].render().contains("visible-skill")); + assert!(!fragments[0].render().contains("hidden-skill")); assert!(fragments[1].render().contains("hidden-skill")); assert_eq!( vec![( SkillAuthority::new(SkillSourceKind::Host, "host"), SkillPackageId("host/hidden-skill".to_string()), - SkillResourceId("hidden-skill/SKILL.md".to_string()), + SkillResourceId::new("hidden-skill/SKILL.md"), )], read_request_keys(&read_requests) ); @@ -326,15 +491,32 @@ async fn prompt_hidden_skill_can_still_be_invoked() -> TestResult { struct StaticSkillProvider { catalog: SkillCatalog, read_requests: Arc>>, + list_calls: Option>, + fail_first_list: bool, +} + +struct ChannelEventSink(std::sync::mpsc::Sender); + +impl ExtensionEventSink for ChannelEventSink { + fn emit(&self, event: Event) { + let _ = self.0.send(event); + } } impl SkillProvider for StaticSkillProvider { - fn list(&self, query: SkillListQuery) -> SkillProviderFuture<'_, SkillCatalog> { + fn list(&self, _query: SkillListQuery) -> SkillProviderFuture<'_, SkillCatalog> { + let list_call = self + .list_calls + .as_ref() + .map(|list_calls| list_calls.fetch_add(1, Ordering::Relaxed)); + let fail = self.fail_first_list && list_call == Some(0); let catalog = self.catalog.clone(); Box::pin(async move { - assert!(query.include_host_skills); - assert!(query.include_bundled_skills); - Ok(catalog) + if fail { + Err(SkillProviderError::new("temporary orchestrator failure")) + } else { + Ok(catalog) + } }) } @@ -369,18 +551,29 @@ fn test_entry( SkillAuthority::new(kind, authority_id), name, "Fix lint errors.", - SkillResourceId(main_prompt.to_string()), + SkillResourceId::new(main_prompt), ) .with_display_path(format!("skill://{package_id}/SKILL.md")) } -async fn default_config() -> std::io::Result { - let codex_home = test_codex_home(); - std::fs::create_dir_all(&codex_home)?; - let config = - Config::load_default_with_cli_overrides_for_codex_home(codex_home.clone(), vec![]).await?; - std::fs::remove_dir_all(codex_home)?; - Ok(config) +#[derive(Clone, Debug, Eq, PartialEq)] +struct TestConfig { + include_instructions: bool, + bundled_skills_enabled: bool, +} + +fn default_config() -> TestConfig { + TestConfig { + include_instructions: true, + bundled_skills_enabled: true, + } +} + +fn skills_extension_config(config: &TestConfig) -> SkillsExtensionConfig { + SkillsExtensionConfig { + include_instructions: config.include_instructions, + bundled_skills_enabled: config.bundled_skills_enabled, + } } fn test_codex_home() -> PathBuf { diff --git a/codex-rs/ext/web-search/Cargo.toml b/codex-rs/ext/web-search/Cargo.toml index 0faabf21a86..d007d6146de 100644 --- a/codex-rs/ext/web-search/Cargo.toml +++ b/codex-rs/ext/web-search/Cargo.toml @@ -13,11 +13,9 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } codex-api = { workspace = true } codex-core = { workspace = true } codex-extension-api = { workspace = true } -codex-features = { workspace = true } codex-login = { workspace = true } codex-model-provider = { workspace = true } codex-model-provider-info = { workspace = true } diff --git a/codex-rs/ext/web-search/src/extension.rs b/codex-rs/ext/web-search/src/extension.rs index 30fc48961e4..688b504dec1 100644 --- a/codex-rs/ext/web-search/src/extension.rs +++ b/codex-rs/ext/web-search/src/extension.rs @@ -9,11 +9,11 @@ use codex_api::SearchSettings; use codex_core::config::Config; use codex_extension_api::ConfigContributor; use codex_extension_api::ExtensionData; +use codex_extension_api::ExtensionFuture; use codex_extension_api::ExtensionRegistryBuilder; use codex_extension_api::ThreadLifecycleContributor; use codex_extension_api::ThreadStartInput; use codex_extension_api::ToolContributor; -use codex_features::Feature; use codex_login::AuthManager; use codex_model_provider::create_model_provider; use codex_model_provider_info::ModelProviderInfo; @@ -29,7 +29,7 @@ struct WebSearchExtension { #[derive(Clone)] struct WebSearchExtensionConfig { - enabled: bool, + available: bool, provider: ModelProviderInfo, settings: SearchSettings, } @@ -38,8 +38,8 @@ impl From<&Config> for WebSearchExtensionConfig { fn from(config: &Config) -> Self { let web_search_mode = config.web_search_mode.value(); Self { - enabled: config.features.enabled(Feature::StandaloneWebSearch) - && config.model_provider.is_openai() + // Core selects this executor per turn using the feature flag or model metadata. + available: config.model_provider.is_openai() && web_search_mode != WebSearchMode::Disabled, provider: config.model_provider.clone(), settings: search_settings(config, web_search_mode), @@ -81,12 +81,16 @@ fn search_settings(config: &Config, web_search_mode: WebSearchMode) -> SearchSet } } -#[async_trait::async_trait] impl ThreadLifecycleContributor for WebSearchExtension { - async fn on_thread_start(&self, input: ThreadStartInput<'_, Config>) { - input - .thread_store - .insert(WebSearchExtensionConfig::from(input.config)); + fn on_thread_start<'a>( + &'a self, + input: ThreadStartInput<'a, Config>, + ) -> ExtensionFuture<'a, ()> { + Box::pin(async move { + input + .thread_store + .insert(WebSearchExtensionConfig::from(input.config)); + }) } } @@ -111,7 +115,7 @@ impl ToolContributor for WebSearchExtension { let Some(config) = thread_store.get::() else { return Vec::new(); }; - if !config.enabled { + if !config.available { return Vec::new(); } @@ -160,7 +164,7 @@ mod tests { let session_store = ExtensionData::new("session"); let thread_store = ExtensionData::new("11111111-1111-4111-8111-111111111111"); thread_store.insert(WebSearchExtensionConfig { - enabled: true, + available: true, provider: ModelProviderInfo::create_openai_provider(/*base_url*/ None), settings: Default::default(), }); diff --git a/codex-rs/ext/web-search/src/output.rs b/codex-rs/ext/web-search/src/output.rs index 124271c216d..543afdf7a9b 100644 --- a/codex-rs/ext/web-search/src/output.rs +++ b/codex-rs/ext/web-search/src/output.rs @@ -4,33 +4,35 @@ use codex_protocol::models::FunctionCallOutputContentItem; use codex_protocol::models::FunctionCallOutputPayload; use codex_protocol::models::ResponseInputItem; -pub(crate) struct EncryptedSearchOutput { - encrypted_output: String, +pub(crate) struct SearchOutput { + output: String, } -impl EncryptedSearchOutput { - pub(crate) fn new(encrypted_output: String) -> Self { - Self { encrypted_output } +impl SearchOutput { + pub(crate) fn new(output: String) -> Self { + Self { output } } } -impl ToolOutput for EncryptedSearchOutput { +impl ToolOutput for SearchOutput { fn log_preview(&self) -> String { - "[encrypted standalone web search output]".to_string() + "[standalone web search output]".to_string() } fn success_for_logging(&self) -> bool { true } + fn contains_external_context(&self) -> bool { + true + } + fn to_response_item(&self, call_id: &str, _payload: &ToolPayload) -> ResponseInputItem { - // TODO: Make standalone search honor memories.disable_on_external_context, - // as hosted web search does. ResponseInputItem::FunctionCallOutput { call_id: call_id.to_string(), output: FunctionCallOutputPayload::from_content_items(vec![ - FunctionCallOutputContentItem::EncryptedContent { - encrypted_content: self.encrypted_output.clone(), + FunctionCallOutputContentItem::InputText { + text: self.output.clone(), }, ]), } @@ -45,12 +47,12 @@ mod tests { use codex_protocol::models::ResponseInputItem; use pretty_assertions::assert_eq; - use super::EncryptedSearchOutput; + use super::SearchOutput; use super::ToolOutput; #[test] - fn emits_encrypted_function_call_output() { - let output = EncryptedSearchOutput::new("encrypted-search-output".to_string()); + fn emits_plaintext_function_call_output() { + let output = SearchOutput::new("search output".to_string()); assert_eq!( output.to_response_item( @@ -62,8 +64,8 @@ mod tests { ResponseInputItem::FunctionCallOutput { call_id: "call-1".to_string(), output: FunctionCallOutputPayload::from_content_items(vec![ - FunctionCallOutputContentItem::EncryptedContent { - encrypted_content: "encrypted-search-output".to_string(), + FunctionCallOutputContentItem::InputText { + text: "search output".to_string(), }, ]), } diff --git a/codex-rs/ext/web-search/src/tool.rs b/codex-rs/ext/web-search/src/tool.rs index 9a09b73ebb1..9b8dbf56d6f 100644 --- a/codex-rs/ext/web-search/src/tool.rs +++ b/codex-rs/ext/web-search/src/tool.rs @@ -26,7 +26,7 @@ use http::HeaderMap; use url::Url; use crate::history::recent_input; -use crate::output::EncryptedSearchOutput; +use crate::output::SearchOutput; use crate::schema::commands_schema; pub(crate) const WEB_NAMESPACE: &str = "web"; @@ -39,7 +39,6 @@ pub(crate) struct WebSearchTool { pub(crate) settings: SearchSettings, } -#[async_trait::async_trait] impl ToolExecutor for WebSearchTool { fn tool_name(&self) -> ToolName { ToolName::namespaced(WEB_NAMESPACE, RUN_TOOL_NAME) @@ -67,14 +66,20 @@ impl ToolExecutor for WebSearchTool { } fn exposure(&self) -> ToolExposure { - ToolExposure::DirectModelOnly + ToolExposure::Direct } fn supports_parallel_tool_calls(&self) -> bool { true } - async fn handle(&self, call: ToolCall) -> Result, FunctionCallError> { + fn handle(&self, call: ToolCall) -> codex_extension_api::ToolExecutorFuture<'_> { + Box::pin(self.handle_call(call)) + } +} + +impl WebSearchTool { + async fn handle_call(&self, call: ToolCall) -> Result, FunctionCallError> { let commands = parse_commands(&call)?; let command_action = command_action(&commands); let provider = self @@ -114,9 +119,7 @@ impl ToolExecutor for WebSearchTool { .emit_completed(web_search_item(&call.call_id, command_action)) .await; - Ok(Box::new(EncryptedSearchOutput::new( - response.encrypted_output, - ))) + Ok(Box::new(SearchOutput::new(response.output))) } } diff --git a/codex-rs/ext/web-search/web_run_description.md b/codex-rs/ext/web-search/web_run_description.md index bccc3d81f6f..77be9a0a03e 100644 --- a/codex-rs/ext/web-search/web_run_description.md +++ b/codex-rs/ext/web-search/web_run_description.md @@ -48,6 +48,35 @@ Below is a list of scenarios where browsing the internet MUST be used. PAY CLOSE --- +## Citations + +Results from `web.run` include internal reference IDs such as `turn2search5`. Use +those reference IDs only in calls to `web.run`; do not expose them in the final +response. + +Cite sources in the final response using Markdown links: + +- Cite a single source as `[descriptive source title](https://example.com/page)`. +- Cite multiple sources with separate Markdown links, for example + `[first source](https://example.com/one), [second source](https://example.com/two)`. +- Link directly to the page that supports the claim. Do not link to search result + pages or use bare URLs. + +Formatting of citations: + +- Place each citation as near as possible to the claim it supports, normally at + the end of the sentence or paragraph and after punctuation. +- Do not place citations inside code fences. +- Do not put citations on a line by themselves or collect all citations at the + end of the response. + +If you browse the internet, cite statements supported by web sources. Each cited +source must directly support the associated claim. Prefer primary and +authoritative sources, and use sources from different domains when the response +benefits from multiple perspectives. + +--- + ## Special cases If these conflict with any other instructions, these should take precedence. @@ -74,7 +103,3 @@ Responses may not excessively quote or draw on a specific source. There are seve - You must avoid providing full articles, long verbatim passages, or extensive direct quotes due to copyright concerns. - If the user asked for a verbatim quote, the response should provide a short compliant excerpt and then answer with paraphrases and summaries. - Again, this limit does not apply to reddit content, as long as it's appropriately indicated that those are direct quotes and you link to the source. - ---- - -Make sure to provide links to the sources you used in your response. diff --git a/codex-rs/external-agent-migration/src/lib.rs b/codex-rs/external-agent-migration/src/lib.rs index d7b8801796b..6ee0b38a24d 100644 --- a/codex-rs/external-agent-migration/src/lib.rs +++ b/codex-rs/external-agent-migration/src/lib.rs @@ -1451,6 +1451,49 @@ mod tests { ); } + #[test] + fn mcp_migration_prefers_command_transport_for_mixed_server_config() { + let root = tempfile::TempDir::new().expect("tempdir"); + fs::write( + root.path().join(".mcp.json"), + r#"{ + "mcpServers": { + "mixedTransport": { + "command": "mcp-remote-proxy", + "args": [ + "https://example.com/mixed-transport", + "--transport", + "http" + ], + "url": "https://example.com/mixed-transport" + } + } + }"#, + ) + .expect("write mcp"); + + assert_eq!( + build_mcp_config_from_external( + root.path(), + /*external_agent_home*/ None, + /*settings*/ None, + ) + .unwrap(), + toml::from_str( + r#" +[mcp_servers.mixedTransport] +command = "mcp-remote-proxy" +args = [ + "https://example.com/mixed-transport", + "--transport", + "http", +] +"# + ) + .unwrap() + ); + } + #[test] fn mcp_migration_skips_unsupported_transports() { let root = tempfile::TempDir::new().expect("tempdir"); diff --git a/codex-rs/external-agent-sessions/src/detect.rs b/codex-rs/external-agent-sessions/src/detect.rs index 27613eed187..f42c90766b1 100644 --- a/codex-rs/external-agent-sessions/src/detect.rs +++ b/codex-rs/external-agent-sessions/src/detect.rs @@ -1,7 +1,10 @@ use crate::ExternalAgentSessionMigration; use crate::ledger::load_import_ledger; +use crate::ledger::save_import_ledger; use crate::now_unix_seconds; use crate::summarize_session; +use std::cmp::Reverse; +use std::collections::BinaryHeap; use std::fs; use std::io; use std::path::Path; @@ -10,12 +13,6 @@ use std::time::Duration; const SESSION_IMPORT_MAX_COUNT: usize = 50; const SESSION_IMPORT_MAX_AGE: Duration = Duration::from_secs(30 * 24 * 60 * 60); -#[derive(Debug)] -struct SessionCandidate { - latest_timestamp: i64, - migration: ExternalAgentSessionMigration, -} - pub fn detect_recent_sessions( external_agent_home: &Path, codex_home: &Path, @@ -26,8 +23,9 @@ pub fn detect_recent_sessions( } let now = now_unix_seconds(); - let ledger = load_import_ledger(codex_home)?; - let mut candidates = Vec::new(); + let mut ledger = load_import_ledger(codex_home)?; + let source_states = ledger.source_states(); + let mut file_candidates = BinaryHeap::with_capacity(SESSION_IMPORT_MAX_COUNT + 1); for project_entry in fs::read_dir(projects_root)? { let Ok(project_entry) = project_entry else { continue; @@ -47,44 +45,67 @@ pub fn detect_recent_sessions( if path.extension().and_then(|value| value.to_str()) != Some("jsonl") { continue; } - let Ok(Some(summary)) = summarize_session(&path) else { + let Ok(metadata) = entry.metadata() else { continue; }; - let Ok(has_been_imported) = ledger.contains_current_source(&path) else { + let Ok(modified_at) = metadata.modified() else { continue; }; - if has_been_imported { + let Ok(modified_at) = modified_at.duration_since(std::time::UNIX_EPOCH) else { continue; - } - if !is_recent_enough(now, summary.latest_timestamp) { + }; + if (modified_at.as_secs() as i64) + < now.saturating_sub(SESSION_IMPORT_MAX_AGE.as_secs() as i64) + { continue; } - let migration = summary.migration; - if !migration.cwd.is_dir() { + let Ok(modified_at_nanos) = i64::try_from(modified_at.as_nanos()) else { + continue; + }; + let Ok(source_path) = fs::canonicalize(&path) else { + continue; + }; + if let Some(state) = source_states.get(source_path.as_path()) + && (state.source_modified_at == Some(modified_at_nanos) + || state.source_modified_at.is_none() + && modified_at.as_secs() as i64 <= state.imported_at) + { continue; } - candidates.push(SessionCandidate { - latest_timestamp: summary.latest_timestamp, - migration, - }); + file_candidates.push((Reverse(modified_at_nanos), path)); + if file_candidates.len() > SESSION_IMPORT_MAX_COUNT { + file_candidates.pop(); + } } } - candidates.sort_by(|left, right| { - right - .latest_timestamp - .cmp(&left.latest_timestamp) - .then_with(|| left.migration.path.cmp(&right.migration.path)) - }); - candidates.truncate(SESSION_IMPORT_MAX_COUNT); - Ok(candidates - .into_iter() - .map(|candidate| candidate.migration) - .collect()) -} + drop(source_states); + let file_candidates = file_candidates.into_sorted_vec(); + let mut migrations = Vec::new(); + let mut ledger_changed = false; + for (modified_at, path) in file_candidates { + match ledger.refresh_current_source(&path, modified_at.0) { + Ok(false) => {} + Ok(true) => { + ledger_changed = true; + continue; + } + Err(_) => continue, + } + let Ok(Some(summary)) = summarize_session(&path) else { + continue; + }; + let migration = summary.migration; + if !migration.cwd.is_dir() { + continue; + } + migrations.push(migration); + } + if ledger_changed { + save_import_ledger(codex_home, &ledger)?; + } -fn is_recent_enough(now: i64, latest_timestamp: i64) -> bool { - latest_timestamp >= now.saturating_sub(SESSION_IMPORT_MAX_AGE.as_secs() as i64) + Ok(migrations) } #[cfg(test)] @@ -93,7 +114,10 @@ mod tests { use crate::ledger::record_imported_session; use codex_protocol::ThreadId; use serde_json::Value as JsonValue; + use std::fs::FileTimes; + use std::fs::OpenOptions; use std::path::Path; + use std::time::SystemTime; use tempfile::TempDir; #[test] @@ -207,11 +231,11 @@ mod tests { } #[test] - fn ignores_old_sessions() { + fn uses_file_modification_time_for_recency() { let root = TempDir::new().expect("tempdir"); let external_agent_home = root.path().join(".external"); let project_root = root.path().join("repo"); - write_session( + let session_path = write_session( &external_agent_home, &project_root, "session.jsonl", @@ -223,6 +247,34 @@ mod tests { )], ); + let sessions = detect_recent_sessions(&external_agent_home, root.path()).expect("detect"); + + assert_eq!( + sessions, + vec![ExternalAgentSessionMigration { + path: session_path, + cwd: project_root, + title: Some("hello".to_string()), + }] + ); + } + + #[test] + fn ignores_sessions_with_old_file_modification_time() { + let root = TempDir::new().expect("tempdir"); + let external_agent_home = root.path().join(".external"); + let project_root = root.path().join("repo"); + let session_path = write_session( + &external_agent_home, + &project_root, + "session.jsonl", + &[record("user", "hello", &project_root)], + ); + set_modified_at( + &session_path, + SystemTime::UNIX_EPOCH + Duration::from_secs(/*secs*/ 1), + ); + assert!( detect_recent_sessions(&external_agent_home, root.path()) .expect("detect") @@ -230,6 +282,84 @@ mod tests { ); } + #[test] + fn detects_sessions_in_batches() { + let root = TempDir::new().expect("tempdir"); + let external_agent_home = root.path().join(".external"); + let project_root = root.path().join("repo"); + let timestamp = chrono::Utc::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true); + let modified_at = SystemTime::now(); + let mut expected = Vec::new(); + for index in 0..=SESSION_IMPORT_MAX_COUNT { + let file_name = format!("{index:02}-session.jsonl"); + let title = format!("session {index}"); + let path = write_session( + &external_agent_home, + &project_root, + &file_name, + &[record_at("user", &title, &project_root, ×tamp)], + ); + set_modified_at( + &path, + modified_at - Duration::from_secs(/*secs*/ index as u64), + ); + expected.push(ExternalAgentSessionMigration { + path, + cwd: project_root.clone(), + title: Some(title), + }); + } + let oldest_session = expected.pop().expect("oldest session"); + let mut all_sessions = expected.clone(); + all_sessions.push(oldest_session.clone()); + + let sessions = detect_recent_sessions(&external_agent_home, root.path()).expect("detect"); + + assert_eq!(sessions, expected); + for session in sessions { + record_imported_session(root.path(), &session.path, ThreadId::new()) + .expect("record import"); + } + + let sessions = detect_recent_sessions(&external_agent_home, root.path()).expect("detect"); + + assert_eq!(sessions, vec![oldest_session.clone()]); + for session in sessions { + record_imported_session(root.path(), &session.path, ThreadId::new()) + .expect("record import"); + } + + let changed_at = SystemTime::now() + + Duration::from_secs(/*secs*/ SESSION_IMPORT_MAX_COUNT as u64 + 1); + for (index, session) in all_sessions.iter().enumerate() { + let title = session.title.as_deref().expect("session title"); + std::fs::write( + &session.path, + jsonl(&[ + record("user", title, &project_root), + record("assistant", "updated", &project_root), + ]), + ) + .expect("update session"); + set_modified_at( + &session.path, + changed_at - Duration::from_secs(/*secs*/ index as u64), + ); + } + + let sessions = detect_recent_sessions(&external_agent_home, root.path()).expect("detect"); + + assert_eq!(sessions, expected); + for session in sessions { + record_imported_session(root.path(), &session.path, ThreadId::new()) + .expect("record import"); + } + + let sessions = detect_recent_sessions(&external_agent_home, root.path()).expect("detect"); + + assert_eq!(sessions, vec![oldest_session]); + } + #[test] fn skips_already_imported_current_session_versions() { let root = TempDir::new().expect("tempdir"); @@ -300,6 +430,15 @@ mod tests { session_path } + fn set_modified_at(path: &Path, modified_at: SystemTime) { + OpenOptions::new() + .write(true) + .open(path) + .expect("open session") + .set_times(FileTimes::new().set_modified(modified_at)) + .expect("set session modified time"); + } + fn record(role: &str, text: &str, cwd: &Path) -> JsonValue { let timestamp = chrono::Utc::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true); record_at(role, text, cwd, ×tamp) diff --git a/codex-rs/external-agent-sessions/src/export.rs b/codex-rs/external-agent-sessions/src/export.rs index e09805d4d25..05a3004ee9f 100644 --- a/codex-rs/external-agent-sessions/src/export.rs +++ b/codex-rs/external-agent-sessions/src/export.rs @@ -1,10 +1,7 @@ use crate::ConversationMessage; use crate::ImportedExternalAgentSession; use crate::MessageRole; -use crate::records::conversation_messages; -use crate::records::project_root_from_records; -use crate::records::read_records; -use crate::records::source_title_from_records; +use crate::records::read_session_import; use crate::summarize_for_label; use codex_protocol::models::ContentItem; use codex_protocol::models::ResponseItem; @@ -23,44 +20,55 @@ use std::path::Path; const EXTERNAL_SESSION_IMPORTED_MARKER: &str = ""; -pub fn load_session_for_import(path: &Path) -> io::Result> { - let records = read_records(path)?; - let Some(cwd) = project_root_from_records(&records) else { +#[cfg(test)] +fn load_session_for_import(path: &Path) -> io::Result> { + Ok( + load_session_for_import_with_content_sha256(path)? + .map(|(session, _content_sha256)| session), + ) +} + +pub(crate) fn load_session_for_import_with_content_sha256( + path: &Path, +) -> io::Result> { + let parsed = read_session_import(path)?; + let Some(cwd) = parsed.cwd else { return Ok(None); }; - let messages = conversation_messages(&records); - let rollout_items = rollout_items_from_messages(&messages); + let messages = parsed.messages; + let first_user_message = messages + .iter() + .find(|message| message.role == MessageRole::User) + .map(|message| summarize_for_label(&message.text)); + let title = parsed.source_title.or_else(|| first_user_message.clone()); + let rollout_items = rollout_items_from_messages(messages); if rollout_items.is_empty() { return Ok(None); } - let title = source_title_from_records(&records).or_else(|| { - messages - .iter() - .find(|message| message.role == MessageRole::User) - .map(|message| summarize_for_label(&message.text)) - }); - Ok(Some(ImportedExternalAgentSession { - cwd, - title, - rollout_items, - })) + Ok(Some(( + ImportedExternalAgentSession { + cwd, + title, + first_user_message, + rollout_items, + }, + parsed.content_sha256, + ))) } -fn rollout_items_from_messages(messages: &[ConversationMessage]) -> Vec { +fn rollout_items_from_messages(messages: Vec) -> Vec { let mut items = Vec::new(); - let mut response_items = Vec::new(); - let mut current_turn: Option<(String, Option)> = None; + let mut current_turn = None; + let mut response_item_bytes = 0i64; + let mut last_model_visible_tokens = 0i64; let mut user_turn_count = 0usize; + let completed_at = messages.last().and_then(|message| message.timestamp); for message in messages { match message.role { MessageRole::User => { - if let Some((turn_id, last_agent_message)) = current_turn.take() { - items.push(turn_complete_item( - turn_id, - last_agent_message, - /*completed_at*/ None, - )); + if let Some(turn_id) = current_turn.take() { + items.push(turn_complete_item(turn_id, /*completed_at*/ None)); } user_turn_count += 1; let turn_id = format!("external-import-turn-{user_turn_count}"); @@ -73,28 +81,24 @@ fn rollout_items_from_messages(messages: &[ConversationMessage]) -> Vec { - let Some((_, last_agent_message)) = current_turn.as_mut() else { + if current_turn.is_none() { continue; - }; - let response_item = response_item(message); - response_items.push(response_item.clone()); - items.push(RolloutItem::ResponseItem(response_item)); + } + response_item_bytes = + response_item_bytes.saturating_add(message_byte_count(&message)); + last_model_visible_tokens = approx_tokens_from_byte_count_i64(response_item_bytes); items.push(RolloutItem::EventMsg(EventMsg::AgentMessage( AgentMessageEvent { message: message.text.clone(), @@ -102,20 +106,15 @@ fn rollout_items_from_messages(messages: &[ConversationMessage]) -> Vec RolloutItem { })) } -fn response_item(message: &ConversationMessage) -> ResponseItem { +fn response_item(message: ConversationMessage) -> ResponseItem { let content = match message.role { - MessageRole::Assistant => ContentItem::OutputText { - text: message.text.clone(), - }, - MessageRole::User => ContentItem::InputText { - text: message.text.clone(), - }, + MessageRole::Assistant => ContentItem::OutputText { text: message.text }, + MessageRole::User => ContentItem::InputText { text: message.text }, }; ResponseItem::Message { id: None, @@ -149,13 +144,11 @@ fn response_item(message: &ConversationMessage) -> ResponseItem { } } -fn token_count_item(response_items: &[ResponseItem]) -> RolloutItem { - let last_model_generated = response_items.iter().rposition( - |item| matches!(item, ResponseItem::Message { role, .. } if role == "assistant"), - ); - let last_model_visible_tokens = last_model_generated - .map(|index| estimate_response_items_token_count(&response_items[..=index])) - .unwrap_or_default(); +fn message_byte_count(message: &ConversationMessage) -> i64 { + i64::try_from(message.text.len()).unwrap_or(i64::MAX) +} + +fn token_count_item(last_model_visible_tokens: i64) -> RolloutItem { let usage = TokenUsage { total_tokens: last_model_visible_tokens, ..TokenUsage::default() @@ -170,26 +163,10 @@ fn token_count_item(response_items: &[ResponseItem]) -> RolloutItem { })) } -fn estimate_response_items_token_count(response_items: &[ResponseItem]) -> i64 { - response_items - .iter() - .map(|item| { - serde_json::to_string(item) - .map(|serialized| i64::try_from(serialized.len()).unwrap_or(i64::MAX)) - .map(approx_tokens_from_byte_count_i64) - .unwrap_or_default() - }) - .fold(0i64, i64::saturating_add) -} - -fn turn_complete_item( - turn_id: String, - last_agent_message: Option, - completed_at: Option, -) -> RolloutItem { +fn turn_complete_item(turn_id: String, completed_at: Option) -> RolloutItem { RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent { turn_id, - last_agent_message, + last_agent_message: None, completed_at, duration_ms: None, time_to_first_token_ms: None, @@ -241,7 +218,7 @@ mod tests { } #[test] - fn adds_import_marker_without_replacing_last_agent_message() { + fn adds_import_marker_without_copying_last_agent_message() { let root = TempDir::new().expect("tempdir"); let project_root = root.path().join("repo"); std::fs::create_dir_all(&project_root).expect("project root"); @@ -280,10 +257,54 @@ mod tests { }); assert_eq!( last_turn_complete.and_then(|event| event.last_agent_message.as_deref()), - Some("first answer") + None ); } + #[test] + fn stores_imported_messages_as_response_items_and_visible_events() { + let root = TempDir::new().expect("tempdir"); + let project_root = root.path().join("repo"); + std::fs::create_dir_all(&project_root).expect("project root"); + let path = root.path().join("session.jsonl"); + let request = "r".repeat(1_000); + let answer = "a".repeat(1_000); + std::fs::write( + &path, + jsonl(&[ + record("user", &request, &project_root), + record("assistant", &answer, &project_root), + ]), + ) + .expect("session"); + + let imported = load_session_for_import(&path) + .expect("load") + .expect("session"); + let response_message_count = imported + .rollout_items + .iter() + .filter(|item| { + matches!( + item, + RolloutItem::ResponseItem(ResponseItem::Message { .. }) + ) + }) + .count(); + let visible_message_event_count = imported + .rollout_items + .iter() + .filter(|item| match item { + RolloutItem::EventMsg(EventMsg::UserMessage(event)) => event.message == request, + RolloutItem::EventMsg(EventMsg::AgentMessage(event)) => event.message == answer, + _ => false, + }) + .count(); + + assert_eq!(response_message_count, 2); + assert_eq!(visible_message_event_count, 2); + } + #[test] fn loads_custom_title_for_imported_session() { let root = TempDir::new().expect("tempdir"); diff --git a/codex-rs/external-agent-sessions/src/ledger.rs b/codex-rs/external-agent-sessions/src/ledger.rs index 84679581caa..9a3b2042b86 100644 --- a/codex-rs/external-agent-sessions/src/ledger.rs +++ b/codex-rs/external-agent-sessions/src/ledger.rs @@ -4,12 +4,16 @@ use serde::Deserialize; use serde::Serialize; use sha2::Digest; use sha2::Sha256; +use std::collections::HashMap; use std::fs; +use std::fs::File; use std::io; +use std::io::Read; use std::path::Path; use std::path::PathBuf; const SESSION_IMPORT_LEDGER_FILE: &str = "external_agent_session_imports.json"; +const SESSION_HASH_BUFFER_SIZE: usize = 64 * 1024; #[derive(Debug, Clone, Default, PartialEq, Eq, Serialize, Deserialize)] pub(super) struct ImportedExternalAgentSessionLedger { @@ -22,6 +26,21 @@ struct ImportedExternalAgentSessionRecord { content_sha256: String, imported_thread_id: ThreadId, imported_at: i64, + #[serde(default)] + source_modified_at: Option, +} + +#[derive(Debug, PartialEq, Eq)] +pub struct CompletedExternalAgentSessionImport { + pub source_path: PathBuf, + pub source_content_sha256: String, + pub imported_thread_id: ThreadId, +} + +#[derive(Debug, Clone, Copy)] +pub(super) struct ImportedSourceState { + pub source_modified_at: Option, + pub imported_at: i64, } pub fn has_current_session_been_imported( @@ -31,38 +50,114 @@ pub fn has_current_session_been_imported( load_import_ledger(codex_home)?.contains_current_source(source_path) } -pub fn record_imported_session( +#[cfg(test)] +pub(crate) fn record_imported_session( codex_home: &Path, source_path: &Path, imported_thread_id: ThreadId, ) -> io::Result<()> { - let mut ledger = load_import_ledger(codex_home)?; let source_path = canonical_source_path(source_path)?; - let content_sha256 = session_content_sha256(&source_path)?; - if ledger - .records - .iter() - .any(|record| record.source_path == source_path && record.content_sha256 == content_sha256) - { + record_completed_session_imports( + codex_home, + vec![CompletedExternalAgentSessionImport { + source_content_sha256: session_content_sha256(&source_path)?, + source_path, + imported_thread_id, + }], + ) +} + +pub fn record_completed_session_imports( + codex_home: &Path, + imports: Vec, +) -> io::Result<()> { + if imports.is_empty() { return Ok(()); } - ledger.records.push(ImportedExternalAgentSessionRecord { - source_path, - content_sha256, - imported_thread_id, - imported_at: now_unix_seconds(), - }); + let mut ledger = load_import_ledger(codex_home)?; + let imported_at = now_unix_seconds(); + for import in imports { + let source_modified_at = session_modified_at(&import.source_path).ok().flatten(); + if let Some(index) = ledger.records.iter().rposition(|record| { + record.source_path == import.source_path + && record.content_sha256 == import.source_content_sha256 + }) { + let mut record = ledger.records.remove(index); + record.imported_thread_id = import.imported_thread_id; + record.imported_at = imported_at; + record.source_modified_at = source_modified_at.or(record.source_modified_at); + ledger.records.push(record); + continue; + } + ledger.records.push(ImportedExternalAgentSessionRecord { + source_path: import.source_path, + content_sha256: import.source_content_sha256, + imported_thread_id: import.imported_thread_id, + imported_at, + source_modified_at, + }); + } save_import_ledger(codex_home, &ledger) } impl ImportedExternalAgentSessionLedger { + pub(super) fn source_states(&self) -> HashMap<&Path, ImportedSourceState> { + let mut states = HashMap::new(); + for record in &self.records { + states.insert( + record.source_path.as_path(), + ImportedSourceState { + source_modified_at: record.source_modified_at, + imported_at: record.imported_at, + }, + ); + } + states + } + pub(super) fn contains_current_source(&self, source_path: &Path) -> io::Result { + if self.records.is_empty() { + return Ok(false); + } let source_path = canonical_source_path(source_path)?; + if !self + .records + .iter() + .any(|record| record.source_path == source_path) + { + return Ok(false); + } let content_sha256 = session_content_sha256(&source_path)?; Ok(self.records.iter().any(|record| { record.source_path == source_path && record.content_sha256 == content_sha256 })) } + + pub(super) fn refresh_current_source( + &mut self, + source_path: &Path, + source_modified_at: i64, + ) -> io::Result { + let source_path = canonical_source_path(source_path)?; + if !self + .records + .iter() + .any(|record| record.source_path == source_path) + { + return Ok(false); + } + let content_sha256 = session_content_sha256(&source_path)?; + let Some(index) = self.records.iter().rposition(|record| { + record.source_path == source_path && record.content_sha256 == content_sha256 + }) else { + return Ok(false); + }; + let mut record = self.records.remove(index); + record.imported_at = now_unix_seconds(); + record.source_modified_at = Some(source_modified_at); + self.records.push(record); + Ok(true) + } } pub(super) fn load_import_ledger( @@ -84,7 +179,7 @@ pub(super) fn load_import_ledger( }) } -fn save_import_ledger( +pub(super) fn save_import_ledger( codex_home: &Path, ledger: &ImportedExternalAgentSessionLedger, ) -> io::Result<()> { @@ -103,6 +198,28 @@ fn canonical_source_path(path: &Path) -> io::Result { } fn session_content_sha256(path: &Path) -> io::Result { - let contents = fs::read(path)?; - Ok(format!("{:x}", Sha256::digest(contents))) + let mut file = File::open(path)?; + let mut hasher = Sha256::new(); + let mut buffer = [0; SESSION_HASH_BUFFER_SIZE]; + loop { + let read = file.read(&mut buffer)?; + if read == 0 { + break; + } + hasher.update(&buffer[..read]); + } + let digest = hasher.finalize(); + Ok(format!("{digest:x}")) } + +fn session_modified_at(path: &Path) -> io::Result> { + Ok(fs::metadata(path)? + .modified()? + .duration_since(std::time::UNIX_EPOCH) + .ok() + .and_then(|duration| i64::try_from(duration.as_nanos()).ok())) +} + +#[cfg(test)] +#[path = "ledger_tests.rs"] +mod tests; diff --git a/codex-rs/external-agent-sessions/src/ledger_tests.rs b/codex-rs/external-agent-sessions/src/ledger_tests.rs new file mode 100644 index 00000000000..f4b9dd6f7c2 --- /dev/null +++ b/codex-rs/external-agent-sessions/src/ledger_tests.rs @@ -0,0 +1,85 @@ +use super::CompletedExternalAgentSessionImport; +use super::ImportedExternalAgentSessionLedger; +use super::record_completed_session_imports; +use codex_protocol::ThreadId; +use sha2::Digest; +use sha2::Sha256; +use tempfile::TempDir; + +#[test] +fn empty_ledger_does_not_read_source() { + let root = TempDir::new().expect("tempdir"); + let missing_source = root.path().join("missing-session.jsonl"); + + assert!( + !ImportedExternalAgentSessionLedger::default() + .contains_current_source(&missing_source) + .expect("empty ledger cannot contain sources") + ); +} + +#[test] +fn completed_imports_do_not_read_source_files() { + let root = TempDir::new().expect("tempdir"); + let codex_home = root.path().join("codex-home"); + let source_path = root.path().join("session.jsonl"); + let contents = b"session contents"; + std::fs::write(&source_path, contents).expect("source"); + let source_path = std::fs::canonicalize(&source_path).expect("canonical source"); + std::fs::remove_file(&source_path).expect("remove source"); + let imported_thread_id = ThreadId::new(); + + record_completed_session_imports( + &codex_home, + vec![CompletedExternalAgentSessionImport { + source_path: source_path.clone(), + source_content_sha256: format!("{:x}", Sha256::digest(contents)), + imported_thread_id, + }], + ) + .expect("record completed imports"); + + let ledger = super::load_import_ledger(&codex_home).expect("ledger"); + assert_eq!(ledger.records.len(), 1); + assert_eq!(ledger.records[0].source_path, source_path); + assert_eq!(ledger.records[0].imported_thread_id, imported_thread_id); + assert_eq!(ledger.records[0].source_modified_at, None); +} + +#[test] +fn completed_import_refreshes_existing_record_metadata() { + let root = TempDir::new().expect("tempdir"); + let codex_home = root.path().join("codex-home"); + let source_path = root.path().join("session.jsonl"); + let contents = b"session contents"; + std::fs::write(&source_path, contents).expect("source"); + let source_path = std::fs::canonicalize(source_path).expect("canonical source"); + let content_sha256 = format!("{:x}", Sha256::digest(contents)); + let first_thread_id = ThreadId::new(); + let second_thread_id = ThreadId::new(); + + record_completed_session_imports( + &codex_home, + vec![CompletedExternalAgentSessionImport { + source_path: source_path.clone(), + source_content_sha256: content_sha256.clone(), + imported_thread_id: first_thread_id, + }], + ) + .expect("record first import"); + record_completed_session_imports( + &codex_home, + vec![CompletedExternalAgentSessionImport { + source_path: source_path.clone(), + source_content_sha256: content_sha256, + imported_thread_id: second_thread_id, + }], + ) + .expect("record replacement import"); + + let ledger = super::load_import_ledger(&codex_home).expect("ledger"); + assert_eq!(ledger.records.len(), 1); + assert_eq!(ledger.records[0].source_path, source_path); + assert_eq!(ledger.records[0].imported_thread_id, second_thread_id); + assert!(ledger.records[0].source_modified_at.is_some()); +} diff --git a/codex-rs/external-agent-sessions/src/lib.rs b/codex-rs/external-agent-sessions/src/lib.rs index fe9699f0c19..0b7a4eb2bac 100644 --- a/codex-rs/external-agent-sessions/src/lib.rs +++ b/codex-rs/external-agent-sessions/src/lib.rs @@ -6,15 +6,15 @@ mod ledger; mod records; use codex_protocol::protocol::RolloutItem; -use std::collections::HashSet; use std::io; use std::path::Path; use std::path::PathBuf; pub use detect::detect_recent_sessions; -pub use export::load_session_for_import; +use export::load_session_for_import_with_content_sha256; +pub use ledger::CompletedExternalAgentSessionImport; pub use ledger::has_current_session_been_imported; -pub use ledger::record_imported_session; +pub use ledger::record_completed_session_imports; pub use records::SessionSummary; pub use records::summarize_session; @@ -31,105 +31,51 @@ pub struct ExternalAgentSessionMigration { pub struct ImportedExternalAgentSession { pub cwd: PathBuf, pub title: Option, + pub first_user_message: Option, pub rollout_items: Vec, } #[derive(Debug, Clone)] pub struct PendingSessionImport { pub source_path: PathBuf, + pub source_content_sha256: String, pub session: ImportedExternalAgentSession, } -#[derive(Debug)] -pub enum PrepareSessionImportsError { - SessionNotDetected(PathBuf), -} - -impl std::fmt::Display for PrepareSessionImportsError { - fn fmt(&self, formatter: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - match self { - PrepareSessionImportsError::SessionNotDetected(path) => { - write!( - formatter, - "external agent session was not detected for import: {}", - path.display() - ) - } - } - } -} - -impl std::error::Error for PrepareSessionImportsError {} - -pub fn prepare_pending_session_imports( - codex_home: &Path, - requested_sessions: Vec, - detected_sessions: Vec, -) -> Result, PrepareSessionImportsError> { - let detected_session_paths = detected_sessions - .into_iter() - .map(|session| session.path) - .collect::>(); - let mut pending_session_imports = Vec::new(); - for session in requested_sessions { - let has_been_imported = match has_current_session_been_imported(codex_home, &session.path) { - Ok(has_been_imported) => has_been_imported, - Err(_) => continue, - }; - if !detected_session_paths.contains(&session.path) && !has_been_imported { - return Err(PrepareSessionImportsError::SessionNotDetected(session.path)); - } - if has_been_imported { - continue; - } - let imported_session = match load_importable_session(&session.path) { - Ok(Some(imported_session)) => imported_session, - Ok(None) | Err(_) => continue, - }; - pending_session_imports.push(PendingSessionImport { - source_path: session.path, - session: imported_session, - }); - } - Ok(pending_session_imports) -} - -pub fn prepare_validated_session_imports( - codex_home: &Path, - requested_sessions: Vec, -) -> Vec { - requested_sessions - .into_iter() - .filter_map(|session| pending_session_import(codex_home, session)) - .collect() -} - -fn pending_session_import( +pub fn prepare_validated_session_import( codex_home: &Path, session: ExternalAgentSessionMigration, -) -> Option { - let has_been_imported = match has_current_session_been_imported(codex_home, &session.path) { - Ok(has_been_imported) => has_been_imported, - Err(_) => return None, - }; +) -> io::Result> { + let has_been_imported = has_current_session_been_imported(codex_home, &session.path)?; if has_been_imported { - return None; + return Ok(None); } - let imported_session = match load_importable_session(&session.path) { - Ok(Some(imported_session)) => imported_session, - Ok(None) | Err(_) => return None, + let Some((source_path, imported_session, source_content_sha256)) = + load_importable_session(&session.path)? + else { + return Ok(None); }; - Some(PendingSessionImport { - source_path: session.path, + Ok(Some(PendingSessionImport { + source_path, + source_content_sha256, session: imported_session, - }) + })) } -fn load_importable_session(path: &Path) -> io::Result> { - let Some(imported_session) = load_session_for_import(path)? else { +fn load_importable_session( + path: &Path, +) -> io::Result> { + let source_path = std::fs::canonicalize(path)?; + let Some((imported_session, source_content_sha256)) = + load_session_for_import_with_content_sha256(&source_path)? + else { return Ok(None); }; - Ok(imported_session.cwd.is_dir().then_some(imported_session)) + Ok(imported_session.cwd.is_dir().then_some(( + source_path, + imported_session, + source_content_sha256, + ))) } #[derive(Debug, Clone)] @@ -172,45 +118,59 @@ fn now_unix_seconds() -> i64 { mod tests { use super::*; use codex_protocol::ThreadId; + use sha2::Digest; + use sha2::Sha256; use tempfile::TempDir; #[test] - fn rejects_session_that_was_not_detected() { + fn skips_session_that_was_already_imported() { let root = TempDir::new().expect("tempdir"); let codex_home = root.path().join("codex-home"); let source_path = root.path().join("session.jsonl"); std::fs::write(&source_path, "{}\n").expect("session"); + ledger::record_imported_session(&codex_home, &source_path, ThreadId::new()) + .expect("record import"); - let err = prepare_pending_session_imports( - &codex_home, - vec![session_migration(&source_path)], - Vec::new(), - ) - .expect_err("undetected session should be rejected"); - - match err { - PrepareSessionImportsError::SessionNotDetected(path) => { - assert_eq!(path, source_path); - } - } + let pending = + prepare_validated_session_import(&codex_home, session_migration(&source_path)) + .expect("already imported session should be skipped"); + + assert!(pending.is_none()); } #[test] - fn skips_session_that_was_already_imported() { + fn reports_session_preparation_errors() { let root = TempDir::new().expect("tempdir"); - let codex_home = root.path().join("codex-home"); - let source_path = root.path().join("session.jsonl"); - std::fs::write(&source_path, "{}\n").expect("session"); - record_imported_session(&codex_home, &source_path, ThreadId::new()).expect("record import"); + let source_path = root.path().join("missing-session.jsonl"); - let pending = prepare_pending_session_imports( - &codex_home, - vec![session_migration(&source_path)], - Vec::new(), - ) - .expect("already imported session should be skipped"); + let err = prepare_validated_session_import(root.path(), session_migration(&source_path)) + .expect_err("missing session should fail preparation"); + + assert_eq!(err.kind(), io::ErrorKind::NotFound); + } - assert!(pending.is_empty()); + #[test] + fn prepares_one_validated_session_import_with_content_hash() { + let root = TempDir::new().expect("tempdir"); + let source_path = root.path().join("session.jsonl"); + let contents = serde_json::json!({ + "type": "user", + "cwd": root.path(), + "timestamp": "2026-06-03T12:00:00Z", + "message": { "content": "first request" }, + }) + .to_string(); + std::fs::write(&source_path, &contents).expect("session"); + + let pending = + prepare_validated_session_import(root.path(), session_migration(&source_path)) + .expect("prepare session") + .expect("pending import"); + + assert_eq!( + pending.source_content_sha256, + format!("{:x}", Sha256::digest(contents)) + ); } fn session_migration(path: &Path) -> ExternalAgentSessionMigration { diff --git a/codex-rs/external-agent-sessions/src/records.rs b/codex-rs/external-agent-sessions/src/records.rs index 52f0535452c..00307fa1d52 100644 --- a/codex-rs/external-agent-sessions/src/records.rs +++ b/codex-rs/external-agent-sessions/src/records.rs @@ -4,6 +4,8 @@ use crate::MessageRole; use crate::summarize_for_label; use crate::truncate; use serde_json::Value as JsonValue; +use sha2::Digest; +use sha2::Sha256; use std::fs::File; use std::io; use std::io::BufRead; @@ -21,6 +23,13 @@ pub struct SessionSummary { pub migration: ExternalAgentSessionMigration, } +pub(super) struct ParsedSessionImport { + pub cwd: Option, + pub source_title: Option, + pub messages: Vec, + pub content_sha256: String, +} + pub fn summarize_session(path: &Path) -> io::Result> { let file = File::open(path)?; let reader = BufReader::new(file); @@ -37,7 +46,7 @@ pub fn summarize_session(path: &Path) -> io::Result> { if trimmed.is_empty() { continue; } - let Ok(record) = serde_json::from_str::(trimmed) else { + let Ok(mut record) = serde_json::from_str::(trimmed) else { continue; }; if cwd.is_none() { @@ -52,7 +61,7 @@ pub fn summarize_session(path: &Path) -> io::Result> { if let Some(title) = ai_title_from_record(&record) { ai_title = Some(title.to_string()); } - let Some(message) = conversation_message_from_record(&record) else { + let Some(message) = conversation_message_from_owned_record(&mut record) else { continue; }; saw_message = true; @@ -84,54 +93,50 @@ pub fn summarize_session(path: &Path) -> io::Result> { })) } -pub(super) fn source_title_from_records(records: &[JsonValue]) -> Option { - latest_title_from_records(records, custom_title_from_record) - .or_else(|| latest_title_from_records(records, ai_title_from_record)) -} - -pub(super) fn read_records(path: &Path) -> io::Result> { +pub(super) fn read_session_import(path: &Path) -> io::Result { let file = File::open(path)?; - let reader = BufReader::new(file); - let mut records = Vec::new(); - for line in reader.lines() { - let line = line?; + let mut reader = BufReader::new(file); + let mut cwd = None; + let mut custom_title = None; + let mut ai_title = None; + let mut messages = Vec::new(); + let mut line = String::new(); + let mut hasher = Sha256::new(); + loop { + line.clear(); + if reader.read_line(&mut line)? == 0 { + break; + } + hasher.update(line.as_bytes()); let trimmed = line.trim(); if trimmed.is_empty() { continue; } - let Ok(value) = serde_json::from_str::(trimmed) else { + let Ok(mut record) = serde_json::from_str::(trimmed) else { continue; }; - if value.is_object() { - records.push(value); + if cwd.is_none() { + cwd = record + .get("cwd") + .and_then(JsonValue::as_str) + .map(PathBuf::from); + } + if let Some(title) = custom_title_from_record(&record) { + custom_title = Some(title.to_string()); + } + if let Some(title) = ai_title_from_record(&record) { + ai_title = Some(title.to_string()); + } + if let Some(message) = conversation_message_from_owned_record(&mut record) { + messages.push(message); } } - Ok(records) -} - -pub(super) fn project_root_from_records(records: &[JsonValue]) -> Option { - records - .iter() - .find_map(|record| record.get("cwd").and_then(JsonValue::as_str)) - .map(PathBuf::from) -} - -pub(super) fn conversation_messages(records: &[JsonValue]) -> Vec { - records - .iter() - .filter_map(conversation_message_from_record) - .collect() -} - -fn latest_title_from_records<'a>( - records: &'a [JsonValue], - title_from_record: impl Fn(&'a JsonValue) -> Option<&'a str>, -) -> Option { - records - .iter() - .filter_map(title_from_record) - .next_back() - .map(ToOwned::to_owned) + Ok(ParsedSessionImport { + cwd, + source_title: custom_title.or(ai_title), + messages, + content_sha256: format!("{:x}", hasher.finalize()), + }) } fn custom_title_from_record(record: &JsonValue) -> Option<&str> { @@ -150,7 +155,7 @@ fn title_from_record<'a>(record: &'a JsonValue, record_type: &str, field: &str) .filter(|title| !title.is_empty()) } -fn conversation_message_from_record(record: &JsonValue) -> Option { +fn conversation_message_from_owned_record(record: &mut JsonValue) -> Option { let record_type = record.get("type")?.as_str()?; if record_type != "assistant" && record_type != "user" { return None; @@ -161,18 +166,30 @@ fn conversation_message_from_record(record: &JsonValue) -> Option { + if text.trim().is_empty() { + return None; + } + ExtractedMessage { + text, + only_tool_result: false, + } + } + content => extract_message_text(&content)?, + }; Some(ConversationMessage { - role, + role: if is_assistant || extracted.only_tool_result { + MessageRole::Assistant + } else { + MessageRole::User + }, text: extracted.text, timestamp, }) @@ -324,6 +341,46 @@ fn parse_timestamp(timestamp: &str) -> Option { #[cfg(test)] mod tests { use super::*; + use tempfile::TempDir; + + #[test] + fn reads_session_import_in_one_pass() { + let root = TempDir::new().expect("tempdir"); + let path = root.path().join("session.jsonl"); + let contents = [ + serde_json::json!({ + "type": "user", + "cwd": root.path(), + "timestamp": "2026-06-03T12:00:00Z", + "message": { "content": "first request" }, + }) + .to_string(), + "not json".to_string(), + serde_json::json!({ + "type": "ai-title", + "aiTitle": "generated title", + }) + .to_string(), + serde_json::json!({ + "type": "custom-title", + "customTitle": "custom title", + }) + .to_string(), + ] + .join("\n"); + std::fs::write(&path, &contents).expect("session"); + + let parsed = read_session_import(&path).expect("parse session"); + + assert_eq!(parsed.cwd.as_deref(), Some(root.path())); + assert_eq!(parsed.source_title.as_deref(), Some("custom title")); + assert_eq!(parsed.messages.len(), 1); + assert_eq!(parsed.messages[0].text, "first request"); + assert_eq!( + parsed.content_sha256, + format!("{:x}", Sha256::digest(contents)) + ); + } #[test] fn converts_tool_use_blocks_to_bounded_external_agent_tags() { diff --git a/codex-rs/features/src/feature_configs.rs b/codex-rs/features/src/feature_configs.rs index 6106431d77d..f59b89e9a87 100644 --- a/codex-rs/features/src/feature_configs.rs +++ b/codex-rs/features/src/feature_configs.rs @@ -4,6 +4,26 @@ use serde::Deserialize; use serde::Serialize; use std::collections::BTreeMap; +#[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, Eq, JsonSchema)] +#[serde(deny_unknown_fields)] +pub struct CodeModeConfigToml { + #[serde(skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Exact tool namespaces to omit from the code-mode nested tool surface. + #[serde(skip_serializing_if = "Option::is_none")] + pub excluded_tool_namespaces: Option>, +} + +impl FeatureConfig for CodeModeConfigToml { + fn enabled(&self) -> Option { + self.enabled + } + + fn set_enabled(&mut self, enabled: bool) { + self.enabled = Some(enabled); + } +} + #[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, Eq, JsonSchema)] #[serde(deny_unknown_fields)] pub struct MultiAgentV2ConfigToml { @@ -50,21 +70,11 @@ impl FeatureConfig for MultiAgentV2ConfigToml { #[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, Eq, JsonSchema)] #[serde(deny_unknown_fields)] -pub struct AppsMcpPathOverrideConfigToml { +pub(crate) struct RemovedAppsMcpPathOverrideConfigToml { #[serde(skip_serializing_if = "Option::is_none")] - pub enabled: Option, + enabled: Option, #[serde(skip_serializing_if = "Option::is_none")] - pub path: Option, -} - -impl FeatureConfig for AppsMcpPathOverrideConfigToml { - fn enabled(&self) -> Option { - self.enabled.or(self.path.as_ref().map(|_| true)) - } - - fn set_enabled(&mut self, enabled: bool) { - self.enabled = Some(enabled); - } + path: Option, } #[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, Eq, JsonSchema)] diff --git a/codex-rs/features/src/lib.rs b/codex-rs/features/src/lib.rs index ce1ee6940eb..2f8e91d709f 100644 --- a/codex-rs/features/src/lib.rs +++ b/codex-rs/features/src/lib.rs @@ -16,12 +16,13 @@ use toml::Table; mod feature_configs; mod legacy; -pub use feature_configs::AppsMcpPathOverrideConfigToml; +pub use feature_configs::CodeModeConfigToml; pub use feature_configs::MultiAgentV2ConfigToml; pub use feature_configs::NetworkProxyConfigToml; pub use feature_configs::NetworkProxyDomainPermissionToml; pub use feature_configs::NetworkProxyModeToml; pub use feature_configs::NetworkProxyUnixSocketPermissionToml; +use feature_configs::RemovedAppsMcpPathOverrideConfigToml; use legacy::LegacyFeatureToggles; pub use legacy::legacy_feature_keys; @@ -98,6 +99,8 @@ pub enum Feature { UnifiedExecZshFork, /// Reflow transcript scrollback when the terminal is resized. TerminalResizeReflow, + /// Add terminal-specific visualization guidance to TUI developer instructions. + TerminalVisualizationInstructions, /// Stream structured progress while apply_patch input is being generated. ApplyPatchStreamingEvents, /// Allow exec tools to request additional permissions while staying sandboxed. @@ -140,7 +143,7 @@ pub enum Feature { Apps, /// Enable MCP apps. EnableMcpApps, - /// Use the new path for the host-owned apps MCP server. + /// Removed compatibility flag for the legacy Apps MCP path override. AppsMcpPathOverride, /// Removed compatibility flag retained as a no-op now that tool_search is always enabled. ToolSearch, @@ -174,12 +177,14 @@ pub enum Feature { RemotePlugin, /// Enable remote plugin sharing flows. PluginSharing, - /// Show the startup prompt for migrating external agent config into Codex. + /// Removed compatibility flag retained as a no-op. ExternalMigration, /// Allow the model to invoke the built-in image generation tool. ImageGeneration, /// Replace hosted image generation with the standalone image-generation extension. ImageGenExt, + /// Resize all inline data-URL images before recording them in history. + ResizeAllImages, /// Allow prompting and installing missing MCP dependencies. SkillMcpDependencyInstall, /// Removed compatibility flag for deleted skill env var dependency prompting. @@ -192,6 +197,8 @@ pub enum Feature { GuardianApproval, /// Enable persisted thread goals and automatic goal continuation. Goals, + /// Add current context-window metadata to model-visible context. + TokenBudget, /// Route MCP tool approval prompts through the MCP elicitation request path. ToolCallMcpElicitation, /// Prompt Codex Apps connector auth failures through MCP URL elicitations. @@ -206,8 +213,6 @@ pub enum Feature { RealtimeConversation, /// Prevent idle system sleep while a turn is actively running. PreventIdleSleep, - /// Send `response.processed` over Responses API websockets after a turn response is recorded. - ResponsesWebsocketResponseProcessed, /// Enable remote compaction v2 over the normal Responses API. RemoteCompactionV2, /// Enable workspace dependency support. @@ -442,7 +447,7 @@ impl Features { "apply_patch_freeform" => { continue; } - "tool_search" => { + "tool_search" | "apps_mcp_path_override" => { continue; } "image_detail_original" => { @@ -601,9 +606,12 @@ pub fn is_known_feature_key(key: &str) -> bool { #[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, JsonSchema)] pub struct FeaturesToml { #[serde(default, skip_serializing_if = "Option::is_none")] - pub multi_agent_v2: Option>, + pub code_mode: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] - pub apps_mcp_path_override: Option>, + pub multi_agent_v2: Option>, + #[serde(default, rename = "apps_mcp_path_override", skip_serializing)] + #[schemars(skip)] + removed_apps_mcp_path_override: Option>, pub network_proxy: Option>, /// Boolean feature toggles keyed by canonical or legacy feature name. #[serde(flatten)] @@ -618,18 +626,21 @@ impl Features { } impl FeaturesToml { + /// Removes compatibility-only inputs that no longer affect runtime + /// behavior or belong in newly materialized config. + pub fn clear_removed_compatibility_entries(&mut self) { + self.removed_apps_mcp_path_override = None; + self.entries.remove("apps_mcp_path_override"); + } + pub fn entries(&self) -> BTreeMap { let mut entries = self.entries.clone(); + if let Some(enabled) = self.code_mode.as_ref().and_then(FeatureToml::enabled) { + entries.insert(Feature::CodeMode.key().to_string(), enabled); + } if let Some(enabled) = self.multi_agent_v2.as_ref().and_then(FeatureToml::enabled) { entries.insert(Feature::MultiAgentV2.key().to_string(), enabled); } - if let Some(enabled) = self - .apps_mcp_path_override - .as_ref() - .and_then(FeatureToml::enabled) - { - entries.insert(Feature::AppsMcpPathOverride.key().to_string(), enabled); - } if let Some(enabled) = self.network_proxy.as_ref().and_then(FeatureToml::enabled) { entries.insert(Feature::NetworkProxy.key().to_string(), enabled); } @@ -637,9 +648,11 @@ impl FeaturesToml { } pub fn materialize_resolved_enabled(&mut self, features: &Features) { + self.clear_removed_compatibility_entries(); let Self { + code_mode, multi_agent_v2, - apps_mcp_path_override, + removed_apps_mcp_path_override: _, network_proxy, entries, } = self; @@ -648,10 +661,10 @@ impl FeaturesToml { } for spec in FEATURES { let enabled = features.enabled(spec.id); - if spec.id == Feature::MultiAgentV2 { + if spec.id == Feature::CodeMode { + materialize_resolved_feature_enabled(code_mode, enabled); + } else if spec.id == Feature::MultiAgentV2 { materialize_resolved_feature_enabled(multi_agent_v2, enabled); - } else if spec.id == Feature::AppsMcpPathOverride { - materialize_resolved_feature_enabled(apps_mcp_path_override, enabled); } else if spec.id == Feature::NetworkProxy { materialize_resolved_feature_enabled(network_proxy, enabled); } else { @@ -978,7 +991,7 @@ pub const FEATURES: &[FeatureSpec] = &[ FeatureSpec { id: Feature::AppsMcpPathOverride, key: "apps_mcp_path_override", - stage: Stage::UnderDevelopment, + stage: Stage::Removed, default_enabled: false, }, FeatureSpec { @@ -1062,11 +1075,7 @@ pub const FEATURES: &[FeatureSpec] = &[ FeatureSpec { id: Feature::ExternalMigration, key: "external_migration", - stage: Stage::Experimental { - name: "External migration", - menu_description: "Show a startup prompt when Codex detects migratable external agent config for this machine or project.", - announcement: "", - }, + stage: Stage::Removed, default_enabled: false, }, FeatureSpec { @@ -1081,6 +1090,12 @@ pub const FEATURES: &[FeatureSpec] = &[ stage: Stage::UnderDevelopment, default_enabled: false, }, + FeatureSpec { + id: Feature::ResizeAllImages, + key: "resize_all_images", + stage: Stage::UnderDevelopment, + default_enabled: false, + }, FeatureSpec { id: Feature::SkillMcpDependencyInstall, key: "skill_mcp_dependency_install", @@ -1111,6 +1126,12 @@ pub const FEATURES: &[FeatureSpec] = &[ stage: Stage::UnderDevelopment, default_enabled: false, }, + FeatureSpec { + id: Feature::TerminalVisualizationInstructions, + key: "terminal_visualization_instructions", + stage: Stage::UnderDevelopment, + default_enabled: false, + }, FeatureSpec { id: Feature::GuardianApproval, key: "guardian_approval", @@ -1123,6 +1144,12 @@ pub const FEATURES: &[FeatureSpec] = &[ stage: Stage::Stable, default_enabled: true, }, + FeatureSpec { + id: Feature::TokenBudget, + key: "token_budget", + stage: Stage::UnderDevelopment, + default_enabled: false, + }, FeatureSpec { id: Feature::CollaborationModes, key: "collaboration_modes", @@ -1219,17 +1246,11 @@ pub const FEATURES: &[FeatureSpec] = &[ stage: Stage::Removed, default_enabled: false, }, - FeatureSpec { - id: Feature::ResponsesWebsocketResponseProcessed, - key: "responses_websocket_response_processed", - stage: Stage::UnderDevelopment, - default_enabled: false, - }, FeatureSpec { id: Feature::RemoteCompactionV2, key: "remote_compaction_v2", - stage: Stage::UnderDevelopment, - default_enabled: false, + stage: Stage::Stable, + default_enabled: true, }, FeatureSpec { id: Feature::WorkspaceDependencies, diff --git a/codex-rs/features/src/tests.rs b/codex-rs/features/src/tests.rs index 5d7087e90bd..0a4f925f4f7 100644 --- a/codex-rs/features/src/tests.rs +++ b/codex-rs/features/src/tests.rs @@ -83,6 +83,37 @@ fn plugin_hooks_is_removed_and_disabled_by_default() { assert_eq!(feature_for_key("plugin_hooks"), Some(Feature::PluginHooks)); } +#[test] +fn external_migration_is_removed_and_disabled_by_default() { + assert_eq!(Feature::ExternalMigration.stage(), Stage::Removed); + assert_eq!(Feature::ExternalMigration.default_enabled(), false); + assert_eq!( + feature_for_key("external_migration"), + Some(Feature::ExternalMigration) + ); +} + +#[test] +fn removed_apps_mcp_path_override_shapes_are_ignored() { + let features = [ + toml::from_str::("apps_mcp_path_override = true") + .expect("boolean compatibility form should deserialize"), + toml::from_str::( + r#" +[apps_mcp_path_override] +enabled = true +path = "/custom/mcp" +"#, + ) + .expect("structured compatibility form should deserialize"), + ]; + + assert_eq!( + features.map(|features| features.entries()), + [BTreeMap::new(), BTreeMap::new()] + ); +} + #[test] fn code_mode_only_requires_code_mode() { let mut features = Features::with_defaults(); @@ -101,23 +132,6 @@ fn guardian_approval_is_stable_and_enabled_by_default() { assert_eq!(Feature::GuardianApproval.default_enabled(), true); } -#[test] -fn external_migration_is_experimental_and_disabled_by_default() { - let spec = Feature::ExternalMigration.info(); - let stage = spec.stage; - - assert!(matches!(stage, Stage::Experimental { .. })); - assert_eq!(stage.experimental_menu_name(), Some("External migration")); - assert_eq!( - stage.experimental_menu_description(), - Some( - "Show a startup prompt when Codex detects migratable external agent config for this machine or project." - ) - ); - assert_eq!(stage.experimental_announcement(), None); - assert_eq!(Feature::ExternalMigration.default_enabled(), false); -} - #[test] fn request_permissions_is_under_development() { assert_eq!( @@ -136,32 +150,6 @@ fn request_permissions_tool_is_under_development() { assert_eq!(Feature::RequestPermissionsTool.default_enabled(), false); } -#[test] -fn remote_compaction_v2_is_under_development() { - assert_eq!(Feature::RemoteCompactionV2.stage(), Stage::UnderDevelopment); - assert_eq!(Feature::RemoteCompactionV2.default_enabled(), false); - assert_eq!( - feature_for_key("remote_compaction_v2"), - Some(Feature::RemoteCompactionV2) - ); -} - -#[test] -fn responses_websocket_response_processed_is_under_development() { - assert_eq!( - Feature::ResponsesWebsocketResponseProcessed.stage(), - Stage::UnderDevelopment - ); - assert_eq!( - Feature::ResponsesWebsocketResponseProcessed.default_enabled(), - false - ); - assert_eq!( - feature_for_key("responses_websocket_response_processed"), - Some(Feature::ResponsesWebsocketResponseProcessed) - ); -} - #[test] fn terminal_resize_reflow_is_experimental_and_enabled_by_default() { assert_eq!( diff --git a/codex-rs/file-system/Cargo.toml b/codex-rs/file-system/Cargo.toml index 85e083567b7..087e5da6c0a 100644 --- a/codex-rs/file-system/Cargo.toml +++ b/codex-rs/file-system/Cargo.toml @@ -8,9 +8,9 @@ license.workspace = true workspace = true [dependencies] -async-trait = { workspace = true } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } +codex-utils-path-uri = { workspace = true } serde = { workspace = true, features = ["derive"] } [lib] diff --git a/codex-rs/file-system/src/lib.rs b/codex-rs/file-system/src/lib.rs index 8fad1f5b62b..58dcde604cb 100644 --- a/codex-rs/file-system/src/lib.rs +++ b/codex-rs/file-system/src/lib.rs @@ -1,4 +1,3 @@ -use async_trait::async_trait; use codex_protocol::config_types::WindowsSandboxLevel; use codex_protocol::models::PermissionProfile; use codex_protocol::models::SandboxEnforcement; @@ -9,8 +8,11 @@ use codex_protocol::permissions::FileSystemSpecialPath; use codex_protocol::permissions::NetworkSandboxPolicy; use codex_protocol::protocol::SandboxPolicy; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; +use std::future::Future; use std::io; use std::path::Path; +use std::pin::Pin; #[derive(Clone, Copy, Debug, Eq, PartialEq)] pub struct CreateDirectoryOptions { @@ -129,81 +131,76 @@ fn file_system_policy_has_cwd_dependent_entries( pub type FileSystemResult = io::Result; +/// Future returned by [`ExecutorFileSystem`] operations. +pub type ExecutorFileSystemFuture<'a, T> = + Pin> + Send + 'a>>; + /// Abstract filesystem access used by components that may operate locally or via /// a remote environment. -#[async_trait] pub trait ExecutorFileSystem: Send + Sync { /// Resolves a path within this filesystem. - async fn canonicalize( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult; - - /// Lexically joins a path onto an existing bound path. - async fn join( - &self, - base_path: &AbsolutePathBuf, - path: &Path, - ) -> FileSystemResult; - - /// Returns the parent directory of a bound path. - async fn parent(&self, path: &AbsolutePathBuf) -> FileSystemResult>; - - async fn read_file( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult>; + fn canonicalize<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, PathUri>; + + fn read_file<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec>; /// Reads a file and decodes it as UTF-8 text. - async fn read_file_text( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult { - let bytes = self.read_file(path, sandbox).await?; - String::from_utf8(bytes).map_err(|err| io::Error::new(io::ErrorKind::InvalidData, err)) + fn read_file_text<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, String> { + Box::pin(async move { + let bytes = self.read_file(path, sandbox).await?; + String::from_utf8(bytes).map_err(|err| io::Error::new(io::ErrorKind::InvalidData, err)) + }) } - async fn write_file( - &self, - path: &AbsolutePathBuf, + fn write_file<'a>( + &'a self, + path: &'a PathUri, contents: Vec, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()>; + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()>; - async fn create_directory( - &self, - path: &AbsolutePathBuf, + fn create_directory<'a>( + &'a self, + path: &'a PathUri, create_directory_options: CreateDirectoryOptions, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()>; - - async fn get_metadata( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult; - - async fn read_directory( - &self, - path: &AbsolutePathBuf, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult>; - - async fn remove( - &self, - path: &AbsolutePathBuf, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()>; + + fn get_metadata<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, FileMetadata>; + + fn read_directory<'a>( + &'a self, + path: &'a PathUri, + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, Vec>; + + fn remove<'a>( + &'a self, + path: &'a PathUri, remove_options: RemoveOptions, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()>; + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()>; - async fn copy( - &self, - source_path: &AbsolutePathBuf, - destination_path: &AbsolutePathBuf, + fn copy<'a>( + &'a self, + source_path: &'a PathUri, + destination_path: &'a PathUri, copy_options: CopyOptions, - sandbox: Option<&FileSystemSandboxContext>, - ) -> FileSystemResult<()>; + sandbox: Option<&'a FileSystemSandboxContext>, + ) -> ExecutorFileSystemFuture<'a, ()>; } diff --git a/codex-rs/git-utils/Cargo.toml b/codex-rs/git-utils/Cargo.toml index 9f9c6d0c1d0..18ba4882529 100644 --- a/codex-rs/git-utils/Cargo.toml +++ b/codex-rs/git-utils/Cargo.toml @@ -14,6 +14,7 @@ chrono = { workspace = true } codex-file-system = { workspace = true } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } +codex-utils-path-uri = { workspace = true } futures = { workspace = true, features = ["alloc"] } gix = { workspace = true } once_cell = { workspace = true } diff --git a/codex-rs/git-utils/src/fsmonitor.rs b/codex-rs/git-utils/src/fsmonitor.rs new file mode 100644 index 00000000000..b4902ec37d0 --- /dev/null +++ b/codex-rs/git-utils/src/fsmonitor.rs @@ -0,0 +1,129 @@ +//! Policy for preserving Git's built-in filesystem monitor. +//! +//! Codex overrides `core.fsmonitor` so repository configuration cannot select +//! an executable helper. Preserve the built-in daemon only when the effective +//! value is boolean true and Git advertises daemon support. +//! +//! The daemon avoids scanning every tracked file and untracked directory: +//! https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/Documentation/git-fsmonitor--daemon.adoc#L49-L57 +//! https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/Documentation/git-update-index.adoc#L545-L550 + +use std::future::Future; + +/// The safe `core.fsmonitor` override for an internal Git command. +#[derive(Clone, Copy, Debug, Eq, PartialEq)] +pub enum FsmonitorOverride { + /// Disable repository-selected filesystem monitor helpers. + Disabled, + /// Preserve Git's built-in filesystem monitor daemon. + BuiltIn, +} + +impl FsmonitorOverride { + /// Returns the complete Git configuration override. + pub const fn git_config_arg(self) -> &'static str { + match self { + Self::Disabled => "core.fsmonitor=false", + Self::BuiltIn => "core.fsmonitor=true", + } + } +} + +/// Executes the Git commands required by [`detect_fsmonitor_override`]. +/// +/// Implementations must return stdout only when Git exits successfully. +/// Timeouts, spawn or transport failures, signal termination, and nonzero exit +/// statuses must return `None`. +pub trait FsmonitorProbeRunner: Send { + /// Runs one bounded probe in the target repository. + fn run_probe(&mut self, args: &[&str]) -> impl Future>> + Send; +} + +/// Returns the safe filesystem monitor override for the target repository. +/// +/// This intentionally probes every time. Effective Git configuration is +/// layered, may use conditional includes, and can change while Codex is +/// running: +/// https://git-scm.com/docs/git-config#SCOPES +/// https://git-scm.com/docs/git-config#_conditional_includes +pub async fn detect_fsmonitor_override( + runner: &mut impl FsmonitorProbeRunner, +) -> FsmonitorOverride { + // A typed query converts every matching value before `--get` selects the + // effective one. A shadowed helper path can therefore make a repository- + // local true fail conversion. Query the raw effective value first. + // https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/builtin/config.c#L482-L514 + // https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/builtin/config.c#L611-L614 + let Some(config) = runner + .run_probe(&["config", "--null", "--get", "core.fsmonitor"]) + .await + else { + return FsmonitorOverride::Disabled; + }; + let Some(config) = config.strip_suffix(b"\0") else { + return FsmonitorOverride::Disabled; + }; + if config.contains(&0) { + return FsmonitorOverride::Disabled; + } + let Ok(config) = str::from_utf8(config) else { + return FsmonitorOverride::Disabled; + }; + + // Git accepts these case-insensitive spellings directly, as well as + // valueless keys and nonzero integers. Ask Git to normalize uncommon + // spellings, filtering by the raw effective value before conversion so a + // shadowed helper pathname cannot make the query fail. + // https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/parse.c#L158-L181 + // https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/builtin/config.c#L264-L279 + // https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/builtin/config.c#L496-L507 + let configured = if ["true", "yes", "on"] + .iter() + .any(|value| config.eq_ignore_ascii_case(value)) + { + true + } else if ["false", "no", "off"] + .iter() + .any(|value| config.eq_ignore_ascii_case(value)) + { + false + } else { + let typed_args = [ + "config", + "--null", + "--type=bool", + "--fixed-value", + "--get", + "core.fsmonitor", + config, + ]; + matches!( + runner.run_probe(&typed_args).await.as_deref(), + Some(b"true\0") + ) + }; + if !configured { + return FsmonitorOverride::Disabled; + } + + // Git 2.35.1 and older interpret "true" as a hook pathname. Before Git + // 2.26, a successful empty hook response can hide tracked changes. Require + // the feature line Git added specifically for capability checks. + // https://github.com/git/git/blob/94f057755b7941b321fd11fec1b2e3ca5313a4e0/Documentation/config/core.adoc#L90-L99 + // https://github.com/git/git/commit/dd77cf61a1a2fbf52c94d0cd986d555ad2ba8a4b + let Some(build_options) = runner.run_probe(&["version", "--build-options"]).await else { + return FsmonitorOverride::Disabled; + }; + if build_options + .split(|byte| *byte == b'\n') + .any(|line| line.trim_ascii() == b"feature: fsmonitor--daemon") + { + FsmonitorOverride::BuiltIn + } else { + FsmonitorOverride::Disabled + } +} + +#[cfg(test)] +#[path = "fsmonitor_tests.rs"] +mod tests; diff --git a/codex-rs/git-utils/src/fsmonitor_tests.rs b/codex-rs/git-utils/src/fsmonitor_tests.rs new file mode 100644 index 00000000000..e86139421ca --- /dev/null +++ b/codex-rs/git-utils/src/fsmonitor_tests.rs @@ -0,0 +1,139 @@ +use std::collections::VecDeque; +use std::future::Future; + +use pretty_assertions::assert_eq; + +use super::FsmonitorOverride; +use super::FsmonitorProbeRunner; +use super::detect_fsmonitor_override; + +struct ProbeResponse { + args: Vec<&'static str>, + output: Option>, +} + +struct FakeRunner { + responses: VecDeque, +} + +impl FsmonitorProbeRunner for FakeRunner { + fn run_probe(&mut self, args: &[&str]) -> impl Future>> + Send { + let response = self.responses.pop_front().expect("missing probe response"); + assert_eq!(args, response.args); + std::future::ready(response.output) + } +} + +#[tokio::test] +async fn detects_supported_builtin_fsmonitor_values() { + let cases = [ + ( + "missing config", + vec![response(config_args(), /*output*/ None)], + FsmonitorOverride::Disabled, + ), + ( + "helper path", + vec![ + response(config_args(), Some(b"/tmp/fsmonitor-helper\0")), + response( + typed_config_args("/tmp/fsmonitor-helper"), + /*output*/ None, + ), + ], + FsmonitorOverride::Disabled, + ), + ( + "false spelling", + vec![response(config_args(), Some(b"OFF\0"))], + FsmonitorOverride::Disabled, + ), + ( + "unsupported Git", + vec![ + response(config_args(), Some(b"yes\0")), + response(capability_args(), Some(b"")), + ], + FsmonitorOverride::Disabled, + ), + ( + "common true spelling", + vec![ + response(config_args(), Some(b"On\0")), + response(capability_args(), Some(fsmonitor_capability())), + ], + FsmonitorOverride::BuiltIn, + ), + ( + "numeric true", + vec![ + response(config_args(), Some(b"2k\0")), + response(typed_config_args("2k"), Some(b"true\0")), + response(capability_args(), Some(fsmonitor_capability())), + ], + FsmonitorOverride::BuiltIn, + ), + ( + "valueless true", + vec![ + response(config_args(), Some(b"\0")), + response(typed_config_args(""), Some(b"true\0")), + response(capability_args(), Some(fsmonitor_capability())), + ], + FsmonitorOverride::BuiltIn, + ), + ( + "explicit empty false", + vec![ + response(config_args(), Some(b"\0")), + response(typed_config_args(""), Some(b"false\0")), + ], + FsmonitorOverride::Disabled, + ), + ]; + + for (name, responses, expected) in cases { + let mut runner = FakeRunner { + responses: responses.into(), + }; + + let actual = detect_fsmonitor_override(&mut runner).await; + + assert_eq!( + (actual, runner.responses.len()), + (expected, 0), + "case: {name}" + ); + } +} + +fn response(args: Vec<&'static str>, output: Option<&[u8]>) -> ProbeResponse { + ProbeResponse { + args, + output: output.map(<[u8]>::to_vec), + } +} + +fn config_args() -> Vec<&'static str> { + vec!["config", "--null", "--get", "core.fsmonitor"] +} + +fn typed_config_args(value: &'static str) -> Vec<&'static str> { + vec![ + "config", + "--null", + "--type=bool", + "--fixed-value", + "--get", + "core.fsmonitor", + value, + ] +} + +fn capability_args() -> Vec<&'static str> { + vec!["version", "--build-options"] +} + +fn fsmonitor_capability() -> &'static [u8] { + b"feature: fsmonitor--daemon\n" +} diff --git a/codex-rs/git-utils/src/info.rs b/codex-rs/git-utils/src/info.rs index a188d9a876b..beff18b519c 100644 --- a/codex-rs/git-utils/src/info.rs +++ b/codex-rs/git-utils/src/info.rs @@ -6,6 +6,7 @@ use std::path::PathBuf; use codex_file_system::ExecutorFileSystem; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use futures::future::join_all; use schemars::JsonSchema; use serde::Deserialize; @@ -46,7 +47,8 @@ pub async fn get_git_repo_root_with_fs( fs: &dyn ExecutorFileSystem, cwd: &AbsolutePathBuf, ) -> Option { - let base = match fs.get_metadata(cwd, /*sandbox*/ None).await { + let cwd_uri = PathUri::from_abs_path(cwd).ok()?; + let base = match fs.get_metadata(&cwd_uri, /*sandbox*/ None).await { Ok(metadata) if metadata.is_directory => cwd.clone(), _ => cwd.parent()?, }; @@ -279,7 +281,10 @@ fn trim_git_suffix(value: &str) -> &str { } pub async fn get_has_changes(cwd: &Path) -> Option { - let output = run_git_command_with_timeout(&["status", "--porcelain"], cwd).await?; + let git = Path::new("git"); + let fsmonitor = detect_local_fsmonitor_override(git, cwd).await; + let output = + run_git_command_with_timeout_from(git, &["status", "--porcelain"], cwd, fsmonitor).await?; if !output.status.success() { return None; } @@ -390,12 +395,53 @@ pub async fn git_diff_to_remote(cwd: &Path) -> Option { /// Run a git command with a timeout to prevent blocking on large repositories async fn run_git_command_with_timeout(args: &[&str], cwd: &Path) -> Option { - let mut command = Command::new("git"); + // These callers only inspect repository metadata. Worktree workflows probe + // once and pass their override directly to the lower-level runner. + run_git_command_with_timeout_from( + Path::new("git"), + args, + cwd, + crate::FsmonitorOverride::Disabled, + ) + .await +} + +struct LocalFsmonitorProbeRunner<'a> { + git: &'a Path, + cwd: &'a Path, +} + +impl crate::FsmonitorProbeRunner for LocalFsmonitorProbeRunner<'_> { + async fn run_probe(&mut self, args: &[&str]) -> Option> { + // Both probes are fast, bounded metadata queries that do not inspect the + // worktree or index, so do not reduce the requested command's timeout. + let mut command = Command::new(self.git); + command.args(args).current_dir(self.cwd).kill_on_drop(true); + match timeout(GIT_COMMAND_TIMEOUT, command.output()).await { + Ok(Ok(output)) if output.status.success() => Some(output.stdout), + _ => None, + } + } +} + +async fn detect_local_fsmonitor_override(git: &Path, cwd: &Path) -> crate::FsmonitorOverride { + let mut runner = LocalFsmonitorProbeRunner { git, cwd }; + crate::detect_fsmonitor_override(&mut runner).await +} + +async fn run_git_command_with_timeout_from( + git: &Path, + args: &[&str], + cwd: &Path, + fsmonitor: crate::FsmonitorOverride, +) -> Option { + let mut command = Command::new(git); command .env("GIT_OPTIONAL_LOCKS", "0") - // Keep internal Git helper commands independent of configured hook directories. + // Keep internal Git commands independent of repository-selected hooks + // and fsmonitor helpers while preserving built-in fsmonitor acceleration. .args(["-c", &format!("core.hooksPath={DISABLED_HOOKS_PATH}")]) - .args(["-c", "core.fsmonitor=false"]) + .args(["-c", fsmonitor.git_config_arg()]) .args(args) .current_dir(cwd) .kill_on_drop(true); @@ -684,9 +730,15 @@ async fn find_closest_sha(cwd: &Path, branches: &[String], remotes: &[String]) - } async fn diff_against_sha(cwd: &Path, sha: &GitSha) -> Option { - let output = - run_git_command_with_timeout(&["diff", "--no-textconv", "--no-ext-diff", &sha.0], cwd) - .await?; + let git = Path::new("git"); + let fsmonitor = detect_local_fsmonitor_override(git, cwd).await; + let output = run_git_command_with_timeout_from( + git, + &["diff", "--no-textconv", "--no-ext-diff", &sha.0], + cwd, + fsmonitor, + ) + .await?; // 0 is success and no diff. // 1 is success but there is a diff. let exit_ok = output.status.code().is_some_and(|c| c == 0 || c == 1); @@ -695,8 +747,13 @@ async fn diff_against_sha(cwd: &Path, sha: &GitSha) -> Option { } let mut diff = String::from_utf8(output.stdout).ok()?; - if let Some(untracked_output) = - run_git_command_with_timeout(&["ls-files", "--others", "--exclude-standard"], cwd).await + if let Some(untracked_output) = run_git_command_with_timeout_from( + git, + &["ls-files", "--others", "--exclude-standard"], + cwd, + fsmonitor, + ) + .await && untracked_output.status.success() { let untracked: Vec = String::from_utf8(untracked_output.stdout) @@ -722,7 +779,7 @@ async fn diff_against_sha(cwd: &Path, sha: &GitSha) -> Option { null_device, &file_owned, ]; - run_git_command_with_timeout(&args_vec, cwd).await + run_git_command_with_timeout_from(git, &args_vec, cwd, fsmonitor).await }); let results = join_all(futures_iter).await; for extra in results.into_iter().flatten() { @@ -748,8 +805,9 @@ pub async fn resolve_root_git_project_for_trust( ) -> Option { let repo_root = get_git_repo_root_with_fs(fs, cwd).await?; let dot_git = repo_root.join(".git"); + let dot_git_uri = PathUri::from_abs_path(&dot_git).ok()?; if fs - .get_metadata(&dot_git, /*sandbox*/ None) + .get_metadata(&dot_git_uri, /*sandbox*/ None) .await .ok()? .is_directory @@ -757,7 +815,10 @@ pub async fn resolve_root_git_project_for_trust( return Some(repo_root); } - let git_dir_s = fs.read_file_text(&dot_git, /*sandbox*/ None).await.ok()?; + let git_dir_s = fs + .read_file_text(&dot_git_uri, /*sandbox*/ None) + .await + .ok()?; let git_dir_rel = git_dir_s.trim().strip_prefix("gitdir:")?.trim(); if git_dir_rel.is_empty() { return None; @@ -798,7 +859,12 @@ async fn find_ancestor_git_entry_with_fs( ) -> Option<(AbsolutePathBuf, AbsolutePathBuf)> { for dir in base_dir.ancestors() { let dot_git = dir.join(".git"); - if fs.get_metadata(&dot_git, /*sandbox*/ None).await.is_ok() { + let dot_git_uri = PathUri::from_abs_path(&dot_git).ok()?; + if fs + .get_metadata(&dot_git_uri, /*sandbox*/ None) + .await + .is_ok() + { return Some((dir, dot_git)); } } @@ -849,6 +915,8 @@ pub async fn current_branch_name(cwd: &Path) -> Option { mod tests { use super::*; use pretty_assertions::assert_eq; + #[cfg(unix)] + use std::os::unix::fs::PermissionsExt; #[test] fn canonicalize_git_remote_url_normalizes_github_variants() { @@ -886,4 +954,146 @@ mod tests { assert_eq!(canonicalize_git_remote_url(remote), None); } } + + #[cfg(unix)] + #[tokio::test] + async fn fsmonitor_override_rejects_configured_helper() { + let temp_dir = tempfile::tempdir().expect("create temp dir"); + let git = temp_dir.path().join("git"); + let log = temp_dir.path().join("git.log"); + std::fs::write( + &git, + "#!/bin/sh\n\ + printf '%s\\n' \"$*\" >>\"$0.log\"\n\ + case \"$1\" in\n\ + config) printf '/tmp/fsmonitor-helper\\000' ;;\n\ + *) printf 'worktree output\\n' ;;\n\ + esac\n", + ) + .expect("write fake Git"); + let mut permissions = std::fs::metadata(&git) + .expect("read fake Git metadata") + .permissions(); + permissions.set_mode(0o755); + std::fs::set_permissions(&git, permissions).expect("mark fake Git executable"); + + // The config response mirrors: + // git -c core.fsmonitor=/tmp/fsmonitor-helper \ + // config --null --get core.fsmonitor + let fsmonitor = detect_local_fsmonitor_override(&git, temp_dir.path()).await; + let output = run_git_command_with_timeout_from( + &git, + &["status", "--porcelain"], + temp_dir.path(), + fsmonitor, + ) + .await + .expect("run fake Git"); + + assert_eq!( + (output.status.code(), output.stdout), + (Some(0), b"worktree output\n".to_vec()) + ); + let disabled_hooks = format!("core.hooksPath={DISABLED_HOOKS_PATH}"); + assert_eq!( + std::fs::read_to_string(log) + .expect("read fake Git log") + .lines() + .map(str::to_string) + .collect::>(), + vec![ + "config --null --get core.fsmonitor".to_string(), + "config --null --type=bool --fixed-value --get core.fsmonitor /tmp/fsmonitor-helper" + .to_string(), + format!("-c {disabled_hooks} -c core.fsmonitor=false status --porcelain"), + ] + ); + } + + #[cfg(unix)] + #[tokio::test] + async fn fsmonitor_override_uses_effective_layered_config_value() { + let temp_dir = tempfile::tempdir().expect("create temp dir"); + let repo = temp_dir.path().join("repo"); + std::fs::create_dir(&repo).expect("create repository directory"); + let init_status = std::process::Command::new("git") + .args(["init", "-q"]) + .current_dir(&repo) + .status() + .expect("initialize test repository"); + assert_eq!(init_status.code(), Some(0), "initialize test repository"); + + let git = temp_dir.path().join("git"); + let global_config = temp_dir.path().join("git.global"); + let log = temp_dir.path().join("git.log"); + std::fs::write( + &git, + "#!/bin/sh\n\ + printf '%s\\n' \"$*\" >>\"$0.log\"\n\ + case \"$1\" in\n\ + config)\n\ + GIT_CONFIG_NOSYSTEM=1 GIT_CONFIG_GLOBAL=\"$0.global\" exec git \"$@\"\n\ + ;;\n\ + version) printf 'feature: fsmonitor--daemon\\n' ;;\n\ + *) printf 'worktree output\\n' ;;\n\ + esac\n", + ) + .expect("write layered-config Git"); + let mut permissions = std::fs::metadata(&git) + .expect("read layered-config Git metadata") + .permissions(); + permissions.set_mode(0o755); + std::fs::set_permissions(&git, permissions).expect("mark layered-config Git executable"); + + let global_status = std::process::Command::new("git") + .args([ + "config", + "--file", + global_config.to_str().expect("global config path"), + "core.fsmonitor", + "/tmp/fsmonitor-helper", + ]) + .status() + .expect("write global fsmonitor helper"); + assert_eq!( + global_status.code(), + Some(0), + "write global fsmonitor helper" + ); + let local_status = std::process::Command::new("git") + .args(["config", "core.fsmonitor", "true"]) + .current_dir(&repo) + .status() + .expect("write local built-in fsmonitor config"); + assert_eq!( + local_status.code(), + Some(0), + "write local built-in fsmonitor config" + ); + + let fsmonitor = detect_local_fsmonitor_override(&git, repo.as_path()).await; + let output = run_git_command_with_timeout_from( + &git, + &["status", "--porcelain"], + repo.as_path(), + fsmonitor, + ) + .await + .expect("run Git with layered config"); + assert_eq!( + (output.status.code(), output.stdout), + (Some(0), b"worktree output\n".to_vec()) + ); + + let actual = std::fs::read_to_string(log).expect("read layered-config Git log"); + let disabled_hooks = format!("core.hooksPath={DISABLED_HOOKS_PATH}"); + assert_eq!( + actual.lines().map(str::to_string).collect::>(), + vec![ + "config --null --get core.fsmonitor".to_string(), + "version --build-options".to_string(), + format!("-c {disabled_hooks} -c core.fsmonitor=true status --porcelain"), + ] + ); + } } diff --git a/codex-rs/git-utils/src/lib.rs b/codex-rs/git-utils/src/lib.rs index 986a7434d2c..e04e6044109 100644 --- a/codex-rs/git-utils/src/lib.rs +++ b/codex-rs/git-utils/src/lib.rs @@ -2,6 +2,7 @@ mod apply; mod baseline; mod branch; mod errors; +mod fsmonitor; mod info; mod operations; mod platform; @@ -21,6 +22,9 @@ pub use baseline::reset_git_repository; pub use branch::merge_base_with_head; pub use codex_protocol::protocol::GitSha; pub use errors::GitToolingError; +pub use fsmonitor::FsmonitorOverride; +pub use fsmonitor::FsmonitorProbeRunner; +pub use fsmonitor::detect_fsmonitor_override; pub use info::CommitLogEntry; pub use info::GitDiffToRemote; pub use info::GitInfo; diff --git a/codex-rs/hooks/src/engine/discovery.rs b/codex-rs/hooks/src/engine/discovery.rs index 92d17fbabd0..cab28b64a15 100644 --- a/codex-rs/hooks/src/engine/discovery.rs +++ b/codex-rs/hooks/src/engine/discovery.rs @@ -1,4 +1,5 @@ use std::collections::HashMap; +use std::collections::HashSet; use std::fs; use std::path::Path; @@ -69,6 +70,7 @@ pub(crate) fn discover_handlers( let mut hook_entries = Vec::new(); let mut warnings = plugin_hook_load_warnings; let mut display_order = 0_i64; + let mut visited_json_hook_folders = HashSet::new(); let hook_states = hook_states_from_stack(config_layer_stack); let policy = HookDiscoveryPolicy { allow_managed_hooks_only: config_layer_stack.is_some_and(|config_layer_stack| { @@ -111,7 +113,12 @@ pub(crate) fn discover_handlers( if !policy.allows(&policy_source) { continue; } - let json_hooks = load_hooks_json(layer.hooks_config_folder().as_deref(), &mut warnings); + let json_hooks = match layer.hooks_config_folder() { + Some(config_folder) if visited_json_hook_folders.insert(config_folder.clone()) => { + load_hooks_json(Some(config_folder.as_path()), &mut warnings) + } + _ => None, + }; let toml_hooks = load_toml_hooks_from_layer(layer, &mut warnings); if let (Some((json_source_path, json_events)), Some((toml_source_path, toml_events))) = diff --git a/codex-rs/hooks/src/engine/mod_tests.rs b/codex-rs/hooks/src/engine/mod_tests.rs index 4b7697b34fe..544c67e7ce1 100644 --- a/codex-rs/hooks/src/engine/mod_tests.rs +++ b/codex-rs/hooks/src/engine/mod_tests.rs @@ -1134,6 +1134,153 @@ fn discovers_hooks_from_json_and_toml_in_the_same_layer() { assert_eq!(preview[1].source_path, config_path); } +#[test] +fn profile_user_layers_load_shared_hooks_json_once() { + let temp = tempdir().expect("create temp dir"); + let config_path = + AbsolutePathBuf::try_from(temp.path().join("config.toml")).expect("absolute config path"); + let profile_path = AbsolutePathBuf::try_from(temp.path().join("work.config.toml")) + .expect("absolute profile path"); + let hooks_json_path = + AbsolutePathBuf::try_from(temp.path().join("hooks.json")).expect("absolute hooks path"); + fs::write( + hooks_json_path.as_path(), + r#"{ + "hooks": { + "PreToolUse": [ + { + "matcher": "^Bash$", + "hooks": [ + { + "type": "command", + "command": "python3 /tmp/json-hook.py" + } + ] + } + ] + } + }"#, + ) + .expect("write hooks.json"); + let config_layer_stack = ConfigLayerStack::new( + vec![ + ConfigLayerEntry::new( + ConfigLayerSource::User { + file: config_path, + profile: None, + }, + TomlValue::Table(Default::default()), + ), + ConfigLayerEntry::new( + ConfigLayerSource::User { + file: profile_path, + profile: Some("work".to_string()), + }, + TomlValue::Table(Default::default()), + ), + ], + ConfigRequirements::default(), + ConfigRequirementsToml::default(), + ) + .expect("config layer stack"); + + let engine = ClaudeHooksEngine::new( + /*enabled*/ true, + /*bypass_hook_trust*/ true, + Some(&config_layer_stack), + Vec::new(), + Vec::new(), + CommandShell { + program: String::new(), + args: Vec::new(), + }, + ); + + assert!(engine.warnings().is_empty()); + assert_eq!(engine.handlers.len(), 1); + let preview = engine.preview_pre_tool_use(&PreToolUseRequest { + session_id: ThreadId::new(), + turn_id: "turn-1".to_string(), + subagent: None, + cwd: cwd(), + transcript_path: None, + model: "gpt-test".to_string(), + permission_mode: "default".to_string(), + tool_name: "Bash".to_string(), + matcher_aliases: Vec::new(), + tool_use_id: "tool-1".to_string(), + tool_input: serde_json::json!({ "command": "echo hello" }), + }); + assert_eq!(preview.len(), 1); + assert_eq!(preview[0].source_path, hooks_json_path); + + let listed = crate::list_hooks(crate::HooksConfig { + feature_enabled: true, + bypass_hook_trust: true, + config_layer_stack: Some(config_layer_stack), + ..Default::default() + }); + assert!(listed.warnings.is_empty()); + assert_eq!(listed.hooks.len(), 1); + assert_eq!(listed.hooks[0].source_path, hooks_json_path); +} + +#[test] +fn malformed_hooks_json_is_reported_as_startup_warning() { + let temp = tempdir().expect("create temp dir"); + let config_path = + AbsolutePathBuf::try_from(temp.path().join("config.toml")).expect("absolute config path"); + let hooks_json_path = + AbsolutePathBuf::try_from(temp.path().join("hooks.json")).expect("absolute hooks path"); + fs::write( + hooks_json_path.as_path(), + r#"{ + "SessionStart": [ + { + "hooks": [ + { + "type": "command", + "command": "python3 /tmp/session-start.py" + } + ] + } + ] + }"#, + ) + .expect("write hooks.json"); + let config_layer_stack = ConfigLayerStack::new( + vec![ConfigLayerEntry::new( + ConfigLayerSource::System { file: config_path }, + TomlValue::Table(Default::default()), + )], + ConfigRequirements::default(), + ConfigRequirementsToml::default(), + ) + .expect("config layer stack"); + + let engine = ClaudeHooksEngine::new( + /*enabled*/ true, + /*bypass_hook_trust*/ false, + Some(&config_layer_stack), + Vec::new(), + Vec::new(), + CommandShell { + program: String::new(), + args: Vec::new(), + }, + ); + + assert!(engine.handlers.is_empty()); + assert_eq!(engine.warnings().len(), 1); + assert!(engine.warnings()[0].contains("failed to parse hooks config")); + assert!( + engine.warnings()[0].contains(&hooks_json_path.display().to_string()), + "warning should identify the malformed file: {}", + engine.warnings()[0] + ); + assert!(engine.warnings()[0].contains("unknown field `SessionStart`")); +} + #[tokio::test] async fn plugin_hook_sources_run_with_plugin_env_and_plugin_source() { let temp = tempdir().expect("create temp dir"); diff --git a/codex-rs/linux-sandbox/src/landlock.rs b/codex-rs/linux-sandbox/src/landlock.rs index 3f95224ab61..65ba3ebf175 100644 --- a/codex-rs/linux-sandbox/src/landlock.rs +++ b/codex-rs/linux-sandbox/src/landlock.rs @@ -217,10 +217,11 @@ fn install_network_seccomp_filter_on_current_thread( } NetworkSeccompMode::ProxyRouted => { // In proxy-routed mode we allow IP sockets in the isolated - // namespace (used to reach the local TCP bridge) but deny all - // other socket families, including AF_UNIX. This prevents - // bypassing the routed bridge via new Unix sockets and narrows the - // socket surface in proxy-only mode. + // namespace (used to reach the local TCP bridge) but deny socket() + // for all other families, including AF_UNIX. Only AF_UNIX + // socketpair() remains available for process-local IPC because it + // cannot connect to a socket outside the sandbox or bypass the + // bridge. let deny_non_ip_socket = SeccompRule::new(vec![ SeccompCondition::new( 0, @@ -235,14 +236,14 @@ fn install_network_seccomp_filter_on_current_thread( libc::AF_INET6 as u64, )?, ])?; - let deny_unix_socketpair = SeccompRule::new(vec![SeccompCondition::new( + let deny_non_unix_socketpair = SeccompRule::new(vec![SeccompCondition::new( 0, SeccompCmpArgLen::Dword, - SeccompCmpOp::Eq, + SeccompCmpOp::Ne, libc::AF_UNIX as u64, )?])?; rules.insert(libc::SYS_socket, vec![deny_non_ip_socket]); - rules.insert(libc::SYS_socketpair, vec![deny_unix_socketpair]); + rules.insert(libc::SYS_socketpair, vec![deny_non_unix_socketpair]); } } diff --git a/codex-rs/linux-sandbox/src/proxy_routing.rs b/codex-rs/linux-sandbox/src/proxy_routing.rs index d28b8646660..f171d91745d 100644 --- a/codex-rs/linux-sandbox/src/proxy_routing.rs +++ b/codex-rs/linux-sandbox/src/proxy_routing.rs @@ -14,6 +14,7 @@ use std::net::SocketAddr; use std::net::TcpListener; use std::net::TcpStream; use std::os::fd::FromRawFd; +use std::os::unix::ffi::OsStrExt; use std::os::unix::fs::DirBuilderExt; use std::os::unix::fs::PermissionsExt; use std::os::unix::net::UnixListener; @@ -43,6 +44,8 @@ const PROXY_ENV_KEYS: &[&str] = &[ const PROXY_SOCKET_DIR_PREFIX: &str = "codex-linux-sandbox-proxy-"; const HOST_BRIDGE_READY: u8 = 1; const LOOPBACK_INTERFACE_NAME: &[u8] = b"lo"; +// Linux sockaddr_un.sun_path allows 108 bytes, including the trailing NUL. +const UNIX_SOCKET_PATH_MAX_BYTES: usize = 107; #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)] pub(crate) struct ProxyRouteSpec { @@ -278,8 +281,9 @@ fn rewrite_proxy_env_value(proxy_url: &str, local_port: u16) -> Option { fn create_proxy_socket_dir() -> io::Result { let temp_dir = proxy_socket_parent_dir(); let pid = std::process::id(); + let uid = unsafe { libc::geteuid() }; for attempt in 0..128 { - let candidate = temp_dir.join(format!("{PROXY_SOCKET_DIR_PREFIX}{pid}-{attempt}")); + let candidate = temp_dir.join(format!("{PROXY_SOCKET_DIR_PREFIX}{pid}-{uid}-{attempt}")); // The bridge UDS paths live under a shared temp root, so the per-run // directory should not be traversable by other processes. let mut dir_builder = DirBuilder::new(); @@ -302,11 +306,29 @@ fn create_proxy_socket_dir() -> io::Result { fn proxy_socket_parent_dir() -> PathBuf { if let Some(codex_home) = std::env::var_os("CODEX_HOME") { let candidate = PathBuf::from(codex_home).join("tmp"); - if ensure_private_proxy_socket_parent_dir(candidate.as_path()).is_ok() { + if proxy_socket_paths_fit(candidate.as_path()) + && ensure_private_proxy_socket_parent_dir(candidate.as_path()).is_ok() + { return candidate; } } - std::env::temp_dir() + let temp_dir = std::env::temp_dir(); + if proxy_socket_paths_fit(temp_dir.as_path()) { + temp_dir + } else { + PathBuf::from("/tmp") + } +} + +fn proxy_socket_paths_fit(parent: &Path) -> bool { + let socket_path = parent + .join(format!( + "{PROXY_SOCKET_DIR_PREFIX}{}-{}-127", + u32::MAX, + libc::uid_t::MAX + )) + .join(format!("proxy-route-{}.sock", usize::MAX)); + socket_path.as_os_str().as_bytes().len() <= UNIX_SOCKET_PATH_MAX_BYTES } fn ensure_private_proxy_socket_parent_dir(path: &Path) -> io::Result<()> { @@ -661,6 +683,7 @@ mod tests { use super::parse_loopback_proxy_endpoint; use super::parse_proxy_socket_dir_owner_pid; use super::plan_proxy_routes; + use super::proxy_socket_paths_fit; use super::rewrite_proxy_env_value; use pretty_assertions::assert_eq; use std::collections::HashMap; @@ -735,6 +758,18 @@ mod tests { assert_eq!(default_proxy_port("socks5h"), 1080); } + #[test] + fn proxy_socket_paths_enforce_linux_path_limit() { + assert_eq!( + proxy_socket_paths_fit(PathBuf::from("/tmp").as_path()), + true + ); + assert_eq!( + proxy_socket_paths_fit(PathBuf::from(format!("/tmp/{}", "a".repeat(96))).as_path()), + false + ); + } + #[test] fn cleanup_proxy_socket_dir_removes_bridge_artifacts() { let root = tempfile::tempdir().expect("tempdir should create"); @@ -770,6 +805,10 @@ mod tests { parse_proxy_socket_dir_owner_pid("codex-linux-sandbox-proxy-1234-0"), Some(1234) ); + assert_eq!( + parse_proxy_socket_dir_owner_pid("codex-linux-sandbox-proxy-1234-1000-0"), + Some(1234) + ); assert_eq!( parse_proxy_socket_dir_owner_pid("codex-linux-sandbox-proxy-x"), None diff --git a/codex-rs/linux-sandbox/tests/suite/managed_proxy.rs b/codex-rs/linux-sandbox/tests/suite/managed_proxy.rs index d1aa6856c41..71ed9715062 100644 --- a/codex-rs/linux-sandbox/tests/suite/managed_proxy.rs +++ b/codex-rs/linux-sandbox/tests/suite/managed_proxy.rs @@ -266,7 +266,7 @@ async fn managed_proxy_mode_routes_through_bridge_and_blocks_direct_egress() { } #[tokio::test] -async fn managed_proxy_mode_denies_af_unix_creation_for_user_command() { +async fn managed_proxy_mode_denies_af_unix_socket_but_allows_socketpair() { if let Some(skip_reason) = managed_proxy_skip_reason().await { eprintln!("skipping managed proxy test: {skip_reason}"); return; @@ -292,7 +292,7 @@ async fn managed_proxy_mode_denies_af_unix_creation_for_user_command() { &[ "python3", "-c", - "import socket,sys\ntry:\n socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)\nexcept PermissionError:\n sys.exit(0)\nexcept OSError:\n sys.exit(2)\nsys.exit(1)\n", + "import socket,sys\ntry:\n socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)\nexcept PermissionError:\n pass\nexcept OSError:\n sys.exit(2)\nelse:\n sys.exit(1)\nleft,right = socket.socketpair(socket.AF_UNIX, socket.SOCK_STREAM)\nleft.sendall(b'ok')\nif right.recv(2) != b'ok':\n sys.exit(3)\n", ], &PermissionProfile::Disabled, /*allow_network_for_proxy*/ true, @@ -304,7 +304,7 @@ async fn managed_proxy_mode_denies_af_unix_creation_for_user_command() { assert_eq!( output.status.code(), Some(0), - "expected AF_UNIX creation to be denied cleanly for user command; status={:?}; stdout={}; stderr={}", + "expected AF_UNIX socket creation to be denied and socketpair to work; status={:?}; stdout={}; stderr={}", output.status.code(), String::from_utf8_lossy(&output.stdout), String::from_utf8_lossy(&output.stderr) diff --git a/codex-rs/login/Cargo.toml b/codex-rs/login/Cargo.toml index e914fa0c7a9..c6d52953f13 100644 --- a/codex-rs/login/Cargo.toml +++ b/codex-rs/login/Cargo.toml @@ -8,7 +8,6 @@ license.workspace = true workspace = true [dependencies] -async-trait = { workspace = true } base64 = { workspace = true } chrono = { workspace = true, features = ["serde"] } codex-agent-identity = { workspace = true } diff --git a/codex-rs/login/src/auth/access_token.rs b/codex-rs/login/src/auth/access_token.rs new file mode 100644 index 00000000000..5859ab1c252 --- /dev/null +++ b/codex-rs/login/src/auth/access_token.rs @@ -0,0 +1,18 @@ +const PERSONAL_ACCESS_TOKEN_PREFIX: &str = "at-"; + +pub(super) enum CodexAccessToken<'a> { + PersonalAccessToken(&'a str), + AgentIdentityJwt(&'a str), +} + +pub(super) fn classify_codex_access_token(access_token: &str) -> CodexAccessToken<'_> { + if access_token.starts_with(PERSONAL_ACCESS_TOKEN_PREFIX) { + CodexAccessToken::PersonalAccessToken(access_token) + } else { + CodexAccessToken::AgentIdentityJwt(access_token) + } +} + +#[cfg(test)] +#[path = "access_token_tests.rs"] +mod tests; diff --git a/codex-rs/login/src/auth/access_token_tests.rs b/codex-rs/login/src/auth/access_token_tests.rs new file mode 100644 index 00000000000..d734d149d5e --- /dev/null +++ b/codex-rs/login/src/auth/access_token_tests.rs @@ -0,0 +1,13 @@ +use super::*; + +#[test] +fn classifies_personal_access_tokens_by_prefix() { + assert!(matches!( + classify_codex_access_token("at-example"), + CodexAccessToken::PersonalAccessToken("at-example") + )); + assert!(matches!( + classify_codex_access_token("header.payload.signature"), + CodexAccessToken::AgentIdentityJwt("header.payload.signature") + )); +} diff --git a/codex-rs/login/src/auth/auth_tests.rs b/codex-rs/login/src/auth/auth_tests.rs index 63ab3e0c424..4831d017137 100644 --- a/codex-rs/login/src/auth/auth_tests.rs +++ b/codex-rs/login/src/auth/auth_tests.rs @@ -19,6 +19,7 @@ use tempfile::tempdir; use wiremock::Mock; use wiremock::MockServer; use wiremock::ResponseTemplate; +use wiremock::matchers::header; use wiremock::matchers::method; use wiremock::matchers::path; @@ -107,6 +108,7 @@ async fn login_with_access_token_writes_only_token() { dir.path(), &agent_identity, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, Some(&chatgpt_base_url), ) .await @@ -126,6 +128,124 @@ async fn login_with_access_token_writes_only_token() { server.verify().await; } +#[tokio::test] +#[serial(codex_auth_env)] +async fn login_with_access_token_writes_only_personal_access_token() { + let dir = tempdir().unwrap(); + let auth_path = dir.path().join("auth.json"); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .and(header("authorization", "Bearer at-login-test")) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_ALLOWED)), + ) + .expect(1) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + let allowed_workspaces = [WORKSPACE_ID_ALLOWED.to_string()]; + super::login_with_access_token( + dir.path(), + "at-login-test", + AuthCredentialsStoreMode::File, + Some(&allowed_workspaces), + /*chatgpt_base_url*/ None, + ) + .await + .expect("personal access token login should succeed"); + + let storage = FileAuthStorage::new(dir.path().to_path_buf()); + let auth = storage + .try_read_auth_json(&auth_path) + .expect("auth.json should parse"); + assert_eq!( + auth, + AuthDotJson { + auth_mode: None, + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: Some("at-login-test".to_string()), + bedrock_api_key: None, + } + ); + assert_eq!(auth.resolved_mode(), AuthMode::PersonalAccessToken); + let persisted: serde_json::Value = + serde_json::from_str(&std::fs::read_to_string(auth_path).unwrap()).unwrap(); + assert!(persisted.get("auth_mode").is_none()); + server.verify().await; +} + +#[tokio::test] +#[serial(codex_auth_env)] +async fn login_with_access_token_rejects_personal_access_token_workspace_mismatch() { + let dir = tempdir().unwrap(); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .and(header("authorization", "Bearer at-workspace-mismatch")) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_DISALLOWED)), + ) + .expect(1) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + let allowed_workspaces = [WORKSPACE_ID_ALLOWED.to_string()]; + + let err = super::login_with_access_token( + dir.path(), + "at-workspace-mismatch", + AuthCredentialsStoreMode::File, + Some(&allowed_workspaces), + /*chatgpt_base_url*/ None, + ) + .await + .expect_err("personal access token workspace mismatch should fail"); + + assert_eq!(err.kind(), std::io::ErrorKind::PermissionDenied); + assert!( + !get_auth_file(dir.path()).exists(), + "workspace mismatch should not write auth.json" + ); + server.verify().await; +} + +#[tokio::test] +#[serial(codex_auth_env)] +async fn login_with_access_token_rejects_invalid_personal_access_token() { + let dir = tempdir().unwrap(); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .respond_with(ResponseTemplate::new(403)) + .expect(1) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + + let err = super::login_with_access_token( + dir.path(), + "at-invalid-login", + AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, + /*chatgpt_base_url*/ None, + ) + .await + .expect_err("invalid personal access token should fail"); + + assert_eq!(err.kind(), std::io::ErrorKind::Other); + assert!( + !get_auth_file(dir.path()).exists(), + "invalid personal access token should not write auth.json" + ); + server.verify().await; +} + #[tokio::test] async fn login_with_access_token_rejects_invalid_jwt() { let dir = tempdir().unwrap(); @@ -134,6 +254,7 @@ async fn login_with_access_token_rejects_invalid_jwt() { dir.path(), "not-a-jwt", AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -164,6 +285,7 @@ async fn login_with_access_token_rejects_unsigned_jwt() { dir.path(), &agent_identity, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, Some(&chatgpt_base_url), ) .await @@ -210,6 +332,7 @@ async fn pro_account_with_no_api_key_uses_chatgpt_auth() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -245,6 +368,8 @@ async fn pro_account_with_no_api_key_uses_chatgpt_auth() { }), last_refresh: Some(last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }, auth_dot_json ); @@ -266,6 +391,7 @@ async fn loads_api_key_from_auth_json() { dir.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -286,6 +412,8 @@ fn logout_removes_auth_file() -> Result<(), std::io::Error> { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; super::save_auth(dir.path(), &auth_dot_json, AuthCredentialsStoreMode::File)?; let auth_file = get_auth_file(dir.path()); @@ -343,6 +471,7 @@ async fn refresh_failure_is_scoped_to_the_matching_auth_snapshot() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -744,6 +873,7 @@ async fn load_auth_reads_access_token_from_env() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, Some(&chatgpt_base_url), ) .await @@ -762,6 +892,182 @@ async fn load_auth_reads_access_token_from_env() { server.verify().await; } +#[tokio::test] +#[serial(codex_auth_env)] +async fn load_auth_reads_personal_access_token_from_env() { + let codex_home = tempdir().unwrap(); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .and(header("authorization", "Bearer at-env-test")) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_ALLOWED)), + ) + .expect(2) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + let _access_token_guard = EnvVarGuard::set(CODEX_ACCESS_TOKEN_ENV_VAR, "at-env-test"); + + for auth_credentials_store_mode in [ + AuthCredentialsStoreMode::File, + AuthCredentialsStoreMode::Ephemeral, + ] { + let auth = super::load_auth( + codex_home.path(), + /*enable_codex_api_key_env*/ false, + auth_credentials_store_mode, + /*forced_chatgpt_workspace_id*/ None, + /*chatgpt_base_url*/ None, + ) + .await + .expect("env auth should load") + .expect("env auth should be present"); + + assert_eq!(auth.api_auth_mode(), AuthMode::PersonalAccessToken); + assert_eq!( + auth.get_token() + .expect("personal access token should be exposed"), + "at-env-test" + ); + assert_eq!(auth.get_account_id().as_deref(), Some(WORKSPACE_ID_ALLOWED)); + assert_eq!(auth.get_chatgpt_user_id().as_deref(), Some("user-123")); + assert_eq!( + auth.get_account_email().as_deref(), + Some("user@example.com") + ); + assert_eq!(auth.account_plan_type(), Some(AccountPlanType::Business)); + assert!(auth.is_fedramp_account()); + } + assert!( + !get_auth_file(codex_home.path()).exists(), + "env auth should not write auth.json" + ); + server.verify().await; +} + +#[tokio::test] +#[serial(codex_auth_env)] +async fn auth_manager_rejects_env_personal_access_token_workspace_mismatch() { + let codex_home = tempdir().unwrap(); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .and(header("authorization", "Bearer at-env-workspace-mismatch")) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_DISALLOWED)), + ) + .expect(1) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + let _access_token_guard = + EnvVarGuard::set(CODEX_ACCESS_TOKEN_ENV_VAR, "at-env-workspace-mismatch"); + + let manager = AuthManager::new_with_workspace_restriction( + codex_home.path().to_path_buf(), + /*enable_codex_api_key_env*/ false, + AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ + Some(vec![WORKSPACE_ID_ALLOWED.to_string()]), + /*chatgpt_base_url*/ None, + ) + .await; + + assert_eq!(manager.auth().await, None); + server.verify().await; +} + +#[tokio::test] +#[serial(codex_auth_env)] +async fn auth_manager_rejects_stored_personal_access_token_workspace_mismatch() { + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .and(header( + "authorization", + "Bearer at-stored-workspace-mismatch", + )) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_DISALLOWED)), + ) + .expect(4) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + let _access_token_guard = remove_access_token_env_var(); + + for auth_credentials_store_mode in [ + AuthCredentialsStoreMode::File, + AuthCredentialsStoreMode::Ephemeral, + ] { + let codex_home = tempdir().unwrap(); + super::login_with_access_token( + codex_home.path(), + "at-stored-workspace-mismatch", + auth_credentials_store_mode, + /*forced_chatgpt_workspace_id*/ None, + /*chatgpt_base_url*/ None, + ) + .await + .expect("personal access token login should succeed"); + + let manager = AuthManager::new_with_workspace_restriction( + codex_home.path().to_path_buf(), + /*enable_codex_api_key_env*/ false, + auth_credentials_store_mode, + /*forced_chatgpt_workspace_id*/ + Some(vec![WORKSPACE_ID_ALLOWED.to_string()]), + /*chatgpt_base_url*/ None, + ) + .await; + + assert_eq!(manager.auth().await, None); + } + server.verify().await; +} + +#[tokio::test] +#[serial(codex_auth_env)] +async fn personal_access_token_does_not_offer_unauthorized_recovery() { + let codex_home = tempdir().unwrap(); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_ALLOWED)), + ) + .expect(1) + .mount(&server) + .await; + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + let _access_token_guard = + EnvVarGuard::set(CODEX_ACCESS_TOKEN_ENV_VAR, "at-no-unauthorized-recovery"); + let manager = Arc::new( + AuthManager::new( + codex_home.path().to_path_buf(), + /*enable_codex_api_key_env*/ false, + AuthCredentialsStoreMode::File, + /*chatgpt_base_url*/ None, + ) + .await, + ); + + let recovery = manager.unauthorized_recovery(); + + assert!(!recovery.has_next()); + assert_eq!(recovery.unavailable_reason(), "not_refreshable_auth"); + manager + .refresh_token_from_authority() + .await + .expect("personal access tokens do not use OAuth refresh"); + server.verify().await; +} + #[tokio::test] #[serial(codex_auth_env)] async fn load_auth_keeps_codex_api_key_env_precedence() { @@ -775,6 +1081,7 @@ async fn load_auth_keeps_codex_api_key_env_precedence() { codex_home.path(), /*enable_codex_api_key_env*/ true, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -844,6 +1151,53 @@ async fn enforce_login_restrictions_logs_out_for_workspace_mismatch() { ); } +#[tokio::test] +#[serial(codex_auth_env)] +async fn enforce_login_restrictions_logs_out_for_personal_access_token_workspace_mismatch() { + let codex_home = tempdir().unwrap(); + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/v1/user-auth-credential/whoami")) + .respond_with( + ResponseTemplate::new(200) + .set_body_json(personal_access_token_whoami(WORKSPACE_ID_DISALLOWED)), + ) + .expect(2) + .mount(&server) + .await; + let _access_token_guard = remove_access_token_env_var(); + let _authapi_guard = EnvVarGuard::set("CODEX_AUTHAPI_BASE_URL", &server.uri()); + super::login_with_access_token( + codex_home.path(), + "at-workspace-mismatch", + AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, + /*chatgpt_base_url*/ None, + ) + .await + .expect("personal access token login should succeed"); + + let config = AuthConfig { + codex_home: codex_home.path().to_path_buf(), + auth_credentials_store_mode: AuthCredentialsStoreMode::File, + forced_login_method: None, + forced_chatgpt_workspace_id: Some(vec![WORKSPACE_ID_ALLOWED.to_string()]), + chatgpt_base_url: None, + }; + + let err = super::enforce_login_restrictions(&config) + .await + .expect_err("expected workspace mismatch to error"); + assert!(err.to_string().contains(&format!( + "current credentials belong to {WORKSPACE_ID_DISALLOWED}" + ))); + assert!( + !codex_home.path().join("auth.json").exists(), + "auth.json should be removed on mismatch" + ); + server.verify().await; +} + #[tokio::test] #[serial(codex_auth_env)] async fn enforce_login_restrictions_allows_matching_workspace() { @@ -938,6 +1292,8 @@ async fn enforce_login_restrictions_logs_out_for_agent_identity_workspace_mismat tokens: None, last_refresh: None, agent_identity: Some(agent_identity), + personal_access_token: None, + bedrock_api_key: None, }, AuthCredentialsStoreMode::File, ) @@ -1091,6 +1447,16 @@ fn test_jwks_body() -> serde_json::Value { }) } +fn personal_access_token_whoami(account_id: &str) -> serde_json::Value { + json!({ + "email": "user@example.com", + "chatgpt_user_id": "user-123", + "chatgpt_account_id": account_id, + "chatgpt_plan_type": "business", + "chatgpt_account_is_fedramp": true, + }) +} + const TEST_AGENT_IDENTITY_RSA_PRIVATE_KEY_PEM: &[u8] = br#"-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDWpAXYypOsYAwO bvBduMk/mxaoYDze0AZSzaSzLuIlcsl2EKDgC3AabhIWXh/qTGEJLOU3VB1e5mO9 @@ -1183,6 +1549,7 @@ async fn plan_type_maps_known_plan() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -1211,6 +1578,7 @@ async fn plan_type_maps_self_serve_business_usage_based_plan() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -1242,6 +1610,7 @@ async fn plan_type_maps_enterprise_cbp_usage_based_plan() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -1273,6 +1642,7 @@ async fn plan_type_maps_unknown_to_unknown() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await @@ -1301,6 +1671,7 @@ async fn missing_plan_type_maps_to_unknown() { codex_home.path(), /*enable_codex_api_key_env*/ false, AuthCredentialsStoreMode::File, + /*forced_chatgpt_workspace_id*/ None, /*chatgpt_base_url*/ None, ) .await diff --git a/codex-rs/login/src/auth/bedrock_api_key.rs b/codex-rs/login/src/auth/bedrock_api_key.rs new file mode 100644 index 00000000000..803b7a01ec7 --- /dev/null +++ b/codex-rs/login/src/auth/bedrock_api_key.rs @@ -0,0 +1,42 @@ +use std::path::Path; + +use codex_config::types::AuthCredentialsStoreMode; +use serde::Deserialize; +use serde::Serialize; + +use super::manager::save_auth; +use super::storage::AuthDotJson; +use codex_app_server_protocol::AuthMode; + +/// Managed Amazon Bedrock API key persisted in `auth.json`. +#[derive(Deserialize, Serialize, Clone, Debug, PartialEq, Eq)] +pub struct BedrockApiKeyAuth { + pub api_key: String, + pub region: String, +} + +/// Writes an `auth.json` that contains only the Amazon Bedrock API key auth. +pub fn login_with_bedrock_api_key( + codex_home: &Path, + api_key: &str, + region: &str, + auth_credentials_store_mode: AuthCredentialsStoreMode, +) -> std::io::Result<()> { + let auth_dot_json = AuthDotJson { + auth_mode: Some(AuthMode::BedrockApiKey), + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: None, + bedrock_api_key: Some(BedrockApiKeyAuth { + api_key: api_key.to_string(), + region: region.to_string(), + }), + }; + save_auth(codex_home, &auth_dot_json, auth_credentials_store_mode) +} + +#[cfg(test)] +#[path = "bedrock_api_key_tests.rs"] +mod tests; diff --git a/codex-rs/login/src/auth/bedrock_api_key_tests.rs b/codex-rs/login/src/auth/bedrock_api_key_tests.rs new file mode 100644 index 00000000000..372baadec7b --- /dev/null +++ b/codex-rs/login/src/auth/bedrock_api_key_tests.rs @@ -0,0 +1,162 @@ +use codex_app_server_protocol::AuthMode; +use codex_config::types::AuthCredentialsStoreMode; +use pretty_assertions::assert_eq; +use tempfile::tempdir; + +use super::*; +use crate::auth::AuthManager; +use crate::auth::CodexAuth; +use crate::auth::storage::AuthStorageBackend; +use crate::auth::storage::FileAuthStorage; + +fn api_key_auth() -> AuthDotJson { + AuthDotJson { + auth_mode: Some(AuthMode::ApiKey), + openai_api_key: Some("sk-test-key".to_string()), + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, + } +} + +fn bedrock_only_auth() -> AuthDotJson { + AuthDotJson { + auth_mode: None, + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: None, + bedrock_api_key: Some(bedrock_auth()), + } +} + +fn bedrock_auth() -> BedrockApiKeyAuth { + BedrockApiKeyAuth { + api_key: "bedrock-api-key-test".to_string(), + region: "us-east-1".to_string(), + } +} + +#[tokio::test] +async fn login_with_bedrock_api_key_replaces_openai_auth() -> anyhow::Result<()> { + let codex_home = tempdir()?; + let storage = FileAuthStorage::new(codex_home.path().to_path_buf()); + storage.save(&api_key_auth())?; + login_with_bedrock_api_key( + codex_home.path(), + "bedrock-api-key-test", + "us-east-1", + AuthCredentialsStoreMode::File, + )?; + + let auth_manager = AuthManager::new( + codex_home.path().to_path_buf(), + /*enable_codex_api_key_env*/ false, + AuthCredentialsStoreMode::File, + /*chatgpt_base_url*/ None, + ) + .await; + + let loaded = storage.load()?.expect("auth should be stored"); + let expected = AuthDotJson { + auth_mode: Some(AuthMode::BedrockApiKey), + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: None, + bedrock_api_key: Some(bedrock_auth()), + }; + assert_eq!(loaded, expected); + assert_eq!(auth_manager.auth_mode(), Some(AuthMode::BedrockApiKey)); + assert_eq!( + auth_manager.auth_cached().and_then(|auth| match auth { + CodexAuth::BedrockApiKey(auth) => Some(auth), + CodexAuth::ApiKey(_) + | CodexAuth::Chatgpt(_) + | CodexAuth::ChatgptAuthTokens(_) + | CodexAuth::AgentIdentity(_) + | CodexAuth::PersonalAccessToken(_) => None, + }), + Some(bedrock_auth()) + ); + Ok(()) +} + +#[tokio::test] +async fn logout_removes_bedrock_auth() -> anyhow::Result<()> { + let codex_home = tempdir()?; + let storage = FileAuthStorage::new(codex_home.path().to_path_buf()); + login_with_bedrock_api_key( + codex_home.path(), + "bedrock-api-key-test", + "us-east-1", + AuthCredentialsStoreMode::File, + )?; + let auth_manager = AuthManager::new( + codex_home.path().to_path_buf(), + /*enable_codex_api_key_env*/ false, + AuthCredentialsStoreMode::File, + /*chatgpt_base_url*/ None, + ) + .await; + + assert!(auth_manager.logout().await?); + + assert_eq!(storage.load()?, None); + assert_eq!(auth_manager.auth_cached(), None); + Ok(()) +} + +#[tokio::test] +async fn bedrock_only_auth_storage_creates_primary_auth() -> anyhow::Result<()> { + let codex_home = tempdir()?; + let storage = FileAuthStorage::new(codex_home.path().to_path_buf()); + storage.save(&bedrock_only_auth())?; + + let auth_manager = AuthManager::new( + codex_home.path().to_path_buf(), + /*enable_codex_api_key_env*/ false, + AuthCredentialsStoreMode::File, + /*chatgpt_base_url*/ None, + ) + .await; + + assert_eq!(auth_manager.auth_mode(), Some(AuthMode::BedrockApiKey)); + assert_eq!( + auth_manager.auth_cached().and_then(|auth| match auth { + CodexAuth::BedrockApiKey(auth) => Some(auth), + CodexAuth::ApiKey(_) + | CodexAuth::Chatgpt(_) + | CodexAuth::ChatgptAuthTokens(_) + | CodexAuth::AgentIdentity(_) + | CodexAuth::PersonalAccessToken(_) => None, + }), + Some(bedrock_auth()) + ); + Ok(()) +} + +#[tokio::test] +async fn login_with_api_key_clears_bedrock_api_key() -> anyhow::Result<()> { + let codex_home = tempdir()?; + let storage = FileAuthStorage::new(codex_home.path().to_path_buf()); + login_with_bedrock_api_key( + codex_home.path(), + "bedrock-api-key-test", + "us-east-1", + AuthCredentialsStoreMode::File, + )?; + + crate::auth::login_with_api_key( + codex_home.path(), + "sk-test-key", + AuthCredentialsStoreMode::File, + )?; + + assert_eq!(storage.load()?, Some(api_key_auth())); + Ok(()) +} diff --git a/codex-rs/login/src/auth/external_bearer.rs b/codex-rs/login/src/auth/external_bearer.rs index c5285960142..e40c3326401 100644 --- a/codex-rs/login/src/auth/external_bearer.rs +++ b/codex-rs/login/src/auth/external_bearer.rs @@ -1,7 +1,7 @@ use super::manager::ExternalAuth; +use super::manager::ExternalAuthFuture; use super::manager::ExternalAuthRefreshContext; use super::manager::ExternalAuthTokens; -use async_trait::async_trait; use codex_app_server_protocol::AuthMode; use codex_protocol::config_types::ModelProviderAuthInfo; use std::fmt; @@ -25,13 +25,6 @@ impl BearerTokenRefresher { state: Arc::new(ExternalBearerAuthState::new(config)), } } -} - -#[async_trait] -impl ExternalAuth for BearerTokenRefresher { - fn auth_mode(&self) -> AuthMode { - AuthMode::ApiKey - } #[expect( clippy::await_holding_invalid_type, @@ -76,6 +69,23 @@ impl ExternalAuth for BearerTokenRefresher { } } +impl ExternalAuth for BearerTokenRefresher { + fn auth_mode(&self) -> AuthMode { + AuthMode::ApiKey + } + + fn resolve(&self) -> ExternalAuthFuture<'_, Option> { + Box::pin(BearerTokenRefresher::resolve(self)) + } + + fn refresh( + &self, + context: ExternalAuthRefreshContext, + ) -> ExternalAuthFuture<'_, ExternalAuthTokens> { + Box::pin(BearerTokenRefresher::refresh(self, context)) + } +} + impl fmt::Debug for BearerTokenRefresher { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { f.debug_struct("BearerTokenRefresher") diff --git a/codex-rs/login/src/auth/manager.rs b/codex-rs/login/src/auth/manager.rs index 22e2c9f3b9e..9961f7ef717 100644 --- a/codex-rs/login/src/auth/manager.rs +++ b/codex-rs/login/src/auth/manager.rs @@ -1,4 +1,3 @@ -use async_trait::async_trait; use chrono::Utc; use reqwest::StatusCode; use serde::Deserialize; @@ -7,8 +6,10 @@ use serde::Serialize; use serial_test::serial; use std::env; use std::fmt::Debug; +use std::future::Future; use std::path::Path; use std::path::PathBuf; +use std::pin::Pin; use std::sync::Arc; use std::sync::Mutex; use std::sync::RwLock; @@ -24,9 +25,13 @@ use codex_app_server_protocol::AuthMode as ApiAuthMode; use codex_protocol::config_types::ForcedLoginMethod; use codex_protocol::config_types::ModelProviderAuthInfo; +use super::access_token::CodexAccessToken; +use super::access_token::classify_codex_access_token; use super::external_bearer::BearerTokenRefresher; use super::revoke::revoke_auth_tokens; pub use crate::auth::agent_identity::AgentIdentityAuth; +pub use crate::auth::bedrock_api_key::BedrockApiKeyAuth; +pub use crate::auth::personal_access_token::PersonalAccessTokenAuth; pub use crate::auth::storage::AgentIdentityAuthRecord; pub use crate::auth::storage::AuthDotJson; use crate::auth::storage::AuthStorageBackend; @@ -53,11 +58,17 @@ pub enum CodexAuth { Chatgpt(ChatgptAuth), ChatgptAuthTokens(ChatgptAuthTokens), AgentIdentity(AgentIdentityAuth), + PersonalAccessToken(PersonalAccessTokenAuth), + BedrockApiKey(BedrockApiKeyAuth), } impl PartialEq for CodexAuth { fn eq(&self, other: &Self) -> bool { - self.api_auth_mode() == other.api_auth_mode() + match (self, other) { + (Self::PersonalAccessToken(a), Self::PersonalAccessToken(b)) => a == b, + (Self::BedrockApiKey(a), Self::BedrockApiKey(b)) => a == b, + _ => self.api_auth_mode() == other.api_auth_mode(), + } } } @@ -157,7 +168,6 @@ pub struct ExternalAuthRefreshContext { pub previous_account_id: Option, } -#[async_trait] /// Pluggable auth provider used by `AuthManager` for externally managed auth flows. /// /// Implementations may either resolve auth eagerly via `resolve()` or provide refreshed @@ -168,17 +178,19 @@ pub trait ExternalAuth: Send + Sync { /// Returns cached or immediately available auth, if this provider can resolve it synchronously /// from the caller's perspective. - async fn resolve(&self) -> std::io::Result> { - Ok(None) + fn resolve(&self) -> ExternalAuthFuture<'_, Option> { + Box::pin(async { Ok(None) }) } /// Refreshes auth in response to a manager-driven refresh attempt. - async fn refresh( + fn refresh( &self, context: ExternalAuthRefreshContext, - ) -> std::io::Result; + ) -> ExternalAuthFuture<'_, ExternalAuthTokens>; } +pub type ExternalAuthFuture<'a, T> = Pin> + Send + 'a>>; + impl RefreshTokenError { pub fn failed_reason(&self) -> Option { match self { @@ -220,6 +232,22 @@ impl CodexAuth { }; return Self::from_agent_identity_jwt(&agent_identity, chatgpt_base_url).await; } + if auth_mode == ApiAuthMode::PersonalAccessToken { + let Some(personal_access_token) = auth_dot_json.personal_access_token.as_deref() else { + return Err(std::io::Error::other( + "personal access token auth is missing a personal access token.", + )); + }; + return Self::from_personal_access_token(personal_access_token).await; + } + if auth_mode == ApiAuthMode::BedrockApiKey { + let Some(auth) = auth_dot_json.bedrock_api_key else { + return Err(std::io::Error::other( + "Bedrock API key auth is missing a Bedrock API key.", + )); + }; + return Ok(Self::BedrockApiKey(auth)); + } let storage_mode = auth_dot_json.storage_mode(auth_credentials_store_mode); let state = ChatgptAuthState { @@ -237,6 +265,10 @@ impl CodexAuth { } ApiAuthMode::ApiKey => unreachable!("api key mode is handled above"), ApiAuthMode::AgentIdentity => unreachable!("agent identity mode is handled above"), + ApiAuthMode::PersonalAccessToken => { + unreachable!("personal access token mode is handled above") + } + ApiAuthMode::BedrockApiKey => unreachable!("bedrock api key mode is handled above"), } } @@ -249,6 +281,7 @@ impl CodexAuth { codex_home, /*enable_codex_api_key_env*/ false, auth_credentials_store_mode, + /*forced_chatgpt_workspace_id*/ None, chatgpt_base_url, ) .await @@ -266,11 +299,19 @@ impl CodexAuth { Ok(Self::AgentIdentity(AgentIdentityAuth::load(record).await?)) } + pub async fn from_personal_access_token(access_token: &str) -> std::io::Result { + Ok(Self::PersonalAccessToken( + PersonalAccessTokenAuth::load(access_token).await?, + )) + } + pub fn auth_mode(&self) -> AuthMode { match self { Self::ApiKey(_) => AuthMode::ApiKey, Self::Chatgpt(_) | Self::ChatgptAuthTokens(_) => AuthMode::Chatgpt, Self::AgentIdentity(_) => AuthMode::AgentIdentity, + Self::PersonalAccessToken(_) => AuthMode::PersonalAccessToken, + Self::BedrockApiKey(_) => AuthMode::BedrockApiKey, } } @@ -280,6 +321,8 @@ impl CodexAuth { Self::Chatgpt(_) => ApiAuthMode::Chatgpt, Self::ChatgptAuthTokens(_) => ApiAuthMode::ChatgptAuthTokens, Self::AgentIdentity(_) => ApiAuthMode::AgentIdentity, + Self::PersonalAccessToken(_) => ApiAuthMode::PersonalAccessToken, + Self::BedrockApiKey(_) => ApiAuthMode::BedrockApiKey, } } @@ -287,14 +330,21 @@ impl CodexAuth { self.auth_mode() == AuthMode::ApiKey } + pub fn is_personal_access_token_auth(&self) -> bool { + self.auth_mode() == AuthMode::PersonalAccessToken + } + pub fn is_chatgpt_auth(&self) -> bool { - matches!(self, Self::Chatgpt(_) | Self::ChatgptAuthTokens(_)) + self.api_auth_mode().has_chatgpt_account() } pub fn uses_codex_backend(&self) -> bool { matches!( self, - Self::Chatgpt(_) | Self::ChatgptAuthTokens(_) | Self::AgentIdentity(_) + Self::Chatgpt(_) + | Self::ChatgptAuthTokens(_) + | Self::AgentIdentity(_) + | Self::PersonalAccessToken(_) ) } @@ -302,11 +352,19 @@ impl CodexAuth { matches!(self, Self::ChatgptAuthTokens(_)) } + fn supports_unauthorized_recovery(&self) -> bool { + matches!(self, Self::Chatgpt(_) | Self::ChatgptAuthTokens(_)) + } + /// Returns `None` if `auth_mode() != AuthMode::ApiKey`. pub fn api_key(&self) -> Option<&str> { match self { Self::ApiKey(auth) => Some(auth.api_key.as_str()), - Self::Chatgpt(_) | Self::ChatgptAuthTokens(_) | Self::AgentIdentity(_) => None, + Self::Chatgpt(_) + | Self::ChatgptAuthTokens(_) + | Self::AgentIdentity(_) + | Self::PersonalAccessToken(_) + | Self::BedrockApiKey(_) => None, } } @@ -334,6 +392,10 @@ impl CodexAuth { Self::AgentIdentity(_) => Err(std::io::Error::other( "agent identity auth does not expose a bearer token", )), + Self::PersonalAccessToken(auth) => Ok(auth.access_token().to_string()), + Self::BedrockApiKey(_) => Err(std::io::Error::other( + "Bedrock API key auth does not expose a Codex bearer token", + )), } } @@ -341,6 +403,7 @@ impl CodexAuth { pub fn get_account_id(&self) -> Option { match self { Self::AgentIdentity(auth) => Some(auth.account_id().to_string()), + Self::PersonalAccessToken(auth) => Some(auth.account_id().to_string()), _ => self.get_current_token_data().and_then(|t| t.account_id), } } @@ -349,6 +412,7 @@ impl CodexAuth { pub fn is_fedramp_account(&self) -> bool { match self { Self::AgentIdentity(auth) => auth.is_fedramp_account(), + Self::PersonalAccessToken(auth) => auth.is_fedramp_account(), _ => self .get_current_token_data() .is_some_and(|t| t.id_token.is_fedramp_account()), @@ -359,6 +423,7 @@ impl CodexAuth { pub fn get_account_email(&self) -> Option { match self { Self::AgentIdentity(auth) => Some(auth.email().to_string()), + Self::PersonalAccessToken(auth) => Some(auth.email().to_string()), _ => self.get_current_token_data().and_then(|t| t.id_token.email), } } @@ -367,6 +432,7 @@ impl CodexAuth { pub fn get_chatgpt_user_id(&self) -> Option { match self { Self::AgentIdentity(auth) => Some(auth.chatgpt_user_id().to_string()), + Self::PersonalAccessToken(auth) => Some(auth.chatgpt_user_id().to_string()), _ => self .get_current_token_data() .and_then(|t| t.id_token.chatgpt_user_id), @@ -380,6 +446,9 @@ impl CodexAuth { if let Self::AgentIdentity(auth) = self { return Some(auth.plan_type()); } + if let Self::PersonalAccessToken(auth) = self { + return Some(auth.plan_type()); + } self.get_current_token_data().map(|t| { t.id_token @@ -399,7 +468,10 @@ impl CodexAuth { let state = match self { Self::Chatgpt(auth) => &auth.state, Self::ChatgptAuthTokens(auth) => &auth.state, - Self::ApiKey(_) | Self::AgentIdentity(_) => return None, + Self::ApiKey(_) + | Self::AgentIdentity(_) + | Self::PersonalAccessToken(_) + | Self::BedrockApiKey(_) => return None, }; #[expect(clippy::unwrap_used)] state.auth_dot_json.lock().unwrap().clone() @@ -423,6 +495,8 @@ impl CodexAuth { }), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; let client = create_client(); @@ -539,6 +613,8 @@ pub fn login_with_api_key( tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth(codex_home, &auth_dot_json, auth_credentials_store_mode) } @@ -548,23 +624,53 @@ pub async fn login_with_access_token( codex_home: &Path, access_token: &str, auth_credentials_store_mode: AuthCredentialsStoreMode, + forced_chatgpt_workspace_id: Option<&[String]>, chatgpt_base_url: Option<&str>, ) -> std::io::Result<()> { - let base_url = chatgpt_base_url - .unwrap_or(DEFAULT_CHATGPT_BACKEND_BASE_URL) - .trim_end_matches('/') - .to_string(); - verified_agent_identity_record(access_token, &base_url).await?; - let auth_dot_json = AuthDotJson { - auth_mode: Some(ApiAuthMode::AgentIdentity), - openai_api_key: None, - tokens: None, - last_refresh: None, - agent_identity: Some(access_token.to_string()), + let auth_dot_json = match classify_codex_access_token(access_token) { + CodexAccessToken::PersonalAccessToken(access_token) => { + let auth = PersonalAccessTokenAuth::load(access_token).await?; + ensure_personal_access_token_workspace_allowed(forced_chatgpt_workspace_id, &auth)?; + AuthDotJson { + // Infer PAT auth from the credential field so older Codex builds can still + // deserialize auth.json after a rollback. + auth_mode: None, + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: Some(access_token.to_string()), + bedrock_api_key: None, + } + } + CodexAccessToken::AgentIdentityJwt(jwt) => { + let base_url = chatgpt_base_url + .unwrap_or(DEFAULT_CHATGPT_BACKEND_BASE_URL) + .trim_end_matches('/') + .to_string(); + verified_agent_identity_record(jwt, &base_url).await?; + AuthDotJson { + auth_mode: Some(ApiAuthMode::AgentIdentity), + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: Some(jwt.to_string()), + personal_access_token: None, + bedrock_api_key: None, + } + } }; save_auth(codex_home, &auth_dot_json, auth_credentials_store_mode) } +fn ensure_personal_access_token_workspace_allowed( + expected_workspace_ids: Option<&[String]>, + auth: &PersonalAccessTokenAuth, +) -> std::io::Result<()> { + crate::server::ensure_workspace_account_allowed(expected_workspace_ids, auth.account_id()) + .map_err(|message| std::io::Error::new(std::io::ErrorKind::PermissionDenied, message)) +} + /// Writes an in-memory auth payload for externally managed ChatGPT tokens. pub fn login_with_chatgpt_auth_tokens( codex_home: &Path, @@ -621,6 +727,7 @@ pub async fn enforce_login_restrictions(config: &AuthConfig) -> std::io::Result< &config.codex_home, /*enable_codex_api_key_env*/ true, config.auth_credentials_store_mode, + /*forced_chatgpt_workspace_id*/ None, config.chatgpt_base_url.as_deref(), ) .await? @@ -630,17 +737,21 @@ pub async fn enforce_login_restrictions(config: &AuthConfig) -> std::io::Result< if let Some(required_method) = config.forced_login_method { let method_violation = match (required_method, auth.auth_mode()) { - (ForcedLoginMethod::Api, AuthMode::ApiKey) => None, + (ForcedLoginMethod::Api, AuthMode::ApiKey) + | (ForcedLoginMethod::Api, AuthMode::BedrockApiKey) => None, (ForcedLoginMethod::Chatgpt, AuthMode::Chatgpt) | (ForcedLoginMethod::Chatgpt, AuthMode::ChatgptAuthTokens) - | (ForcedLoginMethod::Chatgpt, AuthMode::AgentIdentity) => None, + | (ForcedLoginMethod::Chatgpt, AuthMode::AgentIdentity) + | (ForcedLoginMethod::Chatgpt, AuthMode::PersonalAccessToken) => None, (ForcedLoginMethod::Api, AuthMode::Chatgpt) | (ForcedLoginMethod::Api, AuthMode::ChatgptAuthTokens) - | (ForcedLoginMethod::Api, AuthMode::AgentIdentity) => Some( + | (ForcedLoginMethod::Api, AuthMode::AgentIdentity) + | (ForcedLoginMethod::Api, AuthMode::PersonalAccessToken) => Some( "API key login is required, but ChatGPT is currently being used. Logging out." .to_string(), ), - (ForcedLoginMethod::Chatgpt, AuthMode::ApiKey) => Some( + (ForcedLoginMethod::Chatgpt, AuthMode::ApiKey) + | (ForcedLoginMethod::Chatgpt, AuthMode::BedrockApiKey) => Some( "ChatGPT login is required, but an API key is currently being used. Logging out." .to_string(), ), @@ -657,8 +768,10 @@ pub async fn enforce_login_restrictions(config: &AuthConfig) -> std::io::Result< if let Some(expected_account_ids) = config.forced_chatgpt_workspace_id.as_deref() { let chatgpt_account_id = match &auth { - CodexAuth::ApiKey(_) => return Ok(()), - CodexAuth::AgentIdentity(_) => auth.get_account_id(), + CodexAuth::ApiKey(_) | CodexAuth::BedrockApiKey(_) => return Ok(()), + CodexAuth::AgentIdentity(_) | CodexAuth::PersonalAccessToken(_) => { + auth.get_account_id() + } CodexAuth::Chatgpt(_) | CodexAuth::ChatgptAuthTokens(_) => { let token_data = match auth.get_token_data() { Ok(data) => data, @@ -734,6 +847,7 @@ async fn load_auth( codex_home: &Path, enable_codex_api_key_env: bool, auth_credentials_store_mode: AuthCredentialsStoreMode, + forced_chatgpt_workspace_id: Option<&[String]>, chatgpt_base_url: Option<&str>, ) -> std::io::Result> { // API key via env var takes precedence over any other auth method. @@ -755,20 +869,32 @@ async fn load_auth( chatgpt_base_url, ) .await?; + if let CodexAuth::PersonalAccessToken(auth) = &auth { + ensure_personal_access_token_workspace_allowed(forced_chatgpt_workspace_id, auth)?; + } return Ok(Some(auth)); } + if let Some(access_token) = read_codex_access_token_from_env() { + return match classify_codex_access_token(&access_token) { + CodexAccessToken::PersonalAccessToken(access_token) => { + let auth = PersonalAccessTokenAuth::load(access_token).await?; + ensure_personal_access_token_workspace_allowed(forced_chatgpt_workspace_id, &auth)?; + Ok(Some(CodexAuth::PersonalAccessToken(auth))) + } + CodexAccessToken::AgentIdentityJwt(jwt) => { + CodexAuth::from_agent_identity_jwt(jwt, chatgpt_base_url) + .await + .map(Some) + } + }; + } + // If the caller explicitly requested ephemeral auth, there is no persisted fallback. if auth_credentials_store_mode == AuthCredentialsStoreMode::Ephemeral { return Ok(None); } - if let Some(agent_identity) = read_codex_access_token_from_env() { - return CodexAuth::from_agent_identity_jwt(&agent_identity, chatgpt_base_url) - .await - .map(Some); - } - // Fall back to the configured persistent store (file/keyring/auto) for managed auth. let storage = create_auth_storage(codex_home.to_path_buf(), auth_credentials_store_mode); let auth_dot_json = match storage.load()? { @@ -783,6 +909,9 @@ async fn load_auth( chatgpt_base_url, ) .await?; + if let CodexAuth::PersonalAccessToken(auth) = &auth { + ensure_personal_access_token_workspace_allowed(forced_chatgpt_workspace_id, auth)?; + } Ok(Some(auth)) } @@ -963,6 +1092,8 @@ impl AuthDotJson { tokens: Some(tokens), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }) } @@ -979,10 +1110,16 @@ impl AuthDotJson { Self::from_external_tokens(&external) } - fn resolved_mode(&self) -> ApiAuthMode { + pub(super) fn resolved_mode(&self) -> ApiAuthMode { if let Some(mode) = self.auth_mode { return mode; } + if self.personal_access_token.is_some() { + return ApiAuthMode::PersonalAccessToken; + } + if self.bedrock_api_key.is_some() { + return ApiAuthMode::BedrockApiKey; + } if self.openai_api_key.is_some() { return ApiAuthMode::ApiKey; } @@ -1126,7 +1263,7 @@ impl UnauthorizedRecovery { .manager .auth_cached() .as_ref() - .is_some_and(CodexAuth::is_chatgpt_auth) + .is_some_and(CodexAuth::supports_unauthorized_recovery) { return false; } @@ -1147,11 +1284,20 @@ impl UnauthorizedRecovery { }; } + if self + .manager + .auth_cached() + .as_ref() + .is_some_and(CodexAuth::is_personal_access_token_auth) + { + return "not_refreshable_auth"; + } + if !self .manager .auth_cached() .as_ref() - .is_some_and(CodexAuth::is_chatgpt_auth) + .is_some_and(CodexAuth::supports_unauthorized_recovery) { return "not_chatgpt_auth"; } @@ -1313,11 +1459,29 @@ impl AuthManager { enable_codex_api_key_env: bool, auth_credentials_store_mode: AuthCredentialsStoreMode, chatgpt_base_url: Option, + ) -> Self { + Self::new_with_workspace_restriction( + codex_home, + enable_codex_api_key_env, + auth_credentials_store_mode, + /*forced_chatgpt_workspace_id*/ None, + chatgpt_base_url, + ) + .await + } + + async fn new_with_workspace_restriction( + codex_home: PathBuf, + enable_codex_api_key_env: bool, + auth_credentials_store_mode: AuthCredentialsStoreMode, + forced_chatgpt_workspace_id: Option>, + chatgpt_base_url: Option, ) -> Self { let managed_auth = load_auth( &codex_home, enable_codex_api_key_env, auth_credentials_store_mode, + forced_chatgpt_workspace_id.as_deref(), chatgpt_base_url.as_deref(), ) .await @@ -1333,7 +1497,7 @@ impl AuthManager { auth_change_tx, enable_codex_api_key_env, auth_credentials_store_mode, - forced_chatgpt_workspace_id: RwLock::new(None), + forced_chatgpt_workspace_id: RwLock::new(forced_chatgpt_workspace_id), chatgpt_base_url, refresh_lock: Semaphore::new(/*permits*/ 1), external_auth: RwLock::new(None), @@ -1497,6 +1661,8 @@ impl AuthManager { } _ => false, }, + (ApiAuthMode::PersonalAccessToken, ApiAuthMode::PersonalAccessToken) => a == b, + (ApiAuthMode::BedrockApiKey, ApiAuthMode::BedrockApiKey) => a == b, _ => false, }, _ => false, @@ -1531,10 +1697,12 @@ impl AuthManager { } async fn load_auth_from_storage(&self) -> Option { + let forced_chatgpt_workspace_id = self.forced_chatgpt_workspace_id(); load_auth( &self.codex_home, self.enable_codex_api_key_env, self.auth_credentials_store_mode, + forced_chatgpt_workspace_id.as_deref(), self.chatgpt_base_url.as_deref(), ) .await @@ -1626,15 +1794,16 @@ impl AuthManager { config: &impl AuthManagerConfig, enable_codex_api_key_env: bool, ) -> Arc { - let auth_manager = Self::shared( - config.codex_home(), - enable_codex_api_key_env, - config.cli_auth_credentials_store_mode(), - Some(config.chatgpt_base_url()), + Arc::new( + Self::new_with_workspace_restriction( + config.codex_home(), + enable_codex_api_key_env, + config.cli_auth_credentials_store_mode(), + config.forced_chatgpt_workspace_id(), + Some(config.chatgpt_base_url()), + ) + .await, ) - .await; - auth_manager.set_forced_chatgpt_workspace_id(config.forced_chatgpt_workspace_id()); - auth_manager } pub fn unauthorized_recovery(self: &Arc) -> UnauthorizedRecovery { @@ -1690,7 +1859,7 @@ impl AuthManager { let auth_before_reload = self.auth_cached(); if auth_before_reload .as_ref() - .is_some_and(CodexAuth::is_api_key_auth) + .is_some_and(|auth| auth.is_api_key_auth() || auth.is_personal_access_token_auth()) { return Ok(()); } @@ -1756,7 +1925,10 @@ impl AuthManager { self.refresh_and_persist_chatgpt_token(&chatgpt_auth, token_data.refresh_token) .await } - CodexAuth::ApiKey(_) | CodexAuth::AgentIdentity(_) => Ok(()), + CodexAuth::ApiKey(_) + | CodexAuth::AgentIdentity(_) + | CodexAuth::PersonalAccessToken(_) + | CodexAuth::BedrockApiKey(_) => Ok(()), }; if let Err(RefreshTokenError::Permanent(error)) = &result { self.record_permanent_refresh_failure_if_unchanged(&attempted_auth, error); @@ -1805,7 +1977,12 @@ impl AuthManager { pub fn current_auth_uses_codex_backend(&self) -> bool { matches!( self.auth_mode(), - Some(AuthMode::Chatgpt | AuthMode::ChatgptAuthTokens | AuthMode::AgentIdentity) + Some( + AuthMode::Chatgpt + | AuthMode::ChatgptAuthTokens + | AuthMode::AgentIdentity + | AuthMode::PersonalAccessToken + ) ) } diff --git a/codex-rs/login/src/auth/mod.rs b/codex-rs/login/src/auth/mod.rs index 167ccd3f75b..2e18d530f7e 100644 --- a/codex-rs/login/src/auth/mod.rs +++ b/codex-rs/login/src/auth/mod.rs @@ -1,6 +1,9 @@ +mod access_token; mod agent_identity; +mod bedrock_api_key; pub mod default_client; pub mod error; +mod personal_access_token; mod storage; mod util; @@ -8,6 +11,8 @@ mod external_bearer; mod manager; mod revoke; +pub use bedrock_api_key::BedrockApiKeyAuth; +pub use bedrock_api_key::login_with_bedrock_api_key; pub use error::RefreshTokenFailedError; pub use error::RefreshTokenFailedReason; pub use manager::*; diff --git a/codex-rs/login/src/auth/personal_access_token.rs b/codex-rs/login/src/auth/personal_access_token.rs new file mode 100644 index 00000000000..b99092f51f1 --- /dev/null +++ b/codex-rs/login/src/auth/personal_access_token.rs @@ -0,0 +1,112 @@ +use codex_client::CodexHttpClient; +use codex_protocol::account::PlanType as AccountPlanType; +use codex_protocol::auth::PlanType as InternalPlanType; +use serde::Deserialize; +use std::env; +use std::fmt; + +use crate::default_client::create_client; + +const PROD_AUTHAPI_BASE_URL: &str = "https://auth.openai.com/api/accounts"; +const CODEX_AUTHAPI_BASE_URL_ENV_VAR: &str = "CODEX_AUTHAPI_BASE_URL"; +const WHOAMI_PATH: &str = "/v1/user-auth-credential/whoami"; + +#[derive(Clone, Debug, Deserialize, PartialEq, Eq)] +struct PersonalAccessTokenMetadata { + email: String, + chatgpt_user_id: String, + chatgpt_account_id: String, + chatgpt_plan_type: String, + chatgpt_account_is_fedramp: bool, +} + +#[derive(Clone, PartialEq, Eq)] +pub struct PersonalAccessTokenAuth { + access_token: String, + metadata: PersonalAccessTokenMetadata, +} + +impl fmt::Debug for PersonalAccessTokenAuth { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.debug_struct("PersonalAccessTokenAuth") + .field("access_token", &"") + .field("metadata", &self.metadata) + .finish() + } +} + +impl PersonalAccessTokenAuth { + pub(super) async fn load(access_token: &str) -> std::io::Result { + let authapi_base_url = env::var(CODEX_AUTHAPI_BASE_URL_ENV_VAR) + .ok() + .map(|base_url| base_url.trim().trim_end_matches('/').to_string()) + .filter(|base_url| !base_url.is_empty()) + .unwrap_or_else(|| PROD_AUTHAPI_BASE_URL.to_string()); + hydrate_personal_access_token(&create_client(), &authapi_base_url, access_token).await + } + + pub fn access_token(&self) -> &str { + &self.access_token + } + + pub fn account_id(&self) -> &str { + &self.metadata.chatgpt_account_id + } + + pub fn chatgpt_user_id(&self) -> &str { + &self.metadata.chatgpt_user_id + } + + pub fn email(&self) -> &str { + &self.metadata.email + } + + pub fn plan_type(&self) -> AccountPlanType { + InternalPlanType::from_raw_value(&self.metadata.chatgpt_plan_type).into() + } + + pub fn is_fedramp_account(&self) -> bool { + self.metadata.chatgpt_account_is_fedramp + } +} + +async fn hydrate_personal_access_token( + client: &CodexHttpClient, + authapi_base_url: &str, + access_token: &str, +) -> std::io::Result { + let endpoint = format!("{}{WHOAMI_PATH}", authapi_base_url.trim_end_matches('/')); + let response = client + .get(&endpoint) + .bearer_auth(access_token) + .send() + .await + .map_err(|err| { + std::io::Error::other(format!( + "failed to request personal access token metadata: {err}" + )) + })?; + if !response.status().is_success() { + return Err(std::io::Error::other(format!( + "personal access token metadata request failed with status {}", + response.status() + ))); + } + + let metadata = response + .json::() + .await + .map_err(|err| { + std::io::Error::other(format!( + "failed to decode personal access token metadata: {err}" + )) + })?; + Ok(PersonalAccessTokenAuth { + access_token: access_token.to_string(), + metadata, + }) +} + +#[cfg(test)] +#[path = "personal_access_token_tests.rs"] +mod tests; diff --git a/codex-rs/login/src/auth/personal_access_token_tests.rs b/codex-rs/login/src/auth/personal_access_token_tests.rs new file mode 100644 index 00000000000..ac6ee12265e --- /dev/null +++ b/codex-rs/login/src/auth/personal_access_token_tests.rs @@ -0,0 +1,71 @@ +use super::*; +use pretty_assertions::assert_eq; +use serde_json::json; +use wiremock::Mock; +use wiremock::MockServer; +use wiremock::ResponseTemplate; +use wiremock::matchers::header; +use wiremock::matchers::method; +use wiremock::matchers::path; + +fn response(email: Option<&str>) -> serde_json::Value { + json!({ + "email": email, + "chatgpt_user_id": "user-123", + "chatgpt_account_id": "account-123", + "chatgpt_plan_type": "enterprise", + "chatgpt_account_is_fedramp": true, + }) +} + +#[tokio::test] +async fn hydrate_sends_bearer_token_and_preserves_metadata() { + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path(WHOAMI_PATH)) + .and(header("authorization", "Bearer at-example")) + .respond_with(ResponseTemplate::new(200).set_body_json(response(Some("user@example.com")))) + .expect(1) + .mount(&server) + .await; + + let auth = hydrate_personal_access_token(&create_client(), &server.uri(), "at-example") + .await + .expect("personal access token hydration should succeed"); + + assert_eq!( + auth, + PersonalAccessTokenAuth { + access_token: "at-example".to_string(), + metadata: PersonalAccessTokenMetadata { + email: "user@example.com".to_string(), + chatgpt_user_id: "user-123".to_string(), + chatgpt_account_id: "account-123".to_string(), + chatgpt_plan_type: "enterprise".to_string(), + chatgpt_account_is_fedramp: true, + }, + } + ); + server.verify().await; +} + +#[tokio::test] +async fn hydrate_rejects_missing_email() { + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path(WHOAMI_PATH)) + .respond_with(ResponseTemplate::new(200).set_body_json(response(/*email*/ None))) + .expect(1) + .mount(&server) + .await; + + let err = hydrate_personal_access_token(&create_client(), &server.uri(), "at-example") + .await + .expect_err("personal access token hydration should reject missing email"); + + assert!( + err.to_string() + .contains("failed to decode personal access token metadata") + ); + server.verify().await; +} diff --git a/codex-rs/login/src/auth/storage.rs b/codex-rs/login/src/auth/storage.rs index 3a1c8ae6aa5..2edb4ca301b 100644 --- a/codex-rs/login/src/auth/storage.rs +++ b/codex-rs/login/src/auth/storage.rs @@ -18,6 +18,7 @@ use std::sync::Arc; use std::sync::Mutex; use tracing::warn; +use super::BedrockApiKeyAuth; use crate::token_data::TokenData; use codex_agent_identity::AgentIdentityJwtClaims; use codex_agent_identity::decode_agent_identity_jwt; @@ -45,6 +46,12 @@ pub struct AuthDotJson { #[serde(default, skip_serializing_if = "Option::is_none")] pub agent_identity: Option, + + #[serde(default, skip_serializing_if = "Option::is_none")] + pub personal_access_token: Option, + + #[serde(default, skip_serializing_if = "Option::is_none")] + pub bedrock_api_key: Option, } #[derive(Deserialize, Serialize, Clone, Debug, PartialEq, Eq)] diff --git a/codex-rs/login/src/auth/storage_tests.rs b/codex-rs/login/src/auth/storage_tests.rs index b5646ef53e8..c3491a8c4a4 100644 --- a/codex-rs/login/src/auth/storage_tests.rs +++ b/codex-rs/login/src/auth/storage_tests.rs @@ -19,6 +19,8 @@ async fn file_storage_load_returns_auth_dot_json() -> anyhow::Result<()> { tokens: None, last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; storage @@ -40,6 +42,8 @@ async fn file_storage_save_persists_auth_dot_json() -> anyhow::Result<()> { tokens: None, last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; let file = get_auth_file(codex_home.path()); @@ -73,6 +77,29 @@ async fn file_storage_round_trips_agent_identity_auth() -> anyhow::Result<()> { tokens: None, last_refresh: None, agent_identity: Some(agent_identity), + personal_access_token: None, + bedrock_api_key: None, + }; + + storage.save(&auth_dot_json)?; + + let loaded = storage.load()?; + assert_eq!(Some(auth_dot_json), loaded); + Ok(()) +} + +#[tokio::test] +async fn file_storage_round_trips_personal_access_token_auth() -> anyhow::Result<()> { + let codex_home = tempdir()?; + let storage = FileAuthStorage::new(codex_home.path().to_path_buf()); + let auth_dot_json = AuthDotJson { + auth_mode: Some(AuthMode::PersonalAccessToken), + openai_api_key: None, + tokens: None, + last_refresh: None, + agent_identity: None, + personal_access_token: Some("at-example".to_string()), + bedrock_api_key: None, }; storage.save(&auth_dot_json)?; @@ -122,6 +149,8 @@ fn file_storage_delete_removes_auth_file() -> anyhow::Result<()> { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; let storage = create_auth_storage(dir.path().to_path_buf(), AuthCredentialsStoreMode::File); storage.save(&auth_dot_json)?; @@ -146,6 +175,8 @@ fn ephemeral_storage_save_load_delete_is_in_memory_only() -> anyhow::Result<()> tokens: None, last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; storage.save(&auth_dot_json)?; @@ -245,6 +276,8 @@ fn auth_with_prefix(prefix: &str) -> AuthDotJson { }), last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, } } @@ -270,6 +303,8 @@ fn keyring_auth_storage_load_returns_deserialized_auth() -> anyhow::Result<()> { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; seed_keyring_with_auth( &mock_keyring, @@ -313,6 +348,8 @@ fn keyring_auth_storage_save_persists_and_removes_fallback_file() -> anyhow::Res }), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; storage.save(&auth)?; diff --git a/codex-rs/login/src/lib.rs b/codex-rs/login/src/lib.rs index 990cf8b80e1..6b305bae25c 100644 --- a/codex-rs/login/src/lib.rs +++ b/codex-rs/login/src/lib.rs @@ -27,6 +27,7 @@ pub use auth::CODEX_API_KEY_ENV_VAR; pub use auth::CodexAuth; pub use auth::ExternalAuth; pub use auth::ExternalAuthChatgptMetadata; +pub use auth::ExternalAuthFuture; pub use auth::ExternalAuthRefreshContext; pub use auth::ExternalAuthRefreshReason; pub use auth::ExternalAuthTokens; @@ -40,6 +41,7 @@ pub use auth::enforce_login_restrictions; pub use auth::load_auth_dot_json; pub use auth::login_with_access_token; pub use auth::login_with_api_key; +pub use auth::login_with_bedrock_api_key; pub use auth::logout; pub use auth::logout_with_revoke; pub use auth::read_codex_access_token_from_env; diff --git a/codex-rs/login/src/server.rs b/codex-rs/login/src/server.rs index b72bc946f27..a91017bea3c 100644 --- a/codex-rs/login/src/server.rs +++ b/codex-rs/login/src/server.rs @@ -822,6 +822,8 @@ pub(crate) async fn persist_tokens_async( tokens: Some(tokens), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth(&codex_home, &auth, auth_credentials_store_mode)?; Ok::<_, io::Error>((previous_auth, auth)) @@ -940,6 +942,20 @@ pub(crate) fn ensure_workspace_allowed( return Err("Login is restricted to a specific workspace, but the token did not include an chatgpt_account_id claim.".to_string()); }; + ensure_workspace_account_allowed(Some(expected), actual) +} + +/// Validates an already known ChatGPT account ID against an optional workspace restriction. +/// +/// PAT login calls this directly because `/whoami` supplies the account ID without an ID token. +pub(crate) fn ensure_workspace_account_allowed( + expected: Option<&[String]>, + actual: &str, +) -> Result<(), String> { + let Some(expected) = expected else { + return Ok(()); + }; + if expected.iter().any(|workspace_id| workspace_id == actual) { Ok(()) } else { @@ -1311,6 +1327,8 @@ mod tests { }), last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, } } diff --git a/codex-rs/login/tests/suite/auth_refresh.rs b/codex-rs/login/tests/suite/auth_refresh.rs index 83897a0d38b..c86338e7015 100644 --- a/codex-rs/login/tests/suite/auth_refresh.rs +++ b/codex-rs/login/tests/suite/auth_refresh.rs @@ -55,6 +55,8 @@ async fn refresh_token_succeeds_updates_storage() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -119,6 +121,8 @@ async fn refresh_token_refreshes_when_auth_is_unchanged() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -184,6 +188,8 @@ async fn auth_refreshes_when_access_token_is_near_expiry() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -234,6 +240,8 @@ async fn auth_skips_access_token_outside_refresh_window() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -270,6 +278,8 @@ async fn refresh_token_skips_refresh_when_auth_changed() -> Result<()> { tokens: Some(initial_tokens), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -280,6 +290,8 @@ async fn refresh_token_skips_refresh_when_auth_changed() -> Result<()> { tokens: Some(disk_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -335,6 +347,8 @@ async fn refresh_token_errors_on_account_mismatch() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -346,6 +360,8 @@ async fn refresh_token_errors_on_account_mismatch() -> Result<()> { tokens: Some(disk_tokens), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -405,6 +421,8 @@ async fn returns_fresh_tokens_as_is() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(stale_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -453,6 +471,8 @@ async fn refreshes_token_when_access_token_is_expired() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(fresh_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -503,6 +523,8 @@ async fn auth_reloads_disk_auth_when_cached_auth_is_stale() -> Result<()> { tokens: Some(initial_tokens), last_refresh: Some(stale_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -514,6 +536,8 @@ async fn auth_reloads_disk_auth_when_cached_auth_is_stale() -> Result<()> { tokens: Some(disk_tokens.clone()), last_refresh: Some(fresh_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -566,6 +590,8 @@ async fn auth_reloads_disk_auth_without_calling_expired_refresh_token() -> Resul tokens: Some(initial_tokens), last_refresh: Some(stale_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -577,6 +603,8 @@ async fn auth_reloads_disk_auth_without_calling_expired_refresh_token() -> Resul tokens: Some(disk_tokens.clone()), last_refresh: Some(fresh_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -627,6 +655,8 @@ async fn refresh_token_returns_permanent_error_for_expired_refresh_token() -> Re tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -680,6 +710,8 @@ async fn refresh_token_does_not_retry_after_permanent_failure() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -747,6 +779,8 @@ async fn refresh_token_does_not_retry_after_bad_request_reused_failure() -> Resu tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -814,6 +848,8 @@ async fn refresh_token_reloads_changed_auth_after_permanent_failure() -> Result< tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -836,6 +872,8 @@ async fn refresh_token_reloads_changed_auth_after_permanent_failure() -> Result< tokens: Some(disk_tokens.clone()), last_refresh: Some(fresh_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -895,6 +933,8 @@ async fn refresh_token_returns_transient_error_on_server_failure() -> Result<()> tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -948,6 +988,8 @@ async fn unauthorized_recovery_reloads_then_refreshes_tokens() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -958,6 +1000,8 @@ async fn unauthorized_recovery_reloads_then_refreshes_tokens() -> Result<()> { tokens: Some(disk_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -1042,6 +1086,8 @@ async fn unauthorized_recovery_errors_on_account_mismatch() -> Result<()> { tokens: Some(initial_tokens.clone()), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&initial_auth).await?; @@ -1053,6 +1099,8 @@ async fn unauthorized_recovery_errors_on_account_mismatch() -> Result<()> { tokens: Some(disk_tokens), last_refresh: Some(initial_last_refresh), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth( ctx.codex_home.path(), @@ -1111,6 +1159,8 @@ async fn unauthorized_recovery_requires_chatgpt_auth() -> Result<()> { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; ctx.write_auth(&auth).await?; diff --git a/codex-rs/login/tests/suite/logout.rs b/codex-rs/login/tests/suite/logout.rs index 2364ee7f54a..5d758039774 100644 --- a/codex-rs/login/tests/suite/logout.rs +++ b/codex-rs/login/tests/suite/logout.rs @@ -195,6 +195,8 @@ fn chatgpt_auth_with_refresh_token(refresh_token: &str) -> AuthDotJson { }), last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, } } diff --git a/codex-rs/mcp-server/Cargo.toml b/codex-rs/mcp-server/Cargo.toml index 29b2d6c7d72..9d568722e8a 100644 --- a/codex-rs/mcp-server/Cargo.toml +++ b/codex-rs/mcp-server/Cargo.toml @@ -21,6 +21,7 @@ anyhow = { workspace = true } codex-arg0 = { workspace = true } codex-config = { workspace = true } codex-core = { workspace = true } +codex-home = { workspace = true } codex-exec-server = { workspace = true } codex-extension-api = { workspace = true } codex-login = { workspace = true } diff --git a/codex-rs/mcp-server/src/codex_tool_runner.rs b/codex-rs/mcp-server/src/codex_tool_runner.rs index 05b995e7215..c4ec218dc9c 100644 --- a/codex-rs/mcp-server/src/codex_tool_runner.rs +++ b/codex-rs/mcp-server/src/codex_tool_runner.rs @@ -103,7 +103,6 @@ pub async fn run_codex_tool_session( let submission = Submission { id: sub_id.clone(), op: Op::UserInput { - environments: None, items: vec![UserInput::Text { text: initial_prompt.clone(), // MCP tool prompts are plain text with no UI element ranges. @@ -155,7 +154,6 @@ pub async fn run_codex_tool_session_reply( .insert(request_id.clone(), thread_id); if let Err(e) = thread .submit(Op::UserInput { - environments: None, items: vec![UserInput::Text { text: prompt, // MCP tool prompts are plain text with no UI element ranges. @@ -266,7 +264,8 @@ async fn run_codex_tool_session_inner( } EventMsg::Warning(_) | EventMsg::GuardianWarning(_) - | EventMsg::ModelVerification(_) => { + | EventMsg::ModelVerification(_) + | EventMsg::TurnModerationMetadata(_) => { continue; } EventMsg::GuardianAssessment(_) => { @@ -383,6 +382,7 @@ async fn run_codex_tool_session_inner( | EventMsg::CollabCloseEnd(_) | EventMsg::CollabResumeBegin(_) | EventMsg::CollabResumeEnd(_) + | EventMsg::SubAgentActivity(_) | EventMsg::RealtimeConversationStarted(_) | EventMsg::RealtimeConversationSdp(_) | EventMsg::RealtimeConversationRealtime(_) diff --git a/codex-rs/mcp-server/src/message_processor.rs b/codex-rs/mcp-server/src/message_processor.rs index 2f85b351435..ce19575a9c6 100644 --- a/codex-rs/mcp-server/src/message_processor.rs +++ b/codex-rs/mcp-server/src/message_processor.rs @@ -7,6 +7,7 @@ use codex_core::ThreadManager; use codex_core::config::Config; use codex_exec_server::EnvironmentManager; use codex_extension_api::empty_extension_registry; +use codex_home::CodexHomeUserInstructionsProvider; use codex_login::AuthManager; use codex_login::default_client::USER_AGENT_SUFFIX; use codex_login::default_client::get_codex_user_agent; @@ -62,12 +63,16 @@ impl MessageProcessor { /*enable_codex_api_key_env*/ false, ) .await; + let user_instructions_provider = Arc::new(CodexHomeUserInstructionsProvider::new( + config.codex_home.clone(), + )); let thread_manager = Arc::new(ThreadManager::new( config.as_ref(), auth_manager, SessionSource::Mcp, environment_manager, empty_extension_registry(), + user_instructions_provider, /*analytics_events_client*/ None, codex_core::thread_store_from_config(config.as_ref(), state_db.clone()), state_db.clone(), diff --git a/codex-rs/memories/write/Cargo.toml b/codex-rs/memories/write/Cargo.toml index ebe6b0f2a8d..bf031a6a164 100644 --- a/codex-rs/memories/write/Cargo.toml +++ b/codex-rs/memories/write/Cargo.toml @@ -21,6 +21,7 @@ codex-config = { workspace = true } codex-features = { workspace = true } codex-git-utils = { workspace = true } codex-login = { workspace = true } +codex-model-provider = { workspace = true } codex-otel = { workspace = true } codex-protocol = { workspace = true } codex-rollout = { workspace = true } @@ -39,6 +40,7 @@ tracing = { workspace = true, features = ["log"] } uuid = { workspace = true, features = ["v4", "v5"] } [dev-dependencies] +codex-model-provider-info = { workspace = true } codex-models-manager = { workspace = true } core_test_support = { workspace = true } pretty_assertions = { workspace = true } diff --git a/codex-rs/memories/write/src/lib.rs b/codex-rs/memories/write/src/lib.rs index 6764ebf5c65..ff86068ba61 100644 --- a/codex-rs/memories/write/src/lib.rs +++ b/codex-rs/memories/write/src/lib.rs @@ -76,7 +76,6 @@ signal to remove stale memories derived only from those resources. } mod stage_one { - pub(super) const MODEL: &str = "gpt-5.4-mini"; pub(super) const REASONING_EFFORT: codex_protocol::openai_models::ReasoningEffort = codex_protocol::openai_models::ReasoningEffort::Low; pub(super) const CONCURRENCY_LIMIT: usize = 8; @@ -101,7 +100,6 @@ mod stage_one { } mod stage_two { - pub(super) const MODEL: &str = "gpt-5.4"; pub(super) const REASONING_EFFORT: codex_protocol::openai_models::ReasoningEffort = codex_protocol::openai_models::ReasoningEffort::Medium; pub(super) const JOB_LEASE_SECONDS: i64 = 3_600; diff --git a/codex-rs/memories/write/src/phase1.rs b/codex-rs/memories/write/src/phase1.rs index 21b20759b1c..693b7a16800 100644 --- a/codex-rs/memories/write/src/phase1.rs +++ b/codex-rs/memories/write/src/phase1.rs @@ -190,11 +190,12 @@ async fn build_request_context( context: &MemoryStartupContext, config: &Config, ) -> StageOneRequestContext { - let model_name = config - .memories - .extract_model - .clone() - .unwrap_or(crate::stage_one::MODEL.to_string()); + let model_name = config.memories.extract_model.clone().unwrap_or_else(|| { + context + .provider() + .memory_extraction_preferred_model() + .to_string() + }); context .stage_one_request_context(config, &model_name, crate::stage_one::REASONING_EFFORT) .await diff --git a/codex-rs/memories/write/src/phase2.rs b/codex-rs/memories/write/src/phase2.rs index c78032d9c2a..0c588a60707 100644 --- a/codex-rs/memories/write/src/phase2.rs +++ b/codex-rs/memories/write/src/phase2.rs @@ -16,6 +16,7 @@ use crate::workspace::write_workspace_diff; use codex_config::Constrained; use codex_core::config::Config; use codex_features::Feature; +use codex_model_provider::ModelProvider; use codex_protocol::ThreadId; use codex_protocol::protocol::AgentStatus; use codex_protocol::protocol::AskForApproval; @@ -76,7 +77,7 @@ pub async fn run(context: Arc, config: Arc) { } // 3. Build the locked-down config used by the consolidation agent. - let Some(agent_config) = agent::get_config(config.as_ref()) else { + let Some(agent_config) = agent::get_config(config.as_ref(), context.provider()) else { // If we can't get the config, we can't consolidate. tracing::error!("failed to get agent config"); job::failed( @@ -297,7 +298,7 @@ mod agent { use super::*; use tracing::warn; - pub(super) fn get_config(config: &Config) -> Option { + pub(super) fn get_config(config: &Config, provider: &dyn ModelProvider) -> Option { let root = memory_root(&config.codex_home); let mut agent_config = config.clone(); @@ -339,7 +340,7 @@ mod agent { .memories .consolidation_model .clone() - .unwrap_or(crate::stage_two::MODEL.to_string()), + .unwrap_or_else(|| provider.memory_consolidation_preferred_model().to_string()), ); agent_config.model_reasoning_effort = Some(crate::stage_two::REASONING_EFFORT); diff --git a/codex-rs/memories/write/src/runtime.rs b/codex-rs/memories/write/src/runtime.rs index 36099fe2e85..8dae6ca6170 100644 --- a/codex-rs/memories/write/src/runtime.rs +++ b/codex-rs/memories/write/src/runtime.rs @@ -7,12 +7,16 @@ use codex_core::StartThreadOptions; use codex_core::ThreadManager; use codex_core::config::Config; use codex_core::content_items_to_text; +use codex_core::detached_memory_responses_metadata; use codex_core::resolve_installation_id; use codex_features::Feature; use codex_login::AuthManager; use codex_login::CodexAuth; use codex_login::auth_env_telemetry::collect_auth_env_telemetry; use codex_login::default_client::originator; +use codex_model_provider::ModelProvider; +use codex_model_provider::SharedModelProvider; +use codex_model_provider::create_model_provider; use codex_otel::SessionTelemetry; use codex_otel::TelemetryAuthMode; use codex_protocol::SessionId; @@ -46,7 +50,6 @@ pub(crate) struct StageOneRequestContext { pub(crate) reasoning_effort: Option, pub(crate) reasoning_summary: ReasoningSummary, pub(crate) service_tier: Option, - pub(crate) turn_metadata_header: Option, } impl StageOneRequestContext { @@ -68,6 +71,7 @@ pub(crate) struct MemoryStartupContext { thread: Arc, thread_manager: Arc, auth_manager: Arc, + provider: SharedModelProvider, session_telemetry: SessionTelemetry, } @@ -79,6 +83,51 @@ impl MemoryStartupContext { thread: Arc, config: &Config, source: SessionSource, + ) -> Self { + let provider = create_model_provider( + config.model_provider.clone(), + Some(Arc::clone(&auth_manager)), + ); + Self::new_with_provider( + thread_manager, + auth_manager, + thread_id, + thread, + config, + source, + provider, + ) + } + + #[cfg(test)] + pub(crate) fn new_for_testing( + thread_manager: Arc, + auth_manager: Arc, + thread_id: ThreadId, + thread: Arc, + config: &Config, + source: SessionSource, + provider: SharedModelProvider, + ) -> Self { + Self::new_with_provider( + thread_manager, + auth_manager, + thread_id, + thread, + config, + source, + provider, + ) + } + + fn new_with_provider( + thread_manager: Arc, + auth_manager: Arc, + thread_id: ThreadId, + thread: Arc, + config: &Config, + source: SessionSource, + provider: SharedModelProvider, ) -> Self { let auth = auth_manager.auth_cached(); let auth = auth.as_ref(); @@ -109,6 +158,7 @@ impl MemoryStartupContext { thread, thread_manager, auth_manager, + provider, session_telemetry, } } @@ -121,6 +171,10 @@ impl MemoryStartupContext { self.thread.state_db() } + pub(crate) fn provider(&self) -> &dyn ModelProvider { + self.provider.as_ref() + } + pub(crate) fn counter(&self, name: &str, inc: i64, tags: &[(&str, &str)]) { self.session_telemetry.counter(name, inc, tags); } @@ -145,8 +199,6 @@ impl MemoryStartupContext { .get_models_manager() .get_model_info(model_name, &config.to_models_manager_config()) .await; - let turn_metadata_header = - codex_core::build_turn_metadata_header(&config.cwd, /*sandbox*/ None).await; let reasoning_summary = config .model_reasoning_summary .unwrap_or(model_info.default_reasoning_summary); @@ -160,7 +212,6 @@ impl MemoryStartupContext { reasoning_effort: Some(reasoning_effort), reasoning_summary, service_tier: config_snapshot.service_tier, - turn_metadata_header, } } @@ -173,14 +224,13 @@ impl MemoryStartupContext { let installation_id = resolve_installation_id(&config.codex_home).await?; let config_snapshot = self.thread.config_snapshot().await; let session_source = config_snapshot.session_source; + let session_id = SessionId::from(self.thread_id); + let session_id_string = session_id.to_string(); let model_client = ModelClient::new( Some(Arc::clone(&self.auth_manager)), - SessionId::from(self.thread_id), // We use thread_id to detach this query from the foreground user session. self.thread_id, - installation_id, config.model_provider.clone(), - session_source, - config_snapshot.parent_thread_id, + session_source.clone(), config.model_verbosity, config.features.enabled(Feature::EnableRequestCompression), config.features.enabled(Feature::RuntimeMetrics), @@ -189,15 +239,26 @@ impl MemoryStartupContext { ); let mut client_session = model_client.new_session(); + let window_id = format!("{}:0", self.thread_id); + let responses_metadata = detached_memory_responses_metadata( + installation_id, + session_id_string, + self.thread_id.to_string(), + window_id, + &session_source, + &config.cwd, + /*sandbox*/ None, + ) + .await; let mut stream = client_session .stream( prompt, &context.model_info, &context.session_telemetry, - context.reasoning_effort, + context.reasoning_effort.clone(), context.reasoning_summary, context.service_tier.clone(), - context.turn_metadata_header.as_deref(), + &responses_metadata, &InferenceTraceContext::disabled(), ) .await?; @@ -251,6 +312,7 @@ impl MemoryStartupContext { metrics_service_name: None, parent_trace: None, environments, + thread_extension_init: Default::default(), }) .await?; @@ -259,7 +321,6 @@ impl MemoryStartupContext { .thread .submit(Op::UserInput { items: prompt, - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), diff --git a/codex-rs/memories/write/src/startup_tests.rs b/codex-rs/memories/write/src/startup_tests.rs index bd0a9904e65..66b035ed00d 100644 --- a/codex-rs/memories/write/src/startup_tests.rs +++ b/codex-rs/memories/write/src/startup_tests.rs @@ -1,12 +1,31 @@ +use crate::extensions::seed_extension_instructions; +use crate::memory_root; +use crate::phase1; +use crate::phase2; +use crate::runtime::MemoryStartupContext; use crate::start_memories_startup_task; +use codex_config::types::MemoriesConfig; use codex_features::Feature; use codex_git_utils::diff_since_latest_init; use codex_git_utils::reset_git_repository; +use codex_login::AuthManager; +use codex_login::CodexAuth; +use codex_model_provider::ModelProvider; +use codex_model_provider::ModelProviderFuture; +use codex_model_provider::ProviderAccountResult; +use codex_model_provider::SharedModelProvider; +use codex_model_provider::create_model_provider; +use codex_model_provider_info::ModelProviderInfo; use codex_protocol::ThreadId; use codex_protocol::config_types::ServiceTier; +use codex_protocol::models::ContentItem; +use codex_protocol::models::ResponseItem; +use codex_protocol::openai_models::ModelsResponse; use codex_protocol::openai_models::ReasoningEffort; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::Op; +use codex_protocol::protocol::RolloutItem; +use codex_protocol::protocol::RolloutLine; use codex_protocol::protocol::SessionSource; use core_test_support::responses::ResponseMock; use core_test_support::responses::ResponsesRequest; @@ -21,6 +40,7 @@ use core_test_support::test_codex::test_codex; use core_test_support::wait_for_event; use pretty_assertions::assert_eq; use std::path::Path; +use std::path::PathBuf; use std::sync::Arc; use tempfile::TempDir; use tokio::time::Duration; @@ -329,18 +349,186 @@ async fn memories_startup_phase1_uses_live_thread_service_tier_and_detached_meta Ok(()) } +#[tokio::test] +async fn memories_startup_phase1_provider_default_drives_request_model() -> anyhow::Result<()> { + let server = start_mock_server().await; + let home = Arc::new(TempDir::new()?); + let request = + run_memory_phase_one_model_request_test(&server, home, startup_test_memories_config()) + .await?; + + assert_eq!( + request.body_json()["model"].as_str(), + Some(MOCK_PROVIDER_PHASE_ONE_MODEL) + ); + + Ok(()) +} + +#[tokio::test] +async fn memories_startup_phase2_provider_default_drives_request_model() -> anyhow::Result<()> { + let server = start_mock_server().await; + let home = Arc::new(TempDir::new()?); + let request = + run_memory_phase_two_model_request_test(&server, home, startup_test_memories_config()) + .await?; + + assert_eq!( + request.body_json()["model"].as_str(), + Some(MOCK_PROVIDER_PHASE_TWO_MODEL) + ); + + Ok(()) +} + +#[tokio::test] +async fn memories_startup_phase1_explicit_model_override_drives_request_model() -> anyhow::Result<()> +{ + let server = start_mock_server().await; + let home = Arc::new(TempDir::new()?); + let mut memories = startup_test_memories_config(); + memories.extract_model = Some("override.phase-one".to_string()); + let request = run_memory_phase_one_model_request_test(&server, home, memories).await?; + + assert_eq!( + request.body_json()["model"].as_str(), + Some("override.phase-one") + ); + + Ok(()) +} + +#[tokio::test] +async fn memories_startup_phase2_explicit_model_override_drives_request_model() -> anyhow::Result<()> +{ + let server = start_mock_server().await; + let home = Arc::new(TempDir::new()?); + let mut memories = startup_test_memories_config(); + memories.consolidation_model = Some("override.phase-two".to_string()); + let request = run_memory_phase_two_model_request_test(&server, home, memories).await?; + + assert_eq!( + request.body_json()["model"].as_str(), + Some("override.phase-two") + ); + + Ok(()) +} + +async fn run_memory_phase_one_model_request_test( + server: &wiremock::MockServer, + home: Arc, + memories: MemoriesConfig, +) -> anyhow::Result { + let test = build_test_codex_with_memories_config(server, Arc::clone(&home), memories).await?; + let provider = Arc::new(MockMemoryModelProvider::new( + test.config.model_provider.clone(), + Some(test.thread_manager.auth_manager()), + )); + let db = test + .codex + .state_db() + .ok_or_else(|| anyhow::anyhow!("state db should be enabled for memory startup test"))?; + seed_stage1_candidate( + db.as_ref(), + home.path(), + chrono::Utc::now() - chrono::Duration::hours(2), + "startup-models", + ) + .await?; + let response = mount_sse_once( + server, + sse(vec![ + ev_response_created("resp-phase1"), + ev_assistant_message( + "msg-phase1", + r#"{"raw_memory":"raw memory","rollout_summary":"rollout summary","rollout_slug":"startup-models"}"#, + ), + ev_completed("resp-phase1"), + ]), + ) + .await; + + let (context, config) = memory_startup_context_with_provider(&test, provider).await; + phase1::run(context, config).await; + let request = wait_for_single_request(&response).await; + shutdown_test_codex(&test).await?; + Ok(request) +} + +async fn run_memory_phase_two_model_request_test( + server: &wiremock::MockServer, + home: Arc, + memories: MemoriesConfig, +) -> anyhow::Result { + let test = build_test_codex_with_memories_config(server, home.clone(), memories).await?; + let provider = Arc::new(MockMemoryModelProvider::new( + test.config.model_provider.clone(), + Some(test.thread_manager.auth_manager()), + )); + let db = test + .codex + .state_db() + .ok_or_else(|| anyhow::anyhow!("state db should be enabled for memory startup test"))?; + seed_stage1_output( + db.as_ref(), + home.path(), + chrono::Utc::now(), + "raw memory for phase two", + "rollout summary for phase two", + "startup-models-phase-two", + ) + .await?; + + let response = mount_sse_once( + server, + sse(vec![ + ev_response_created("resp-phase2"), + ev_assistant_message("msg-phase2", "phase2 complete"), + ev_completed("resp-phase2"), + ]), + ) + .await; + + let (context, config) = memory_startup_context_with_provider(&test, provider).await; + let root = memory_root(&config.codex_home); + tokio::fs::create_dir_all(&root).await?; + seed_extension_instructions(&root).await?; + phase2::run(context, config).await; + let request = wait_for_single_request(&response).await; + wait_for_phase2_workspace_reset(&home.path().join("memories")).await?; + shutdown_test_codex(&test).await?; + Ok(request) +} + +fn startup_test_memories_config() -> MemoriesConfig { + MemoriesConfig { + max_raw_memories_for_consolidation: 1, + min_rollout_idle_hours: 0, + ..MemoriesConfig::default() + } +} + async fn build_test_codex( server: &wiremock::MockServer, home: Arc, +) -> anyhow::Result { + build_test_codex_with_memories_config(server, home, startup_test_memories_config()).await +} + +async fn build_test_codex_with_memories_config( + server: &wiremock::MockServer, + home: Arc, + memories: MemoriesConfig, ) -> anyhow::Result { test_codex() .with_home(home) - .with_config(|config| { + .with_config(move |config| { config .features .enable(Feature::Sqlite) .expect("test config should allow feature update"); - config.memories.max_raw_memories_for_consolidation = 1; + config.memories = memories; }) .build(server) .await @@ -370,6 +558,82 @@ async fn trigger_memories_startup(test: &TestCodex) { ); } +async fn memory_startup_context_with_provider( + test: &TestCodex, + provider: SharedModelProvider, +) -> (Arc, Arc) { + let config_snapshot = test.codex.config_snapshot().await; + let mut config = test.config.clone(); + config + .features + .enable(Feature::MemoryTool) + .expect("test config should allow feature update"); + let config = Arc::new(config); + let context = Arc::new(MemoryStartupContext::new_for_testing( + Arc::clone(&test.thread_manager), + test.thread_manager.auth_manager(), + test.session_configured.thread_id, + Arc::clone(&test.codex), + config.as_ref(), + config_snapshot.session_source, + provider, + )); + + (context, config) +} + +const MOCK_PROVIDER_PHASE_ONE_MODEL: &str = "mock.phase-one"; +const MOCK_PROVIDER_PHASE_TWO_MODEL: &str = "mock.phase-two"; + +#[derive(Debug)] +struct MockMemoryModelProvider { + delegate: SharedModelProvider, +} + +impl MockMemoryModelProvider { + fn new(info: ModelProviderInfo, auth_manager: Option>) -> Self { + Self { + delegate: create_model_provider(info, auth_manager), + } + } +} + +impl ModelProvider for MockMemoryModelProvider { + fn info(&self) -> &ModelProviderInfo { + self.delegate.info() + } + + fn memory_extraction_preferred_model(&self) -> &'static str { + MOCK_PROVIDER_PHASE_ONE_MODEL + } + + fn memory_consolidation_preferred_model(&self) -> &'static str { + MOCK_PROVIDER_PHASE_TWO_MODEL + } + + fn auth_manager(&self) -> Option> { + self.delegate.auth_manager() + } + + fn auth(&self) -> ModelProviderFuture<'_, Option> { + let delegate = Arc::clone(&self.delegate); + Box::pin(async move { delegate.auth().await }) + } + + fn account_state(&self) -> ProviderAccountResult { + self.delegate.account_state() + } + + fn models_manager( + &self, + codex_home: PathBuf, + config_model_catalog: Option, + ) -> codex_models_manager::manager::SharedModelsManager { + self.delegate + .models_manager(codex_home, config_model_catalog) + } +} + async fn seed_stage1_output( db: &codex_state::StateRuntime, codex_home: &Path, @@ -404,6 +668,46 @@ async fn seed_stage1_output( Ok(thread_id) } +async fn seed_stage1_candidate( + db: &codex_state::StateRuntime, + codex_home: &Path, + updated_at: chrono::DateTime, + rollout_slug: &str, +) -> anyhow::Result { + let thread_id = ThreadId::new(); + let rollout_path = codex_home.join(format!("rollout-{thread_id}.jsonl")); + let line = RolloutLine { + timestamp: updated_at.to_rfc3339(), + item: RolloutItem::ResponseItem(ResponseItem::Message { + id: None, + role: "user".to_string(), + content: vec![ContentItem::InputText { + text: "remember this startup test conversation".to_string(), + }], + phase: None, + }), + }; + let jsonl = serde_json::to_string(&line)?; + tokio::fs::write(&rollout_path, format!("{jsonl}\n")).await?; + + let mut metadata_builder = codex_state::ThreadMetadataBuilder::new( + thread_id, + rollout_path, + updated_at, + SessionSource::Cli, + ); + metadata_builder.cwd = codex_home.join(format!("workspace-{rollout_slug}")); + metadata_builder.model_provider = Some("test-provider".to_string()); + metadata_builder.git_branch = Some(format!("branch-{rollout_slug}")); + let mut metadata = metadata_builder.build("test-provider"); + metadata.preview = Some("remember this startup test conversation".to_string()); + metadata.first_user_message = metadata.preview.clone(); + db.upsert_thread(&metadata).await?; + db.set_thread_memory_mode(thread_id, "enabled").await?; + + Ok(thread_id) +} + async fn wait_for_single_request(mock: &ResponseMock) -> ResponsesRequest { wait_for_request(mock, /*expected_count*/ 1).await.remove(0) } @@ -447,7 +751,8 @@ async fn wait_for_request(mock: &ResponseMock, expected_count: usize) -> Vec) -> CodexResult { let default_base_url = if matches!( auth_mode, - Some(AuthMode::Chatgpt | AuthMode::ChatgptAuthTokens | AuthMode::AgentIdentity) + Some( + AuthMode::Chatgpt + | AuthMode::ChatgptAuthTokens + | AuthMode::AgentIdentity + | AuthMode::PersonalAccessToken + ) ) { CHATGPT_CODEX_BASE_URL } else { diff --git a/codex-rs/model-provider-info/src/model_provider_info_tests.rs b/codex-rs/model-provider-info/src/model_provider_info_tests.rs index abfa40a36a4..a303050dc13 100644 --- a/codex-rs/model-provider-info/src/model_provider_info_tests.rs +++ b/codex-rs/model-provider-info/src/model_provider_info_tests.rs @@ -139,6 +139,15 @@ fn test_supports_remote_compaction_for_openai() { assert!(provider.supports_remote_compaction()); } +#[test] +fn test_personal_access_token_uses_chatgpt_codex_base_url() { + let api_provider = ModelProviderInfo::create_openai_provider(/*base_url*/ None) + .to_api_provider(Some(AuthMode::PersonalAccessToken)) + .expect("OpenAI provider should build API provider"); + + assert_eq!(api_provider.base_url, CHATGPT_CODEX_BASE_URL); +} + #[test] fn test_supports_remote_compaction_for_azure_name() { let provider = ModelProviderInfo { diff --git a/codex-rs/model-provider/Cargo.toml b/codex-rs/model-provider/Cargo.toml index 58235ab24d5..29599c6c7ee 100644 --- a/codex-rs/model-provider/Cargo.toml +++ b/codex-rs/model-provider/Cargo.toml @@ -13,7 +13,6 @@ path = "src/lib.rs" workspace = true [dependencies] -async-trait = { workspace = true } codex-api = { workspace = true } codex-agent-identity = { workspace = true } codex-aws-auth = { workspace = true } diff --git a/codex-rs/model-provider/src/amazon_bedrock/auth.rs b/codex-rs/model-provider/src/amazon_bedrock/auth.rs index ecfd2dd5330..6dd897050a2 100644 --- a/codex-rs/model-provider/src/amazon_bedrock/auth.rs +++ b/codex-rs/model-provider/src/amazon_bedrock/auth.rs @@ -9,6 +9,7 @@ use codex_aws_auth::AwsRequestToSign; use codex_client::Request; use codex_client::RequestBody; use codex_client::RequestCompression; +use codex_login::auth::BedrockApiKeyAuth; use codex_model_provider_info::ModelProviderAwsAuthInfo; use codex_protocol::error::CodexErr; use codex_protocol::error::Result; @@ -24,13 +25,22 @@ const AWS_REGION_ENV_VAR: &str = "AWS_REGION"; const AWS_DEFAULT_REGION_ENV_VAR: &str = "AWS_DEFAULT_REGION"; pub(super) enum BedrockAuthMethod { + ManagedBearerToken { token: String, region: String }, EnvBearerToken { token: String, region: String }, AwsSdkAuth { context: AwsAuthContext }, } pub(super) async fn resolve_auth_method( + managed_auth: Option<&BedrockApiKeyAuth>, aws: &ModelProviderAwsAuthInfo, ) -> Result { + if let Some(managed_auth) = managed_auth { + return Ok(BedrockAuthMethod::ManagedBearerToken { + token: managed_auth.api_key.clone(), + region: managed_auth.region.clone(), + }); + } + if let Some(token) = non_empty_env_var_from(AWS_BEARER_TOKEN_BEDROCK_ENV_VAR, std::env::var) { let region = bearer_token_region(aws, std::env::var)?; return Ok(BedrockAuthMethod::EnvBearerToken { token, region }); @@ -44,10 +54,12 @@ pub(super) async fn resolve_auth_method( } pub(super) async fn resolve_provider_auth( + managed_auth: Option<&BedrockApiKeyAuth>, aws: &ModelProviderAwsAuthInfo, ) -> Result { - match resolve_auth_method(aws).await? { - BedrockAuthMethod::EnvBearerToken { token, .. } => Ok(Arc::new(BearerAuthProvider { + match resolve_auth_method(managed_auth, aws).await? { + BedrockAuthMethod::ManagedBearerToken { token, .. } + | BedrockAuthMethod::EnvBearerToken { token, .. } => Ok(Arc::new(BearerAuthProvider { token: Some(token), account_id: None, is_fedramp_account: false, @@ -121,11 +133,6 @@ impl BedrockMantleSigV4AuthProvider { fn new(context: AwsAuthContext) -> Self { Self { context } } -} - -#[async_trait::async_trait] -impl AuthProvider for BedrockMantleSigV4AuthProvider { - fn add_auth_headers(&self, _headers: &mut HeaderMap) {} async fn apply_auth(&self, request: Request) -> std::result::Result { let mut request = request; @@ -150,6 +157,14 @@ impl AuthProvider for BedrockMantleSigV4AuthProvider { } } +impl AuthProvider for BedrockMantleSigV4AuthProvider { + fn add_auth_headers(&self, _headers: &mut HeaderMap) {} + + fn apply_auth(&self, request: Request) -> codex_api::AuthProviderFuture<'_> { + Box::pin(BedrockMantleSigV4AuthProvider::apply_auth(self, request)) + } +} + #[cfg(test)] mod tests { use codex_api::AuthProvider; diff --git a/codex-rs/model-provider/src/amazon_bedrock/mantle.rs b/codex-rs/model-provider/src/amazon_bedrock/mantle.rs index 7881845e457..9727802d119 100644 --- a/codex-rs/model-provider/src/amazon_bedrock/mantle.rs +++ b/codex-rs/model-provider/src/amazon_bedrock/mantle.rs @@ -1,4 +1,5 @@ use codex_aws_auth::AwsAuthConfig; +use codex_login::auth::BedrockApiKeyAuth; use codex_model_provider_info::ModelProviderAwsAuthInfo; use codex_protocol::error::CodexErr; use codex_protocol::error::Result; @@ -48,14 +49,21 @@ pub(super) fn base_url(region: &str) -> Result { } } -pub(super) async fn runtime_base_url(aws: &ModelProviderAwsAuthInfo) -> Result { - let region = resolve_region(aws).await?; +pub(super) async fn runtime_base_url( + managed_auth: Option<&BedrockApiKeyAuth>, + aws: &ModelProviderAwsAuthInfo, +) -> Result { + let region = resolve_region(managed_auth, aws).await?; base_url(®ion) } -async fn resolve_region(aws: &ModelProviderAwsAuthInfo) -> Result { - match resolve_auth_method(aws).await? { - BedrockAuthMethod::EnvBearerToken { region, .. } => Ok(region), +async fn resolve_region( + managed_auth: Option<&BedrockApiKeyAuth>, + aws: &ModelProviderAwsAuthInfo, +) -> Result { + match resolve_auth_method(managed_auth, aws).await? { + BedrockAuthMethod::ManagedBearerToken { region, .. } + | BedrockAuthMethod::EnvBearerToken { region, .. } => Ok(region), BedrockAuthMethod::AwsSdkAuth { context } => Ok(context.region().to_string()), } } diff --git a/codex-rs/model-provider/src/amazon_bedrock/mod.rs b/codex-rs/model-provider/src/amazon_bedrock/mod.rs index 8099993973d..d44e7cbd022 100644 --- a/codex-rs/model-provider/src/amazon_bedrock/mod.rs +++ b/codex-rs/model-provider/src/amazon_bedrock/mod.rs @@ -9,6 +9,7 @@ use codex_api::Provider; use codex_api::SharedAuthProvider; use codex_login::AuthManager; use codex_login::CodexAuth; +use codex_login::auth::BedrockApiKeyAuth; use codex_model_provider_info::AMAZON_BEDROCK_GPT_5_4_MODEL_ID; use codex_model_provider_info::ModelProviderAwsAuthInfo; use codex_model_provider_info::ModelProviderInfo; @@ -19,6 +20,7 @@ use codex_protocol::error::Result; use codex_protocol::openai_models::ModelsResponse; use crate::provider::ModelProvider; +use crate::provider::ModelProviderFuture; use crate::provider::ProviderAccountResult; use crate::provider::ProviderAccountState; use crate::provider::ProviderCapabilities; @@ -32,10 +34,14 @@ use mantle::runtime_base_url; pub(crate) struct AmazonBedrockModelProvider { pub(crate) info: ModelProviderInfo, pub(crate) aws: ModelProviderAwsAuthInfo, + auth_manager: Option>, } impl AmazonBedrockModelProvider { - pub(crate) fn new(provider_info: ModelProviderInfo) -> Self { + pub(crate) fn new( + provider_info: ModelProviderInfo, + auth_manager: Option>, + ) -> Self { let aws = provider_info .aws .clone() @@ -46,11 +52,49 @@ impl AmazonBedrockModelProvider { Self { info: provider_info, aws, + auth_manager, } } + + fn managed_auth(&self) -> Option { + self.auth_manager + .as_ref() + .and_then(|auth_manager| auth_manager.auth_cached()) + .and_then(|auth| match auth { + CodexAuth::BedrockApiKey(auth) => Some(auth), + CodexAuth::ApiKey(_) + | CodexAuth::Chatgpt(_) + | CodexAuth::ChatgptAuthTokens(_) + | CodexAuth::AgentIdentity(_) + | CodexAuth::PersonalAccessToken(_) => None, + }) + } + + async fn auth(&self) -> Option { + self.managed_auth().map(CodexAuth::BedrockApiKey) + } + + async fn api_provider(&self) -> Result { + let managed_auth = self.managed_auth(); + let mut api_provider_info = self.info.clone(); + api_provider_info.base_url = + Some(runtime_base_url(managed_auth.as_ref(), &self.aws).await?); + api_provider_info.to_api_provider(/*auth_mode*/ None) + } + + async fn runtime_base_url(&self) -> Result> { + let managed_auth = self.managed_auth(); + Ok(Some( + runtime_base_url(managed_auth.as_ref(), &self.aws).await?, + )) + } + + async fn api_auth(&self) -> Result { + let managed_auth = self.managed_auth(); + resolve_provider_auth(managed_auth.as_ref(), &self.aws).await + } } -#[async_trait::async_trait] impl ModelProvider for AmazonBedrockModelProvider { fn info(&self) -> &ModelProviderInfo { &self.info @@ -68,12 +112,21 @@ impl ModelProvider for AmazonBedrockModelProvider { AMAZON_BEDROCK_GPT_5_4_MODEL_ID } + fn memory_extraction_preferred_model(&self) -> &'static str { + AMAZON_BEDROCK_GPT_5_4_MODEL_ID + } + + fn memory_consolidation_preferred_model(&self) -> &'static str { + AMAZON_BEDROCK_GPT_5_4_MODEL_ID + } + fn auth_manager(&self) -> Option> { - None + self.managed_auth() + .and_then(|_| self.auth_manager.as_ref().cloned()) } - async fn auth(&self) -> Option { - None + fn auth(&self) -> ModelProviderFuture<'_, Option> { + Box::pin(AmazonBedrockModelProvider::auth(self)) } fn account_state(&self) -> ProviderAccountResult { @@ -83,18 +136,16 @@ impl ModelProvider for AmazonBedrockModelProvider { }) } - async fn api_provider(&self) -> Result { - let mut api_provider_info = self.info.clone(); - api_provider_info.base_url = Some(runtime_base_url(&self.aws).await?); - api_provider_info.to_api_provider(/*auth_mode*/ None) + fn api_provider(&self) -> ModelProviderFuture<'_, Result> { + Box::pin(AmazonBedrockModelProvider::api_provider(self)) } - async fn runtime_base_url(&self) -> Result> { - Ok(Some(runtime_base_url(&self.aws).await?)) + fn runtime_base_url(&self) -> ModelProviderFuture<'_, Result>> { + Box::pin(AmazonBedrockModelProvider::runtime_base_url(self)) } - async fn api_auth(&self) -> Result { - resolve_provider_auth(&self.aws).await + fn api_auth(&self) -> ModelProviderFuture<'_, Result> { + Box::pin(AmazonBedrockModelProvider::api_auth(self)) } fn models_manager( @@ -111,6 +162,7 @@ impl ModelProvider for AmazonBedrockModelProvider { #[cfg(test)] mod tests { + use http::HeaderValue; use pretty_assertions::assert_eq; use super::*; @@ -131,10 +183,68 @@ mod tests { ); } + #[tokio::test] + async fn managed_auth_takes_precedence_over_aws_auth() { + let managed_auth = BedrockApiKeyAuth { + api_key: "managed-bedrock-api-key".to_string(), + region: "us-east-1".to_string(), + }; + let auth_manager = + AuthManager::from_auth_for_testing(CodexAuth::BedrockApiKey(managed_auth.clone())); + let provider = AmazonBedrockModelProvider::new( + ModelProviderInfo::create_amazon_bedrock_provider(Some(ModelProviderAwsAuthInfo { + profile: Some("aws-profile-that-should-not-be-loaded".to_string()), + region: Some("us-west-2".to_string()), + })), + Some(auth_manager.clone()), + ); + + assert!(Arc::ptr_eq( + &provider + .auth_manager() + .expect("managed Bedrock auth manager should be exposed"), + &auth_manager, + )); + assert_eq!( + provider.auth().await, + Some(CodexAuth::BedrockApiKey(managed_auth)) + ); + assert_eq!( + provider + .runtime_base_url() + .await + .expect("managed Bedrock region should resolve"), + Some("https://bedrock-mantle.us-east-1.api.aws/openai/v1".to_string()) + ); + assert_eq!( + provider + .api_auth() + .await + .expect("managed Bedrock auth should resolve") + .to_auth_headers() + .get(http::header::AUTHORIZATION), + Some(&HeaderValue::from_static("Bearer managed-bedrock-api-key")) + ); + } + + #[tokio::test] + async fn openai_auth_is_not_exposed_to_bedrock() { + let provider = AmazonBedrockModelProvider::new( + ModelProviderInfo::create_amazon_bedrock_provider(/*aws*/ None), + Some(AuthManager::from_auth_for_testing(CodexAuth::from_api_key( + "openai-api-key", + ))), + ); + + assert!(provider.auth_manager().is_none()); + assert_eq!(provider.auth().await, None); + } + #[test] fn capabilities_disable_unsupported_hosted_tools() { let provider = AmazonBedrockModelProvider::new( ModelProviderInfo::create_amazon_bedrock_provider(/*aws*/ None), + /*auth_manager*/ None, ); assert_eq!( @@ -151,6 +261,7 @@ mod tests { fn approval_review_preferred_model_uses_bedrock_gpt_5_4() { let provider = AmazonBedrockModelProvider::new( ModelProviderInfo::create_amazon_bedrock_provider(/*aws*/ None), + /*auth_manager*/ None, ); assert_eq!( diff --git a/codex-rs/model-provider/src/auth.rs b/codex-rs/model-provider/src/auth.rs index 3c7f4dbd0fc..8f5e02b1757 100644 --- a/codex-rs/model-provider/src/auth.rs +++ b/codex-rs/model-provider/src/auth.rs @@ -8,11 +8,15 @@ use codex_api::SharedAuthProvider; use codex_login::AuthManager; use codex_login::CodexAuth; use codex_model_provider_info::ModelProviderInfo; +use codex_protocol::error::CodexErr; use http::HeaderMap; use http::HeaderValue; use crate::bearer_auth_provider::BearerAuthProvider; +const BEDROCK_API_KEY_UNSUPPORTED_MESSAGE: &str = + "Bedrock API key auth is only supported by the Amazon Bedrock model provider"; + #[derive(Clone, Debug)] struct AgentIdentityAuthProvider { auth: codex_login::auth::AgentIdentityAuth, @@ -79,6 +83,12 @@ pub(crate) fn resolve_provider_auth( auth: Option<&CodexAuth>, provider: &ModelProviderInfo, ) -> codex_protocol::error::Result { + if matches!(auth, Some(CodexAuth::BedrockApiKey(_))) { + return Err(CodexErr::UnsupportedOperation( + BEDROCK_API_KEY_UNSUPPORTED_MESSAGE.to_string(), + )); + } + if let Some(auth) = bearer_auth_for_provider(provider)? { return Ok(Arc::new(auth)); } @@ -109,20 +119,24 @@ pub fn auth_provider_from_auth(auth: &CodexAuth) -> SharedAuthProvider { CodexAuth::AgentIdentity(auth) => { Arc::new(AgentIdentityAuthProvider { auth: auth.clone() }) } - CodexAuth::ApiKey(_) | CodexAuth::Chatgpt(_) | CodexAuth::ChatgptAuthTokens(_) => { - Arc::new(BearerAuthProvider { - token: auth.get_token().ok(), - account_id: auth.get_account_id(), - is_fedramp_account: auth.is_fedramp_account(), - }) - } + CodexAuth::BedrockApiKey(_) => unreachable!("{BEDROCK_API_KEY_UNSUPPORTED_MESSAGE}"), + CodexAuth::ApiKey(_) + | CodexAuth::Chatgpt(_) + | CodexAuth::ChatgptAuthTokens(_) + | CodexAuth::PersonalAccessToken(_) => Arc::new(BearerAuthProvider { + token: auth.get_token().ok(), + account_id: auth.get_account_id(), + is_fedramp_account: auth.is_fedramp_account(), + }), } } #[cfg(test)] mod tests { + use codex_login::auth::BedrockApiKeyAuth; use codex_model_provider_info::WireApi; use codex_model_provider_info::create_oss_provider_with_base_url; + use pretty_assertions::assert_eq; use super::*; @@ -134,4 +148,21 @@ mod tests { assert!(auth.to_auth_headers().is_empty()); } + + #[test] + fn openai_provider_rejects_bedrock_api_key_auth() { + let provider = ModelProviderInfo::create_openai_provider(/*base_url*/ None); + let auth = CodexAuth::BedrockApiKey(BedrockApiKeyAuth { + api_key: "bedrock-api-key-test".to_string(), + region: "us-east-1".to_string(), + }); + + match resolve_provider_auth(Some(&auth), &provider) { + Err(CodexErr::UnsupportedOperation(message)) => { + assert_eq!(message, BEDROCK_API_KEY_UNSUPPORTED_MESSAGE); + } + Err(err) => panic!("unexpected auth error: {err:?}"), + Ok(_) => panic!("Bedrock API key auth should be rejected"), + } + } } diff --git a/codex-rs/model-provider/src/lib.rs b/codex-rs/model-provider/src/lib.rs index 4e4660812b9..f5efe1f5752 100644 --- a/codex-rs/model-provider/src/lib.rs +++ b/codex-rs/model-provider/src/lib.rs @@ -10,6 +10,7 @@ pub use bearer_auth_provider::BearerAuthProvider; pub use bearer_auth_provider::BearerAuthProvider as CoreAuthProvider; pub use codex_protocol::account::ProviderAccount; pub use provider::ModelProvider; +pub use provider::ModelProviderFuture; pub use provider::ProviderAccountError; pub use provider::ProviderAccountResult; pub use provider::ProviderAccountState; diff --git a/codex-rs/model-provider/src/models_endpoint.rs b/codex-rs/model-provider/src/models_endpoint.rs index 8a72beea701..ebb51ea5644 100644 --- a/codex-rs/model-provider/src/models_endpoint.rs +++ b/codex-rs/model-provider/src/models_endpoint.rs @@ -1,7 +1,6 @@ use std::sync::Arc; use std::time::Duration; -use async_trait::async_trait; use codex_api::ModelsClient; use codex_api::RequestTelemetry; use codex_api::ReqwestTransport; @@ -17,6 +16,7 @@ use codex_login::collect_auth_env_telemetry; use codex_login::default_client::build_reqwest_client; use codex_model_provider_info::ModelProviderInfo; use codex_models_manager::manager::ModelsEndpointClient; +use codex_models_manager::manager::ModelsEndpointFuture; use codex_otel::TelemetryAuthMode; use codex_protocol::error::CodexErr; use codex_protocol::error::Result as CoreResult; @@ -56,21 +56,6 @@ impl OpenAiModelsEndpoint { } } - fn auth_env(&self) -> AuthEnvTelemetry { - let codex_api_key_env_enabled = self - .auth_manager - .as_ref() - .is_some_and(|auth_manager| auth_manager.codex_api_key_env_enabled()); - collect_auth_env_telemetry(&self.provider_info, codex_api_key_env_enabled) - } -} - -#[async_trait] -impl ModelsEndpointClient for OpenAiModelsEndpoint { - fn has_command_auth(&self) -> bool { - self.provider_info.has_command_auth() - } - async fn uses_codex_backend(&self) -> bool { self.auth() .await @@ -107,6 +92,31 @@ impl ModelsEndpointClient for OpenAiModelsEndpoint { .map_err(|_| CodexErr::Timeout)? .map_err(map_api_error) } + + fn auth_env(&self) -> AuthEnvTelemetry { + let codex_api_key_env_enabled = self + .auth_manager + .as_ref() + .is_some_and(|auth_manager| auth_manager.codex_api_key_env_enabled()); + collect_auth_env_telemetry(&self.provider_info, codex_api_key_env_enabled) + } +} + +impl ModelsEndpointClient for OpenAiModelsEndpoint { + fn has_command_auth(&self) -> bool { + self.provider_info.has_command_auth() + } + + fn uses_codex_backend(&self) -> ModelsEndpointFuture<'_, bool> { + Box::pin(OpenAiModelsEndpoint::uses_codex_backend(self)) + } + + fn list_models<'a>( + &'a self, + client_version: &'a str, + ) -> ModelsEndpointFuture<'a, CoreResult<(Vec, Option)>> { + Box::pin(OpenAiModelsEndpoint::list_models(self, client_version)) + } } #[derive(Clone)] diff --git a/codex-rs/model-provider/src/provider.rs b/codex-rs/model-provider/src/provider.rs index e2ef3f3650e..f794d49f426 100644 --- a/codex-rs/model-provider/src/provider.rs +++ b/codex-rs/model-provider/src/provider.rs @@ -1,5 +1,7 @@ use std::fmt; +use std::future::Future; use std::path::PathBuf; +use std::pin::Pin; use std::sync::Arc; use codex_api::Provider; @@ -51,6 +53,7 @@ pub struct ProviderAccountState { #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum ProviderAccountError { MissingChatgptAccountDetails, + UnsupportedBedrockApiKeyAuth, } impl fmt::Display for ProviderAccountError { @@ -62,6 +65,12 @@ impl fmt::Display for ProviderAccountError { "email and plan type are required for chatgpt authentication" ) } + Self::UnsupportedBedrockApiKeyAuth => { + write!( + f, + "Bedrock API key auth is only supported by the Amazon Bedrock model provider" + ) + } } } } @@ -74,12 +83,19 @@ pub type ProviderAccountResult = std::result::Result &ModelProviderInfo; @@ -96,6 +112,20 @@ pub trait ModelProvider: fmt::Debug + Send + Sync { DEFAULT_APPROVAL_REVIEW_PREFERRED_MODEL } + /// Returns the preferred model used for memory extraction. + /// + /// Providers that require backend-specific model IDs should override this. + fn memory_extraction_preferred_model(&self) -> &'static str { + DEFAULT_MEMORY_EXTRACTION_PREFERRED_MODEL + } + + /// Returns the preferred model used for memory consolidation. + /// + /// Providers that require backend-specific model IDs should override this. + fn memory_consolidation_preferred_model(&self) -> &'static str { + DEFAULT_MEMORY_CONSOLIDATION_PREFERRED_MODEL + } + /// Returns whether requests made through this provider should include attestation. fn supports_attestation(&self) -> bool { false @@ -110,27 +140,35 @@ pub trait ModelProvider: fmt::Debug + Send + Sync { fn auth_manager(&self) -> Option>; /// Returns the current provider-scoped auth value, if one is configured. - async fn auth(&self) -> Option; + fn auth(&self) -> ModelProviderFuture<'_, Option>; /// Returns the current app-visible account state for this provider. fn account_state(&self) -> ProviderAccountResult; /// Returns provider configuration adapted for the API client. - async fn api_provider(&self) -> codex_protocol::error::Result { - let auth = self.auth().await; - self.info() - .to_api_provider(auth.as_ref().map(CodexAuth::auth_mode)) + fn api_provider(&self) -> ModelProviderFuture<'_, codex_protocol::error::Result> { + Box::pin(async move { + let auth = self.auth().await; + self.info() + .to_api_provider(auth.as_ref().map(CodexAuth::auth_mode)) + }) } /// Returns the provider base URL that will be used at request time. - async fn runtime_base_url(&self) -> codex_protocol::error::Result> { - Ok(self.info().base_url.clone()) + fn runtime_base_url( + &self, + ) -> ModelProviderFuture<'_, codex_protocol::error::Result>> { + Box::pin(async { Ok(self.info().base_url.clone()) }) } /// Returns the auth provider used to attach request credentials. - async fn api_auth(&self) -> codex_protocol::error::Result { - let auth = self.auth().await; - resolve_provider_auth(auth.as_ref(), self.info()) + fn api_auth( + &self, + ) -> ModelProviderFuture<'_, codex_protocol::error::Result> { + Box::pin(async move { + let auth = self.auth().await; + resolve_provider_auth(auth.as_ref(), self.info()) + }) } /// Creates the model manager implementation appropriate for this provider. @@ -141,6 +179,8 @@ pub trait ModelProvider: fmt::Debug + Send + Sync { ) -> SharedModelsManager; } +pub type ModelProviderFuture<'a, T> = Pin + Send + 'a>>; + /// Shared runtime model provider handle. pub type SharedModelProvider = Arc; @@ -150,7 +190,7 @@ pub fn create_model_provider( auth_manager: Option>, ) -> SharedModelProvider { if provider_info.is_amazon_bedrock() { - Arc::new(AmazonBedrockModelProvider::new(provider_info)) + Arc::new(AmazonBedrockModelProvider::new(provider_info, auth_manager)) } else { Arc::new(ConfiguredModelProvider::new(provider_info, auth_manager)) } @@ -173,7 +213,6 @@ impl ConfiguredModelProvider { } } -#[async_trait::async_trait] impl ModelProvider for ConfiguredModelProvider { fn info(&self) -> &ModelProviderInfo { &self.info @@ -190,11 +229,13 @@ impl ModelProvider for ConfiguredModelProvider { .is_some_and(|auth| auth.is_chatgpt_auth()) } - async fn auth(&self) -> Option { - match self.auth_manager.as_ref() { - Some(auth_manager) => auth_manager.auth().await, - None => None, - } + fn auth(&self) -> ModelProviderFuture<'_, Option> { + Box::pin(async move { + match self.auth_manager.as_ref() { + Some(auth_manager) => auth_manager.auth().await, + None => None, + } + }) } fn account_state(&self) -> ProviderAccountResult { @@ -210,9 +251,13 @@ impl ModelProvider for ConfiguredModelProvider { }) .map(|auth| match &auth { CodexAuth::ApiKey(_) => Ok(ProviderAccount::ApiKey), + CodexAuth::BedrockApiKey(_) => { + Err(ProviderAccountError::UnsupportedBedrockApiKeyAuth) + } CodexAuth::Chatgpt(_) | CodexAuth::ChatgptAuthTokens(_) - | CodexAuth::AgentIdentity(_) => { + | CodexAuth::AgentIdentity(_) + | CodexAuth::PersonalAccessToken(_) => { let email = auth.get_account_email(); let plan_type = auth.account_plan_type(); @@ -264,6 +309,7 @@ impl ModelProvider for ConfiguredModelProvider { mod tests { use std::num::NonZeroU64; + use codex_login::auth::BedrockApiKeyAuth; use codex_model_provider_info::ModelProviderAwsAuthInfo; use codex_model_provider_info::WireApi; use codex_models_manager::manager::RefreshStrategy; @@ -351,6 +397,13 @@ mod tests { .expect("valid model") } + fn bedrock_api_key_auth() -> CodexAuth { + CodexAuth::BedrockApiKey(BedrockApiKeyAuth { + api_key: "bedrock-api-key-test".to_string(), + region: "us-east-1".to_string(), + }) + } + #[test] fn configured_provider_uses_default_capabilities() { let provider = create_model_provider( @@ -419,6 +472,17 @@ mod tests { assert!(provider.auth_manager().is_none()); } + #[tokio::test] + async fn create_model_provider_uses_managed_auth_for_amazon_bedrock_provider() { + let auth = bedrock_api_key_auth(); + let provider = create_model_provider( + ModelProviderInfo::create_amazon_bedrock_provider(/*aws*/ None), + Some(AuthManager::from_auth_for_testing(auth.clone())), + ); + + assert_eq!(provider.auth().await, Some(auth)); + } + #[test] fn openai_provider_returns_unauthenticated_openai_account_state() { let provider = create_model_provider( @@ -453,6 +517,34 @@ mod tests { ); } + #[test] + fn openai_provider_rejects_chatgpt_account_state_without_email() { + let provider = create_model_provider( + ModelProviderInfo::create_openai_provider(/*base_url*/ None), + Some(AuthManager::from_auth_for_testing( + CodexAuth::create_dummy_chatgpt_auth_for_testing(), + )), + ); + + assert_eq!( + provider.account_state(), + Err(ProviderAccountError::MissingChatgptAccountDetails) + ); + } + + #[test] + fn openai_provider_rejects_bedrock_api_key_account_state() { + let provider = create_model_provider( + ModelProviderInfo::create_openai_provider(/*base_url*/ None), + Some(AuthManager::from_auth_for_testing(bedrock_api_key_auth())), + ); + + assert_eq!( + provider.account_state(), + Err(ProviderAccountError::UnsupportedBedrockApiKeyAuth) + ); + } + #[test] fn custom_non_openai_provider_returns_no_account_state() { let provider = create_model_provider( diff --git a/codex-rs/models-manager/Cargo.toml b/codex-rs/models-manager/Cargo.toml index f46bf2b285a..7a157fd1408 100644 --- a/codex-rs/models-manager/Cargo.toml +++ b/codex-rs/models-manager/Cargo.toml @@ -13,7 +13,6 @@ path = "src/lib.rs" workspace = true [dependencies] -async-trait = { workspace = true } chrono = { workspace = true, features = ["serde"] } codex-app-server-protocol = { workspace = true } codex-collaboration-mode-templates = { workspace = true } diff --git a/codex-rs/models-manager/src/manager.rs b/codex-rs/models-manager/src/manager.rs index ac4044ac202..e09518aa965 100644 --- a/codex-rs/models-manager/src/manager.rs +++ b/codex-rs/models-manager/src/manager.rs @@ -2,7 +2,6 @@ use super::cache::ModelsCacheManager; use crate::collaboration_mode_presets::builtin_collaboration_mode_presets; use crate::config::ModelsManagerConfig; use crate::model_info; -use async_trait::async_trait; use codex_app_server_protocol::AuthMode; use codex_login::AuthManager; use codex_protocol::config_types::CollaborationModeMask; @@ -12,7 +11,9 @@ use codex_protocol::openai_models::ModelPreset; use codex_protocol::openai_models::ModelVisibility; use codex_protocol::openai_models::ModelsResponse; use std::fmt; +use std::future::Future; use std::path::PathBuf; +use std::pin::Pin; use std::sync::Arc; use std::time::Duration; use tokio::sync::RwLock; @@ -29,21 +30,22 @@ const DEFAULT_MODEL_CACHE_TTL: Duration = Duration::from_secs(300); /// Implementations own provider-specific auth and transport details. The model /// manager owns refresh policy, cache behavior, and catalog merging; it calls /// this endpoint only when it decides a remote refresh should happen. -#[async_trait] pub trait ModelsEndpointClient: fmt::Debug + Send + Sync { /// Returns whether this provider can authenticate command-scoped requests. fn has_command_auth(&self) -> bool; /// Returns whether the currently resolved auth can use Codex backend-only models. - async fn uses_codex_backend(&self) -> bool; + fn uses_codex_backend(&self) -> ModelsEndpointFuture<'_, bool>; /// Fetches the latest remote model catalog and optional ETag. - async fn list_models( - &self, - client_version: &str, - ) -> CoreResult<(Vec, Option)>; + fn list_models<'a>( + &'a self, + client_version: &'a str, + ) -> ModelsEndpointFuture<'a, CoreResult<(Vec, Option)>>; } +pub type ModelsEndpointFuture<'a, T> = Pin + Send + 'a>>; + /// Strategy for refreshing available models. #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum RefreshStrategy { @@ -74,28 +76,34 @@ impl fmt::Display for RefreshStrategy { type SharedModelsEndpointClient = Arc; /// Coordinates model discovery plus cached metadata on disk. -#[async_trait] pub trait ModelsManager: fmt::Debug + Send + Sync { /// List all available models, refreshing according to the specified strategy. /// /// Returns model presets sorted by priority and filtered by auth mode and visibility. - async fn list_models(&self, refresh_strategy: RefreshStrategy) -> Vec { - async move { - let catalog = self.raw_model_catalog(refresh_strategy).await; - self.build_available_models(catalog.models) - } - .instrument(tracing::info_span!( - "list_models", - refresh_strategy = %refresh_strategy - )) - .await + fn list_models( + &self, + refresh_strategy: RefreshStrategy, + ) -> ModelsManagerFuture<'_, Vec> { + Box::pin( + async move { + let catalog = self.raw_model_catalog(refresh_strategy).await; + self.build_available_models(catalog.models) + } + .instrument(tracing::info_span!( + "list_models", + refresh_strategy = %refresh_strategy + )), + ) } /// Return the active raw model catalog, refreshing according to the specified strategy. - async fn raw_model_catalog(&self, refresh_strategy: RefreshStrategy) -> ModelsResponse; + fn raw_model_catalog( + &self, + refresh_strategy: RefreshStrategy, + ) -> ModelsManagerFuture<'_, ModelsResponse>; /// Return the current in-memory remote model catalog without refreshing or loading cache state. - async fn get_remote_models(&self) -> Vec; + fn get_remote_models(&self) -> ModelsManagerFuture<'_, Vec>; /// Attempt to return the current in-memory remote model catalog without blocking. /// @@ -138,42 +146,50 @@ pub trait ModelsManager: fmt::Debug + Send + Sync { /// /// If `model` is provided, returns it directly. Otherwise selects the default based on /// auth mode and available models. - async fn get_default_model( - &self, - model: &Option, + fn get_default_model<'a>( + &'a self, + model: &'a Option, refresh_strategy: RefreshStrategy, - ) -> String { - async move { - if let Some(model) = model.as_ref() { - return model.to_string(); + ) -> ModelsManagerFuture<'a, String> { + Box::pin( + async move { + if let Some(model) = model.as_ref() { + return model.to_string(); + } + default_model_from_available(self.list_models(refresh_strategy).await) } - default_model_from_available(self.list_models(refresh_strategy).await) - } - .instrument(tracing::info_span!( - "get_default_model", - model.provided = model.is_some(), - refresh_strategy = %refresh_strategy - )) - .await + .instrument(tracing::info_span!( + "get_default_model", + model.provided = model.is_some(), + refresh_strategy = %refresh_strategy + )), + ) } // todo(aibrahim): look if we can tighten it to pub(crate) /// Look up model metadata, applying remote overrides and config adjustments. - async fn get_model_info(&self, model: &str, config: &ModelsManagerConfig) -> ModelInfo { - async move { - let remote_models = self.get_remote_models().await; - construct_model_info_from_candidates(model, &remote_models, config) - } - .instrument(tracing::info_span!("get_model_info", model = model)) - .await + fn get_model_info<'a>( + &'a self, + model: &'a str, + config: &'a ModelsManagerConfig, + ) -> ModelsManagerFuture<'a, ModelInfo> { + Box::pin( + async move { + let remote_models = self.get_remote_models().await; + construct_model_info_from_candidates(model, &remote_models, config) + } + .instrument(tracing::info_span!("get_model_info", model = model)), + ) } /// Refresh models if the provided ETag differs from the cached ETag. /// /// Uses `Online` strategy to fetch latest models when ETags differ. - async fn refresh_if_new_etag(&self, etag: String); + fn refresh_if_new_etag(&self, etag: String) -> ModelsManagerFuture<'_, ()>; } +pub type ModelsManagerFuture<'a, T> = Pin + Send + 'a>>; + /// Shared model manager handle used across runtime services. pub type SharedModelsManager = Arc; @@ -224,19 +240,19 @@ impl StaticModelsManager { } } -#[async_trait] impl ModelsManager for OpenAiModelsManager { - async fn raw_model_catalog(&self, refresh_strategy: RefreshStrategy) -> ModelsResponse { - if let Err(err) = self.refresh_available_models(refresh_strategy).await { - error!("failed to refresh available models: {err}"); - } - ModelsResponse { - models: self.get_remote_models().await, - } + fn raw_model_catalog( + &self, + refresh_strategy: RefreshStrategy, + ) -> ModelsManagerFuture<'_, ModelsResponse> { + Box::pin(OpenAiModelsManager::raw_model_catalog( + self, + refresh_strategy, + )) } - async fn get_remote_models(&self) -> Vec { - self.remote_models.read().await.clone() + fn get_remote_models(&self) -> ModelsManagerFuture<'_, Vec> { + Box::pin(async move { self.remote_models.read().await.clone() }) } fn try_get_remote_models(&self) -> Result, TryLockError> { @@ -251,6 +267,21 @@ impl ModelsManager for OpenAiModelsManager { builtin_collaboration_mode_presets() } + fn refresh_if_new_etag(&self, etag: String) -> ModelsManagerFuture<'_, ()> { + Box::pin(OpenAiModelsManager::refresh_if_new_etag(self, etag)) + } +} + +impl OpenAiModelsManager { + async fn raw_model_catalog(&self, refresh_strategy: RefreshStrategy) -> ModelsResponse { + if let Err(err) = self.refresh_available_models(refresh_strategy).await { + error!("failed to refresh available models: {err}"); + } + ModelsResponse { + models: self.get_remote_models().await, + } + } + async fn refresh_if_new_etag(&self, etag: String) { let current_etag = self.get_etag().await; if current_etag.clone().is_some() && current_etag.as_deref() == Some(etag.as_str()) { @@ -263,9 +294,7 @@ impl ModelsManager for OpenAiModelsManager { error!("failed to refresh available models: {err}"); } } -} -impl OpenAiModelsManager { /// Refresh available models according to the specified strategy. async fn refresh_available_models(&self, refresh_strategy: RefreshStrategy) -> CoreResult<()> { if !self.should_refresh_models().await { @@ -328,10 +357,9 @@ impl OpenAiModelsManager { .iter() .any(|model| model.visibility == ModelVisibility::List) && self.auth_manager.as_ref().is_some_and(|auth_manager| { - matches!( - auth_manager.auth_mode(), - Some(AuthMode::Chatgpt | AuthMode::ChatgptAuthTokens) - ) + auth_manager + .auth_mode() + .is_some_and(AuthMode::has_chatgpt_account) }); if should_use_remote_models_only { *self.remote_models.write().await = models; @@ -379,16 +407,20 @@ impl OpenAiModelsManager { } } -#[async_trait] impl ModelsManager for StaticModelsManager { - async fn raw_model_catalog(&self, _refresh_strategy: RefreshStrategy) -> ModelsResponse { - ModelsResponse { - models: self.get_remote_models().await, - } + fn raw_model_catalog( + &self, + _refresh_strategy: RefreshStrategy, + ) -> ModelsManagerFuture<'_, ModelsResponse> { + Box::pin(async move { + ModelsResponse { + models: self.get_remote_models().await, + } + }) } - async fn get_remote_models(&self) -> Vec { - self.remote_models.clone() + fn get_remote_models(&self) -> ModelsManagerFuture<'_, Vec> { + Box::pin(async { self.remote_models.clone() }) } fn try_get_remote_models(&self) -> Result, TryLockError> { @@ -403,7 +435,9 @@ impl ModelsManager for StaticModelsManager { builtin_collaboration_mode_presets() } - async fn refresh_if_new_etag(&self, _etag: String) {} + fn refresh_if_new_etag(&self, _etag: String) -> ModelsManagerFuture<'_, ()> { + Box::pin(async {}) + } } fn load_remote_models_from_file() -> Result, std::io::Error> { diff --git a/codex-rs/models-manager/src/manager_tests.rs b/codex-rs/models-manager/src/manager_tests.rs index ede7cfe7958..a1dcdd3d44c 100644 --- a/codex-rs/models-manager/src/manager_tests.rs +++ b/codex-rs/models-manager/src/manager_tests.rs @@ -100,72 +100,77 @@ impl TestModelsEndpoint { fn fetch_count(&self) -> usize { self.fetch_count.load(Ordering::SeqCst) } + + async fn list_models(&self) -> CoreResult<(Vec, Option)> { + self.fetch_count.fetch_add(1, Ordering::SeqCst); + let models = self + .responses + .lock() + .expect("responses lock should not be poisoned") + .pop_front() + .unwrap_or_default(); + Ok((models, None)) + } } #[derive(Debug)] struct TestExternalApiKeyAuth; -#[async_trait] impl ExternalAuth for TestExternalApiKeyAuth { fn auth_mode(&self) -> AuthMode { AuthMode::ApiKey } - async fn resolve(&self) -> std::io::Result> { - Ok(Some(ExternalAuthTokens::access_token_only( - "test-external-api-key", - ))) + fn resolve(&self) -> codex_login::ExternalAuthFuture<'_, Option> { + Box::pin(async { + Ok(Some(ExternalAuthTokens::access_token_only( + "test-external-api-key", + ))) + }) } - async fn refresh( + fn refresh( &self, _context: ExternalAuthRefreshContext, - ) -> std::io::Result { - Ok(ExternalAuthTokens::access_token_only( - "test-external-api-key", - )) + ) -> codex_login::ExternalAuthFuture<'_, ExternalAuthTokens> { + Box::pin(async { + Ok(ExternalAuthTokens::access_token_only( + "test-external-api-key", + )) + }) } } #[derive(Debug)] struct TestUnresolvedExternalApiKeyAuth; -#[async_trait] impl ExternalAuth for TestUnresolvedExternalApiKeyAuth { fn auth_mode(&self) -> AuthMode { AuthMode::ApiKey } - async fn refresh( + fn refresh( &self, _context: ExternalAuthRefreshContext, - ) -> std::io::Result { - Err(std::io::Error::other("unresolved test auth")) + ) -> codex_login::ExternalAuthFuture<'_, ExternalAuthTokens> { + Box::pin(async { Err(std::io::Error::other("unresolved test auth")) }) } } -#[async_trait] impl ModelsEndpointClient for TestModelsEndpoint { fn has_command_auth(&self) -> bool { self.has_command_auth } - async fn uses_codex_backend(&self) -> bool { - self.uses_codex_backend + fn uses_codex_backend(&self) -> ModelsEndpointFuture<'_, bool> { + Box::pin(async { self.uses_codex_backend }) } - async fn list_models( - &self, - _client_version: &str, - ) -> CoreResult<(Vec, Option)> { - self.fetch_count.fetch_add(1, Ordering::SeqCst); - let models = self - .responses - .lock() - .expect("responses lock should not be poisoned") - .pop_front() - .unwrap_or_default(); - Ok((models, None)) + fn list_models<'a>( + &'a self, + _client_version: &'a str, + ) -> ModelsEndpointFuture<'a, CoreResult<(Vec, Option)>> { + Box::pin(TestModelsEndpoint::list_models(self)) } } @@ -211,6 +216,8 @@ c2ln", }), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; std::fs::create_dir_all(codex_home).expect("codex home should be created"); std::fs::write( @@ -711,13 +718,6 @@ impl TestAuthAwareModelsEndpoint { fn fetch_count(&self) -> usize { self.fetch_count.load(Ordering::SeqCst) } -} - -#[async_trait] -impl ModelsEndpointClient for TestAuthAwareModelsEndpoint { - fn has_command_auth(&self) -> bool { - false - } async fn uses_codex_backend(&self) -> bool { match self.auth_manager.as_ref() { @@ -730,10 +730,7 @@ impl ModelsEndpointClient for TestAuthAwareModelsEndpoint { } } - async fn list_models( - &self, - _client_version: &str, - ) -> CoreResult<(Vec, Option)> { + async fn list_models(&self) -> CoreResult<(Vec, Option)> { self.fetch_count.fetch_add(1, Ordering::SeqCst); let models = self .responses @@ -745,6 +742,23 @@ impl ModelsEndpointClient for TestAuthAwareModelsEndpoint { } } +impl ModelsEndpointClient for TestAuthAwareModelsEndpoint { + fn has_command_auth(&self) -> bool { + false + } + + fn uses_codex_backend(&self) -> ModelsEndpointFuture<'_, bool> { + Box::pin(TestAuthAwareModelsEndpoint::uses_codex_backend(self)) + } + + fn list_models<'a>( + &'a self, + _client_version: &'a str, + ) -> ModelsEndpointFuture<'a, CoreResult<(Vec, Option)>> { + Box::pin(TestAuthAwareModelsEndpoint::list_models(self)) + } +} + #[tokio::test] async fn refresh_available_models_skips_network_when_external_api_key_overrides_chatgpt_auth() { let dynamic_slug = "dynamic-model-only-for-test-external-api-key"; diff --git a/codex-rs/models-manager/src/model_info.rs b/codex-rs/models-manager/src/model_info.rs index 58137a3f500..566953dfc2d 100644 --- a/codex-rs/models-manager/src/model_info.rs +++ b/codex-rs/models-manager/src/model_info.rs @@ -94,11 +94,13 @@ pub fn model_info_from_slug(slug: &str) -> ModelInfo { context_window: Some(272_000), max_context_window: Some(272_000), auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: default_input_modalities(), used_fallback_model_metadata: true, // this is the fallback model metadata supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/network-proxy/Cargo.toml b/codex-rs/network-proxy/Cargo.toml index a4000383827..cd32ff92b22 100644 --- a/codex-rs/network-proxy/Cargo.toml +++ b/codex-rs/network-proxy/Cargo.toml @@ -14,7 +14,6 @@ workspace = true [dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } base64 = { workspace = true } clap = { workspace = true, features = ["derive"] } chrono = { workspace = true } diff --git a/codex-rs/network-proxy/README.md b/codex-rs/network-proxy/README.md index 300cd3fcb02..d5d0730227c 100644 --- a/codex-rs/network-proxy/README.md +++ b/codex-rs/network-proxy/README.md @@ -107,9 +107,9 @@ When a request is blocked, the proxy responds with `403` and includes: - `blocked-by-method-policy` - `blocked-by-policy` -In "limited" mode, only `GET`, `HEAD`, and `OPTIONS` are allowed. HTTPS `CONNECT` requests require -MITM to enforce limited-mode method policy; otherwise they are blocked. SOCKS5 remains blocked in -limited mode. +In "limited" mode, only `GET`, `HEAD`, and `OPTIONS` are allowed. HTTPS `CONNECT` requests and +HTTPS SOCKS5 TCP targets on `:443` require MITM to enforce limited-mode method policy; otherwise +they are blocked. SOCKS5 UDP and non-HTTPS SOCKS5 TCP remain blocked in limited mode. Websocket clients typically tunnel `wss://` through HTTPS `CONNECT`; those CONNECT targets still go through the same host allowlist/denylist checks. @@ -215,7 +215,8 @@ what it can reasonably guarantee. allowlisted (best-effort DNS lookup). - Limited mode enforcement: - only `GET`, `HEAD`, and `OPTIONS` are allowed - - HTTPS `CONNECT` remains a tunnel; limited-mode method enforcement does not apply to HTTPS + - HTTPS `CONNECT` requests and HTTPS SOCKS5 TCP targets on `:443` require MITM so the proxy can + enforce limited-mode method policy; SOCKS5 UDP and non-HTTPS SOCKS5 TCP remain blocked - Listener safety defaults: - the HTTP proxy listener clamps non-loopback binds unless explicitly enabled via `dangerously_allow_non_loopback_proxy` diff --git a/codex-rs/network-proxy/src/config.rs b/codex-rs/network-proxy/src/config.rs index 0b0a8233f5f..d9cef46b15d 100644 --- a/codex-rs/network-proxy/src/config.rs +++ b/codex-rs/network-proxy/src/config.rs @@ -276,7 +276,7 @@ impl NetworkProxySettings { pub enum NetworkMode { /// Limited (read-only) access: only GET/HEAD/OPTIONS are allowed for HTTP. HTTPS CONNECT is /// blocked unless MITM is enabled so the proxy can enforce method policy on inner requests. - /// SOCKS5 remains blocked in limited mode. + /// SOCKS5 UDP and non-HTTPS SOCKS5 TCP remain blocked in limited mode. Limited, /// Full network access: all HTTP methods are allowed. HTTPS CONNECTs are tunneled directly. /// MITM hooks do not currently make full mode enter MITM. diff --git a/codex-rs/network-proxy/src/lib.rs b/codex-rs/network-proxy/src/lib.rs index 9ad16f8ecc4..e80b154a5ea 100644 --- a/codex-rs/network-proxy/src/lib.rs +++ b/codex-rs/network-proxy/src/lib.rs @@ -34,6 +34,7 @@ pub use mitm_hook::MitmHookMatchConfig; pub use network_policy::NetworkDecision; pub use network_policy::NetworkDecisionSource; pub use network_policy::NetworkPolicyDecider; +pub use network_policy::NetworkPolicyDeciderFuture; pub use network_policy::NetworkPolicyDecision; pub use network_policy::NetworkPolicyRequest; pub use network_policy::NetworkPolicyRequestArgs; @@ -59,7 +60,9 @@ pub use proxy::proxy_url_env_value; pub use runtime::BlockedRequest; pub use runtime::BlockedRequestArgs; pub use runtime::BlockedRequestObserver; +pub use runtime::BlockedRequestObserverFuture; pub use runtime::ConfigReloader; +pub use runtime::ConfigReloaderFuture; pub use runtime::ConfigState; pub use runtime::NetworkProxyState; pub use state::NetworkProxyAuditMetadata; diff --git a/codex-rs/network-proxy/src/mitm.rs b/codex-rs/network-proxy/src/mitm.rs index 9ee5bfc253e..345c5b50329 100644 --- a/codex-rs/network-proxy/src/mitm.rs +++ b/codex-rs/network-proxy/src/mitm.rs @@ -21,10 +21,12 @@ use rama_core::Layer; use rama_core::Service; use rama_core::bytes::Bytes; use rama_core::error::BoxError; +use rama_core::extensions::ExtensionsMut; use rama_core::extensions::ExtensionsRef; -use rama_core::futures::stream::Stream; +use rama_core::futures::stream::Stream as FuturesStream; use rama_core::rt::Executor; use rama_core::service::service_fn; +use rama_core::stream::Stream; use rama_http::Body; use rama_http::BodyDataStream; use rama_http::HeaderMap; @@ -135,17 +137,25 @@ impl MitmState { /// Terminate the upgraded CONNECT stream with a generated leaf cert and proxy inner HTTPS traffic. pub(crate) async fn mitm_tunnel(upgraded: Upgraded) -> Result<()> { - let mitm = upgraded + mitm_stream(upgraded).await +} + +/// Terminate a raw client stream with a generated leaf cert and proxy inner HTTPS traffic. +pub(crate) async fn mitm_stream(stream: S) -> Result<()> +where + S: Stream + Unpin + ExtensionsMut, +{ + let mitm = stream .extensions() .get::>() .cloned() .context("missing MITM state")?; - let app_state = upgraded + let app_state = stream .extensions() .get::>() .cloned() .context("missing app state")?; - let target = upgraded + let target = stream .extensions() .get::() .context("missing proxy target")? @@ -154,7 +164,7 @@ pub(crate) async fn mitm_tunnel(upgraded: Upgraded) -> Result<()> { let target_host = normalize_host(&target.host.to_string()); let target_port = target.port; let acceptor_data = mitm.tls_acceptor_data_for_host(&target_host)?; - let mode = upgraded + let mode = stream .extensions() .get::() .copied() @@ -169,7 +179,7 @@ pub(crate) async fn mitm_tunnel(upgraded: Upgraded) -> Result<()> { mitm, }); - let executor = upgraded + let executor = stream .extensions() .get::() .cloned() @@ -194,7 +204,7 @@ pub(crate) async fn mitm_tunnel(upgraded: Upgraded) -> Result<()> { .into_layer(http_service); https_service - .serve(upgraded) + .serve(stream) .await .map_err(|err| anyhow!("MITM serve error: {err}"))?; Ok(()) @@ -456,7 +466,7 @@ struct InspectStream { max_body_bytes: usize, } -impl Stream for InspectStream { +impl FuturesStream for InspectStream { type Item = Result; fn poll_next(self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll> { diff --git a/codex-rs/network-proxy/src/network_policy.rs b/codex-rs/network-proxy/src/network_policy.rs index 936abf3e211..18bca2c9169 100644 --- a/codex-rs/network-proxy/src/network_policy.rs +++ b/codex-rs/network-proxy/src/network_policy.rs @@ -3,10 +3,10 @@ use crate::runtime::HostBlockDecision; use crate::runtime::HostBlockReason; use crate::state::NetworkProxyState; use anyhow::Result; -use async_trait::async_trait; use chrono::SecondsFormat; use chrono::Utc; use std::future::Future; +use std::pin::Pin; use std::sync::Arc; const AUDIT_TARGET: &str = "codex_otel.network_proxy"; @@ -263,26 +263,26 @@ fn audit_timestamp() -> String { /// If `command` or `exec_policy_hint` is provided, callers can map exec-policy /// approvals to network access (e.g., allow all requests for commands matching /// approved prefixes like `curl *`). -#[async_trait] pub trait NetworkPolicyDecider: Send + Sync + 'static { - async fn decide(&self, req: NetworkPolicyRequest) -> NetworkDecision; + fn decide(&self, req: NetworkPolicyRequest) -> NetworkPolicyDeciderFuture<'_>; } -#[async_trait] +pub type NetworkPolicyDeciderFuture<'a> = + Pin + Send + 'a>>; + impl NetworkPolicyDecider for Arc { - async fn decide(&self, req: NetworkPolicyRequest) -> NetworkDecision { - (**self).decide(req).await + fn decide(&self, req: NetworkPolicyRequest) -> NetworkPolicyDeciderFuture<'_> { + Box::pin(async move { (**self).decide(req).await }) } } -#[async_trait] impl NetworkPolicyDecider for F where F: Fn(NetworkPolicyRequest) -> Fut + Send + Sync + 'static, - Fut: Future + Send, + Fut: Future + Send + 'static, { - async fn decide(&self, req: NetworkPolicyRequest) -> NetworkDecision { - (self)(req).await + fn decide(&self, req: NetworkPolicyRequest) -> NetworkPolicyDeciderFuture<'_> { + Box::pin((self)(req)) } } @@ -541,6 +541,7 @@ mod tests { use crate::reasons::REASON_NOT_ALLOWED; use crate::reasons::REASON_NOT_ALLOWED_LOCAL; use crate::runtime::ConfigReloader; + use crate::runtime::ConfigReloaderFuture; use crate::runtime::ConfigState; use crate::runtime::NetworkProxyAuditMetadata; use crate::state::NetworkProxyConstraints; @@ -560,14 +561,13 @@ mod tests { state: ConfigState, } - #[async_trait] impl ConfigReloader for StaticReloader { - async fn maybe_reload(&self) -> anyhow::Result> { - Ok(None) + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(async { Ok(None) }) } - async fn reload_now(&self) -> anyhow::Result { - Ok(self.state.clone()) + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(async { Ok(self.state.clone()) }) } fn source_label(&self) -> String { diff --git a/codex-rs/network-proxy/src/runtime.rs b/codex-rs/network-proxy/src/runtime.rs index 60894d5d5b2..e721d0de708 100644 --- a/codex-rs/network-proxy/src/runtime.rs +++ b/codex-rs/network-proxy/src/runtime.rs @@ -20,7 +20,6 @@ use crate::state::build_config_state; use crate::state::validate_policy_against_constraints; use anyhow::Context; use anyhow::Result; -use async_trait::async_trait; use codex_utils_absolute_path::AbsolutePathBuf; use globset::GlobSet; use serde::Serialize; @@ -30,6 +29,7 @@ use std::future::Future; use std::net::IpAddr; use std::net::SocketAddr; use std::path::Path; +use std::pin::Pin; use std::sync::Arc; use std::time::Duration; use time::OffsetDateTime; @@ -168,38 +168,38 @@ pub struct ConfigState { pub blocked_total: u64, } -#[async_trait] pub trait ConfigReloader: Send + Sync { /// Human-readable description of where config is loaded from, for logs. fn source_label(&self) -> String; /// Return a freshly loaded state if a reload is needed; otherwise, return `None`. - async fn maybe_reload(&self) -> Result>; + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option>; /// Force a reload, regardless of whether a change was detected. - async fn reload_now(&self) -> Result; + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState>; } -#[async_trait] +pub type ConfigReloaderFuture<'a, T> = Pin> + Send + 'a>>; + pub trait BlockedRequestObserver: Send + Sync + 'static { - async fn on_blocked_request(&self, request: BlockedRequest); + fn on_blocked_request(&self, request: BlockedRequest) -> BlockedRequestObserverFuture<'_>; } -#[async_trait] +pub type BlockedRequestObserverFuture<'a> = Pin + Send + 'a>>; + impl BlockedRequestObserver for Arc { - async fn on_blocked_request(&self, request: BlockedRequest) { - (**self).on_blocked_request(request).await + fn on_blocked_request(&self, request: BlockedRequest) -> BlockedRequestObserverFuture<'_> { + Box::pin(async move { (**self).on_blocked_request(request).await }) } } -#[async_trait] impl BlockedRequestObserver for F where F: Fn(BlockedRequest) -> Fut + Send + Sync + 'static, - Fut: Future + Send, + Fut: Future + Send + 'static, { - async fn on_blocked_request(&self, request: BlockedRequest) { - (self)(request).await + fn on_blocked_request(&self, request: BlockedRequest) -> BlockedRequestObserverFuture<'_> { + Box::pin((self)(request)) } } @@ -891,18 +891,17 @@ pub(crate) fn network_proxy_state_for_policy( struct NoopReloader; #[cfg(test)] -#[async_trait] impl ConfigReloader for NoopReloader { fn source_label(&self) -> String { "test config state".to_string() } - async fn maybe_reload(&self) -> Result> { - Ok(None) + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(async { Ok(None) }) } - async fn reload_now(&self) -> Result { - Err(anyhow::anyhow!("force reload is not supported in tests")) + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(async { Err(anyhow::anyhow!("force reload is not supported in tests")) }) } } diff --git a/codex-rs/network-proxy/src/socks5.rs b/codex-rs/network-proxy/src/socks5.rs index 8369c4da80d..6e600d2025a 100644 --- a/codex-rs/network-proxy/src/socks5.rs +++ b/codex-rs/network-proxy/src/socks5.rs @@ -1,5 +1,6 @@ use crate::config::NetworkMode; use crate::connect_policy::TargetCheckedTcpConnector; +use crate::mitm; use crate::network_policy::BlockDecisionAuditEventArgs; use crate::network_policy::NetworkDecision; use crate::network_policy::NetworkDecisionSource; @@ -24,10 +25,17 @@ use anyhow::Result; use rama_core::Layer; use rama_core::Service; use rama_core::error::BoxError; +use rama_core::extensions::Extensions; +use rama_core::extensions::ExtensionsMut; use rama_core::extensions::ExtensionsRef; use rama_core::layer::AddInputExtensionLayer; use rama_core::service::service_fn; +use rama_net::address::HostWithPort; use rama_net::client::EstablishedClientConnection; +use rama_net::proxy::ProxyRequest; +use rama_net::proxy::ProxyTarget; +use rama_net::proxy::StreamForwardService; +use rama_net::stream::Socket; use rama_net::stream::SocketInfo; use rama_socks5::Socks5Acceptor; use rama_socks5::server::DefaultConnector; @@ -40,8 +48,14 @@ use rama_tcp::server::TcpListener; use std::io; use std::net::SocketAddr; use std::net::TcpListener as StdTcpListener; +use std::pin::Pin; use std::sync::Arc; +use std::task::Context as TaskContext; +use std::task::Poll; use std::time::Instant; +use tokio::io::AsyncRead; +use tokio::io::AsyncWrite; +use tokio::io::ReadBuf; use tracing::error; use tracing::info; use tracing::warn; @@ -88,7 +102,9 @@ async fn run_socks5_with_listener( match state.network_mode().await { Ok(NetworkMode::Limited) => { - info!("SOCKS5 is blocked in limited mode; set mode=\"full\" to allow SOCKS5"); + info!( + "SOCKS5 UDP and non-HTTPS SOCKS5 TCP are blocked in limited mode; HTTPS SOCKS5 TCP requires MITM inspection" + ); } Ok(NetworkMode::Full) => {} Err(err) => { @@ -106,7 +122,10 @@ async fn run_socks5_with_listener( } }); - let socks_connector = DefaultConnector::default().with_connector(policy_tcp_connector); + let socks_proxy = service_fn(|request| async move { proxy_socks5_tcp(request).await }); + let socks_connector = DefaultConnector::default() + .with_connector(policy_tcp_connector) + .with_service(socks_proxy); let base = Socks5Acceptor::new().with_connector(socks_connector); if enable_socks5_udp { @@ -135,7 +154,7 @@ async fn handle_socks5_tcp( req: TcpRequest, tcp_connector: TargetCheckedTcpConnector, policy_decider: Option>, -) -> Result, BoxError> { +) -> Result, BoxError> { let app_state = req .extensions() .get::>() @@ -144,6 +163,7 @@ async fn handle_socks5_tcp( let host = normalize_host(&req.authority.host.to_string()); let port = req.authority.port; + let target = req.authority.clone(); if host.is_empty() { return Err(io::Error::new(io::ErrorKind::InvalidInput, "invalid host").into()); } @@ -196,94 +216,52 @@ async fn handle_socks5_tcp( } } - match app_state.network_mode().await { - Ok(NetworkMode::Limited) => { - emit_socks_block_decision_audit_event( - &app_state, - NetworkDecisionSource::ModeGuard, - REASON_METHOD_NOT_ALLOWED, - NetworkProtocol::Socks5Tcp, - host.as_str(), - port, - client.as_deref(), - ); - let details = PolicyDecisionDetails { - decision: NetworkPolicyDecision::Deny, - reason: REASON_METHOD_NOT_ALLOWED, - source: NetworkDecisionSource::ModeGuard, - protocol: NetworkProtocol::Socks5Tcp, - host: &host, - port, - }; - let _ = app_state - .record_blocked(BlockedRequest::new(BlockedRequestArgs { - host: host.clone(), - reason: REASON_METHOD_NOT_ALLOWED.to_string(), - client: client.clone(), - method: None, - mode: Some(NetworkMode::Limited), - protocol: "socks5".to_string(), - decision: Some(details.decision.as_str().to_string()), - source: Some(details.source.as_str().to_string()), - port: Some(port), - })) - .await; - let client = client.as_deref().unwrap_or_default(); - warn!( - "SOCKS blocked by method policy (client={client}, host={host}, mode=limited, allowed_methods=GET, HEAD, OPTIONS)" - ); - return Err(policy_denied_error(REASON_METHOD_NOT_ALLOWED, &details).into()); - } - Ok(NetworkMode::Full) => {} + let mode = match app_state.network_mode().await { + Ok(mode) => mode, Err(err) => { error!("failed to evaluate method policy: {err}"); return Err(io::Error::other("proxy error").into()); } - } - - match app_state.host_has_mitm_hooks(&host).await { - Ok(true) => { - emit_socks_block_decision_audit_event( - &app_state, - NetworkDecisionSource::ModeGuard, - REASON_MITM_REQUIRED, - NetworkProtocol::Socks5Tcp, - host.as_str(), - port, - client.as_deref(), - ); - let details = PolicyDecisionDetails { - decision: NetworkPolicyDecision::Deny, - reason: REASON_MITM_REQUIRED, - source: NetworkDecisionSource::ModeGuard, - protocol: NetworkProtocol::Socks5Tcp, - host: &host, - port, - }; - let _ = app_state - .record_blocked(BlockedRequest::new(BlockedRequestArgs { - host: host.clone(), - reason: REASON_MITM_REQUIRED.to_string(), - client: client.clone(), - method: None, - mode: Some(NetworkMode::Full), - protocol: "socks5".to_string(), - decision: Some(details.decision.as_str().to_string()), - source: Some(details.source.as_str().to_string()), - port: Some(port), - })) - .await; - let client = client.as_deref().unwrap_or_default(); - warn!( - "SOCKS blocked; MITM required to enforce HTTPS policy (client={client}, host={host}, mode=full)" - ); - return Err(policy_denied_error(REASON_MITM_REQUIRED, &details).into()); - } - Ok(false) => {} - Err(err) => { - error!("failed to inspect MITM hooks for {host}: {err}"); - return Err(io::Error::other("proxy error").into()); - } + }; + // SOCKS5 only exposes host and port, so only the default HTTPS port is identifiable as a + // TLS stream that the HTTPS MITM path can safely terminate. + let socks5_tcp_target_is_https = port == 443; + if mode == NetworkMode::Limited && !socks5_tcp_target_is_https { + emit_socks_block_decision_audit_event( + &app_state, + NetworkDecisionSource::ModeGuard, + REASON_METHOD_NOT_ALLOWED, + NetworkProtocol::Socks5Tcp, + host.as_str(), + port, + client.as_deref(), + ); + let details = PolicyDecisionDetails { + decision: NetworkPolicyDecision::Deny, + reason: REASON_METHOD_NOT_ALLOWED, + source: NetworkDecisionSource::ModeGuard, + protocol: NetworkProtocol::Socks5Tcp, + host: &host, + port, + }; + let _ = app_state + .record_blocked(BlockedRequest::new(BlockedRequestArgs { + host: host.clone(), + reason: REASON_METHOD_NOT_ALLOWED.to_string(), + client: client.clone(), + method: None, + mode: Some(NetworkMode::Limited), + protocol: "socks5".to_string(), + decision: Some(details.decision.as_str().to_string()), + source: Some(details.source.as_str().to_string()), + port: Some(port), + })) + .await; + let client = client.as_deref().unwrap_or_default(); + warn!( + "SOCKS blocked; limited mode only supports HTTPS MITM (client={client}, host={host}, port={port})" + ); + return Err(policy_denied_error(REASON_METHOD_NOT_ALLOWED, &details).into()); } let request = NetworkPolicyRequest::new(NetworkPolicyRequestArgs { @@ -337,9 +315,85 @@ async fn handle_socks5_tcp( } } + let host_has_mitm_hooks = match app_state.host_has_mitm_hooks(&host).await { + Ok(has_hooks) => has_hooks, + Err(err) => { + error!("failed to inspect MITM hooks for {host}: {err}"); + return Err(io::Error::other("proxy error").into()); + } + }; + let mitm_state = match app_state.mitm_state().await { + Ok(state) => state, + Err(err) => { + error!("failed to load MITM state: {err}"); + return Err(io::Error::other("proxy error").into()); + } + }; + let socks_needs_mitm = + socks5_tcp_target_is_https && (mode == NetworkMode::Limited || host_has_mitm_hooks); + if (host_has_mitm_hooks && !socks5_tcp_target_is_https) + || (socks_needs_mitm && mitm_state.is_none()) + { + emit_socks_block_decision_audit_event( + &app_state, + NetworkDecisionSource::ModeGuard, + REASON_MITM_REQUIRED, + NetworkProtocol::Socks5Tcp, + host.as_str(), + port, + client.as_deref(), + ); + let details = PolicyDecisionDetails { + decision: NetworkPolicyDecision::Deny, + reason: REASON_MITM_REQUIRED, + source: NetworkDecisionSource::ModeGuard, + protocol: NetworkProtocol::Socks5Tcp, + host: &host, + port, + }; + let _ = app_state + .record_blocked(BlockedRequest::new(BlockedRequestArgs { + host: host.clone(), + reason: REASON_MITM_REQUIRED.to_string(), + client: client.clone(), + method: None, + mode: Some(mode), + protocol: "socks5".to_string(), + decision: Some(details.decision.as_str().to_string()), + source: Some(details.source.as_str().to_string()), + port: Some(port), + })) + .await; + let client = client.as_deref().unwrap_or_default(); + warn!( + "SOCKS blocked; MITM required to enforce HTTPS policy (client={client}, host={host}, mode={mode:?}, hooked_host={host_has_mitm_hooks}, https_target={socks5_tcp_target_is_https})" + ); + return Err(policy_denied_error(REASON_MITM_REQUIRED, &details).into()); + } + + if socks_needs_mitm && let Some(mitm_state) = mitm_state { + let client = client.as_deref().unwrap_or_default(); + info!("SOCKS MITM enabled (client={client}, host={host}, port={port}, mode={mode:?})"); + return Ok(EstablishedClientConnection { + input: req, + conn: Socks5TcpConnection::Mitm { + target, + mode, + mitm: mitm_state, + extensions: Extensions::new(), + }, + }); + } + info!("SOCKS upstream dial started (host={host}, port={port})"); let connect_started_at = Instant::now(); - let result = tcp_connector.serve(req).await; + let result = tcp_connector.serve(req).await.map(|connection| { + let EstablishedClientConnection { input, conn } = connection; + EstablishedClientConnection { + input, + conn: Socks5TcpConnection::Direct(conn), + } + }); match &result { Ok(_) => info!( "SOCKS upstream dial established (host={host}, port={port}, elapsed_ms={})", @@ -353,6 +407,113 @@ async fn handle_socks5_tcp( result } +/// Internal connector output for SOCKS5 TCP. MITM requests do not dial upstream before the +/// inner HTTPS request is inspected, so they carry the target metadata instead of a socket. +#[derive(Debug)] +enum Socks5TcpConnection { + Direct(TcpStream), + Mitm { + target: HostWithPort, + mode: NetworkMode, + mitm: Arc, + extensions: Extensions, + }, +} + +impl AsyncRead for Socks5TcpConnection { + fn poll_read( + self: Pin<&mut Self>, + cx: &mut TaskContext<'_>, + buf: &mut ReadBuf<'_>, + ) -> Poll> { + match self.get_mut() { + Self::Direct(stream) => Pin::new(stream).poll_read(cx, buf), + Self::Mitm { .. } => Poll::Ready(Ok(())), + } + } +} + +impl AsyncWrite for Socks5TcpConnection { + fn poll_write( + self: Pin<&mut Self>, + cx: &mut TaskContext<'_>, + buf: &[u8], + ) -> Poll> { + match self.get_mut() { + Self::Direct(stream) => Pin::new(stream).poll_write(cx, buf), + Self::Mitm { .. } => Poll::Ready(Ok(buf.len())), + } + } + + fn poll_flush(self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll> { + match self.get_mut() { + Self::Direct(stream) => Pin::new(stream).poll_flush(cx), + Self::Mitm { .. } => Poll::Ready(Ok(())), + } + } + + fn poll_shutdown(self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll> { + match self.get_mut() { + Self::Direct(stream) => Pin::new(stream).poll_shutdown(cx), + Self::Mitm { .. } => Poll::Ready(Ok(())), + } + } +} + +impl Socket for Socks5TcpConnection { + fn local_addr(&self) -> io::Result { + match self { + Self::Direct(stream) => stream.local_addr(), + Self::Mitm { .. } => Ok(SocketAddr::from(([0, 0, 0, 0], 0))), + } + } + + fn peer_addr(&self) -> io::Result { + match self { + Self::Direct(stream) => stream.peer_addr(), + Self::Mitm { .. } => Ok(SocketAddr::from(([0, 0, 0, 0], 0))), + } + } +} + +impl ExtensionsRef for Socks5TcpConnection { + fn extensions(&self) -> &Extensions { + match self { + Self::Direct(stream) => stream.extensions(), + Self::Mitm { extensions, .. } => extensions, + } + } +} + +impl ExtensionsMut for Socks5TcpConnection { + fn extensions_mut(&mut self) -> &mut Extensions { + match self { + Self::Direct(stream) => stream.extensions_mut(), + Self::Mitm { extensions, .. } => extensions, + } + } +} + +async fn proxy_socks5_tcp( + request: ProxyRequest, +) -> Result<(), BoxError> { + let ProxyRequest { mut source, target } = request; + match target { + Socks5TcpConnection::Direct(target) => StreamForwardService::default() + .serve(ProxyRequest { source, target }) + .await + .map_err(Into::into), + Socks5TcpConnection::Mitm { + target, mode, mitm, .. + } => { + source.extensions_mut().insert(ProxyTarget(target)); + source.extensions_mut().insert(mode); + source.extensions_mut().insert(mitm); + mitm::mitm_stream(source).await.map_err(Into::into) + } + } +} + async fn inspect_socks5_udp( request: RelayRequest, state: Arc, @@ -553,11 +714,10 @@ mod tests { use crate::network_policy::test_support::capture_events; use crate::network_policy::test_support::find_event_by_name; use crate::runtime::ConfigReloader; + use crate::runtime::ConfigReloaderFuture; use crate::runtime::ConfigState; - use crate::runtime::network_proxy_state_for_policy; use crate::state::NetworkProxyConstraints; use crate::state::build_config_state; - use async_trait::async_trait; use pretty_assertions::assert_eq; use rama_core::extensions::Extensions; use rama_core::extensions::ExtensionsMut; @@ -567,20 +727,24 @@ mod tests { use std::net::IpAddr; use std::net::Ipv4Addr; use std::sync::Arc; + use std::sync::Mutex; + + // Managed MITM CA files live under the shared test CODEX_HOME, so MITM-enabled config state + // must be materialized one test at a time. + static MITM_CONFIG_STATE_LOCK: Mutex<()> = Mutex::new(()); #[derive(Clone)] struct StaticReloader { state: ConfigState, } - #[async_trait] impl ConfigReloader for StaticReloader { - async fn maybe_reload(&self) -> anyhow::Result> { - Ok(None) + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(async { Ok(None) }) } - async fn reload_now(&self) -> anyhow::Result { - Ok(self.state.clone()) + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(async { Ok(self.state.clone()) }) } fn source_label(&self) -> String { @@ -590,6 +754,10 @@ mod tests { fn state_for_settings(network: NetworkProxySettings) -> Arc { let config = NetworkProxyConfig { network }; + let _mitm_config_state_guard = config + .network + .mitm + .then(|| MITM_CONFIG_STATE_LOCK.lock().unwrap()); let state = build_config_state(config, NetworkProxyConstraints::default()).unwrap(); let reloader = Arc::new(StaticReloader { state: state.clone(), @@ -639,43 +807,56 @@ mod tests { } #[tokio::test(flavor = "current_thread")] - async fn handle_socks5_tcp_blocks_hooked_host_in_full_mode() { - let state = Arc::new(network_proxy_state_for_policy(NetworkProxySettings { + async fn handle_socks5_tcp_uses_mitm_in_limited_mode() { + let mut settings = NetworkProxySettings { enabled: true, - mode: NetworkMode::Full, + mode: NetworkMode::Limited, mitm: true, - mitm_hooks: vec![MitmHookConfig { - host: "api.github.com".to_string(), - matcher: MitmHookMatchConfig { - methods: vec!["GET".to_string()], - path_prefixes: vec!["/".to_string()], - ..MitmHookMatchConfig::default() - }, - ..MitmHookConfig::default() - }], ..NetworkProxySettings::default() - })); + }; + settings.set_allowed_domains(vec!["example.com".to_string()]); + let state = state_for_settings(settings); let mut request = - TcpRequest::new(HostWithPort::try_from("api.github.com:443").expect("valid authority")); + TcpRequest::new(HostWithPort::try_from("example.com:443").expect("valid authority")); + request.extensions_mut().insert(state.clone()); + + let result = handle_socks5_tcp( + request, + TargetCheckedTcpConnector::new(state), + /*policy_decider*/ None, + ) + .await + .expect("limited-mode HTTPS should use MITM"); + + assert!(matches!(result.conn, Socks5TcpConnection::Mitm { .. })); + } + + #[tokio::test(flavor = "current_thread")] + async fn handle_socks5_tcp_blocks_non_https_in_limited_mode() { + let mut settings = NetworkProxySettings { + enabled: true, + mode: NetworkMode::Limited, + ..NetworkProxySettings::default() + }; + settings.set_allowed_domains(vec!["example.com".to_string()]); + let state = state_for_settings(settings); + let mut request = + TcpRequest::new(HostWithPort::try_from("example.com:80").expect("valid authority")); request.extensions_mut().insert(state.clone()); let (result, events) = capture_events(|| async { handle_socks5_tcp( request, - TargetCheckedTcpConnector::new(state.clone()), + TargetCheckedTcpConnector::new(state), /*policy_decider*/ None, ) .await }) .await; - assert!(result.is_err(), "hooked host should require MITM"); - - let blocked = state.drain_blocked().await.unwrap(); - assert_eq!(blocked.len(), 1); - assert_eq!(blocked[0].reason, REASON_MITM_REQUIRED); - assert_eq!(blocked[0].host, "api.github.com"); - assert_eq!(blocked[0].port, Some(443)); - assert_eq!(blocked[0].protocol, "socks5"); + assert!( + result.is_err(), + "limited-mode non-HTTPS SOCKS should be denied" + ); let event = find_event_by_name(&events, POLICY_DECISION_EVENT_NAME) .expect("expected policy decision event"); @@ -684,18 +865,116 @@ mod tests { assert_eq!(event.field("network.policy.source"), Some("mode_guard")); assert_eq!( event.field("network.policy.reason"), - Some(REASON_MITM_REQUIRED) + Some(REASON_METHOD_NOT_ALLOWED) ); assert_eq!( event.field("network.transport.protocol"), Some("socks5_tcp") ); - assert_eq!(event.field("server.address"), Some("api.github.com")); - assert_eq!(event.field("server.port"), Some("443")); + assert_eq!(event.field("server.address"), Some("example.com")); + assert_eq!(event.field("server.port"), Some("80")); assert_eq!(event.field("http.request.method"), Some("none")); assert_eq!(event.field("client.address"), Some("unknown")); } + #[tokio::test(flavor = "current_thread")] + async fn handle_socks5_tcp_blocks_limited_mode_without_mitm_state() { + let mut settings = NetworkProxySettings { + enabled: true, + mode: NetworkMode::Limited, + ..NetworkProxySettings::default() + }; + settings.set_allowed_domains(vec!["example.com".to_string()]); + let state = state_for_settings(settings); + let mut request = + TcpRequest::new(HostWithPort::try_from("example.com:443").expect("valid authority")); + request.extensions_mut().insert(state.clone()); + + let err = handle_socks5_tcp( + request, + TargetCheckedTcpConnector::new(state), + /*policy_decider*/ None, + ) + .await + .expect_err("limited-mode HTTPS requires MITM"); + + assert!( + format!("{err:?}").contains("MITM required"), + "unexpected error: {err:?}" + ); + } + + #[tokio::test(flavor = "current_thread")] + async fn handle_socks5_tcp_uses_mitm_for_hooked_host_in_full_mode() { + let mut settings = NetworkProxySettings { + enabled: true, + mode: NetworkMode::Full, + mitm: true, + mitm_hooks: vec![MitmHookConfig { + host: "api.github.com".to_string(), + matcher: MitmHookMatchConfig { + methods: vec!["POST".to_string()], + path_prefixes: vec!["/repos/openai/".to_string()], + ..MitmHookMatchConfig::default() + }, + ..MitmHookConfig::default() + }], + ..NetworkProxySettings::default() + }; + settings.set_allowed_domains(vec!["api.github.com".to_string()]); + let state = state_for_settings(settings); + let mut request = + TcpRequest::new(HostWithPort::try_from("api.github.com:443").expect("valid authority")); + request.extensions_mut().insert(state.clone()); + + let result = handle_socks5_tcp( + request, + TargetCheckedTcpConnector::new(state), + /*policy_decider*/ None, + ) + .await + .expect("hooked HTTPS should use MITM"); + + assert!(matches!(result.conn, Socks5TcpConnection::Mitm { .. })); + } + + #[tokio::test(flavor = "current_thread")] + async fn handle_socks5_tcp_blocks_hooked_non_https_host_in_full_mode() { + let mut settings = NetworkProxySettings { + enabled: true, + mode: NetworkMode::Full, + mitm: true, + mitm_hooks: vec![MitmHookConfig { + host: "api.github.com".to_string(), + matcher: MitmHookMatchConfig { + methods: vec!["POST".to_string()], + path_prefixes: vec!["/repos/openai/".to_string()], + ..MitmHookMatchConfig::default() + }, + ..MitmHookConfig::default() + }], + ..NetworkProxySettings::default() + }; + settings.set_allowed_domains(vec!["api.github.com".to_string()]); + let state = state_for_settings(settings); + let mut request = + TcpRequest::new(HostWithPort::try_from("api.github.com:80").expect("valid authority")); + request.extensions_mut().insert(state.clone()); + + let err = handle_socks5_tcp( + request, + TargetCheckedTcpConnector::new(state), + /*policy_decider*/ None, + ) + .await + .expect_err("hooked non-HTTPS SOCKS should require MITM"); + + assert!( + format!("{err:?}").contains("MITM required"), + "unexpected error: {err:?}" + ); + } + #[tokio::test(flavor = "current_thread")] async fn inspect_socks5_udp_emits_block_decision_for_mode_guard_deny() { let state = state_for_settings(NetworkProxySettings { diff --git a/codex-rs/otel/src/events/session_telemetry.rs b/codex-rs/otel/src/events/session_telemetry.rs index 1da6497eb07..00c13046dd8 100644 --- a/codex-rs/otel/src/events/session_telemetry.rs +++ b/codex-rs/otel/src/events/session_telemetry.rs @@ -458,7 +458,7 @@ impl SessionTelemetry { auth.env_provider_key_name = self.metadata.auth_env.provider_env_key_name.as_deref(), auth.env_provider_key_present = self.metadata.auth_env.provider_env_key_present, auth.env_refresh_token_url_override_present = self.metadata.auth_env.refresh_token_url_override_present, - reasoning_effort = reasoning_effort.map(|e| e.to_string()), + reasoning_effort = reasoning_effort.as_ref().map(ToString::to_string), reasoning_summary = %reasoning_summary, context_window = context_window, auto_compact_token_limit = auto_compact_token_limit, @@ -998,6 +998,37 @@ impl SessionTelemetry { ); } + pub fn sandbox_outcome( + &self, + tool_name: &str, + call_id: &str, + outcome: &str, + initial_duration: Duration, + escalated_duration: Option, + ) { + let initial_duration_ms = initial_duration.as_millis().min(i64::MAX as u128) as i64; + let escalated_duration_ms = + escalated_duration.map(|duration| duration.as_millis().min(i64::MAX as u128) as i64); + log_event!( + self, + event.name = "codex.sandbox_outcome", + tool_name = %tool_name, + call_id = %call_id, + outcome = %outcome, + initial_duration_ms = initial_duration_ms, + escalated_duration_ms = escalated_duration_ms, + ); + trace_event!( + self, + event.name = "codex.sandbox_outcome", + tool_name = %tool_name, + call_id = %call_id, + outcome = %outcome, + initial_duration_ms = initial_duration_ms, + escalated_duration_ms = escalated_duration_ms, + ); + } + #[allow(clippy::too_many_arguments)] pub async fn log_tool_result_with_tags( &self, @@ -1177,6 +1208,7 @@ impl SessionTelemetry { } ResponseEvent::ServerModel(_) => "server_model".into(), ResponseEvent::ModelVerifications(_) => "model_verifications".into(), + ResponseEvent::TurnModerationMetadata(_) => "turn_moderation_metadata".into(), ResponseEvent::ServerReasoningIncluded(_) => "server_reasoning_included".into(), ResponseEvent::RateLimits(_) => "rate_limits".into(), ResponseEvent::ModelsEtag(_) => "models_etag".into(), @@ -1186,6 +1218,7 @@ impl SessionTelemetry { fn responses_item_type(item: &ResponseItem) -> String { match item { ResponseItem::Message { role, .. } => format!("message_from_{role}"), + ResponseItem::AgentMessage { .. } => "agent_message".into(), ResponseItem::Reasoning { .. } => "reasoning".into(), ResponseItem::LocalShellCall { .. } => "local_shell_call".into(), ResponseItem::FunctionCall { .. } => "function_call".into(), diff --git a/codex-rs/otel/src/lib.rs b/codex-rs/otel/src/lib.rs index 1a689d3684f..fe7a171ce96 100644 --- a/codex-rs/otel/src/lib.rs +++ b/codex-rs/otel/src/lib.rs @@ -54,10 +54,12 @@ pub enum TelemetryAuthMode { impl From for TelemetryAuthMode { fn from(mode: codex_app_server_protocol::AuthMode) -> Self { match mode { - codex_app_server_protocol::AuthMode::ApiKey => Self::ApiKey, + codex_app_server_protocol::AuthMode::ApiKey + | codex_app_server_protocol::AuthMode::BedrockApiKey => Self::ApiKey, codex_app_server_protocol::AuthMode::Chatgpt | codex_app_server_protocol::AuthMode::ChatgptAuthTokens - | codex_app_server_protocol::AuthMode::AgentIdentity => Self::Chatgpt, + | codex_app_server_protocol::AuthMode::AgentIdentity + | codex_app_server_protocol::AuthMode::PersonalAccessToken => Self::Chatgpt, } } } diff --git a/codex-rs/otel/src/metrics/client.rs b/codex-rs/otel/src/metrics/client.rs index 417c1f4bd9e..a36157aae35 100644 --- a/codex-rs/otel/src/metrics/client.rs +++ b/codex-rs/otel/src/metrics/client.rs @@ -12,6 +12,7 @@ use crate::metrics::validation::validate_tags; use codex_utils_string::sanitize_metric_tag_value; use opentelemetry::KeyValue; use opentelemetry::metrics::Counter; +use opentelemetry::metrics::Gauge; use opentelemetry::metrics::Histogram; use opentelemetry::metrics::Meter; use opentelemetry::metrics::MeterProvider as _; @@ -45,6 +46,12 @@ const METER_NAME: &str = "codex"; const DURATION_UNIT: &str = "ms"; const DURATION_DESCRIPTION: &str = "Duration in milliseconds."; +#[derive(Debug, Eq, Hash, PartialEq)] +struct InstrumentKey { + name: String, + description: Option, +} + #[derive(Clone, Debug)] struct SharedManualReader { inner: Arc, @@ -82,7 +89,8 @@ impl MetricReader for SharedManualReader { struct MetricsClientInner { meter_provider: SdkMeterProvider, meter: Meter, - counters: Mutex>>, + counters: Mutex>>, + gauges: Mutex>>, histograms: Mutex>>, duration_histograms: Mutex>>, runtime_reader: Option>, @@ -90,7 +98,13 @@ struct MetricsClientInner { } impl MetricsClientInner { - fn counter(&self, name: &str, inc: i64, tags: &[(&str, &str)]) -> Result<()> { + fn counter( + &self, + name: &str, + description: Option<&str>, + inc: i64, + tags: &[(&str, &str)], + ) -> Result<()> { validate_metric_name(name)?; if inc < 0 { return Err(MetricsError::NegativeCounterIncrement { @@ -104,9 +118,17 @@ impl MetricsClientInner { .counters .lock() .unwrap_or_else(std::sync::PoisonError::into_inner); - let counter = counters - .entry(name.to_string()) - .or_insert_with(|| self.meter.u64_counter(name.to_string()).build()); + let key = InstrumentKey { + name: name.to_string(), + description: description.map(str::to_string), + }; + let counter = counters.entry(key).or_insert_with(|| { + let builder = self.meter.u64_counter(name.to_string()); + match description { + Some(description) => builder.with_description(description.to_string()).build(), + None => builder.build(), + } + }); counter.add(inc as u64, &attributes); Ok(()) } @@ -126,6 +148,35 @@ impl MetricsClientInner { Ok(()) } + fn gauge( + &self, + name: &str, + description: Option<&str>, + value: i64, + tags: &[(&str, &str)], + ) -> Result<()> { + validate_metric_name(name)?; + let attributes = self.attributes(tags)?; + + let mut gauges = self + .gauges + .lock() + .unwrap_or_else(std::sync::PoisonError::into_inner); + let key = InstrumentKey { + name: name.to_string(), + description: description.map(str::to_string), + }; + let gauge = gauges.entry(key).or_insert_with(|| { + let builder = self.meter.i64_gauge(name.to_string()); + match description { + Some(description) => builder.with_description(description.to_string()).build(), + None => builder.build(), + } + }); + gauge.record(value, &attributes); + Ok(()) + } + fn duration_histogram(&self, name: &str, value: i64, tags: &[(&str, &str)]) -> Result<()> { validate_metric_name(name)?; let attributes = self.attributes(tags)?; @@ -233,6 +284,7 @@ impl MetricsClient { meter_provider, meter, counters: Mutex::new(HashMap::new()), + gauges: Mutex::new(HashMap::new()), histograms: Mutex::new(HashMap::new()), duration_histograms: Mutex::new(HashMap::new()), runtime_reader, @@ -242,7 +294,18 @@ impl MetricsClient { /// Send a single counter increment. pub fn counter(&self, name: &str, inc: i64, tags: &[(&str, &str)]) -> Result<()> { - self.0.counter(name, inc, tags) + self.0.counter(name, /*description*/ None, inc, tags) + } + + /// Send a single counter increment with an instrument description. + pub fn counter_with_description( + &self, + name: &str, + description: &str, + inc: i64, + tags: &[(&str, &str)], + ) -> Result<()> { + self.0.counter(name, Some(description), inc, tags) } /// Send a single histogram sample. @@ -250,6 +313,22 @@ impl MetricsClient { self.0.histogram(name, value, tags) } + /// Send a single gauge measurement. + pub fn gauge(&self, name: &str, value: i64, tags: &[(&str, &str)]) -> Result<()> { + self.0.gauge(name, /*description*/ None, value, tags) + } + + /// Send a single gauge measurement with an instrument description. + pub fn gauge_with_description( + &self, + name: &str, + description: &str, + value: i64, + tags: &[(&str, &str)], + ) -> Result<()> { + self.0.gauge(name, Some(description), value, tags) + } + /// Record a duration in milliseconds using a histogram. pub fn record_duration( &self, diff --git a/codex-rs/otel/tests/suite/otlp_http_loopback.rs b/codex-rs/otel/tests/suite/otlp_http_loopback.rs index 4c2dd36f769..1f413369169 100644 --- a/codex-rs/otel/tests/suite/otlp_http_loopback.rs +++ b/codex-rs/otel/tests/suite/otlp_http_loopback.rs @@ -186,6 +186,12 @@ fn otlp_http_exporter_sends_metrics_to_collector() -> Result<()> { ))?; metrics.counter("codex.turns", /*inc*/ 1, &[("source", "test")])?; + metrics.gauge_with_description( + "codex.active", + "Number of active Codex operations.", + /*value*/ 1, + &[("component", "test")], + )?; metrics.shutdown()?; server.join().expect("server join"); @@ -220,6 +226,16 @@ fn otlp_http_exporter_sends_metrics_to_collector() -> Result<()> { "expected metric name not found; body prefix: {}", &body.chars().take(2000).collect::() ); + assert!( + body.contains("codex.active"), + "expected gauge not found; body prefix: {}", + &body.chars().take(2000).collect::() + ); + assert!( + body.contains("component") && body.contains("test"), + "expected gauge tag not found; body prefix: {}", + &body.chars().take(2000).collect::() + ); Ok(()) } diff --git a/codex-rs/otel/tests/suite/send.rs b/codex-rs/otel/tests/suite/send.rs index fc382bf88a3..e2b8f2103e0 100644 --- a/codex-rs/otel/tests/suite/send.rs +++ b/codex-rs/otel/tests/suite/send.rs @@ -13,8 +13,9 @@ fn send_builds_payload_with_tags_and_histograms() -> Result<()> { let (metrics, exporter) = build_metrics_with_defaults(&[("service", "codex-cli"), ("env", "prod")])?; - metrics.counter( + metrics.counter_with_description( "codex.turns", + "Total number of Codex turns.", /*inc*/ 1, &[("model", "gpt-5.1"), ("env", "dev")], )?; @@ -23,11 +24,18 @@ fn send_builds_payload_with_tags_and_histograms() -> Result<()> { /*value*/ 25, &[("tool", "shell")], )?; + metrics.gauge_with_description( + "codex.active", + "Number of active Codex operations.", + /*value*/ 2, + &[("component", "test")], + )?; metrics.shutdown()?; let resource_metrics = latest_metrics(&exporter); let counter = find_metric(&resource_metrics, "codex.turns").expect("counter metric missing"); + assert_eq!(counter.description(), "Total number of Codex turns."); let counter_attributes = match counter.data() { opentelemetry_sdk::metrics::data::AggregatedMetrics::U64(data) => match data { opentelemetry_sdk::metrics::data::MetricData::Sum(sum) => { @@ -78,6 +86,27 @@ fn send_builds_payload_with_tags_and_histograms() -> Result<()> { ]); assert_eq!(histogram_attrs, expected_histogram_attributes); + let gauge = find_metric(&resource_metrics, "codex.active").expect("gauge metric missing"); + assert_eq!(gauge.description(), "Number of active Codex operations."); + let gauge_point = match gauge.data() { + opentelemetry_sdk::metrics::data::AggregatedMetrics::I64(data) => match data { + opentelemetry_sdk::metrics::data::MetricData::Gauge(gauge) => { + gauge.data_points().next().expect("gauge point") + } + _ => panic!("unexpected gauge aggregation"), + }, + _ => panic!("unexpected gauge metric data type"), + }; + assert_eq!(gauge_point.value(), 2); + assert_eq!( + attributes_to_map(gauge_point.attributes()), + BTreeMap::from([ + ("component".to_string(), "test".to_string()), + ("env".to_string(), "prod".to_string()), + ("service".to_string(), "codex-cli".to_string()), + ]) + ); + Ok(()) } diff --git a/codex-rs/protocol/Cargo.toml b/codex-rs/protocol/Cargo.toml index 23a44c48e69..89b10e383ef 100644 --- a/codex-rs/protocol/Cargo.toml +++ b/codex-rs/protocol/Cargo.toml @@ -59,4 +59,5 @@ tempfile = { workspace = true } [package.metadata.cargo-shear] # Required because: # `icu_provider`: contains a required `sync` feature for `icu_decimal` -ignored = ["icu_provider"] +# `strum`: is referenced by generated `EnumIter` derive implementations +ignored = ["icu_provider", "strum"] diff --git a/codex-rs/protocol/src/capabilities.rs b/codex-rs/protocol/src/capabilities.rs new file mode 100644 index 00000000000..cfdead7b284 --- /dev/null +++ b/codex-rs/protocol/src/capabilities.rs @@ -0,0 +1,30 @@ +use schemars::JsonSchema; +use serde::Deserialize; +use serde::Serialize; +use ts_rs::TS; + +/// A user-selected root that can expose one or more runtime capabilities. +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, JsonSchema, TS)] +#[serde(rename_all = "camelCase")] +#[ts(export_to = "v2/")] +pub struct SelectedCapabilityRoot { + /// Stable identifier supplied by the capability selection platform. + pub id: String, + /// Where the selected root can be resolved. + pub location: CapabilityRootLocation, +} + +/// Location used to resolve a selected capability root. +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, JsonSchema, TS)] +#[serde(tag = "type", rename_all = "camelCase")] +#[ts(tag = "type")] +#[ts(export_to = "v2/")] +pub enum CapabilityRootLocation { + /// A path owned by an execution environment. + Environment { + #[serde(rename = "environmentId")] + #[ts(rename = "environmentId")] + environment_id: String, + path: String, + }, +} diff --git a/codex-rs/protocol/src/config_types.rs b/codex-rs/protocol/src/config_types.rs index 9e5c47a5c12..713945dbde7 100644 --- a/codex-rs/protocol/src/config_types.rs +++ b/codex-rs/protocol/src/config_types.rs @@ -166,8 +166,8 @@ pub enum ApprovalsReviewer { #[default] #[serde(rename = "user")] User, - #[serde(rename = "guardian_subagent", alias = "auto_review")] - #[strum(serialize = "guardian_subagent")] + #[serde(rename = "auto_review", alias = "guardian_subagent")] + #[strum(serialize = "auto_review")] AutoReview, } @@ -635,7 +635,7 @@ impl CollaborationMode { } pub fn reasoning_effort(&self) -> Option { - self.settings_ref().reasoning_effort + self.settings_ref().reasoning_effort.clone() } /// Updates the collaboration mode with new model and/or effort values. @@ -654,7 +654,7 @@ impl CollaborationMode { let settings = self.settings_ref(); let updated_settings = Settings { model: model.unwrap_or_else(|| settings.model.clone()), - reasoning_effort: effort.unwrap_or(settings.reasoning_effort), + reasoning_effort: effort.unwrap_or_else(|| settings.reasoning_effort.clone()), developer_instructions: developer_instructions .unwrap_or_else(|| settings.developer_instructions.clone()), }; @@ -676,7 +676,10 @@ impl CollaborationMode { mode: mask.mode.unwrap_or(self.mode), settings: Settings { model: mask.model.clone().unwrap_or_else(|| settings.model.clone()), - reasoning_effort: mask.reasoning_effort.unwrap_or(settings.reasoning_effort), + reasoning_effort: mask + .reasoning_effort + .clone() + .unwrap_or_else(|| settings.reasoning_effort.clone()), developer_instructions: mask .developer_instructions .clone() @@ -757,7 +760,7 @@ mod tests { ); assert_eq!( serde_json::to_string(&ApprovalsReviewer::AutoReview).expect("serialize reviewer"), - "\"guardian_subagent\"" + "\"auto_review\"" ); for value in ["user", "auto_review", "guardian_subagent"] { diff --git a/codex-rs/protocol/src/lib.rs b/codex-rs/protocol/src/lib.rs index 63053159c6e..3be16d08b72 100644 --- a/codex-rs/protocol/src/lib.rs +++ b/codex-rs/protocol/src/lib.rs @@ -9,6 +9,7 @@ pub use session_id::SessionId; pub use thread_id::ThreadId; pub use tool_name::ToolName; pub mod approvals; +pub mod capabilities; pub mod config_types; pub mod dynamic_tools; pub mod error; diff --git a/codex-rs/protocol/src/models.rs b/codex-rs/protocol/src/models.rs index d95370c0614..5df6d1e77f7 100644 --- a/codex-rs/protocol/src/models.rs +++ b/codex-rs/protocol/src/models.rs @@ -4,6 +4,7 @@ use std::num::NonZeroUsize; use std::path::Path; use codex_utils_image::PromptImageMode; +use codex_utils_image::data_url_from_bytes; use codex_utils_image::load_for_prompt_bytes; use serde::Deserialize; use serde::Deserializer; @@ -715,6 +716,12 @@ pub enum ContentItem { }, } +#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, JsonSchema, TS)] +#[serde(tag = "type", rename_all = "snake_case")] +pub enum AgentMessageInputContent { + EncryptedContent { encrypted_content: String }, +} + #[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq, JsonSchema, TS)] #[serde(rename_all = "lowercase")] pub enum ImageDetail { @@ -758,6 +765,11 @@ pub enum ResponseItem { #[ts(optional)] phase: Option, }, + AgentMessage { + author: String, + recipient: String, + content: Vec, + }, Reasoning { #[serde(default, skip_serializing)] #[ts(skip)] @@ -1077,26 +1089,12 @@ pub fn local_image_content_items_with_label_number( }; match load_for_prompt_bytes(path, file_bytes, mode) { - Ok(image) => { - let mut items = Vec::with_capacity(3); - if let Some(label_number) = label_number { - items.push(ContentItem::InputText { - text: local_image_open_tag_text_with_path(label_number, path), - }); - } - items.push(ContentItem::InputImage { - image_url: image.into_data_url(), - detail: Some(detail), - }); - if label_number.is_some() { - items.push(ContentItem::InputText { - text: LOCAL_IMAGE_CLOSE_TAG.to_string(), - }); - } - items - } + Ok(image) => local_image_content_items(path, image.into_data_url(), label_number, detail), Err(err) => match &err { - ImageProcessingError::Read { .. } | ImageProcessingError::Encode { .. } => { + ImageProcessingError::Read { .. } + | ImageProcessingError::Encode { .. } + | ImageProcessingError::InvalidDataUrl { .. } + | ImageProcessingError::ImageTooLarge { .. } => { vec![local_image_error_placeholder(path, &err)] } ImageProcessingError::Decode { .. } if err.is_invalid_image() => { @@ -1112,6 +1110,36 @@ pub fn local_image_content_items_with_label_number( } } +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum LocalImagePreparation { + Process, + Defer, +} + +fn local_image_content_items( + path: &std::path::Path, + image_url: String, + label_number: Option, + detail: ImageDetail, +) -> Vec { + let mut items = Vec::with_capacity(3); + if let Some(label_number) = label_number { + items.push(ContentItem::InputText { + text: local_image_open_tag_text_with_path(label_number, path), + }); + } + items.push(ContentItem::InputImage { + image_url, + detail: Some(detail), + }); + if label_number.is_some() { + items.push(ContentItem::InputText { + text: LOCAL_IMAGE_CLOSE_TAG.to_string(), + }); + } + items +} + impl From for ResponseItem { fn from(item: ResponseInputItem) -> Self { match item { @@ -1224,6 +1252,15 @@ pub enum ReasoningItemContent { impl From> for ResponseInputItem { fn from(items: Vec) -> Self { + Self::from_user_input(items, LocalImagePreparation::Process) + } +} + +impl ResponseInputItem { + pub fn from_user_input( + items: Vec, + local_image_preparation: LocalImagePreparation, + ) -> Self { let mut image_index = 0; Self::Message { role: "user".to_string(), @@ -1245,12 +1282,22 @@ impl From> for ResponseInputItem { image_index += 1; let detail = detail.unwrap_or(DEFAULT_IMAGE_DETAIL); match std::fs::read(&path) { - Ok(file_bytes) => local_image_content_items_with_label_number( - &path, - file_bytes, - Some(image_index), - detail, - ), + Ok(file_bytes) => match local_image_preparation { + LocalImagePreparation::Process => { + local_image_content_items_with_label_number( + &path, + file_bytes, + Some(image_index), + detail, + ) + } + LocalImagePreparation::Defer => local_image_content_items( + &path, + data_url_from_bytes("application/octet-stream", &file_bytes), + Some(image_index), + detail, + ), + }, Err(err) => vec![local_image_error_placeholder(&path, err)], } } diff --git a/codex-rs/protocol/src/openai_models.rs b/codex-rs/protocol/src/openai_models.rs index 4b678a92090..5b95fee29d3 100644 --- a/codex-rs/protocol/src/openai_models.rs +++ b/codex-rs/protocol/src/openai_models.rs @@ -3,15 +3,22 @@ //! These types are serialized across core, TUI, app-server, and SDK boundaries, so field defaults //! are used to preserve compatibility when older payloads omit newly introduced attributes. -use std::collections::HashMap; +use std::fmt; use std::str::FromStr; use schemars::JsonSchema; +use schemars::r#gen::SchemaGenerator; +use schemars::schema::InstanceType; +use schemars::schema::Metadata; +use schemars::schema::Schema; +use schemars::schema::SchemaObject; +use schemars::schema::StringValidation; use serde::Deserialize; use serde::Deserializer; use serde::Serialize; +use serde::Serializer; use serde::de::DeserializeOwned; -use strum::IntoEnumIterator; +use serde::de::Error; use strum_macros::Display; use strum_macros::EnumIter; use tracing::warn; @@ -28,23 +35,8 @@ const PERSONALITY_PLACEHOLDER: &str = "{{ personality }}"; pub const SPEED_TIER_FAST: &str = "fast"; /// See https://platform.openai.com/docs/guides/reasoning?api-mode=responses#get-started-with-reasoning -#[derive( - Debug, - Serialize, - Deserialize, - Default, - Clone, - Copy, - PartialEq, - Eq, - Display, - JsonSchema, - TS, - EnumIter, - Hash, -)] -#[serde(rename_all = "lowercase")] -#[strum(serialize_all = "lowercase")] +#[derive(Debug, Default, Clone, PartialEq, Eq, TS, Hash)] +#[ts(type = "string")] pub enum ReasoningEffort { None, Minimal, @@ -53,14 +45,87 @@ pub enum ReasoningEffort { Medium, High, XHigh, + /// A model-defined effort value that this client does not know yet. + Custom(String), +} + +impl ReasoningEffort { + /// Returns the exact value used on the wire. + pub fn as_str(&self) -> &str { + match self { + Self::None => "none", + Self::Minimal => "minimal", + Self::Low => "low", + Self::Medium => "medium", + Self::High => "high", + Self::XHigh => "xhigh", + Self::Custom(effort) => effort, + } + } +} + +impl fmt::Display for ReasoningEffort { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.write_str(self.as_str()) + } +} + +impl JsonSchema for ReasoningEffort { + fn schema_name() -> String { + "ReasoningEffort".to_string() + } + + fn json_schema(_generator: &mut SchemaGenerator) -> Schema { + Schema::Object(SchemaObject { + instance_type: Some(InstanceType::String.into()), + metadata: Some(Box::new(Metadata { + description: Some( + "A non-empty reasoning effort value advertised by the model.".to_string(), + ), + ..Default::default() + })), + string: Some(Box::new(StringValidation { + min_length: Some(1), + ..Default::default() + })), + ..Default::default() + }) + } +} + +impl Serialize for ReasoningEffort { + fn serialize(&self, serializer: S) -> Result + where + S: Serializer, + { + serializer.serialize_str(self.as_str()) + } +} + +impl<'de> Deserialize<'de> for ReasoningEffort { + fn deserialize(deserializer: D) -> Result + where + D: Deserializer<'de>, + { + let effort = String::deserialize(deserializer)?; + effort.parse().map_err(D::Error::custom) + } } impl FromStr for ReasoningEffort { type Err = String; fn from_str(s: &str) -> Result { - serde_json::from_value(serde_json::Value::String(s.to_string())) - .map_err(|_| format!("invalid reasoning_effort: {s}")) + match s { + "none" => Ok(Self::None), + "minimal" => Ok(Self::Minimal), + "low" => Ok(Self::Low), + "medium" => Ok(Self::Medium), + "high" => Ok(Self::High), + "xhigh" => Ok(Self::XHigh), + "" => Err("reasoning_effort must not be empty".to_string()), + effort => Ok(Self::Custom(effort.to_string())), + } } } @@ -108,7 +173,6 @@ pub struct ReasoningEffortPreset { #[derive(Debug, Clone, Deserialize, Serialize, TS, JsonSchema, PartialEq)] pub struct ModelUpgrade { pub id: String, - pub reasoning_effort_mapping: Option>, pub migration_config_key: String, pub model_link: Option, pub upgrade_copy: Option, @@ -325,6 +389,9 @@ pub struct ModelInfo { /// context window when available. #[serde(default, skip_serializing_if = "Option::is_none")] pub auto_compact_token_limit: Option, + /// Opaque identifier for compaction-compatible model configurations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub comp_hash: Option, /// Percentage of the context window considered usable for inputs, after /// reserving headroom for system prompts, tool overhead, and model output. #[serde(default = "default_effective_context_window_percent")] @@ -340,6 +407,8 @@ pub struct ModelInfo { pub used_fallback_model_metadata: bool, #[serde(default)] pub supports_search_tool: bool, + #[serde(default)] + pub use_responses_lite: bool, #[serde(default, skip_serializing_if = "Option::is_none")] pub auto_review_model_override: Option, #[serde( @@ -501,9 +570,6 @@ impl From for ModelPreset { is_default: false, // default is the highest priority available model upgrade: info.upgrade.as_ref().map(|upgrade| ModelUpgrade { id: upgrade.model.clone(), - reasoning_effort_mapping: reasoning_effort_mapping_from_presets( - &info.supported_reasoning_levels, - ), migration_config_key: info.slug.clone(), // todo(aibrahim): add the model link here. model_link: None, @@ -571,47 +637,12 @@ impl ModelPreset { } } -fn reasoning_effort_mapping_from_presets( - presets: &[ReasoningEffortPreset], -) -> Option> { - if presets.is_empty() { - return None; - } - - // Map every canonical effort to the closest supported effort for the new model. - let supported: Vec = presets.iter().map(|p| p.effort).collect(); - let mut map = HashMap::new(); - for effort in ReasoningEffort::iter() { - let nearest = nearest_effort(effort, &supported); - map.insert(effort, nearest); - } - Some(map) -} - -fn effort_rank(effort: ReasoningEffort) -> i32 { - match effort { - ReasoningEffort::None => 0, - ReasoningEffort::Minimal => 1, - ReasoningEffort::Low => 2, - ReasoningEffort::Medium => 3, - ReasoningEffort::High => 4, - ReasoningEffort::XHigh => 5, - } -} - -fn nearest_effort(target: ReasoningEffort, supported: &[ReasoningEffort]) -> ReasoningEffort { - let target_rank = effort_rank(target); - supported - .iter() - .copied() - .min_by_key(|candidate| (effort_rank(*candidate) - target_rank).abs()) - .unwrap_or(target) -} - #[cfg(test)] mod tests { use super::*; use pretty_assertions::assert_eq; + use serde_json::from_str; + use serde_json::to_string; fn test_model(spec: Option) -> ModelInfo { ModelInfo { @@ -643,11 +674,13 @@ mod tests { context_window: None, max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: vec![], input_modalities: default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, @@ -663,16 +696,58 @@ mod tests { } #[test] - fn reasoning_effort_from_str_accepts_known_values() { - assert_eq!("high".parse(), Ok(ReasoningEffort::High)); - assert_eq!("minimal".parse(), Ok(ReasoningEffort::Minimal)); + fn reasoning_effort_accepts_known_and_custom_values() { + let custom = ReasoningEffort::Custom("max".to_string()); + let deserialized = from_str::(r#""max""#) + .expect("custom reasoning effort should deserialize"); + let serialized = to_string(&custom).expect("custom reasoning effort should serialize"); + + assert_eq!( + ( + "high".parse(), + "max".parse(), + deserialized, + serialized, + custom.to_string(), + ), + ( + Ok(ReasoningEffort::High), + Ok(custom.clone()), + custom, + r#""max""#.to_string(), + "max".to_string(), + ) + ); } #[test] - fn reasoning_effort_from_str_rejects_unknown_values() { + fn reasoning_effort_rejects_empty_values() { assert_eq!( - "unsupported".parse::(), - Err("invalid reasoning_effort: unsupported".to_string()) + "".parse::(), + Err("reasoning_effort must not be empty".to_string()) + ); + } + + #[test] + fn reasoning_effort_json_schema_is_an_open_string() { + let mut effort_generator = SchemaGenerator::default(); + + assert_eq!( + ReasoningEffort::json_schema(&mut effort_generator), + Schema::Object(SchemaObject { + instance_type: Some(InstanceType::String.into()), + metadata: Some(Box::new(Metadata { + description: Some( + "A non-empty reasoning effort value advertised by the model.".to_string(), + ), + ..Default::default() + })), + string: Some(Box::new(StringValidation { + min_length: Some(1), + ..Default::default() + })), + ..Default::default() + }) ); } @@ -868,6 +943,8 @@ mod tests { assert!(!model.supports_image_detail_original); assert_eq!(model.web_search_tool_type, WebSearchToolType::Text); assert!(!model.supports_search_tool); + assert!(!model.use_responses_lite); + assert_eq!(model.comp_hash, None); assert_eq!(model.auto_review_model_override, None); assert_eq!(model.tool_mode, None); } diff --git a/codex-rs/protocol/src/protocol.rs b/codex-rs/protocol/src/protocol.rs index 91ef624fa7a..059c5692ce2 100644 --- a/codex-rs/protocol/src/protocol.rs +++ b/codex-rs/protocol/src/protocol.rs @@ -33,6 +33,7 @@ use crate::mcp::CallToolResult; use crate::mcp::RequestId; use crate::memory_citation::MemoryCitation; use crate::models::ActivePermissionProfile; +use crate::models::AgentMessageInputContent; use crate::models::BaseInstructions; use crate::models::ContentItem; use crate::models::ImageDetail; @@ -105,12 +106,40 @@ pub const REALTIME_CONVERSATION_OPEN_TAG: &str = ""; pub const REALTIME_CONVERSATION_CLOSE_TAG: &str = ""; pub const USER_MESSAGE_BEGIN: &str = "## My request for Codex:"; -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema)] +#[derive(Debug, Clone, PartialEq)] pub struct TurnEnvironmentSelection { pub environment_id: String, pub cwd: AbsolutePathBuf, } +#[derive(Debug, Clone, PartialEq)] +pub struct TurnEnvironmentSelections { + pub legacy_fallback_cwd: AbsolutePathBuf, + pub environments: Vec, +} + +impl TurnEnvironmentSelections { + pub fn new( + legacy_fallback_cwd: AbsolutePathBuf, + environments: Vec, + ) -> Self { + let mut settings = Self { + legacy_fallback_cwd, + environments, + }; + settings.sync_primary_environment_cwd(); + settings + } + + fn sync_primary_environment_cwd(&mut self) { + if let Some(turn_environment) = self.environments.first_mut() + && turn_environment.cwd != self.legacy_fallback_cwd + { + turn_environment.cwd = self.legacy_fallback_cwd.clone(); + } + } +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema, TS)] #[serde(transparent)] #[ts(type = "string")] @@ -123,17 +152,15 @@ impl GitSha { } /// Submission Queue Entry - requests from user -#[derive(Debug, Clone, Deserialize, Serialize, JsonSchema)] +#[derive(Debug, Clone)] pub struct Submission { /// Unique id for this Submission to correlate with Events pub id: String, /// Payload pub op: Op, /// Client-provided id for the user message represented by `Op::UserInput`. - #[serde(default, skip_serializing_if = "Option::is_none")] pub client_user_message_id: Option, /// Optional W3C trace carrier propagated across async submission handoffs. - #[serde(default, skip_serializing_if = "Option::is_none")] pub trace: Option, } @@ -148,34 +175,27 @@ pub struct W3cTraceContext { } /// Config payload for refreshing MCP servers. -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema)] +#[derive(Debug, Clone, PartialEq)] pub struct McpServerRefreshConfig { pub mcp_servers: Value, pub mcp_oauth_credentials_store_mode: Value, } -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema, TS)] +#[derive(Debug, Clone, PartialEq)] pub struct ConversationStartParams { + /// Overrides the configured realtime model for this session only. + pub model: Option, /// Selects whether the realtime session should produce text or audio output. pub output_modality: RealtimeOutputModality, - #[serde( - default, - deserialize_with = "conversation_start_prompt_serde::deserialize", - serialize_with = "conversation_start_prompt_serde::serialize", - skip_serializing_if = "Option::is_none" - )] pub prompt: Option>, - #[serde(skip_serializing_if = "Option::is_none")] pub realtime_session_id: Option, - #[serde(skip_serializing_if = "Option::is_none")] pub transport: Option, - #[serde(skip_serializing_if = "Option::is_none")] + /// Overrides the configured realtime protocol version for this session only. + pub version: Option, pub voice: Option, } -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema, TS)] -#[serde(tag = "type", rename_all = "snake_case")] -#[ts(tag = "type")] +#[derive(Debug, Clone, PartialEq)] pub enum ConversationStartTransport { Websocket, Webrtc { sdp: String }, @@ -188,28 +208,6 @@ pub enum RealtimeOutputModality { Audio, } -mod conversation_start_prompt_serde { - use serde::Deserializer; - use serde::Serializer; - - pub(crate) fn deserialize<'de, D>(deserializer: D) -> Result>, D::Error> - where - D: Deserializer<'de>, - { - serde_with::rust::double_option::deserialize(deserializer) - } - - pub(crate) fn serialize( - value: &Option>, - serializer: S, - ) -> Result - where - S: Serializer, - { - serde_with::rust::double_option::serialize(value, serializer) - } -} - #[derive( Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq, Hash, JsonSchema, TS, Ord, PartialOrd, )] @@ -390,109 +388,92 @@ pub enum RealtimeEvent { Error(String), } -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema, TS)] +#[derive(Debug, Clone, PartialEq)] pub struct ConversationAudioParams { pub frame: RealtimeAudioFrame, } -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema, TS)] +#[derive(Debug, Clone, PartialEq)] pub struct ConversationTextParams { pub text: String, } /// Persistent thread-settings overrides that can be applied before user input or /// on their own. -#[derive(Debug, Clone, Default, Deserialize, Serialize, PartialEq, JsonSchema)] +#[derive(Debug, Clone, Default, PartialEq)] pub struct ThreadSettingsOverrides { - /// Updated `cwd` for sandbox/tool calls. - #[serde(skip_serializing_if = "Option::is_none")] - pub cwd: Option, + /// Updated fallback `cwd` and environments supplied together as a complete pair. + pub environments: Option, /// Updated runtime workspace roots used to materialize symbolic /// `:workspace_roots` filesystem permissions. - #[serde(skip_serializing_if = "Option::is_none")] pub workspace_roots: Option>, /// Updated profile-defined workspace roots for status summaries and /// per-turn config reconstruction. - #[serde(skip_serializing_if = "Option::is_none")] pub profile_workspace_roots: Option>, /// Updated command approval policy. - #[serde(skip_serializing_if = "Option::is_none")] pub approval_policy: Option, /// Updated approval reviewer for future approval prompts. - #[serde(skip_serializing_if = "Option::is_none")] pub approvals_reviewer: Option, /// Updated sandbox policy for tool calls. - #[serde(skip_serializing_if = "Option::is_none")] pub sandbox_policy: Option, /// Updated permissions profile for tool calls. - #[serde(skip_serializing_if = "Option::is_none")] pub permission_profile: Option, /// Named or built-in profile that produced `permission_profile`, if the /// update selected a profile rather than supplying raw permissions. - #[serde(skip_serializing_if = "Option::is_none")] pub active_permission_profile: Option, /// Updated Windows sandbox mode for tool execution. - #[serde(skip_serializing_if = "Option::is_none")] pub windows_sandbox_level: Option, /// Updated model slug. When set, the model info is derived automatically. - #[serde(skip_serializing_if = "Option::is_none")] pub model: Option, /// Updated reasoning effort (honored only for reasoning-capable models). /// /// Use `Some(Some(_))` to set a specific effort, `Some(None)` to clear the /// effort, or `None` to leave the existing value unchanged. - #[serde(skip_serializing_if = "Option::is_none")] pub effort: Option>, /// Updated reasoning summary preference (honored only for reasoning-capable models). - #[serde(skip_serializing_if = "Option::is_none")] pub summary: Option, /// Updated service tier preference for future turns. /// /// Use `Some(Some(_))` to set a specific tier, `Some(None)` to clear the /// preference, or `None` to leave the existing value unchanged. - #[serde(skip_serializing_if = "Option::is_none")] pub service_tier: Option>, /// EXPERIMENTAL - set a pre-set collaboration mode. /// Takes precedence over model, effort, and developer instructions if set. - #[serde(skip_serializing_if = "Option::is_none")] pub collaboration_mode: Option, /// Updated personality preference. - #[serde(skip_serializing_if = "Option::is_none")] pub personality: Option, } /// Source classification for client-supplied context. -#[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq, JsonSchema)] -#[serde(rename_all = "snake_case")] +#[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum AdditionalContextKind { Untrusted, Application, } /// Client-supplied context keyed by an opaque source identifier. -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, Eq, JsonSchema)] +#[derive(Debug, Clone, PartialEq, Eq)] pub struct AdditionalContextEntry { pub value: String, pub kind: AdditionalContextKind, } /// Submission operation -#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema)] -#[serde(tag = "type", rename_all = "snake_case")] +#[derive(Debug, Clone, PartialEq)] #[allow(clippy::large_enum_variant)] #[non_exhaustive] pub enum Op { @@ -523,21 +504,14 @@ pub enum Op { UserInput { /// User input items, see `InputItem` items: Vec, - /// Optional turn-scoped environments. - #[serde(default, skip_serializing_if = "Option::is_none")] - environments: Option>, /// Optional JSON Schema used to constrain the final assistant message for this turn. - #[serde(skip_serializing_if = "Option::is_none")] final_output_json_schema: Option, /// Optional turn-scoped Responses API `client_metadata`. - #[serde(default, skip_serializing_if = "Option::is_none")] responsesapi_client_metadata: Option>, /// Client-supplied context fragments keyed by an opaque source identifier. - #[serde(default, skip_serializing_if = "BTreeMap::is_empty")] additional_context: BTreeMap, /// Persistent thread-settings overrides to apply before the input. - #[serde(default, flatten)] thread_settings: ThreadSettingsOverrides, }, @@ -547,7 +521,6 @@ pub enum Op { /// preserve caller order between both kinds of mutation. ThreadSettings { /// Persistent thread-settings overrides to apply. - #[serde(flatten)] thread_settings: ThreadSettingsOverrides, }, @@ -562,7 +535,6 @@ pub enum Op { /// The id of the submission we are approving id: String, /// Turn id associated with the approval event, when available. - #[serde(default, skip_serializing_if = "Option::is_none")] turn_id: Option, /// The user's decision in response to the request. decision: ReviewDecision, @@ -585,15 +557,12 @@ pub enum Op { /// User's decision for the request. decision: ElicitationAction, /// Structured user input supplied for accepted elicitations. - #[serde(default, skip_serializing_if = "Option::is_none")] content: Option, /// Optional client metadata associated with the elicitation response. - #[serde(default, skip_serializing_if = "Option::is_none")] meta: Option, }, /// Resolve a request_user_input tool call. - #[serde(rename = "user_input_answer", alias = "request_user_input_response")] UserInputAnswer { /// Turn id for the in-flight request. id: String, @@ -673,7 +642,6 @@ pub enum ThreadMemoryMode { impl From> for Op { fn from(value: Vec) -> Self { Op::UserInput { - environments: None, items: value, final_output_json_schema: None, responsesapi_client_metadata: None, @@ -690,6 +658,9 @@ pub struct InterAgentCommunication { #[serde(default)] pub other_recipients: Vec, pub content: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + #[ts(optional)] + pub encrypted_content: Option, pub trigger_turn: bool, } @@ -706,6 +677,24 @@ impl InterAgentCommunication { recipient, other_recipients, content, + encrypted_content: None, + trigger_turn, + } + } + + pub fn new_encrypted( + author: AgentPath, + recipient: AgentPath, + other_recipients: Vec, + encrypted_content: String, + trigger_turn: bool, + ) -> Self { + Self { + author, + recipient, + other_recipients, + content: String::new(), + encrypted_content: Some(encrypted_content), trigger_turn, } } @@ -720,6 +709,19 @@ impl InterAgentCommunication { } } + pub fn to_model_input_item(&self) -> ResponseItem { + match &self.encrypted_content { + Some(encrypted_content) => ResponseItem::AgentMessage { + author: self.author.to_string(), + recipient: self.recipient.to_string(), + content: vec![AgentMessageInputContent::EncryptedContent { + encrypted_content: encrypted_content.clone(), + }], + }, + None => self.to_response_input_item().into(), + } + } + pub fn is_message_content(content: &[ContentItem]) -> bool { Self::from_message_content(content).is_some() } @@ -1186,6 +1188,9 @@ pub enum EventMsg { /// Backend recommends additional account verification for this turn. ModelVerification(ModelVerificationEvent), + /// Backend moderation metadata intended for first-party turn presentation. + TurnModerationMetadata(TurnModerationMetadataEvent), + /// Conversation history was compacted (either automatically or manually). ContextCompacted(ContextCompactedEvent), @@ -1348,6 +1353,9 @@ pub enum EventMsg { CollabResumeBegin(CollabResumeBeginEvent), /// Collab interaction: resume end. CollabResumeEnd(CollabResumeEndEvent), + + /// Path-based v2 sub-agent activity. + SubAgentActivity(SubAgentActivityEvent), } #[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq, JsonSchema, TS, EnumIter)] @@ -1567,6 +1575,12 @@ impl From for EventMsg { } } +impl From for EventMsg { + fn from(event: SubAgentActivityEvent) -> Self { + EventMsg::SubAgentActivity(event) + } +} + /// Agent lifecycle status, derived from emitted events. #[derive(Debug, Clone, Deserialize, Serialize, PartialEq, Eq, JsonSchema, TS, Default)] #[serde(rename_all = "snake_case")] @@ -1850,6 +1864,11 @@ pub struct ModelVerificationEvent { pub verifications: Vec, } +#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema, TS)] +pub struct TurnModerationMetadataEvent { + pub metadata: Value, +} + #[derive(Debug, Clone, Deserialize, Serialize, JsonSchema, TS)] pub struct ContextCompactedEvent; @@ -2465,12 +2484,12 @@ impl InitialHistory { pub fn get_resumed_session_sources(&self) -> Option<(SessionSource, Option)> { let meta = self.get_resumed_session_meta()?; - Some((meta.source.clone(), meta.thread_source)) + Some((meta.source.clone(), meta.thread_source.clone())) } pub fn get_resumed_thread_source(&self) -> Option { self.get_resumed_session_meta() - .and_then(|meta| meta.thread_source) + .and_then(|meta| meta.thread_source.clone()) } pub fn get_resumed_parent_thread_id(&self) -> Option { @@ -2514,20 +2533,23 @@ pub enum SessionSource { Unknown, } -#[derive(Serialize, Deserialize, Clone, Copy, Debug, PartialEq, Eq, JsonSchema, TS)] -#[serde(rename_all = "snake_case")] -#[ts(rename_all = "snake_case")] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, Eq, JsonSchema, TS)] +#[serde(try_from = "String", into = "String")] +#[schemars(with = "String")] +#[ts(type = "string")] pub enum ThreadSource { User, Subagent, + Feature(String), MemoryConsolidation, } impl ThreadSource { - pub fn as_str(self) -> &'static str { + pub fn as_str(&self) -> &str { match self { ThreadSource::User => "user", ThreadSource::Subagent => "subagent", + ThreadSource::Feature(feature) => feature, ThreadSource::MemoryConsolidation => "memory_consolidation", } } @@ -2539,6 +2561,20 @@ impl fmt::Display for ThreadSource { } } +impl TryFrom for ThreadSource { + type Error = String; + + fn try_from(value: String) -> Result { + value.parse() + } +} + +impl From for String { + fn from(value: ThreadSource) -> Self { + value.to_string() + } +} + impl FromStr for ThreadSource { type Err = String; @@ -2547,7 +2583,7 @@ impl FromStr for ThreadSource { "user" => Ok(ThreadSource::User), "subagent" => Ok(ThreadSource::Subagent), "memory_consolidation" => Ok(ThreadSource::MemoryConsolidation), - other => Err(format!("unknown thread source: {other}")), + other => Ok(ThreadSource::Feature(other.to_string())), } } } @@ -2856,6 +2892,8 @@ pub struct CompactedItem { pub message: String, #[serde(default, skip_serializing_if = "Option::is_none")] pub replacement_history: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub window_id: Option, } impl From for ResponseItem { @@ -2903,6 +2941,8 @@ pub struct TurnContextItem { #[serde(default, skip_serializing_if = "Option::is_none")] pub file_system_sandbox_policy: Option, pub model: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub comp_hash: Option, #[serde(skip_serializing_if = "Option::is_none")] pub personality: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3884,6 +3924,27 @@ pub struct CollabAgentInteractionEndEvent { pub status: AgentStatus, } +#[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq, JsonSchema, TS)] +#[serde(rename_all = "snake_case")] +#[ts(rename_all = "snake_case")] +pub enum SubAgentActivityKind { + Started, + Interacted, + Interrupted, +} + +#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, Eq, JsonSchema, TS)] +pub struct SubAgentActivityEvent { + pub event_id: String, + #[serde(default)] + pub occurred_at_ms: i64, + /// Thread ID of the affected sub-agent. + pub agent_thread_id: ThreadId, + /// Canonical v2 path of the affected sub-agent. + pub agent_path: AgentPath, + pub kind: SubAgentActivityKind, +} + #[derive(Debug, Clone, Deserialize, Serialize, PartialEq, JsonSchema, TS)] pub struct CollabWaitingBeginEvent { #[serde(default)] @@ -4012,6 +4073,18 @@ mod tests { use tempfile::NamedTempFile; use tempfile::TempDir; + #[test] + fn feature_thread_source_serializes_as_its_app_owned_label() -> Result<()> { + let source = ThreadSource::Feature("automation".to_string()); + + assert_eq!(serde_json::to_value(&source)?, json!("automation")); + assert_eq!( + serde_json::from_value::(json!("automation"))?, + source + ); + Ok(()) + } + fn sorted_writable_roots(roots: Vec) -> Vec<(PathBuf, Vec)> { let mut sorted_roots: Vec<(PathBuf, Vec)> = roots .into_iter() @@ -4063,6 +4136,7 @@ mod tests { recipient: AgentPath::root().join("reviewer").expect("recipient path"), other_recipients: vec![AgentPath::root().join("worker").expect("recipient path")], content: "review the diff".to_string(), + encrypted_content: None, trigger_turn: true, }; @@ -4906,146 +4980,6 @@ mod tests { assert!(event.affects_turn_status()); } - #[test] - fn conversation_op_serializes_as_unnested_variants() { - let audio = Op::RealtimeConversationAudio(ConversationAudioParams { - frame: RealtimeAudioFrame { - data: "AQID".to_string(), - sample_rate: 24_000, - num_channels: 1, - samples_per_channel: Some(480), - item_id: None, - }, - }); - let start = Op::RealtimeConversationStart(ConversationStartParams { - output_modality: RealtimeOutputModality::Audio, - prompt: Some(Some("be helpful".to_string())), - realtime_session_id: Some("conv_1".to_string()), - transport: None, - voice: None, - }); - let webrtc_start = Op::RealtimeConversationStart(ConversationStartParams { - output_modality: RealtimeOutputModality::Audio, - prompt: Some(Some("be helpful".to_string())), - realtime_session_id: Some("conv_1".to_string()), - transport: Some(ConversationStartTransport::Webrtc { - sdp: "v=offer\r\n".to_string(), - }), - voice: Some(RealtimeVoice::Cove), - }); - let text = Op::RealtimeConversationText(ConversationTextParams { - text: "hello".to_string(), - }); - let close = Op::RealtimeConversationClose; - let default_prompt_start = Op::RealtimeConversationStart(ConversationStartParams { - output_modality: RealtimeOutputModality::Audio, - prompt: None, - realtime_session_id: None, - transport: None, - voice: None, - }); - let null_prompt_start = Op::RealtimeConversationStart(ConversationStartParams { - output_modality: RealtimeOutputModality::Audio, - prompt: Some(None), - realtime_session_id: None, - transport: None, - voice: None, - }); - let list_voices = Op::RealtimeConversationListVoices; - - assert_eq!( - serde_json::to_value(&start).unwrap(), - json!({ - "type": "realtime_conversation_start", - "output_modality": "audio", - "prompt": "be helpful", - "realtime_session_id": "conv_1" - }) - ); - assert_eq!( - serde_json::to_value(&default_prompt_start).unwrap(), - json!({ - "type": "realtime_conversation_start", - "output_modality": "audio" - }) - ); - assert_eq!( - serde_json::to_value(&null_prompt_start).unwrap(), - json!({ - "type": "realtime_conversation_start", - "output_modality": "audio", - "prompt": null - }) - ); - assert_eq!( - serde_json::from_value::(json!({ - "type": "realtime_conversation_start", - "output_modality": "audio" - })) - .unwrap(), - default_prompt_start - ); - assert_eq!( - serde_json::from_value::(json!({ - "type": "realtime_conversation_start", - "output_modality": "audio", - "prompt": null - })) - .unwrap(), - null_prompt_start - ); - assert_eq!( - serde_json::to_value(&audio).unwrap(), - json!({ - "type": "realtime_conversation_audio", - "frame": { - "data": "AQID", - "sample_rate": 24000, - "num_channels": 1, - "samples_per_channel": 480 - } - }) - ); - assert_eq!( - serde_json::from_value::(serde_json::to_value(&text).unwrap()).unwrap(), - text - ); - assert_eq!( - serde_json::to_value(&close).unwrap(), - json!({ - "type": "realtime_conversation_close" - }) - ); - assert_eq!( - serde_json::from_value::(serde_json::to_value(&close).unwrap()).unwrap(), - close - ); - assert_eq!( - serde_json::to_value(&list_voices).unwrap(), - json!({ - "type": "realtime_conversation_list_voices" - }) - ); - assert_eq!( - serde_json::from_value::(serde_json::to_value(&list_voices).unwrap()).unwrap(), - list_voices - ); - assert_eq!( - serde_json::to_value(&webrtc_start).unwrap(), - json!({ - "type": "realtime_conversation_start", - "output_modality": "audio", - "prompt": "be helpful", - "realtime_session_id": "conv_1", - "transport": { - "type": "webrtc", - "sdp": "v=offer\r\n" - }, - "voice": "cove" - }) - ); - } - #[test] fn realtime_conversation_started_event_uses_realtime_session_id() { let event = RealtimeConversationStartedEvent { @@ -5096,104 +5030,6 @@ mod tests { ); } - #[test] - fn user_input_serialization_omits_final_output_json_schema_when_none() -> Result<()> { - let op = Op::UserInput { - environments: None, - items: Vec::new(), - final_output_json_schema: None, - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - }; - - let json_op = serde_json::to_value(op)?; - assert_eq!(json_op, json!({ "type": "user_input", "items": [] })); - - Ok(()) - } - - #[test] - fn user_input_deserializes_without_final_output_json_schema_field() -> Result<()> { - let op: Op = serde_json::from_value(json!({ "type": "user_input", "items": [] }))?; - - assert_eq!( - op, - Op::UserInput { - environments: None, - items: Vec::new(), - final_output_json_schema: None, - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - } - ); - - Ok(()) - } - - #[test] - fn user_input_serialization_includes_final_output_json_schema_when_some() -> Result<()> { - let schema = json!({ - "type": "object", - "properties": { - "answer": { "type": "string" } - }, - "required": ["answer"], - "additionalProperties": false - }); - let op = Op::UserInput { - environments: None, - items: Vec::new(), - final_output_json_schema: Some(schema.clone()), - responsesapi_client_metadata: None, - additional_context: Default::default(), - thread_settings: Default::default(), - }; - - let json_op = serde_json::to_value(op)?; - assert_eq!( - json_op, - json!({ - "type": "user_input", - "items": [], - "final_output_json_schema": schema, - }) - ); - - Ok(()) - } - - #[test] - fn user_input_with_responsesapi_client_metadata_round_trips() -> Result<()> { - let op = Op::UserInput { - environments: None, - items: Vec::new(), - final_output_json_schema: None, - responsesapi_client_metadata: Some(HashMap::from([( - "fiber_run_id".to_string(), - "fiber-123".to_string(), - )])), - additional_context: Default::default(), - thread_settings: Default::default(), - }; - - let json_op = serde_json::to_value(&op)?; - assert_eq!( - json_op, - json!({ - "type": "user_input", - "items": [], - "responsesapi_client_metadata": { - "fiber_run_id": "fiber-123", - } - }) - ); - assert_eq!(serde_json::from_value::(json_op)?, op); - - Ok(()) - } - #[test] fn user_input_text_serializes_empty_text_elements() -> Result<()> { let input = UserInput::Text { @@ -5328,6 +5164,7 @@ mod tests { assert_eq!(item.network, None); assert_eq!(item.file_system_sandbox_policy, None); + assert_eq!(item.comp_hash, None); Ok(()) } @@ -5388,6 +5225,7 @@ mod tests { }, ])), model: "gpt-5".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, diff --git a/codex-rs/rmcp-client/Cargo.toml b/codex-rs/rmcp-client/Cargo.toml index e3417de70ec..1006ad74e80 100644 --- a/codex-rs/rmcp-client/Cargo.toml +++ b/codex-rs/rmcp-client/Cargo.toml @@ -70,6 +70,7 @@ codex-utils-cargo-bin = { workspace = true } pretty_assertions = { workspace = true } serial_test = { workspace = true } tempfile = { workspace = true } +wiremock = { workspace = true } [target.'cfg(target_os = "linux")'.dependencies] keyring = { workspace = true, features = ["linux-native-async-persistent"] } diff --git a/codex-rs/rmcp-client/src/auth_status.rs b/codex-rs/rmcp-client/src/auth_status.rs index 0b3b3bf6a76..bef9edc6c93 100644 --- a/codex-rs/rmcp-client/src/auth_status.rs +++ b/codex-rs/rmcp-client/src/auth_status.rs @@ -12,7 +12,8 @@ use reqwest::header::HeaderMap; use serde::Deserialize; use tracing::debug; -use crate::oauth::has_oauth_tokens; +use crate::oauth::StoredOAuthTokenStatus; +use crate::oauth::oauth_token_status; use crate::utils::apply_default_headers; use crate::utils::build_default_headers; use codex_config::types::OAuthCredentialsStoreMode; @@ -44,8 +45,12 @@ pub async fn determine_streamable_http_auth_status( return Ok(McpAuthStatus::BearerToken); } - if has_oauth_tokens(server_name, url, store_mode)? { - return Ok(McpAuthStatus::OAuth); + match oauth_token_status(server_name, url, store_mode)? { + StoredOAuthTokenStatus::Usable => return Ok(McpAuthStatus::OAuth), + StoredOAuthTokenStatus::AuthorizationRequired => { + return Ok(McpAuthStatus::NotLoggedIn); + } + StoredOAuthTokenStatus::Missing => {} } match discover_streamable_http_oauth_with_headers(url, &default_headers).await { diff --git a/codex-rs/rmcp-client/src/bin/test_streamable_http_server.rs b/codex-rs/rmcp-client/src/bin/test_streamable_http_server.rs index 2384d394736..5232c04dd42 100644 --- a/codex-rs/rmcp-client/src/bin/test_streamable_http_server.rs +++ b/codex-rs/rmcp-client/src/bin/test_streamable_http_server.rs @@ -8,6 +8,7 @@ use std::time::Duration; use axum::Router; use axum::body::Body; +use axum::body::to_bytes; use axum::extract::Json; use axum::extract::State; use axum::http::HeaderMap; @@ -48,6 +49,7 @@ use rmcp::transport::StreamableHttpServerConfig; use rmcp::transport::StreamableHttpService; use rmcp::transport::streamable_http_server::session::local::LocalSessionManager; use serde::Deserialize; +use serde_json::Value; use serde_json::json; use tokio::sync::Mutex; use tokio::task; @@ -64,18 +66,32 @@ const MEMO_URI: &str = "memo://codex/example-note"; const MEMO_CONTENT: &str = "This is a sample MCP resource served by the rmcp test server."; const MCP_SESSION_ID_HEADER: &str = "mcp-session-id"; const SESSION_POST_FAILURE_CONTROL_PATH: &str = "/test/control/session-post-failure"; +const INITIALIZE_POST_FAILURE_CONTROL_PATH: &str = "/test/control/initialize-post-failure"; +const INITIALIZED_NOTIFICATION_POST_FAILURE_CONTROL_PATH: &str = + "/test/control/initialized-notification-post-failure"; +const MAX_MCP_POST_BODY_BYTES: usize = 1024 * 1024; #[derive(Clone, Default)] -struct SessionFailureState { +struct PostFailureState { armed_failure: Arc>>, } +#[derive(Clone, Copy, Debug)] +enum ArmedFailureTarget { + Initialize, + InitializedNotification, + Session, +} + #[derive(Clone, Debug)] struct ArmedFailure { + target: ArmedFailureTarget, status: StatusCode, remaining: usize, /// Raw `WWW-Authenticate` challenge header field values returned with the failure. www_authenticate_headers: Vec, + content_type: Option, + body: Option, } #[derive(Debug, Deserialize)] @@ -85,6 +101,8 @@ struct ArmSessionPostFailureRequest { /// Raw `WWW-Authenticate` challenge header field values to add to the failure. #[serde(default)] www_authenticate_headers: Vec, + content_type: Option, + body: Option, } #[derive(Deserialize)] @@ -97,7 +115,7 @@ struct EchoArgs { #[tokio::main] async fn main() -> Result<(), Box> { let bind_addr = parse_bind_addr()?; - let session_failure_state = SessionFailureState::default(); + let post_failure_state = PostFailureState::default(); const MAX_BIND_RETRIES: u32 = 20; const BIND_RETRY_DELAY: Duration = Duration::from_millis(50); @@ -129,6 +147,14 @@ async fn main() -> Result<(), Box> { SESSION_POST_FAILURE_CONTROL_PATH, post(arm_session_post_failure), ) + .route( + INITIALIZE_POST_FAILURE_CONTROL_PATH, + post(arm_initialize_post_failure), + ) + .route( + INITIALIZED_NOTIFICATION_POST_FAILURE_CONTROL_PATH, + post(arm_initialized_notification_post_failure), + ) .route( "/.well-known/oauth-authorization-server/mcp", get({ @@ -162,10 +188,10 @@ async fn main() -> Result<(), Box> { ), ) .layer(middleware::from_fn_with_state( - session_failure_state.clone(), - fail_session_post_when_armed, + post_failure_state.clone(), + fail_mcp_post_when_armed, )) - .with_state(session_failure_state); + .with_state(post_failure_state); let router = if let Ok(token) = std::env::var("MCP_EXPECT_BEARER") { let expected = Arc::new(format!("Bearer {token}")); @@ -404,8 +430,30 @@ async fn require_bearer( } async fn arm_session_post_failure( - State(state): State, + State(state): State, + Json(request): Json, +) -> Result { + arm_post_failure(state, request, ArmedFailureTarget::Session).await +} + +async fn arm_initialize_post_failure( + State(state): State, + Json(request): Json, +) -> Result { + arm_post_failure(state, request, ArmedFailureTarget::Initialize).await +} + +async fn arm_initialized_notification_post_failure( + State(state): State, Json(request): Json, +) -> Result { + arm_post_failure(state, request, ArmedFailureTarget::InitializedNotification).await +} + +async fn arm_post_failure( + state: PostFailureState, + request: ArmSessionPostFailureRequest, + target: ArmedFailureTarget, ) -> Result { let status = StatusCode::from_u16(request.status).map_err(|_| StatusCode::BAD_REQUEST)?; let www_authenticate_headers = request @@ -413,46 +461,76 @@ async fn arm_session_post_failure( .into_iter() .map(|value| HeaderValue::from_str(&value).map_err(|_| StatusCode::BAD_REQUEST)) .collect::, _>>()?; + let content_type = request + .content_type + .map(|value| HeaderValue::from_str(&value).map_err(|_| StatusCode::BAD_REQUEST)) + .transpose()?; let armed_failure = if request.remaining == 0 { None } else { Some(ArmedFailure { + target, status, remaining: request.remaining, www_authenticate_headers, + content_type, + body: request.body, }) }; *state.armed_failure.lock().await = armed_failure; Ok(StatusCode::NO_CONTENT) } -async fn fail_session_post_when_armed( - State(state): State, +async fn fail_mcp_post_when_armed( + State(state): State, request: Request, next: Next, ) -> Response { - if request.uri().path() != "/mcp" - || request.method() != Method::POST - || !request.headers().contains_key(MCP_SESSION_ID_HEADER) - { + if request.uri().path() != "/mcp" || request.method() != Method::POST { return next.run(request).await; } + let (parts, body) = request.into_parts(); + let body_bytes = match to_bytes(body, MAX_MCP_POST_BODY_BYTES).await { + Ok(body_bytes) => body_bytes, + Err(_) => { + let mut response = Response::new(Body::from("failed to read request body")); + *response.status_mut() = StatusCode::BAD_REQUEST; + return response; + } + }; + let has_session_id = parts.headers.contains_key(MCP_SESSION_ID_HEADER); + let mcp_method = request_mcp_method(&body_bytes); { let mut armed_failure = state.armed_failure.lock().await; if let Some(failure) = armed_failure.as_mut() && failure.remaining > 0 + && match failure.target { + ArmedFailureTarget::Initialize => !has_session_id, + ArmedFailureTarget::InitializedNotification => { + has_session_id && mcp_method.as_deref() == Some("notifications/initialized") + } + ArmedFailureTarget::Session => { + has_session_id && mcp_method.as_deref() != Some("notifications/initialized") + } + } { failure.remaining -= 1; let status = failure.status; let www_authenticate_headers = failure.www_authenticate_headers.clone(); + let content_type = failure.content_type.clone(); + let body = failure + .body + .clone() + .unwrap_or_else(|| format!("forced session failure with status {status}")); if failure.remaining == 0 { *armed_failure = None; } - let mut response = Response::new(Body::from(format!( - "forced session failure with status {status}" - ))); + let mut response = Response::new(Body::from(body)); *response.status_mut() = status; + if let Some(content_type) = content_type { + response.headers_mut().insert(CONTENT_TYPE, content_type); + } for www_authenticate_header in www_authenticate_headers { response .headers_mut() @@ -462,5 +540,14 @@ async fn fail_session_post_when_armed( } } - next.run(request).await + next.run(Request::from_parts(parts, Body::from(body_bytes))) + .await +} + +fn request_mcp_method(body: &[u8]) -> Option { + serde_json::from_slice::(body) + .ok()? + .get("method")? + .as_str() + .map(ToString::to_string) } diff --git a/codex-rs/rmcp-client/src/http_client_adapter.rs b/codex-rs/rmcp-client/src/http_client_adapter.rs index 6f98f789205..a9cdc7b88fc 100644 --- a/codex-rs/rmcp-client/src/http_client_adapter.rs +++ b/codex-rs/rmcp-client/src/http_client_adapter.rs @@ -28,6 +28,8 @@ use reqwest::header::CONTENT_TYPE; use reqwest::header::HeaderMap; use reqwest::header::HeaderName; use rmcp::model::ClientJsonRpcMessage; +use rmcp::model::ClientNotification; +use rmcp::model::ConstString; use rmcp::model::JsonRpcMessage; use rmcp::model::ServerJsonRpcMessage; use rmcp::transport::streamable_http_client::AuthRequiredError; @@ -185,6 +187,25 @@ impl StreamableHttpClient for StreamableHttpClientAdapter { let content_type = response_header(&response.headers, CONTENT_TYPE); let session_id = response_header(&response.headers, HEADER_SESSION_ID); + if !status_is_success(response.status) { + let body = collect_body(&mut body_stream).await?; + if !retryable_post_response_status(mcp_method.as_deref(), response.status) + && content_type + .as_deref() + .is_some_and(|content_type| content_type.starts_with(JSON_MIME_TYPE)) + && let Some(message) = parse_json_rpc_error(&body) + { + return Ok(StreamableHttpPostResponse::Json(message, session_id)); + } + return Err(StreamableHttpError::UnexpectedServerResponse( + format!( + "HTTP {}: {}", + response.status, + body_preview(String::from_utf8_lossy(&body).to_string()) + ) + .into(), + )); + } match content_type.as_deref() { Some(content_type) if content_type.starts_with(EVENT_STREAM_MIME_TYPE) => { let event_stream = sse_stream_from_body(body_stream); @@ -380,7 +401,26 @@ fn client_jsonrpc_message_fields( Some(request.id.to_string()), ), JsonRpcMessage::Response(response) => (None, Some(response.id.to_string())), - JsonRpcMessage::Notification(_) => (None, None), + JsonRpcMessage::Notification(notification) => { + let method = match ¬ification.notification { + ClientNotification::CancelledNotification(notification) => { + notification.method.as_str() + } + ClientNotification::ProgressNotification(notification) => { + notification.method.as_str() + } + ClientNotification::InitializedNotification(notification) => { + notification.method.as_str() + } + ClientNotification::RootsListChangedNotification(notification) => { + notification.method.as_str() + } + ClientNotification::CustomNotification(notification) => { + notification.method.as_str() + } + }; + (Some(method.to_string()), None) + } JsonRpcMessage::Error(error) => (None, error.id.as_ref().map(ToString::to_string)), } } @@ -463,6 +503,36 @@ fn status_is_success(status: u16) -> bool { StatusCode::from_u16(status).is_ok_and(|status| status.is_success()) } +fn retryable_post_response_status(mcp_method: Option<&str>, status: u16) -> bool { + let Ok(status) = StatusCode::from_u16(status) else { + return false; + }; + is_retryable_http_status(status) + && matches!( + mcp_method, + Some("initialize" | "notifications/initialized" | "tools/list") + ) +} + +fn is_retryable_http_status(status: StatusCode) -> bool { + matches!( + status, + StatusCode::REQUEST_TIMEOUT + | StatusCode::TOO_MANY_REQUESTS + | StatusCode::INTERNAL_SERVER_ERROR + | StatusCode::BAD_GATEWAY + | StatusCode::SERVICE_UNAVAILABLE + | StatusCode::GATEWAY_TIMEOUT + ) +} + +fn parse_json_rpc_error(body: &[u8]) -> Option { + match serde_json::from_slice::(body) { + Ok(message @ JsonRpcMessage::Error(_)) => Some(message), + _ => None, + } +} + async fn collect_body( body_stream: &mut HttpResponseBodyStream, ) -> std::result::Result, StreamableHttpError> { diff --git a/codex-rs/rmcp-client/src/oauth.rs b/codex-rs/rmcp-client/src/oauth.rs index e23eee84bee..5742660277f 100644 --- a/codex-rs/rmcp-client/src/oauth.rs +++ b/codex-rs/rmcp-client/src/oauth.rs @@ -76,6 +76,13 @@ impl PartialEq for WrappedOAuthTokenResponse { } } +#[derive(Debug, PartialEq, Eq)] +pub(crate) enum StoredOAuthTokenStatus { + Missing, + Usable, + AuthorizationRequired, +} + pub(crate) fn load_oauth_tokens( server_name: &str, url: &str, @@ -94,12 +101,33 @@ pub(crate) fn load_oauth_tokens( } } -pub(crate) fn has_oauth_tokens( +pub(crate) fn oauth_token_status( server_name: &str, url: &str, store_mode: OAuthCredentialsStoreMode, -) -> Result { - Ok(load_oauth_tokens(server_name, url, store_mode)?.is_some()) +) -> Result { + Ok( + match load_oauth_tokens(server_name, url, store_mode)?.as_ref() { + None => StoredOAuthTokenStatus::Missing, + Some(tokens) if oauth_tokens_are_usable(tokens) => StoredOAuthTokenStatus::Usable, + Some(_) => StoredOAuthTokenStatus::AuthorizationRequired, + }, + ) +} + +fn oauth_tokens_are_usable(tokens: &StoredOAuthTokens) -> bool { + if tokens.client_id.trim().is_empty() { + return false; + } + + let token_response = &tokens.token_response.0; + if token_needs_refresh(tokens.expires_at) { + return token_response + .refresh_token() + .is_some_and(|token| !token.secret().trim().is_empty()); + } + + !token_response.access_token().secret().trim().is_empty() } fn refresh_expires_in_from_timestamp(tokens: &mut StoredOAuthTokens) { @@ -113,7 +141,13 @@ fn refresh_expires_in_from_timestamp(tokens: &mut StoredOAuthTokens) { tokens.token_response.0.set_expires_in(Some(&duration)); } None => { - tokens.token_response.0.set_expires_in(None); + // RMCP treats a missing expiry as unknown and uses the access token + // as-is. Treat a known-expired timestamp as an explicit zero so + // startup refreshes the token before the first request. + tokens + .token_response + .0 + .set_expires_in(Some(&Duration::ZERO)); } } } @@ -830,7 +864,7 @@ mod tests { } #[test] - fn refresh_expires_in_from_timestamp_clears_expired_tokens() { + fn refresh_expires_in_from_timestamp_marks_expired_tokens() { let mut tokens = sample_tokens(); let now = SystemTime::now() .duration_since(UNIX_EPOCH) @@ -843,7 +877,85 @@ mod tests { super::refresh_expires_in_from_timestamp(&mut tokens); - assert!(tokens.token_response.0.expires_in().is_none()); + assert_eq!(tokens.token_response.0.expires_in(), Some(Duration::ZERO)); + } + + #[test] + fn oauth_tokens_are_usable_when_expiry_is_unknown() { + let mut tokens = sample_tokens(); + tokens.expires_at = None; + tokens.token_response.0.set_refresh_token(None); + + assert!(super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_usable_when_unexpired_without_refresh_token() { + let mut tokens = sample_tokens(); + tokens.token_response.0.set_refresh_token(None); + + assert!(super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_usable_when_expired_but_refreshable() { + let mut tokens = sample_tokens(); + tokens.expires_at = Some(0); + + assert!(super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_not_usable_when_expired_and_unrefreshable() { + let mut tokens = sample_tokens(); + tokens.expires_at = Some(0); + tokens.token_response.0.set_refresh_token(None); + + assert!(!super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_not_usable_when_near_expiry_and_unrefreshable() { + let mut tokens = sample_tokens(); + let now = SystemTime::now() + .duration_since(UNIX_EPOCH) + .unwrap_or_else(|_| Duration::from_secs(0)) + .as_millis() as u64; + tokens.expires_at = Some(now.saturating_add(REFRESH_SKEW_MILLIS - 1)); + tokens.token_response.0.set_refresh_token(None); + + assert!(!super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_not_usable_when_client_id_is_blank() { + let mut tokens = sample_tokens(); + tokens.client_id = " ".to_string(); + + assert!(!super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_not_usable_when_access_token_is_blank() { + let mut tokens = sample_tokens(); + tokens + .token_response + .0 + .set_access_token(AccessToken::new(" ".to_string())); + + assert!(!super::oauth_tokens_are_usable(&tokens)); + } + + #[test] + fn oauth_tokens_are_not_usable_when_required_refresh_token_is_blank() { + let mut tokens = sample_tokens(); + tokens.expires_at = Some(0); + tokens + .token_response + .0 + .set_refresh_token(Some(RefreshToken::new(" ".to_string()))); + + assert!(!super::oauth_tokens_are_usable(&tokens)); } fn assert_tokens_match_without_expiry( diff --git a/codex-rs/rmcp-client/src/rmcp_client.rs b/codex-rs/rmcp-client/src/rmcp_client.rs index 90b09d724c3..a28403e67cd 100644 --- a/codex-rs/rmcp-client/src/rmcp_client.rs +++ b/codex-rs/rmcp-client/src/rmcp_client.rs @@ -74,6 +74,13 @@ use crate::utils::apply_default_headers; use crate::utils::build_default_headers; use codex_config::types::OAuthCredentialsStoreMode; +#[path = "streamable_http_retry.rs"] +mod streamable_http_retry; + +use self::streamable_http_retry::HandshakeError; +use self::streamable_http_retry::STREAMABLE_HTTP_RETRY_DELAYS_MS; +use self::streamable_http_retry::sleep_with_retry_deadline; + enum PendingTransport { InProcess { transport: tokio::io::DuplexStream, @@ -223,6 +230,25 @@ enum ClientOperationError { Timeout { label: String, duration: Duration }, } +fn remaining_operation_timeout( + label: &str, + timeout: Option, + deadline: Option, +) -> std::result::Result, ClientOperationError> { + let Some(deadline) = deadline else { + return Ok(None); + }; + let remaining = deadline.saturating_duration_since(Instant::now()); + if remaining.is_zero() { + Err(ClientOperationError::Timeout { + label: label.to_string(), + duration: timeout.unwrap_or(remaining), + }) + } else { + Ok(Some(remaining)) + } +} + pub type Elicitation = CreateElicitationRequestParams; #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)] @@ -396,9 +422,13 @@ impl RmcpClient { } }; - let (service, oauth_persistor) = - Self::connect_pending_transport(pending_transport, client_service.clone(), timeout) - .await?; + let (service, oauth_persistor) = self + .connect_pending_transport_with_initialize_retries( + pending_transport, + client_service.clone(), + timeout, + ) + .await?; let initialize_result_rmcp = service .peer() @@ -845,14 +875,31 @@ impl RmcpClient { ), }; - let service = match timeout { - Some(duration) => time::timeout(duration, transport) - .await - .map_err(|_| anyhow!("timed out handshaking with MCP server after {duration:?}"))? - .map_err(|err| anyhow!("handshaking with MCP server failed: {err}"))?, + let service_result = match timeout { + Some(duration) => match time::timeout(duration, transport).await { + Ok(result) => { + result.map_err(|source| anyhow::Error::from(HandshakeError { source })) + } + Err(_elapsed) => Err(anyhow!( + "timed out handshaking with MCP server after {duration:?}" + )), + }, None => transport .await - .map_err(|err| anyhow!("handshaking with MCP server failed: {err}"))?, + .map_err(|source| anyhow::Error::from(HandshakeError { source })), + }; + let service = match service_result { + Ok(service) => service, + Err(error) => { + if let Some(runtime) = oauth_persistor.as_ref() + && let Err(persist_error) = runtime.persist_if_needed().await + { + warn!( + "failed to persist OAuth tokens after failed initialize: {persist_error}" + ); + } + return Err(error); + } }; Ok((Arc::new(service), oauth_persistor)) @@ -869,7 +916,7 @@ impl RmcpClient { Fut: std::future::Future>, { let service = self.service().await?; - match Self::run_service_operation_once( + match Self::run_service_operation_with_transient_retries( Arc::clone(&service), label, timeout, @@ -882,7 +929,7 @@ impl RmcpClient { Err(error) if Self::is_session_expired_404(&error) => { self.reinitialize_after_session_expiry(&service).await?; let recovered_service = self.service().await?; - Self::run_service_operation_once( + Self::run_service_operation_with_transient_retries( recovered_service, label, timeout, @@ -896,6 +943,62 @@ impl RmcpClient { } } + async fn run_service_operation_with_transient_retries( + service: Arc>, + label: &str, + timeout: Option, + pause_state: ElicitationPauseState, + operation: &F, + ) -> std::result::Result + where + F: Fn(Arc>) -> Fut, + Fut: std::future::Future>, + { + let retry_deadline = timeout.map(|duration| Instant::now() + duration); + for (attempt, retry_delay_ms) in STREAMABLE_HTTP_RETRY_DELAYS_MS + .iter() + .copied() + .map(Some) + .chain(std::iter::once(None)) + .enumerate() + { + let attempt_timeout = remaining_operation_timeout(label, timeout, retry_deadline)?; + match Self::run_service_operation_once( + Arc::clone(&service), + label, + attempt_timeout, + pause_state.clone(), + operation, + ) + .await + { + Ok(result) => return Ok(result), + Err(error) if Self::is_retryable_tools_list_error(label, &error) => { + let Some(retry_delay_ms) = retry_delay_ms else { + return Err(error); + }; + let delay = Duration::from_millis(retry_delay_ms); + warn!( + attempt = attempt + 1, + max_attempts = STREAMABLE_HTTP_RETRY_DELAYS_MS.len() + 1, + delay_ms = delay.as_millis(), + error = %error, + "streamable HTTP MCP tools/list failed with a retryable error; retrying" + ); + if !sleep_with_retry_deadline(delay, retry_deadline).await { + return Err(ClientOperationError::Timeout { + label: label.to_string(), + duration: timeout.unwrap_or(delay), + }); + } + } + Err(error) => return Err(error), + } + } + + unreachable!("service operation retry loop should return on success or final error") + } + async fn run_service_operation_once( service: Arc>, label: &str, @@ -921,6 +1024,22 @@ impl RmcpClient { } } + fn is_retryable_tools_list_error(label: &str, error: &ClientOperationError) -> bool { + if label != "tools/list" { + return false; + } + let ClientOperationError::Service(rmcp::service::ServiceError::TransportSend(error)) = + error + else { + return false; + }; + + error + .error + .downcast_ref::>() + .is_some_and(Self::is_retryable_streamable_http_error) + } + fn is_session_expired_404(error: &ClientOperationError) -> bool { let ClientOperationError::Service(rmcp::service::ServiceError::TransportSend(error)) = error @@ -974,12 +1093,13 @@ impl RmcpClient { .clone() .ok_or_else(|| anyhow!("MCP client cannot recover before initialize succeeds"))?; let pending_transport = Self::create_pending_transport(&self.transport_recipe).await?; - let (service, oauth_persistor) = Self::connect_pending_transport( - pending_transport, - initialize_context.client_service, - initialize_context.timeout, - ) - .await?; + let (service, oauth_persistor) = self + .connect_pending_transport_with_initialize_retries( + pending_transport, + initialize_context.client_service, + initialize_context.timeout, + ) + .await?; { let mut guard = self.state.lock().await; diff --git a/codex-rs/rmcp-client/src/streamable_http_retry.rs b/codex-rs/rmcp-client/src/streamable_http_retry.rs new file mode 100644 index 00000000000..73da95de58e --- /dev/null +++ b/codex-rs/rmcp-client/src/streamable_http_retry.rs @@ -0,0 +1,239 @@ +use std::sync::Arc; +use std::time::Duration; +use std::time::Instant; + +use anyhow::Result; +use anyhow::anyhow; +use codex_exec_server::ExecServerError; +use reqwest::StatusCode; +use rmcp::service::RoleClient; +use rmcp::service::RunningService; +use rmcp::transport::streamable_http_client::StreamableHttpError; +use tokio::time; +use tracing::warn; + +use crate::elicitation_client_service::ElicitationClientService; +use crate::http_client_adapter::StreamableHttpClientAdapterError; +use crate::oauth::OAuthPersistor; + +use super::PendingTransport; +use super::RmcpClient; + +const JSON_RPC_INTERNAL_ERROR_CODE: i64 = -32603; +pub(super) const STREAMABLE_HTTP_RETRY_DELAYS_MS: [u64; 2] = [250, 1_000]; + +impl RmcpClient { + pub(super) async fn connect_pending_transport_with_initialize_retries( + &self, + initial_transport: PendingTransport, + client_service: ElicitationClientService, + timeout: Option, + ) -> Result<( + Arc>, + Option, + )> { + let should_retry = match &initial_transport { + PendingTransport::InProcess { .. } | PendingTransport::Stdio { .. } => false, + PendingTransport::StreamableHttp { .. } + | PendingTransport::StreamableHttpWithOAuth { .. } => true, + }; + let retry_deadline = timeout.map(|duration| Instant::now() + duration); + let mut pending_transport = Some(initial_transport); + + for (attempt, retry_delay_ms) in STREAMABLE_HTTP_RETRY_DELAYS_MS + .iter() + .copied() + .map(Some) + .chain(std::iter::once(None)) + .enumerate() + { + let transport = match pending_transport.take() { + Some(transport) => transport, + None => { + let remaining = remaining_initialize_timeout(timeout, retry_deadline)?; + match remaining { + Some(remaining) => time::timeout( + remaining, + Self::create_pending_transport(&self.transport_recipe), + ) + .await + .map_err(|_| initialize_timeout_error(timeout, remaining))??, + None => Self::create_pending_transport(&self.transport_recipe).await?, + } + } + }; + let attempt_timeout = remaining_initialize_timeout(timeout, retry_deadline)?; + + match Self::connect_pending_transport( + transport, + client_service.clone(), + attempt_timeout, + ) + .await + { + Ok(result) => return Ok(result), + Err(error) if should_retry && Self::is_retryable_initialize_error(&error) => { + let Some(retry_delay_ms) = retry_delay_ms else { + return Err(error); + }; + let delay = Duration::from_millis(retry_delay_ms); + warn!( + attempt = attempt + 1, + max_attempts = STREAMABLE_HTTP_RETRY_DELAYS_MS.len() + 1, + delay_ms = delay.as_millis(), + error = %error, + "streamable HTTP MCP initialize failed with a retryable error; retrying" + ); + if !sleep_with_retry_deadline(delay, retry_deadline).await { + let duration = timeout.unwrap_or(delay); + return Err(anyhow!( + "timed out handshaking with MCP server after {duration:?}" + )); + } + } + Err(error) => return Err(error), + } + } + + unreachable!("initialize retry loop should return on success or final error") + } + + fn is_retryable_initialize_error(error: &anyhow::Error) -> bool { + error.chain().any(|source| { + source + .downcast_ref::() + .is_some_and(|error| Self::is_retryable_client_initialize_error(&error.source)) + || source + .downcast_ref::() + .is_some_and(Self::is_retryable_client_initialize_error) + }) + } + + fn is_retryable_client_initialize_error(error: &rmcp::service::ClientInitializeError) -> bool { + match error { + rmcp::service::ClientInitializeError::TransportError { error, context } + if context.as_ref() == "send initialize request" => + { + error + .error + .downcast_ref::>() + .is_some_and(Self::is_retryable_streamable_http_error) + } + rmcp::service::ClientInitializeError::TransportError { error, context } + if context.as_ref() == "send initialized notification" => + { + error + .error + .downcast_ref::>() + .is_some_and(|error| { + matches!(error, StreamableHttpError::TransportChannelClosed) + || Self::is_retryable_streamable_http_error(error) + }) + } + _ => false, + } + } + + pub(super) fn is_retryable_streamable_http_error( + error: &StreamableHttpError, + ) -> bool { + match error { + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::HttpRequest(_), + )) => true, + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::Server { code, message }, + )) => { + *code == JSON_RPC_INTERNAL_ERROR_CODE && message.starts_with("http/request failed:") + } + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::Protocol(message), + )) => message.starts_with("http response stream `") && message.contains("` failed:"), + StreamableHttpError::UnexpectedServerResponse(message) => { + is_retryable_unexpected_server_response(message.as_ref()) + } + StreamableHttpError::AuthRequired(_) + | StreamableHttpError::InsufficientScope(_) + | StreamableHttpError::SessionExpired + | StreamableHttpError::UnexpectedContentType(_) + | StreamableHttpError::ServerDoesNotSupportSse + | StreamableHttpError::Deserialize(_) + | StreamableHttpError::Client(StreamableHttpClientAdapterError::SessionExpired404) + | StreamableHttpError::Client(StreamableHttpClientAdapterError::Header(_)) => false, + _ => false, + } + } +} + +fn is_retryable_unexpected_server_response(message: &str) -> bool { + let Some(message) = message.strip_prefix("HTTP ") else { + return false; + }; + let status_code = message + .chars() + .take_while(char::is_ascii_digit) + .collect::(); + let Ok(status) = status_code.parse::() else { + return false; + }; + let Ok(status) = StatusCode::from_u16(status) else { + return false; + }; + is_retryable_http_status(status) +} + +fn is_retryable_http_status(status: StatusCode) -> bool { + matches!( + status, + StatusCode::REQUEST_TIMEOUT + | StatusCode::TOO_MANY_REQUESTS + | StatusCode::INTERNAL_SERVER_ERROR + | StatusCode::BAD_GATEWAY + | StatusCode::SERVICE_UNAVAILABLE + | StatusCode::GATEWAY_TIMEOUT + ) +} + +fn remaining_initialize_timeout( + timeout: Option, + deadline: Option, +) -> Result> { + let Some(deadline) = deadline else { + return Ok(None); + }; + let remaining = deadline.saturating_duration_since(Instant::now()); + if remaining.is_zero() { + Err(initialize_timeout_error(timeout, remaining)) + } else { + Ok(Some(remaining)) + } +} + +fn initialize_timeout_error(timeout: Option, fallback: Duration) -> anyhow::Error { + let duration = timeout.unwrap_or(fallback); + anyhow!("timed out handshaking with MCP server after {duration:?}") +} + +pub(super) async fn sleep_with_retry_deadline(delay: Duration, deadline: Option) -> bool { + if let Some(deadline) = deadline { + let remaining = deadline.saturating_duration_since(Instant::now()); + if remaining.is_zero() { + return false; + } + time::timeout(remaining, time::sleep(delay)).await.is_ok() + } else { + time::sleep(delay).await; + true + } +} + +#[derive(Debug, thiserror::Error)] +#[error("handshaking with MCP server failed: {source}")] +pub(super) struct HandshakeError { + #[source] + pub(super) source: rmcp::service::ClientInitializeError, +} + +#[cfg(test)] +#[path = "streamable_http_retry_tests.rs"] +mod tests; diff --git a/codex-rs/rmcp-client/src/streamable_http_retry_tests.rs b/codex-rs/rmcp-client/src/streamable_http_retry_tests.rs new file mode 100644 index 00000000000..ed0d8030e65 --- /dev/null +++ b/codex-rs/rmcp-client/src/streamable_http_retry_tests.rs @@ -0,0 +1,74 @@ +use std::any::TypeId; + +use codex_exec_server::ExecServerError; +use pretty_assertions::assert_eq; +use rmcp::transport::DynamicTransportError; +use rmcp::transport::streamable_http_client::StreamableHttpError; + +use crate::http_client_adapter::StreamableHttpClientAdapterError; + +use super::*; + +#[test] +fn retryable_initialize_error_includes_initialized_notification_context() { + let contexts = [ + "send initialize request", + "send initialized notification", + "receive initialize response", + ]; + + assert_eq!( + contexts.map(|context| { + RmcpClient::is_retryable_client_initialize_error(&retryable_initialize_error(context)) + }), + [true, true, false], + ); +} + +#[test] +fn retryable_streamable_http_error_includes_remote_body_stream_failure() { + let errors = [ + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::HttpRequest("error sending request for url".to_string()), + )), + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::Server { + code: JSON_RPC_INTERNAL_ERROR_CODE, + message: "http/request failed: error sending request for url".to_string(), + }, + )), + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::Protocol( + "http response stream `http-1` failed: exec-server transport disconnected" + .to_string(), + ), + )), + StreamableHttpError::Client(StreamableHttpClientAdapterError::HttpRequest( + ExecServerError::Protocol( + "http response stream `http-1` received seq 2, expected 1".to_string(), + ), + )), + StreamableHttpError::UnexpectedServerResponse("HTTP 502: upstream failure".into()), + StreamableHttpError::UnexpectedServerResponse("HTTP 400: bad request".into()), + ]; + + assert_eq!( + errors.map(|error| RmcpClient::is_retryable_streamable_http_error(&error)), + [true, true, true, false, true, false], + ); +} + +fn retryable_initialize_error(context: &'static str) -> rmcp::service::ClientInitializeError { + rmcp::service::ClientInitializeError::TransportError { + error: DynamicTransportError::from_parts( + "streamable_http", + TypeId::of::<()>(), + Box::new(StreamableHttpError::Client( + StreamableHttpClientAdapterError::HttpRequest(ExecServerError::HttpRequest( + "error sending request for url".to_string(), + )), + )), + ), + context: context.into(), + } +} diff --git a/codex-rs/rmcp-client/tests/streamable_http_oauth_startup.rs b/codex-rs/rmcp-client/tests/streamable_http_oauth_startup.rs new file mode 100644 index 00000000000..d7d8cf42323 --- /dev/null +++ b/codex-rs/rmcp-client/tests/streamable_http_oauth_startup.rs @@ -0,0 +1,258 @@ +mod streamable_http_test_support; + +use std::time::Duration; +use std::time::SystemTime; +use std::time::UNIX_EPOCH; + +use codex_config::types::OAuthCredentialsStoreMode; +use codex_exec_server::Environment; +use codex_rmcp_client::McpAuthStatus; +use codex_rmcp_client::RmcpClient; +use codex_rmcp_client::StoredOAuthTokens; +use codex_rmcp_client::WrappedOAuthTokenResponse; +use codex_rmcp_client::determine_streamable_http_auth_status; +use codex_rmcp_client::save_oauth_tokens; +use oauth2::AccessToken; +use oauth2::RefreshToken; +use oauth2::basic::BasicTokenType; +use pretty_assertions::assert_eq; +use rmcp::transport::auth::OAuthTokenResponse; +use rmcp::transport::auth::VendorExtraTokenFields; +use serde_json::Value; +use serde_json::json; +use tempfile::TempDir; +use tokio::process::Command; +use wiremock::Mock; +use wiremock::MockServer; +use wiremock::Request; +use wiremock::ResponseTemplate; +use wiremock::matchers::body_string_contains; +use wiremock::matchers::header; +use wiremock::matchers::method; +use wiremock::matchers::path; + +use streamable_http_test_support::initialize_client; + +const SERVER_NAME: &str = "test-streamable-http-oauth-startup"; +const EXPIRED_ACCESS_TOKEN: &str = "expired-access-token"; +const REFRESH_TOKEN: &str = "valid-refresh-token"; +const REFRESHED_ACCESS_TOKEN: &str = "refreshed-access-token"; +const CHILD_SERVER_URL_ENV: &str = "MCP_TEST_OAUTH_STARTUP_SERVER_URL"; +const UNREFRESHABLE_SERVER_URL: &str = "https://unrefreshable.example/mcp"; +const UNEXPIRED_SERVER_URL: &str = "https://unexpired.example/mcp"; +const REFRESHABLE_SERVER_URL: &str = "https://refreshable.example/mcp"; + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn refreshes_expired_persisted_token_before_initialize() -> anyhow::Result<()> { + let server = MockServer::start().await; + Mock::given(method("GET")) + .and(path("/.well-known/oauth-authorization-server/mcp")) + .respond_with(ResponseTemplate::new(200).set_body_json(json!({ + "authorization_endpoint": format!("{}/oauth/authorize", server.uri()), + "token_endpoint": format!("{}/oauth/token", server.uri()), + "scopes_supported": [""], + }))) + .expect(1) + .mount(&server) + .await; + Mock::given(method("POST")) + .and(path("/oauth/token")) + .and(body_string_contains("grant_type=refresh_token")) + .and(body_string_contains(format!( + "refresh_token={REFRESH_TOKEN}" + ))) + .respond_with(ResponseTemplate::new(200).set_body_json(json!({ + "access_token": REFRESHED_ACCESS_TOKEN, + "token_type": "Bearer", + "expires_in": 7200, + "refresh_token": REFRESH_TOKEN, + }))) + .expect(1) + .mount(&server) + .await; + Mock::given(method("POST")) + .and(path("/mcp")) + .and(header( + "authorization", + format!("Bearer {REFRESHED_ACCESS_TOKEN}"), + )) + .respond_with(|request: &Request| { + let body: Value = request.body_json().expect("valid JSON-RPC request"); + match body.get("method").and_then(Value::as_str) { + Some("initialize") => ResponseTemplate::new(200).set_body_json(json!({ + "jsonrpc": "2.0", + "id": body.get("id").cloned().unwrap_or(Value::Null), + "result": { + "protocolVersion": body + .pointer("/params/protocolVersion") + .cloned() + .unwrap_or_else(|| json!("2025-06-18")), + "capabilities": {}, + "serverInfo": { + "name": "oauth-startup-test", + "version": "0.0.0-test", + }, + }, + })), + Some("notifications/initialized") => ResponseTemplate::new(202), + method => ResponseTemplate::new(400) + .set_body_string(format!("unexpected JSON-RPC method: {method:?}")), + } + }) + .expect(2) + .mount(&server) + .await; + + let codex_home = TempDir::new()?; + let server_url = format!("{}/mcp", server.uri()); + + // Credential storage resolves CODEX_HOME from the process environment. + // Run the client half of the test in an ignored helper test so it can use + // an isolated home without mutating the parent test runner's environment. + let status = Command::new(std::env::current_exe()?) + .args(["oauth_startup_child", "--exact", "--ignored", "--nocapture"]) + .env("CODEX_HOME", codex_home.path()) + .env(CHILD_SERVER_URL_ENV, server_url) + .status() + .await?; + assert!(status.success(), "OAuth startup child failed: {status}"); + server.verify().await; + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn reports_auth_status_for_persisted_credentials() -> anyhow::Result<()> { + let codex_home = TempDir::new()?; + + let status = Command::new(std::env::current_exe()?) + .args([ + "persisted_credentials_auth_status_child", + "--exact", + "--ignored", + "--nocapture", + ]) + .env("CODEX_HOME", codex_home.path()) + .status() + .await?; + + assert!( + status.success(), + "persisted credentials auth status child failed: {status}" + ); + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +#[ignore = "spawned by reports_auth_status_for_persisted_credentials"] +async fn persisted_credentials_auth_status_child() -> anyhow::Result<()> { + let response = OAuthTokenResponse::new( + AccessToken::new(EXPIRED_ACCESS_TOKEN.to_string()), + BasicTokenType::Bearer, + VendorExtraTokenFields::default(), + ); + let tokens = StoredOAuthTokens { + server_name: SERVER_NAME.to_string(), + url: UNREFRESHABLE_SERVER_URL.to_string(), + client_id: "test-client-id".to_string(), + token_response: WrappedOAuthTokenResponse(response), + expires_at: Some(0), + }; + save_oauth_tokens(SERVER_NAME, &tokens, OAuthCredentialsStoreMode::File)?; + + let status = auth_status(UNREFRESHABLE_SERVER_URL).await?; + assert_eq!(status, McpAuthStatus::NotLoggedIn); + + let response = OAuthTokenResponse::new( + AccessToken::new("unexpired-access-token".to_string()), + BasicTokenType::Bearer, + VendorExtraTokenFields::default(), + ); + let now = SystemTime::now() + .duration_since(UNIX_EPOCH) + .unwrap_or_else(|_| Duration::from_secs(0)) + .as_millis() as u64; + let tokens = StoredOAuthTokens { + server_name: SERVER_NAME.to_string(), + url: UNEXPIRED_SERVER_URL.to_string(), + client_id: "test-client-id".to_string(), + token_response: WrappedOAuthTokenResponse(response), + expires_at: Some(now.saturating_add(/*rhs*/ 60_000)), + }; + save_oauth_tokens(SERVER_NAME, &tokens, OAuthCredentialsStoreMode::File)?; + + let status = auth_status(UNEXPIRED_SERVER_URL).await?; + assert_eq!(status, McpAuthStatus::OAuth); + + let mut response = OAuthTokenResponse::new( + AccessToken::new(EXPIRED_ACCESS_TOKEN.to_string()), + BasicTokenType::Bearer, + VendorExtraTokenFields::default(), + ); + response.set_refresh_token(Some(RefreshToken::new(REFRESH_TOKEN.to_string()))); + let tokens = StoredOAuthTokens { + server_name: SERVER_NAME.to_string(), + url: REFRESHABLE_SERVER_URL.to_string(), + client_id: "test-client-id".to_string(), + token_response: WrappedOAuthTokenResponse(response), + expires_at: Some(0), + }; + save_oauth_tokens(SERVER_NAME, &tokens, OAuthCredentialsStoreMode::File)?; + + let status = auth_status(REFRESHABLE_SERVER_URL).await?; + assert_eq!(status, McpAuthStatus::OAuth); + Ok(()) +} + +async fn auth_status(server_url: &str) -> anyhow::Result { + determine_streamable_http_auth_status( + SERVER_NAME, + server_url, + /*bearer_token_env_var*/ None, + /*http_headers*/ None, + /*env_http_headers*/ None, + OAuthCredentialsStoreMode::File, + ) + .await +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +#[ignore = "spawned by refreshes_expired_persisted_token_before_initialize"] +async fn oauth_startup_child() -> anyhow::Result<()> { + let server_url = std::env::var(CHILD_SERVER_URL_ENV)?; + + // Save an expired access token with a valid refresh token so startup must + // refresh before sending the initialize request. + let mut response = OAuthTokenResponse::new( + AccessToken::new(EXPIRED_ACCESS_TOKEN.to_string()), + BasicTokenType::Bearer, + VendorExtraTokenFields::default(), + ); + response.set_refresh_token(Some(RefreshToken::new(REFRESH_TOKEN.to_string()))); + response.set_expires_in(Some(&Duration::from_secs(7200))); + let tokens = StoredOAuthTokens { + server_name: SERVER_NAME.to_string(), + url: server_url.clone(), + client_id: "test-client-id".to_string(), + token_response: WrappedOAuthTokenResponse(response), + expires_at: Some(0), + }; + save_oauth_tokens(SERVER_NAME, &tokens, OAuthCredentialsStoreMode::File)?; + + // This mirrors create_client's transport and initialization setup, except + // it omits the direct bearer token. Supplying that token would bypass the + // persisted OAuth credentials and the startup refresh under test. + let client = RmcpClient::new_streamable_http_client( + SERVER_NAME, + &server_url, + /*bearer_token*/ None, + /*http_headers*/ None, + /*env_http_headers*/ None, + OAuthCredentialsStoreMode::File, + Environment::default_for_tests().get_http_client(), + /*auth_provider*/ None, + ) + .await?; + + initialize_client(&client).await?; + Ok(()) +} diff --git a/codex-rs/rmcp-client/tests/streamable_http_recovery.rs b/codex-rs/rmcp-client/tests/streamable_http_recovery.rs index 087d3d00df6..29d2404ede9 100644 --- a/codex-rs/rmcp-client/tests/streamable_http_recovery.rs +++ b/codex-rs/rmcp-client/tests/streamable_http_recovery.rs @@ -1,13 +1,229 @@ mod streamable_http_test_support; +use std::sync::Arc; +use std::sync::atomic::AtomicUsize; +use std::sync::atomic::Ordering; +use std::time::Duration; + +use codex_exec_server::Environment; +use codex_exec_server::ExecServerError; +use codex_exec_server::HttpClient; +use codex_exec_server::HttpRequestParams; +use codex_exec_server::HttpRequestResponse; +use codex_exec_server::HttpResponseBodyStream; +use futures::FutureExt as _; +use futures::future::BoxFuture; use pretty_assertions::assert_eq; +use serde_json::Value; +use streamable_http_test_support::arm_initialize_post_failure; +use streamable_http_test_support::arm_initialize_post_json_rpc_failure; +use streamable_http_test_support::arm_initialized_notification_post_json_rpc_failure; use streamable_http_test_support::arm_session_post_failure; +use streamable_http_test_support::arm_session_post_json_rpc_failure; use streamable_http_test_support::call_echo_tool; use streamable_http_test_support::create_client; +use streamable_http_test_support::create_client_with_http_client; use streamable_http_test_support::expected_echo_result; use streamable_http_test_support::spawn_streamable_http_server; +const JSON_RPC_INTERNAL_ERROR_CODE: i64 = -32603; +const SIMULATED_NO_RESPONSE_MESSAGE: &str = + "http/request failed: error sending request for url (simulated no response)"; + +#[derive(Clone)] +struct FailFirstInitializeHttpClient { + inner: Arc, + failures_remaining: Arc, + initialize_attempts: Arc, +} + +impl FailFirstInitializeHttpClient { + fn new(inner: Arc, failures_remaining: usize) -> Self { + Self { + inner, + failures_remaining: Arc::new(AtomicUsize::new(failures_remaining)), + initialize_attempts: Arc::new(AtomicUsize::new(0)), + } + } + + fn initialize_attempts(&self) -> usize { + self.initialize_attempts.load(Ordering::SeqCst) + } + + fn fail_next_initialize(&self) { + self.failures_remaining.store(1, Ordering::SeqCst); + } +} + +impl HttpClient for FailFirstInitializeHttpClient { + fn http_request( + &self, + params: HttpRequestParams, + ) -> BoxFuture<'_, Result> { + self.inner.http_request(params) + } + + fn http_request_stream( + &self, + params: HttpRequestParams, + ) -> BoxFuture<'_, Result<(HttpRequestResponse, HttpResponseBodyStream), ExecServerError>> { + let inner = Arc::clone(&self.inner); + let failures_remaining = Arc::clone(&self.failures_remaining); + let initialize_attempts = Arc::clone(&self.initialize_attempts); + + async move { + if is_initialize_post(¶ms) { + initialize_attempts.fetch_add(1, Ordering::SeqCst); + if failures_remaining.swap(0, Ordering::SeqCst) > 0 { + return Err(ExecServerError::Server { + code: JSON_RPC_INTERNAL_ERROR_CODE, + message: SIMULATED_NO_RESPONSE_MESSAGE.to_string(), + }); + } + } + + inner.http_request_stream(params).await + } + .boxed() + } +} + +fn is_initialize_post(params: &HttpRequestParams) -> bool { + params.method.eq_ignore_ascii_case("POST") + && params + .body + .as_ref() + .and_then(|body| serde_json::from_slice::(&body.0).ok()) + .and_then(|body| { + body.get("method") + .and_then(Value::as_str) + .map(|method| method == "initialize") + }) + .unwrap_or(false) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_initialize_retries_remote_no_response_error() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + let http_client = FailFirstInitializeHttpClient::new( + Environment::default_for_tests().get_http_client(), + /*failures_remaining*/ 1, + ); + + let client = create_client_with_http_client(&base_url, Arc::new(http_client.clone())).await?; + let result = call_echo_tool(&client, "after-init-retry").await?; + + assert_eq!(http_client.initialize_attempts(), 2); + assert_eq!(result, expected_echo_result("after-init-retry")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_initialize_retries_transient_http_status() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + + arm_initialize_post_failure(&base_url, /*status*/ 502, /*remaining*/ 1).await?; + + let client = create_client(&base_url).await?; + let result = call_echo_tool(&client, "after-status-retry").await?; + + assert_eq!(result, expected_echo_result("after-status-retry")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_initialize_retries_json_rpc_transient_status() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + + arm_initialize_post_json_rpc_failure(&base_url, /*status*/ 502, /*remaining*/ 1).await?; + + let client = create_client(&base_url).await?; + let result = call_echo_tool(&client, "after-json-status-retry").await?; + + assert_eq!(result, expected_echo_result("after-json-status-retry")); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_retries_initialized_notification_status() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + + arm_initialized_notification_post_json_rpc_failure( + &base_url, /*status*/ 502, /*remaining*/ 1, + ) + .await?; + + let client = create_client(&base_url).await?; + let result = call_echo_tool(&client, "after-notification-status-retry").await?; + + assert_eq!( + result, + expected_echo_result("after-notification-status-retry") + ); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_tools_list_retries_transient_http_status() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + let client = create_client(&base_url).await?; + + let expected = client + .list_tools( + /*params*/ None, + /*timeout*/ Some(Duration::from_secs(5)), + ) + .await?; + arm_session_post_failure( + &base_url, + /*status*/ 502, + /*remaining*/ 1, + /*www_authenticate_headers*/ &[], + ) + .await?; + + let result = client + .list_tools( + /*params*/ None, + /*timeout*/ Some(Duration::from_secs(5)), + ) + .await?; + + assert_eq!(result, expected); + + Ok(()) +} + +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_tools_list_retries_json_rpc_transient_status() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + let client = create_client(&base_url).await?; + + let expected = client + .list_tools( + /*params*/ None, + /*timeout*/ Some(Duration::from_secs(5)), + ) + .await?; + arm_session_post_json_rpc_failure(&base_url, /*status*/ 502, /*remaining*/ 1).await?; + + let result = client + .list_tools( + /*params*/ None, + /*timeout*/ Some(Duration::from_secs(5)), + ) + .await?; + + assert_eq!(result, expected); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 1)] async fn streamable_http_404_session_expiry_recovers_and_retries_once() -> anyhow::Result<()> { let (_server, base_url) = spawn_streamable_http_server().await?; @@ -30,6 +246,34 @@ async fn streamable_http_404_session_expiry_recovers_and_retries_once() -> anyho Ok(()) } +#[tokio::test(flavor = "multi_thread", worker_threads = 1)] +async fn streamable_http_session_recovery_retries_initialize_failure() -> anyhow::Result<()> { + let (_server, base_url) = spawn_streamable_http_server().await?; + let http_client = FailFirstInitializeHttpClient::new( + Environment::default_for_tests().get_http_client(), + /*failures_remaining*/ 0, + ); + let client = create_client_with_http_client(&base_url, Arc::new(http_client.clone())).await?; + + let warmup = call_echo_tool(&client, "warmup").await?; + assert_eq!(warmup, expected_echo_result("warmup")); + + arm_session_post_failure( + &base_url, + /*status*/ 404, + /*remaining*/ 1, + /*www_authenticate_headers*/ &[], + ) + .await?; + http_client.fail_next_initialize(); + + let recovered = call_echo_tool(&client, "recovered-after-retry").await?; + assert_eq!(http_client.initialize_attempts(), 3); + assert_eq!(recovered, expected_echo_result("recovered-after-retry")); + + Ok(()) +} + #[tokio::test(flavor = "multi_thread", worker_threads = 1)] async fn streamable_http_401_does_not_trigger_recovery() -> anyhow::Result<()> { let (_server, base_url) = spawn_streamable_http_server().await?; @@ -129,11 +373,10 @@ async fn streamable_http_404_recovery_only_retries_once() -> anyhow::Result<()> .await?; let error = call_echo_tool(&client, "double-404").await.unwrap_err(); + let error_message = error.to_string(); assert!( - error - .to_string() - .contains("handshaking with MCP server failed") - || error.to_string().contains("Transport channel closed") + error_message.contains("404") || error_message.contains("session expired"), + "expected session-expiry error, got: {error:#}" ); let recovered = call_echo_tool(&client, "after-double-404").await?; diff --git a/codex-rs/rmcp-client/tests/streamable_http_test_support.rs b/codex-rs/rmcp-client/tests/streamable_http_test_support.rs index 822acef1a26..6b5df6e297d 100644 --- a/codex-rs/rmcp-client/tests/streamable_http_test_support.rs +++ b/codex-rs/rmcp-client/tests/streamable_http_test_support.rs @@ -20,6 +20,7 @@ use anyhow::Context as _; use codex_config::types::OAuthCredentialsStoreMode; use codex_exec_server::Environment; use codex_exec_server::ExecServerClient; +use codex_exec_server::HttpClient; use codex_exec_server::RemoteExecServerConnectArgs; use codex_rmcp_client::ElicitationAction; use codex_rmcp_client::ElicitationResponse; @@ -44,6 +45,9 @@ use tokio::process::Command; use tokio::time::sleep; const SESSION_POST_FAILURE_CONTROL_PATH: &str = "/test/control/session-post-failure"; +const INITIALIZE_POST_FAILURE_CONTROL_PATH: &str = "/test/control/initialize-post-failure"; +const INITIALIZED_NOTIFICATION_POST_FAILURE_CONTROL_PATH: &str = + "/test/control/initialized-notification-post-failure"; fn streamable_http_server_bin() -> Result { codex_utils_cargo_bin::cargo_bin("test_streamable_http_server") @@ -74,6 +78,14 @@ pub(crate) fn expected_echo_result(message: &str) -> CallToolResult { } pub(crate) async fn create_client(base_url: &str) -> anyhow::Result { + create_client_with_http_client(base_url, Environment::default_for_tests().get_http_client()) + .await +} + +pub(crate) async fn create_client_with_http_client( + base_url: &str, + http_client: Arc, +) -> anyhow::Result { let client = RmcpClient::new_streamable_http_client( "test-streamable-http", &format!("{base_url}/mcp"), @@ -81,11 +93,17 @@ pub(crate) async fn create_client(base_url: &str) -> anyhow::Result /*http_headers*/ None, /*env_http_headers*/ None, OAuthCredentialsStoreMode::File, - Environment::default_for_tests().get_http_client(), + http_client, /*auth_provider*/ None, ) .await?; + initialize_client(&client).await?; + + Ok(client) +} + +pub(crate) async fn initialize_client(client: &RmcpClient) -> anyhow::Result<()> { client .initialize( init_params(), @@ -102,8 +120,7 @@ pub(crate) async fn create_client(base_url: &str) -> anyhow::Result }), ) .await?; - - Ok(client) + Ok(()) } /// Creates a Streamable HTTP RMCP client that sends traffic through the remote @@ -178,6 +195,107 @@ pub(crate) async fn arm_session_post_failure( Ok(()) } +pub(crate) async fn arm_session_post_json_rpc_failure( + base_url: &str, + status: u16, + remaining: usize, +) -> anyhow::Result<()> { + let response = reqwest::Client::new() + .post(format!("{base_url}{SESSION_POST_FAILURE_CONTROL_PATH}")) + .json(&json!({ + "status": status, + "remaining": remaining, + "content_type": "application/json", + "body": json!({ + "jsonrpc": "2.0", + "id": 1, + "error": { + "code": -32000, + "message": "transient session failure", + }, + }).to_string(), + })) + .send() + .await?; + + assert_eq!(response.status(), reqwest::StatusCode::NO_CONTENT); + Ok(()) +} + +pub(crate) async fn arm_initialized_notification_post_json_rpc_failure( + base_url: &str, + status: u16, + remaining: usize, +) -> anyhow::Result<()> { + let response = reqwest::Client::new() + .post(format!( + "{base_url}{INITIALIZED_NOTIFICATION_POST_FAILURE_CONTROL_PATH}" + )) + .json(&json!({ + "status": status, + "remaining": remaining, + "content_type": "application/json", + "body": json!({ + "jsonrpc": "2.0", + "id": 1, + "error": { + "code": -32000, + "message": "transient session failure", + }, + }).to_string(), + })) + .send() + .await?; + + assert_eq!(response.status(), reqwest::StatusCode::NO_CONTENT); + Ok(()) +} + +pub(crate) async fn arm_initialize_post_failure( + base_url: &str, + status: u16, + remaining: usize, +) -> anyhow::Result<()> { + let response = reqwest::Client::new() + .post(format!("{base_url}{INITIALIZE_POST_FAILURE_CONTROL_PATH}")) + .json(&json!({ + "status": status, + "remaining": remaining, + })) + .send() + .await?; + + assert_eq!(response.status(), reqwest::StatusCode::NO_CONTENT); + Ok(()) +} + +pub(crate) async fn arm_initialize_post_json_rpc_failure( + base_url: &str, + status: u16, + remaining: usize, +) -> anyhow::Result<()> { + let response = reqwest::Client::new() + .post(format!("{base_url}{INITIALIZE_POST_FAILURE_CONTROL_PATH}")) + .json(&json!({ + "status": status, + "remaining": remaining, + "content_type": "application/json", + "body": json!({ + "jsonrpc": "2.0", + "id": 1, + "error": { + "code": -32000, + "message": "transient initialize failure", + }, + }).to_string(), + })) + .send() + .await?; + + assert_eq!(response.status(), reqwest::StatusCode::NO_CONTENT); + Ok(()) +} + pub(crate) async fn spawn_streamable_http_server() -> anyhow::Result<(Child, String)> { let listener = TcpListener::bind("127.0.0.1:0")?; let port = listener.local_addr()?.port(); diff --git a/codex-rs/rollout-trace/src/protocol_event.rs b/codex-rs/rollout-trace/src/protocol_event.rs index a862af116c1..bbba245307f 100644 --- a/codex-rs/rollout-trace/src/protocol_event.rs +++ b/codex-rs/rollout-trace/src/protocol_event.rs @@ -21,6 +21,7 @@ use codex_protocol::protocol::McpToolCallEndEvent; use codex_protocol::protocol::PatchApplyBeginEvent; use codex_protocol::protocol::PatchApplyEndEvent; use codex_protocol::protocol::PatchApplyStatus; +use codex_protocol::protocol::SubAgentActivityEvent; use codex_protocol::protocol::TurnAbortReason; use serde::Serialize; @@ -110,6 +111,7 @@ pub(crate) enum ToolRuntimePayload<'a> { CollabWaitingEnd(&'a codex_protocol::protocol::CollabWaitingEndEvent), CollabCloseBegin(&'a codex_protocol::protocol::CollabCloseBeginEvent), CollabCloseEnd(&'a codex_protocol::protocol::CollabCloseEndEvent), + SubAgentActivity(&'a SubAgentActivityEvent), } impl Serialize for ToolRuntimePayload<'_> { @@ -132,6 +134,7 @@ impl Serialize for ToolRuntimePayload<'_> { ToolRuntimePayload::CollabWaitingEnd(event) => event.serialize(serializer), ToolRuntimePayload::CollabCloseBegin(event) => event.serialize(serializer), ToolRuntimePayload::CollabCloseEnd(event) => event.serialize(serializer), + ToolRuntimePayload::SubAgentActivity(event) => event.serialize(serializer), } } } @@ -215,6 +218,11 @@ pub(crate) fn tool_runtime_trace_event(event: &EventMsg) -> Option Some(ToolRuntimeTraceEvent::Ended { + tool_call_id: &event.event_id, + status: ExecutionStatus::Completed, + payload: ToolRuntimePayload::SubAgentActivity(event), + }), EventMsg::Error(_) | EventMsg::Warning(_) | EventMsg::GuardianWarning(_) @@ -224,6 +232,7 @@ pub(crate) fn tool_runtime_trace_event(event: &EventMsg) -> Option Option<&'static s | EventMsg::RealtimeConversationSdp(_) | EventMsg::ModelReroute(_) | EventMsg::ModelVerification(_) + | EventMsg::TurnModerationMetadata(_) | EventMsg::ContextCompacted(_) | EventMsg::ThreadSettingsApplied(_) | EventMsg::TokenCount(_) @@ -355,7 +365,8 @@ pub(crate) fn wrapped_protocol_event_type(event: &EventMsg) -> Option<&'static s | EventMsg::CollabCloseBegin(_) | EventMsg::CollabCloseEnd(_) | EventMsg::CollabResumeBegin(_) - | EventMsg::CollabResumeEnd(_) => None, + | EventMsg::CollabResumeEnd(_) + | EventMsg::SubAgentActivity(_) => None, } } @@ -391,3 +402,7 @@ fn execution_status_for_abort_reason(reason: &TurnAbortReason) -> ExecutionStatu | TurnAbortReason::BudgetLimited => ExecutionStatus::Cancelled, } } + +#[cfg(test)] +#[path = "protocol_event_tests.rs"] +mod tests; diff --git a/codex-rs/rollout-trace/src/protocol_event_tests.rs b/codex-rs/rollout-trace/src/protocol_event_tests.rs new file mode 100644 index 00000000000..b18c7200ac5 --- /dev/null +++ b/codex-rs/rollout-trace/src/protocol_event_tests.rs @@ -0,0 +1,46 @@ +use codex_protocol::AgentPath; +use codex_protocol::ThreadId; +use codex_protocol::protocol::EventMsg; +use codex_protocol::protocol::SubAgentActivityEvent; +use codex_protocol::protocol::SubAgentActivityKind; +use pretty_assertions::assert_eq; +use serde_json::json; + +use super::ToolRuntimeTraceEvent; +use super::tool_runtime_trace_event; +use crate::ExecutionStatus; + +#[test] +fn sub_agent_activity_is_a_terminal_tool_runtime_event() -> anyhow::Result<()> { + let agent_thread_id = ThreadId::new(); + let event = EventMsg::SubAgentActivity(SubAgentActivityEvent { + event_id: "call-spawn".to_string(), + occurred_at_ms: 1234, + agent_thread_id, + agent_path: AgentPath::try_from("/root/reviewer").map_err(anyhow::Error::msg)?, + kind: SubAgentActivityKind::Started, + }); + + let Some(ToolRuntimeTraceEvent::Ended { + tool_call_id, + status, + payload, + }) = tool_runtime_trace_event(&event) + else { + panic!("expected terminal tool runtime event"); + }; + + assert_eq!(tool_call_id, "call-spawn"); + assert_eq!(status, ExecutionStatus::Completed); + assert_eq!( + serde_json::to_value(payload)?, + json!({ + "event_id": "call-spawn", + "occurred_at_ms": 1234, + "agent_thread_id": agent_thread_id, + "agent_path": "/root/reviewer", + "kind": "started" + }) + ); + Ok(()) +} diff --git a/codex-rs/rollout-trace/src/reducer/tool/agents.rs b/codex-rs/rollout-trace/src/reducer/tool/agents.rs index a49b794d147..656fccaf760 100644 --- a/codex-rs/rollout-trace/src/reducer/tool/agents.rs +++ b/codex-rs/rollout-trace/src/reducer/tool/agents.rs @@ -7,6 +7,10 @@ use codex_protocol::protocol::CollabAgentSpawnEndEvent; use codex_protocol::protocol::CollabCloseBeginEvent; use codex_protocol::protocol::CollabCloseEndEvent; use codex_protocol::protocol::InterAgentCommunication; +use codex_protocol::protocol::SubAgentActivityEvent; +use codex_protocol::protocol::SubAgentActivityKind; +use serde::Deserialize; +use serde_json::Value; use super::super::TraceReducer; use crate::model::ConversationItem; @@ -52,6 +56,11 @@ pub(in crate::reducer) struct ObservedAgentResultEdge { pub(in crate::reducer) carried_payload: Option, } +#[derive(Deserialize)] +struct AgentMessageInvocationArgs { + message: String, +} + /// Builds the stable edge id for the spawn relationship between two threads. pub(in crate::reducer) fn spawn_edge_id(parent_thread_id: &str, child_thread_id: &str) -> String { format!("edge:spawn:{parent_thread_id}:{child_thread_id}") @@ -123,15 +132,20 @@ impl TraceReducer { runtime_payload: &RawPayloadRef, ) -> Result<()> { let kind = self.rollout.tool_calls[tool_call_id].kind.clone(); + let runtime_payload_json = self.read_payload_json(runtime_payload)?; + if runtime_payload_json.get("agent_thread_id").is_some() { + let payload: SubAgentActivityEvent = serde_json::from_value(runtime_payload_json)?; + return self.end_sub_agent_activity(wall_time_unix_ms, tool_call_id, &kind, &payload); + } match kind { ToolCallKind::SpawnAgent => { let payload: CollabAgentSpawnEndEvent = - serde_json::from_value(self.read_payload_json(runtime_payload)?)?; + serde_json::from_value(runtime_payload_json)?; self.end_spawn_agent_interaction(wall_time_unix_ms, tool_call_id, &payload) } ToolCallKind::AssignAgentTask => { let payload: CollabAgentInteractionEndEvent = - serde_json::from_value(self.read_payload_json(runtime_payload)?)?; + serde_json::from_value(runtime_payload_json)?; self.end_message_agent_interaction( wall_time_unix_ms, tool_call_id, @@ -141,7 +155,7 @@ impl TraceReducer { } ToolCallKind::SendMessage => { let payload: CollabAgentInteractionEndEvent = - serde_json::from_value(self.read_payload_json(runtime_payload)?)?; + serde_json::from_value(runtime_payload_json)?; self.end_message_agent_interaction( wall_time_unix_ms, tool_call_id, @@ -150,8 +164,7 @@ impl TraceReducer { ) } ToolCallKind::CloseAgent => { - let payload: CollabCloseEndEvent = - serde_json::from_value(self.read_payload_json(runtime_payload)?)?; + let payload: CollabCloseEndEvent = serde_json::from_value(runtime_payload_json)?; self.upsert_close_agent_interaction( tool_call_id, payload.receiver_thread_id.to_string(), @@ -169,6 +182,127 @@ impl TraceReducer { } } + fn end_sub_agent_activity( + &mut self, + wall_time_unix_ms: i64, + tool_call_id: &str, + tool_kind: &ToolCallKind, + payload: &SubAgentActivityEvent, + ) -> Result<()> { + let target_thread_id = payload.agent_thread_id.to_string(); + match (tool_kind, &payload.kind) { + (ToolCallKind::SpawnAgent, SubAgentActivityKind::Started) => { + let parent_thread_id = self + .rollout + .tool_calls + .get(tool_call_id) + .with_context(|| { + format!("agent activity referenced unknown tool call {tool_call_id}") + })? + .thread_id + .clone(); + self.queue_sub_agent_activity_message_edge( + wall_time_unix_ms, + tool_call_id, + spawn_edge_id(&parent_thread_id, &target_thread_id), + InteractionEdgeKind::SpawnAgent, + target_thread_id.clone(), + Some(target_thread_id), + ) + } + (ToolCallKind::AssignAgentTask, SubAgentActivityKind::Interacted) => self + .queue_sub_agent_activity_message_edge( + wall_time_unix_ms, + tool_call_id, + tool_edge_id(tool_call_id), + InteractionEdgeKind::AssignAgentTask, + target_thread_id, + /*unresolved_spawn_thread_id*/ None, + ), + (ToolCallKind::SendMessage, SubAgentActivityKind::Interacted) => self + .queue_sub_agent_activity_message_edge( + wall_time_unix_ms, + tool_call_id, + tool_edge_id(tool_call_id), + InteractionEdgeKind::SendMessage, + target_thread_id, + /*unresolved_spawn_thread_id*/ None, + ), + (ToolCallKind::CloseAgent, SubAgentActivityKind::Interrupted) => self + .upsert_close_agent_interaction( + tool_call_id, + target_thread_id, + Some(wall_time_unix_ms), + ), + _ => bail!( + "sub-agent activity {:?} does not match tool call kind {tool_kind:?}", + payload.kind + ), + } + } + + fn queue_sub_agent_activity_message_edge( + &mut self, + wall_time_unix_ms: i64, + tool_call_id: &str, + edge_id: String, + edge_kind: InteractionEdgeKind, + target_thread_id: String, + unresolved_spawn_thread_id: Option, + ) -> Result<()> { + let tool_call = self.rollout.tool_calls.get(tool_call_id).with_context(|| { + format!("agent activity referenced unknown tool call {tool_call_id}") + })?; + let started_at_unix_ms = tool_call.execution.started_at_unix_ms; + let message_content = self.agent_message_content_from_invocation(tool_call_id)?; + let carried_raw_payload_ids = self.agent_tool_payload_ids(tool_call_id)?; + self.queue_or_resolve_agent_interaction_edge(PendingAgentInteractionEdge { + edge_id, + kind: edge_kind, + source: TraceAnchor::ToolCall { + tool_call_id: tool_call_id.to_string(), + }, + target_thread_id, + message_content, + unresolved_spawn_thread_id, + started_at_unix_ms, + ended_at_unix_ms: Some(wall_time_unix_ms), + carried_raw_payload_ids, + }) + } + + fn agent_message_content_from_invocation(&self, tool_call_id: &str) -> Result { + let tool_call = self.rollout.tool_calls.get(tool_call_id).with_context(|| { + format!("agent activity referenced unknown tool call {tool_call_id}") + })?; + let invocation_payload_id = tool_call + .raw_invocation_payload_id + .as_deref() + .with_context(|| { + format!("agent activity tool call {tool_call_id} missing invocation payload") + })?; + let invocation_payload = self + .rollout + .raw_payloads + .get(invocation_payload_id) + .with_context(|| { + format!( + "agent activity tool call {tool_call_id} referenced missing invocation payload {invocation_payload_id}" + ) + })?; + let invocation = self.read_payload_json(invocation_payload)?; + let arguments = invocation + .get("payload") + .and_then(|payload| payload.get("arguments")) + .and_then(Value::as_str) + .with_context(|| { + format!("agent activity tool call {tool_call_id} missing function arguments") + })?; + let args: AgentMessageInvocationArgs = serde_json::from_str(arguments) + .with_context(|| format!("parse agent activity tool call {tool_call_id} arguments"))?; + Ok(args.message) + } + /// Adds the canonical tool result payload to an already reduced multi-agent edge. pub(super) fn attach_agent_interaction_tool_result( &mut self, @@ -613,7 +747,12 @@ fn inter_agent_message_fields(item: &ConversationItem) -> Option<(String, String return None; }; let communication = serde_json::from_str::(text).ok()?; - Some((communication.recipient.to_string(), communication.content)) + Some(( + communication.recipient.to_string(), + communication + .encrypted_content + .unwrap_or(communication.content), + )) } #[cfg(test)] diff --git a/codex-rs/rollout-trace/src/reducer/tool/agents_tests.rs b/codex-rs/rollout-trace/src/reducer/tool/agents_tests.rs index deaf06dac71..b009a154347 100644 --- a/codex-rs/rollout-trace/src/reducer/tool/agents_tests.rs +++ b/codex-rs/rollout-trace/src/reducer/tool/agents_tests.rs @@ -194,6 +194,92 @@ fn spawn_runtime_payload_falls_back_to_child_thread_without_delivery_item() -> a Ok(()) } +#[test] +fn sub_agent_started_activity_creates_spawn_edge() -> anyhow::Result<()> { + let temp = TempDir::new()?; + let writer = create_started_agent_writer(&temp)?; + start_agent_turn(&writer, "turn-1")?; + let child_thread_id = "019d0000-0000-7000-8000-000000000002"; + let invocation_payload = writer.write_json_payload( + RawPayloadKind::ToolInvocation, + &json!({ + "tool_name": "spawn_agent", + "payload": { + "type": "function", + "arguments": "{\"message\":\"review this\",\"task_name\":\"reviewer\"}" + } + }), + )?; + writer.append_with_context( + trace_context_for_agent("turn-1"), + RawTraceEventPayload::ToolCallStarted { + tool_call_id: "call-spawn-v2".to_string(), + model_visible_call_id: Some("call-spawn-v2".to_string()), + code_mode_runtime_tool_id: None, + requester: RawToolCallRequester::Model, + kind: ToolCallKind::SpawnAgent, + summary: ToolCallSummary::Generic { + label: "spawn_agent".to_string(), + input_preview: None, + output_preview: None, + }, + invocation_payload: Some(invocation_payload.clone()), + }, + )?; + let activity_payload = writer.write_json_payload( + RawPayloadKind::ToolRuntimeEvent, + &json!({ + "event_id": "call-spawn-v2", + "occurred_at_ms": 1234, + "agent_thread_id": child_thread_id, + "agent_path": "/root/reviewer", + "kind": "started" + }), + )?; + writer.append_with_context( + trace_context_for_agent("turn-1"), + RawTraceEventPayload::ToolCallRuntimeEnded { + tool_call_id: "call-spawn-v2".to_string(), + status: ExecutionStatus::Completed, + runtime_payload: activity_payload.clone(), + }, + )?; + start_thread(&writer, child_thread_id, "/root/reviewer")?; + start_turn_for_thread(&writer, child_thread_id, "turn-child-1")?; + let delivered = inter_agent_message( + "/root", + "/root/reviewer", + "review this", + /*trigger_turn*/ true, + ); + append_inference_request( + &writer, + child_thread_id, + "turn-child-1", + "inference-child-1", + vec![message("assistant", &delivered)], + )?; + + let replayed = replay_bundle(temp.path())?; + let edge_id = format!("edge:spawn:019d0000-0000-7000-8000-000000000001:{child_thread_id}"); + let edge = &replayed.interaction_edges[&edge_id]; + assert_eq!(edge.kind, InteractionEdgeKind::SpawnAgent); + let target_item_id = target_conversation_item_id(&edge.target); + assert_eq!(edge.carried_item_ids, vec![target_item_id.clone()]); + assert_eq!( + replayed.conversation_items[target_item_id].thread_id, + child_thread_id + ); + assert_eq!( + edge.carried_raw_payload_ids, + vec![ + invocation_payload.raw_payload_id, + activity_payload.raw_payload_id, + ] + ); + Ok(()) +} + #[test] fn send_message_runtime_payload_targets_delivered_child_message() -> anyhow::Result<()> { let temp = TempDir::new()?; @@ -300,6 +386,178 @@ fn send_message_runtime_payload_targets_delivered_child_message() -> anyhow::Res Ok(()) } +#[test] +fn send_message_activity_targets_delivered_child_message() -> anyhow::Result<()> { + let temp = TempDir::new()?; + let writer = create_started_agent_writer(&temp)?; + start_agent_turn(&writer, "turn-1")?; + let child_thread_id = "019d0000-0000-7000-8000-000000000002"; + let invocation_payload = writer.write_json_payload( + RawPayloadKind::ToolInvocation, + &json!({ + "tool_name": "send_message", + "payload": { + "type": "function", + "arguments": "{\"target\":\"/root/child\",\"message\":\"hello again\"}" + } + }), + )?; + writer.append_with_context( + trace_context_for_agent("turn-1"), + RawTraceEventPayload::ToolCallStarted { + tool_call_id: "call-send-v2".to_string(), + model_visible_call_id: Some("call-send-v2".to_string()), + code_mode_runtime_tool_id: None, + requester: RawToolCallRequester::Model, + kind: ToolCallKind::SendMessage, + summary: ToolCallSummary::Generic { + label: "send_message".to_string(), + input_preview: None, + output_preview: None, + }, + invocation_payload: Some(invocation_payload.clone()), + }, + )?; + let activity_payload = writer.write_json_payload( + RawPayloadKind::ToolRuntimeEvent, + &json!({ + "event_id": "call-send-v2", + "occurred_at_ms": 1234, + "agent_thread_id": child_thread_id, + "agent_path": "/root/child", + "kind": "interacted" + }), + )?; + writer.append_with_context( + trace_context_for_agent("turn-1"), + RawTraceEventPayload::ToolCallRuntimeEnded { + tool_call_id: "call-send-v2".to_string(), + status: ExecutionStatus::Completed, + runtime_payload: activity_payload.clone(), + }, + )?; + start_thread(&writer, child_thread_id, "/root/child")?; + start_turn_for_thread(&writer, child_thread_id, "turn-child-1")?; + let delivered = inter_agent_message( + "/root", + "/root/child", + "hello again", + /*trigger_turn*/ false, + ); + append_inference_request( + &writer, + child_thread_id, + "turn-child-1", + "inference-child-1", + vec![message("assistant", &delivered)], + )?; + + let replayed = replay_bundle(temp.path())?; + let edge = &replayed.interaction_edges["edge:tool:call-send-v2"]; + assert_eq!(edge.kind, InteractionEdgeKind::SendMessage); + let target_item_id = target_conversation_item_id(&edge.target); + assert_eq!(edge.carried_item_ids, vec![target_item_id.clone()]); + assert_eq!( + replayed.conversation_items[target_item_id].thread_id, + child_thread_id + ); + assert_eq!( + edge.carried_raw_payload_ids, + vec![ + invocation_payload.raw_payload_id, + activity_payload.raw_payload_id, + ] + ); + + Ok(()) +} + +#[test] +fn followup_activity_targets_delivered_child_message() -> anyhow::Result<()> { + let temp = TempDir::new()?; + let writer = create_started_agent_writer(&temp)?; + start_agent_turn(&writer, "turn-1")?; + let child_thread_id = "019d0000-0000-7000-8000-000000000002"; + let invocation_payload = writer.write_json_payload( + RawPayloadKind::ToolInvocation, + &json!({ + "tool_name": "followup_task", + "payload": { + "type": "function", + "arguments": "{\"target\":\"/root/child\",\"message\":\"continue\"}" + } + }), + )?; + writer.append_with_context( + trace_context_for_agent("turn-1"), + RawTraceEventPayload::ToolCallStarted { + tool_call_id: "call-followup-v2".to_string(), + model_visible_call_id: Some("call-followup-v2".to_string()), + code_mode_runtime_tool_id: None, + requester: RawToolCallRequester::Model, + kind: ToolCallKind::AssignAgentTask, + summary: ToolCallSummary::Generic { + label: "followup_task".to_string(), + input_preview: None, + output_preview: None, + }, + invocation_payload: Some(invocation_payload.clone()), + }, + )?; + let activity_payload = writer.write_json_payload( + RawPayloadKind::ToolRuntimeEvent, + &json!({ + "event_id": "call-followup-v2", + "occurred_at_ms": 1234, + "agent_thread_id": child_thread_id, + "agent_path": "/root/child", + "kind": "interacted" + }), + )?; + writer.append_with_context( + trace_context_for_agent("turn-1"), + RawTraceEventPayload::ToolCallRuntimeEnded { + tool_call_id: "call-followup-v2".to_string(), + status: ExecutionStatus::Completed, + runtime_payload: activity_payload.clone(), + }, + )?; + start_thread(&writer, child_thread_id, "/root/child")?; + start_turn_for_thread(&writer, child_thread_id, "turn-child-1")?; + let delivered = inter_agent_message( + "/root", + "/root/child", + "continue", + /*trigger_turn*/ true, + ); + append_inference_request( + &writer, + child_thread_id, + "turn-child-1", + "inference-child-1", + vec![message("assistant", &delivered)], + )?; + + let replayed = replay_bundle(temp.path())?; + let edge = &replayed.interaction_edges["edge:tool:call-followup-v2"]; + assert_eq!(edge.kind, InteractionEdgeKind::AssignAgentTask); + let target_item_id = target_conversation_item_id(&edge.target); + assert_eq!(edge.carried_item_ids, vec![target_item_id.clone()]); + assert_eq!( + replayed.conversation_items[target_item_id].thread_id, + child_thread_id + ); + assert_eq!( + edge.carried_raw_payload_ids, + vec![ + invocation_payload.raw_payload_id, + activity_payload.raw_payload_id, + ] + ); + + Ok(()) +} + #[test] fn close_agent_runtime_payload_targets_thread() -> anyhow::Result<()> { let temp = TempDir::new()?; diff --git a/codex-rs/rollout-trace/src/tool_dispatch.rs b/codex-rs/rollout-trace/src/tool_dispatch.rs index 7082283b478..36c6651b107 100644 --- a/codex-rs/rollout-trace/src/tool_dispatch.rs +++ b/codex-rs/rollout-trace/src/tool_dispatch.rs @@ -269,7 +269,7 @@ fn dispatched_tool_kind(tool_name: &str, _payload: &ToolDispatchPayload) -> Tool "send_message" => ToolCallKind::SendMessage, "followup_task" | "assign_task" => ToolCallKind::AssignAgentTask, "wait_agent" => ToolCallKind::WaitAgent, - "close_agent" => ToolCallKind::CloseAgent, + "close_agent" | "interrupt_agent" => ToolCallKind::CloseAgent, other => ToolCallKind::Other { name: other.to_string(), }, @@ -425,6 +425,19 @@ mod tests { ))); } + #[test] + fn classifies_interrupt_agent_as_close_agent() { + assert_eq!( + dispatched_tool_kind( + "interrupt_agent", + &ToolDispatchPayload::Function { + arguments: r#"{"target":"/root/child"}"#.to_string(), + }, + ), + ToolCallKind::CloseAgent + ); + } + fn invocation( tool_name: &str, tool_namespace: Option, diff --git a/codex-rs/rollout/Cargo.toml b/codex-rs/rollout/Cargo.toml index 6bbdcff297c..edc90596887 100644 --- a/codex-rs/rollout/Cargo.toml +++ b/codex-rs/rollout/Cargo.toml @@ -14,7 +14,6 @@ workspace = true [dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } chrono = { workspace = true, features = ["serde"] } codex-file-search = { workspace = true } codex-git-utils = { workspace = true } diff --git a/codex-rs/rollout/src/compression_tests.rs b/codex-rs/rollout/src/compression_tests.rs index eb811129658..682361ea9da 100644 --- a/codex-rs/rollout/src/compression_tests.rs +++ b/codex-rs/rollout/src/compression_tests.rs @@ -106,14 +106,13 @@ async fn append_rollout_item_materializes_compressed_rollout() -> anyhow::Result } #[tokio::test] -async fn search_rollout_matches_returns_compressed_snippet() -> anyhow::Result<()> { +async fn search_rollout_matches_uses_logical_path_for_compressed_rollout() -> anyhow::Result<()> { let home = TempDir::new()?; let uuid = Uuid::from_u128(15); let thread_id = ThreadId::from_string(&uuid.to_string())?; let rollout_path = rollout_path(home.path(), "2025-01-03T12-00-00", uuid); write_rollout(&rollout_path, thread_id, "targeted search term")?; compress_now(&rollout_path)?; - let compressed_path = compressed_rollout_path(&rollout_path); let matches = search_rollout_matches( std::path::Path::new("missing-rg-for-test"), @@ -124,7 +123,7 @@ async fn search_rollout_matches_returns_compressed_snippet() -> anyhow::Result<( .await?; assert_eq!( - matches.get(compressed_path.as_path()), + matches.get(rollout_path.as_path()), Some(&Some("targeted search term".to_string())) ); Ok(()) diff --git a/codex-rs/rollout/src/lib.rs b/codex-rs/rollout/src/lib.rs index 9e6db0fb8db..23be07996cd 100644 --- a/codex-rs/rollout/src/lib.rs +++ b/codex-rs/rollout/src/lib.rs @@ -73,6 +73,7 @@ pub use session_index::append_thread_name; pub use session_index::find_thread_meta_by_name_str; pub use session_index::find_thread_name_by_id; pub use session_index::find_thread_names_by_ids; +pub use session_index::remove_thread_name_entries; pub use state_db::StateDbHandle; pub use state_db::sqlite_telemetry_recorder; diff --git a/codex-rs/rollout/src/list.rs b/codex-rs/rollout/src/list.rs index fb740bb1dff..8cad5d546cc 100644 --- a/codex-rs/rollout/src/list.rs +++ b/codex-rs/rollout/src/list.rs @@ -1,6 +1,5 @@ #![allow(warnings, clippy::all)] -use async_trait::async_trait; use codex_utils_path as path_utils; use std::cmp::Reverse; use std::ffi::OsStr; @@ -195,15 +194,14 @@ impl AnchorState { /// /// We need to apply different logic if we're ultimately going to be returning /// threads ordered by created_at or updated_at. -#[async_trait] trait RolloutFileVisitor { - async fn visit( + fn visit( &mut self, ts: OffsetDateTime, id: Uuid, path: PathBuf, scanned: usize, - ) -> ControlFlow<()>; + ) -> impl std::future::Future> + Send; } /// Collects thread items during directory traversal in created_at order, @@ -218,7 +216,6 @@ struct FilesByCreatedAtVisitor<'a> { cwd_filters: Option<&'a [PathBuf]>, } -#[async_trait] impl<'a> RolloutFileVisitor for FilesByCreatedAtVisitor<'a> { async fn visit( &mut self, @@ -263,7 +260,6 @@ struct FilesByUpdatedAtVisitor<'a> { candidates: &'a mut Vec, } -#[async_trait] impl<'a> RolloutFileVisitor for FilesByUpdatedAtVisitor<'a> { async fn visit( &mut self, @@ -1348,32 +1344,56 @@ async fn find_thread_path_by_id_str_in_subdir( if !root.exists() { return Ok(unverified_db_path); } - // This is safe because we know the values are valid. - #[allow(clippy::unwrap_used)] - let limit = NonZero::new(1).unwrap(); - let options = file_search::FileSearchOptions { - limit, - compute_indices: false, - respect_gitignore: false, - ..Default::default() - }; - - let results = file_search::run( + let (filename_match, filename_scan_error) = match find_rollout_path_by_id_from_filenames( + root.as_path(), id_str, - vec![root.clone()], - options, - /*cancel_flag*/ None, ) - .map_err(|e| io::Error::other(format!("file search failed: {e}")))?; - - let found = match results - .matches - .into_iter() - .map(|m| m.full_path()) - .find_map(compression::RolloutFile::from_path) + .await { - Some(rollout_file) => Some(rollout_file.into_path()), - None => find_rollout_path_by_id_from_filenames(root.as_path(), id_str).await?, + Ok(path) => (path, None), + Err(err) => { + tracing::warn!( + "rollout filename lookup failed during find_thread_path_by_id_str_in_subdir: {err}" + ); + (None, Some(err)) + } + }; + + let found = match filename_match { + Some(path) => Some(path), + None => { + // This is safe because we know the values are valid. + #[allow(clippy::unwrap_used)] + let limit = NonZero::new(1).unwrap(); + let options = file_search::FileSearchOptions { + limit, + compute_indices: false, + respect_gitignore: false, + ..Default::default() + }; + + let results = file_search::run( + id_str, + vec![root.clone()], + options, + /*cancel_flag*/ None, + ) + .map_err(|e| io::Error::other(format!("file search failed: {e}")))?; + + let found = results + .matches + .into_iter() + .map(|m| m.full_path()) + .find_map(compression::RolloutFile::from_path) + .map(compression::RolloutFile::into_path); + + if found.is_none() + && let Some(err) = filename_scan_error + { + return Err(err); + } + found + } }; if let Some(found_path) = found.as_ref() { tracing::debug!("state db missing rollout path for thread {id_str}"); diff --git a/codex-rs/rollout/src/metadata_tests.rs b/codex-rs/rollout/src/metadata_tests.rs index b53c958ae83..03d251e1b30 100644 --- a/codex-rs/rollout/src/metadata_tests.rs +++ b/codex-rs/rollout/src/metadata_tests.rs @@ -153,6 +153,7 @@ fn builder_from_items_falls_back_to_filename() { let items = vec![RolloutItem::Compacted(CompactedItem { message: "noop".to_string(), replacement_history: None, + window_id: None, })]; let builder = builder_from_items(items.as_slice(), path.as_path()).expect("builder"); diff --git a/codex-rs/rollout/src/policy.rs b/codex-rs/rollout/src/policy.rs index 92e5f5690b1..9760191bd41 100644 --- a/codex-rs/rollout/src/policy.rs +++ b/codex-rs/rollout/src/policy.rs @@ -30,6 +30,7 @@ pub fn persisted_rollout_items(items: &[RolloutItem]) -> Vec { pub fn should_persist_response_item(item: &ResponseItem) -> bool { match item { ResponseItem::Message { .. } + | ResponseItem::AgentMessage { .. } | ResponseItem::Reasoning { .. } | ResponseItem::LocalShellCall { .. } | ResponseItem::FunctionCall { .. } @@ -60,7 +61,8 @@ pub fn should_persist_response_item_for_memories(item: &ResponseItem) -> bool { | ResponseItem::CustomToolCall { .. } | ResponseItem::CustomToolCallOutput { .. } | ResponseItem::WebSearchCall { .. } => true, - ResponseItem::Reasoning { .. } + ResponseItem::AgentMessage { .. } + | ResponseItem::Reasoning { .. } | ResponseItem::ImageGenerationCall { .. } | ResponseItem::Compaction { .. } | ResponseItem::CompactionTrigger @@ -89,7 +91,8 @@ pub fn should_persist_event_msg(ev: &EventMsg) -> bool { | EventMsg::TurnStarted(_) | EventMsg::TurnComplete(_) | EventMsg::WebSearchEnd(_) - | EventMsg::ImageGenerationEnd(_) => true, + | EventMsg::ImageGenerationEnd(_) + | EventMsg::SubAgentActivity(_) => true, EventMsg::ItemCompleted(event) => { // Plan items are derived from streaming tags and are not part of the // raw ResponseItem history, so we persist their completion to replay @@ -115,6 +118,7 @@ pub fn should_persist_event_msg(ev: &EventMsg) -> bool { | EventMsg::RealtimeConversationClosed(_) | EventMsg::ModelReroute(_) | EventMsg::ModelVerification(_) + | EventMsg::TurnModerationMetadata(_) | EventMsg::AgentReasoningSectionBreak(_) | EventMsg::RawResponseItem(_) | EventMsg::SessionConfigured(_) diff --git a/codex-rs/rollout/src/recorder_tests.rs b/codex-rs/rollout/src/recorder_tests.rs index 07029abe37e..68896ad202f 100644 --- a/codex-rs/rollout/src/recorder_tests.rs +++ b/codex-rs/rollout/src/recorder_tests.rs @@ -1144,6 +1144,7 @@ async fn resume_candidate_matches_cwd_reads_latest_turn_context() -> std::io::Re network: None, file_system_sandbox_policy: None, model: "test-model".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, diff --git a/codex-rs/rollout/src/search.rs b/codex-rs/rollout/src/search.rs index 705d24e7b4f..622fac8b0f4 100644 --- a/codex-rs/rollout/src/search.rs +++ b/codex-rs/rollout/src/search.rs @@ -21,6 +21,7 @@ use super::compression; const MATCH_CONTEXT_BEFORE_CHARS: usize = 48; const MATCH_CONTEXT_AFTER_CHARS: usize = 96; +/// Search matches keyed by the canonical `.jsonl` path for each rollout. pub type RolloutSearchMatches = HashMap>; pub async fn search_rollout_paths( @@ -145,7 +146,10 @@ async fn scan_rollout_matches( if let Some(snippet) = first_rollout_content_match_snippet(rollout_file.path(), search_term).await? { - matches.insert(rollout_file.into_path(), Some(snippet)); + matches.insert( + compression::plain_rollout_path(rollout_file.path()), + Some(snippet), + ); } continue; } @@ -217,7 +221,10 @@ async fn scan_compressed_rollout_matches( if let Some(snippet) = first_rollout_content_match_snippet(rollout_file.path(), search_term).await? { - matches.insert(rollout_file.into_path(), Some(snippet)); + matches.insert( + compression::plain_rollout_path(rollout_file.path()), + Some(snippet), + ); } } } diff --git a/codex-rs/rollout/src/session_index.rs b/codex-rs/rollout/src/session_index.rs index e227515357a..96ff9d825e0 100644 --- a/codex-rs/rollout/src/session_index.rs +++ b/codex-rs/rollout/src/session_index.rs @@ -1,21 +1,25 @@ use std::collections::HashMap; use std::collections::HashSet; use std::fs::File; +use std::io::ErrorKind; use std::io::Read; use std::io::Seek; use std::io::SeekFrom; +use std::io::Write; use std::path::Path; use std::path::PathBuf; +use std::sync::LazyLock; +use std::sync::Mutex; use codex_protocol::ThreadId; use codex_protocol::protocol::SessionMetaLine; use serde::Deserialize; use serde::Serialize; use tokio::io::AsyncBufReadExt; -use tokio::io::AsyncWriteExt; const SESSION_INDEX_FILE: &str = "session_index.jsonl"; const READ_CHUNK_SIZE: usize = 8192; +static SESSION_INDEX_LOCK: LazyLock> = LazyLock::new(|| Mutex::new(())); #[derive(Debug, Clone, Serialize, Deserialize, PartialEq)] pub struct SessionIndexEntry { @@ -25,7 +29,7 @@ pub struct SessionIndexEntry { } /// Append a thread name update to the session index. -/// The index is append-only; the most recent entry wins when resolving names or ids. +/// Name updates are append-only; the most recent entry wins when resolving names or ids. pub async fn append_thread_name( codex_home: &Path, thread_id: ThreadId, @@ -46,24 +50,60 @@ pub async fn append_thread_name( } /// Append a raw session index entry to `session_index.jsonl`. -/// The file is append-only; consumers scan from the end to find the newest match. +/// Consumers scan from the end to find the newest match. pub async fn append_session_index_entry( codex_home: &Path, entry: &SessionIndexEntry, ) -> std::io::Result<()> { + let _guard = SESSION_INDEX_LOCK + .lock() + .map_err(|err| std::io::Error::other(err.to_string()))?; let path = session_index_path(codex_home); - let mut file = tokio::fs::OpenOptions::new() + let mut file = std::fs::OpenOptions::new() .create(true) .append(true) - .open(&path) - .await?; + .open(&path)?; let mut line = serde_json::to_string(entry).map_err(std::io::Error::other)?; line.push('\n'); - file.write_all(line.as_bytes()).await?; - file.flush().await?; + file.write_all(line.as_bytes())?; + file.flush()?; Ok(()) } +/// Remove all recorded names for a thread from the session index. +pub async fn remove_thread_name_entries( + codex_home: &Path, + thread_id: ThreadId, +) -> std::io::Result<()> { + let _guard = SESSION_INDEX_LOCK + .lock() + .map_err(|err| std::io::Error::other(err.to_string()))?; + let path = session_index_path(codex_home); + let contents = match std::fs::read_to_string(&path) { + Ok(contents) => contents, + Err(err) if err.kind() == ErrorKind::NotFound => return Ok(()), + Err(err) => return Err(err), + }; + let mut removed = false; + let mut remaining = String::with_capacity(contents.len()); + for line in contents.lines() { + let should_remove = serde_json::from_str::(line.trim()) + .is_ok_and(|entry| entry.id == thread_id); + if should_remove { + removed = true; + } else { + remaining.push_str(line); + remaining.push('\n'); + } + } + if !removed { + return Ok(()); + } + let temp_path = path.with_extension("jsonl.tmp"); + std::fs::write(&temp_path, remaining)?; + std::fs::rename(temp_path, path) +} + /// Find the latest thread name for a thread id, if any. pub async fn find_thread_name_by_id( codex_home: &Path, diff --git a/codex-rs/rollout/src/state_db.rs b/codex-rs/rollout/src/state_db.rs index fa2905dd4f9..c21d7002bed 100644 --- a/codex-rs/rollout/src/state_db.rs +++ b/codex-rs/rollout/src/state_db.rs @@ -5,6 +5,7 @@ use crate::list::SortDirection; use crate::list::ThreadSortKey; use crate::metadata; use crate::sqlite_metrics; +use anyhow::Context; use chrono::DateTime; use chrono::Utc; use codex_protocol::ThreadId; @@ -50,7 +51,7 @@ pub async fn init(config: &impl RolloutConfigView) -> Option { { Ok(runtime) => Some(runtime), Err(err) => { - emit_startup_warning(&format!("failed to initialize state runtime: {err}")); + emit_startup_warning(&format!("failed to initialize state runtime: {err:#}")); None } } @@ -109,9 +110,9 @@ async fn try_init_with_roots_inner( let runtime = codex_state::StateRuntime::init(sqlite_home.clone(), default_model_provider_id.clone()) .await - .map_err(|err| { - anyhow::anyhow!( - "failed to initialize state runtime at {}: {err}", + .with_context(|| { + format!( + "failed to initialize state runtime at {}", sqlite_home.display() ) })?; @@ -128,7 +129,10 @@ async fn try_init_with_roots_inner( backfill_gate_started.elapsed(), &backfill_gate_result, ); - backfill_gate_result?; + if let Err(err) = backfill_gate_result { + runtime.close().await; + return Err(err); + } Ok(runtime) } diff --git a/codex-rs/sandboxing/Cargo.toml b/codex-rs/sandboxing/Cargo.toml index 858219e9fcc..226849521b4 100644 --- a/codex-rs/sandboxing/Cargo.toml +++ b/codex-rs/sandboxing/Cargo.toml @@ -26,7 +26,6 @@ which = { workspace = true } [dev-dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } pretty_assertions = { workspace = true } tempfile = { workspace = true } tokio = { workspace = true, features = ["macros", "rt"] } diff --git a/codex-rs/sandboxing/src/landlock.rs b/codex-rs/sandboxing/src/landlock.rs index 0ff3f6977f5..819fc9365e9 100644 --- a/codex-rs/sandboxing/src/landlock.rs +++ b/codex-rs/sandboxing/src/landlock.rs @@ -47,7 +47,8 @@ pub fn create_linux_sandbox_command_args_for_permission_profile( "--permission-profile".to_string(), permission_profile_json, ]; - if use_legacy_landlock { + // Proxy-only networking requires bubblewrap's isolated network namespace. + if use_legacy_landlock && !allow_network_for_proxy { linux_cmd.push("--use-legacy-landlock".to_string()); } if allow_network_for_proxy { @@ -83,7 +84,8 @@ fn create_linux_sandbox_command_args( "--command-cwd".to_string(), command_cwd, ]; - if use_legacy_landlock { + // Proxy-only networking requires bubblewrap's isolated network namespace. + if use_legacy_landlock && !allow_network_for_proxy { linux_cmd.push("--use-legacy-landlock".to_string()); } if allow_network_for_proxy { diff --git a/codex-rs/sandboxing/src/landlock_tests.rs b/codex-rs/sandboxing/src/landlock_tests.rs index 14b1c047ebd..d0bbab8400c 100644 --- a/codex-rs/sandboxing/src/landlock_tests.rs +++ b/codex-rs/sandboxing/src/landlock_tests.rs @@ -33,14 +33,16 @@ fn legacy_landlock_flag_is_included_when_requested() { } #[test] -fn proxy_flag_is_included_when_requested() { +fn proxy_flag_takes_precedence_over_legacy_landlock() { let command = vec!["/bin/true".to_string()]; let command_cwd = Path::new("/tmp/link"); let cwd = Path::new("/tmp"); + let permission_profile = PermissionProfile::read_only(); - let args = create_linux_sandbox_command_args( + let args = create_linux_sandbox_command_args_for_permission_profile( command, command_cwd, + &permission_profile, cwd, /*use_legacy_landlock*/ true, /*allow_network_for_proxy*/ true, @@ -49,6 +51,7 @@ fn proxy_flag_is_included_when_requested() { args.contains(&"--allow-network-for-proxy".to_string()), true ); + assert_eq!(args.contains(&"--use-legacy-landlock".to_string()), false); } #[test] diff --git a/codex-rs/sandboxing/src/manager.rs b/codex-rs/sandboxing/src/manager.rs index 39ef358f8ca..682e8e3dcd0 100644 --- a/codex-rs/sandboxing/src/manager.rs +++ b/codex-rs/sandboxing/src/manager.rs @@ -338,8 +338,8 @@ fn ensure_linux_bubblewrap_is_supported( allow_network_for_proxy: bool, is_wsl1: bool, ) -> Result<(), SandboxTransformError> { - let requires_bubblewrap = !use_legacy_landlock - && (!file_system_sandbox_policy.has_full_disk_write_access() || allow_network_for_proxy); + let requires_bubblewrap = allow_network_for_proxy + || (!use_legacy_landlock && !file_system_sandbox_policy.has_full_disk_write_access()); if is_wsl1 && requires_bubblewrap { return Err(SandboxTransformError::Wsl1UnsupportedForBubblewrap); } diff --git a/codex-rs/sandboxing/src/manager_tests.rs b/codex-rs/sandboxing/src/manager_tests.rs index fede00fe1e8..58138ad775f 100644 --- a/codex-rs/sandboxing/src/manager_tests.rs +++ b/codex-rs/sandboxing/src/manager_tests.rs @@ -342,6 +342,15 @@ fn wsl1_rejects_linux_bubblewrap_path() { ), Err(super::SandboxTransformError::Wsl1UnsupportedForBubblewrap) )); + assert!(matches!( + super::ensure_linux_bubblewrap_is_supported( + &FileSystemSandboxPolicy::unrestricted(), + /*use_legacy_landlock*/ true, + /*allow_network_for_proxy*/ true, + /*is_wsl1*/ true, + ), + Err(super::SandboxTransformError::Wsl1UnsupportedForBubblewrap) + )); } #[cfg(target_os = "linux")] diff --git a/codex-rs/sandboxing/src/seatbelt_tests.rs b/codex-rs/sandboxing/src/seatbelt_tests.rs index d905d0adcf1..337eb56378e 100644 --- a/codex-rs/sandboxing/src/seatbelt_tests.rs +++ b/codex-rs/sandboxing/src/seatbelt_tests.rs @@ -12,6 +12,7 @@ use super::seatbelt_regex_for_unreadable_glob; use super::unix_socket_dir_params; use super::unix_socket_policy; use codex_network_proxy::ConfigReloader; +use codex_network_proxy::ConfigReloaderFuture; use codex_network_proxy::ConfigState; use codex_network_proxy::NetworkMode; use codex_network_proxy::NetworkProxy; @@ -81,18 +82,17 @@ fn seatbelt_protected_metadata_name_requirements(root: &Path) -> String { struct TestConfigReloader; -#[async_trait::async_trait] impl ConfigReloader for TestConfigReloader { fn source_label(&self) -> String { "seatbelt test config".to_string() } - async fn maybe_reload(&self) -> anyhow::Result> { - Ok(None) + fn maybe_reload(&self) -> ConfigReloaderFuture<'_, Option> { + Box::pin(async { Ok(None) }) } - async fn reload_now(&self) -> anyhow::Result { - Err(anyhow::anyhow!("seatbelt test config cannot reload")) + fn reload_now(&self) -> ConfigReloaderFuture<'_, ConfigState> { + Box::pin(async { Err(anyhow::anyhow!("seatbelt test config cannot reload")) }) } } diff --git a/codex-rs/shell-command/Cargo.toml b/codex-rs/shell-command/Cargo.toml index cc33d3621c1..e918488f826 100644 --- a/codex-rs/shell-command/Cargo.toml +++ b/codex-rs/shell-command/Cargo.toml @@ -11,6 +11,7 @@ workspace = true base64 = { workspace = true } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } +libc = { workspace = true } once_cell = { workspace = true } regex = { workspace = true } serde = { workspace = true, features = ["derive"] } diff --git a/codex-rs/shell-command/src/bash.rs b/codex-rs/shell-command/src/bash.rs index 60ee5c420c5..b25d3fd37c1 100644 --- a/codex-rs/shell-command/src/bash.rs +++ b/codex-rs/shell-command/src/bash.rs @@ -100,7 +100,7 @@ pub fn extract_bash_command(command: &[String]) -> Option<(&str, &str)> { }; if !matches!(flag.as_str(), "-lc" | "-c") || !matches!( - detect_shell_type(&PathBuf::from(shell)), + detect_shell_type(PathBuf::from(shell)), Some(ShellType::Zsh) | Some(ShellType::Bash) | Some(ShellType::Sh) ) { diff --git a/codex-rs/shell-command/src/lib.rs b/codex-rs/shell-command/src/lib.rs index 1d9e302a4e7..947de5e645a 100644 --- a/codex-rs/shell-command/src/lib.rs +++ b/codex-rs/shell-command/src/lib.rs @@ -1,6 +1,6 @@ //! Command parsing and safety utilities shared across Codex crates. -mod shell_detect; +pub mod shell_detect; pub mod bash; pub(crate) mod command_safety; diff --git a/codex-rs/shell-command/src/powershell.rs b/codex-rs/shell-command/src/powershell.rs index e8c9a500c40..9730439bea3 100644 --- a/codex-rs/shell-command/src/powershell.rs +++ b/codex-rs/shell-command/src/powershell.rs @@ -47,7 +47,7 @@ pub fn extract_powershell_command(command: &[String]) -> Option<(&str, &str)> { let shell = &command[0]; if !matches!( - detect_shell_type(&PathBuf::from(shell)), + detect_shell_type(PathBuf::from(shell)), Some(ShellType::PowerShell) ) { return None; diff --git a/codex-rs/shell-command/src/shell_detect.rs b/codex-rs/shell-command/src/shell_detect.rs index 34322a06d00..69a66f05635 100644 --- a/codex-rs/shell-command/src/shell_detect.rs +++ b/codex-rs/shell-command/src/shell_detect.rs @@ -1,8 +1,10 @@ -use std::path::Path; use std::path::PathBuf; -#[derive(Debug, PartialEq, Eq, Clone, Copy)] -pub(crate) enum ShellType { +use serde::Deserialize; +use serde::Serialize; + +#[derive(Debug, PartialEq, Eq, Clone, Copy, Serialize, Deserialize)] +pub enum ShellType { Zsh, Bash, PowerShell, @@ -10,7 +12,32 @@ pub(crate) enum ShellType { Cmd, } -pub(crate) fn detect_shell_type(shell_path: &PathBuf) -> Option { +impl ShellType { + pub fn name(self) -> &'static str { + match self { + Self::Zsh => "zsh", + Self::Bash => "bash", + Self::PowerShell => "powershell", + Self::Sh => "sh", + Self::Cmd => "cmd", + } + } +} + +#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] +pub struct DetectedShell { + pub shell_type: ShellType, + pub shell_path: PathBuf, +} + +impl DetectedShell { + pub fn name(&self) -> &'static str { + self.shell_type.name() + } +} + +pub fn detect_shell_type(shell_path: impl AsRef) -> Option { + let shell_path = shell_path.as_ref(); match shell_path.as_os_str().to_str() { Some("zsh") => Some(ShellType::Zsh), Some("sh") => Some(ShellType::Sh), @@ -21,12 +48,321 @@ pub(crate) fn detect_shell_type(shell_path: &PathBuf) -> Option { _ => { let shell_name = shell_path.file_stem(); if let Some(shell_name) = shell_name { - let shell_name_path = Path::new(shell_name); - if shell_name_path != Path::new(shell_path) { - return detect_shell_type(&shell_name_path.to_path_buf()); + let shell_name_path = std::path::Path::new(shell_name); + if shell_name_path != shell_path { + return detect_shell_type(shell_name_path); } } None } } } + +#[cfg(unix)] +fn get_user_shell_path() -> Option { + let uid = unsafe { libc::getuid() }; + use std::ffi::CStr; + use std::mem::MaybeUninit; + use std::ptr; + + let mut passwd = MaybeUninit::::uninit(); + + // We cannot use getpwuid here: it returns pointers into libc-managed + // storage, which is not safe to read concurrently on all targets (the musl + // static build used by the CLI can segfault when parallel callers race on + // that buffer). getpwuid_r keeps the passwd data in caller-owned memory. + let suggested_buffer_len = unsafe { libc::sysconf(libc::_SC_GETPW_R_SIZE_MAX) }; + let buffer_len = usize::try_from(suggested_buffer_len) + .ok() + .filter(|len| *len > 0) + .unwrap_or(1024); + let mut buffer = vec![0; buffer_len]; + + loop { + let mut result = ptr::null_mut(); + let status = unsafe { + libc::getpwuid_r( + uid, + passwd.as_mut_ptr(), + buffer.as_mut_ptr().cast(), + buffer.len(), + &mut result, + ) + }; + + if status == 0 { + if result.is_null() { + return None; + } + + let passwd = unsafe { passwd.assume_init_ref() }; + if passwd.pw_shell.is_null() { + return None; + } + + let shell_path = unsafe { CStr::from_ptr(passwd.pw_shell) } + .to_string_lossy() + .into_owned(); + return Some(PathBuf::from(shell_path)); + } + + if status != libc::ERANGE { + return None; + } + + // Retry with a larger buffer until libc can materialize the passwd entry. + let new_len = buffer.len().checked_mul(2)?; + if new_len > 1024 * 1024 { + return None; + } + buffer.resize(new_len, 0); + } +} + +#[cfg(not(unix))] +fn get_user_shell_path() -> Option { + None +} + +fn file_exists(path: &std::path::Path) -> Option { + if std::fs::metadata(path).is_ok_and(|metadata| metadata.is_file()) { + Some(PathBuf::from(path)) + } else { + None + } +} + +fn get_shell_path( + shell_type: ShellType, + provided_path: Option<&PathBuf>, + binary_name: &str, + fallback_paths: &[&str], +) -> Option { + if let Some(path) = provided_path.and_then(|path| file_exists(path)) { + return Some(path); + } + + let default_shell_path = get_user_shell_path(); + if let Some(default_shell_path) = default_shell_path + && detect_shell_type(&default_shell_path) == Some(shell_type) + && file_exists(&default_shell_path).is_some() + { + return Some(default_shell_path); + } + + if let Ok(path) = which::which(binary_name) { + return Some(path); + } + + for path in fallback_paths { + if let Some(path) = file_exists(std::path::Path::new(path)) { + return Some(path); + } + } + + None +} + +const ZSH_FALLBACK_PATHS: &[&str] = &["/bin/zsh"]; + +fn get_zsh_shell(path: Option<&PathBuf>) -> Option { + let shell_path = get_shell_path(ShellType::Zsh, path, "zsh", ZSH_FALLBACK_PATHS); + + shell_path.map(|shell_path| DetectedShell { + shell_type: ShellType::Zsh, + shell_path, + }) +} + +const BASH_FALLBACK_PATHS: &[&str] = &["/bin/bash", "/usr/bin/bash"]; + +fn get_bash_shell(path: Option<&PathBuf>) -> Option { + let shell_path = get_shell_path(ShellType::Bash, path, "bash", BASH_FALLBACK_PATHS); + + shell_path.map(|shell_path| DetectedShell { + shell_type: ShellType::Bash, + shell_path, + }) +} + +const SH_FALLBACK_PATHS: &[&str] = &["/bin/sh"]; + +fn get_sh_shell(path: Option<&PathBuf>) -> Option { + let shell_path = get_shell_path(ShellType::Sh, path, "sh", SH_FALLBACK_PATHS); + + shell_path.map(|shell_path| DetectedShell { + shell_type: ShellType::Sh, + shell_path, + }) +} + +// Note the `pwsh` and `powershell` fallback paths are where the respective +// shells are commonly installed on GitHub Actions Windows runners, but may not +// be present on all Windows machines: +// https://docs.github.com/en/actions/tutorials/build-and-test-code/powershell + +#[cfg(windows)] +const PWSH_FALLBACK_PATHS: &[&str] = &[r#"C:\Program Files\PowerShell\7\pwsh.exe"#]; +#[cfg(not(windows))] +const PWSH_FALLBACK_PATHS: &[&str] = &["/usr/local/bin/pwsh"]; + +#[cfg(windows)] +const POWERSHELL_FALLBACK_PATHS: &[&str] = + &[r#"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"#]; +#[cfg(not(windows))] +const POWERSHELL_FALLBACK_PATHS: &[&str] = &[]; + +fn get_powershell_shell(path: Option<&PathBuf>) -> Option { + let shell_path = get_shell_path(ShellType::PowerShell, path, "pwsh", PWSH_FALLBACK_PATHS) + .or_else(|| { + get_shell_path( + ShellType::PowerShell, + path, + "powershell", + POWERSHELL_FALLBACK_PATHS, + ) + }); + + shell_path.map(|shell_path| DetectedShell { + shell_type: ShellType::PowerShell, + shell_path, + }) +} + +fn get_cmd_shell(path: Option<&PathBuf>) -> Option { + let shell_path = get_shell_path(ShellType::Cmd, path, "cmd", &[]); + + shell_path.map(|shell_path| DetectedShell { + shell_type: ShellType::Cmd, + shell_path, + }) +} + +pub fn ultimate_fallback_shell() -> DetectedShell { + if cfg!(windows) { + DetectedShell { + shell_type: ShellType::Cmd, + shell_path: PathBuf::from("cmd.exe"), + } + } else { + DetectedShell { + shell_type: ShellType::Sh, + shell_path: PathBuf::from("/bin/sh"), + } + } +} + +pub fn get_shell_by_model_provided_path(shell_path: &PathBuf) -> DetectedShell { + detect_shell_type(shell_path) + .and_then(|shell_type| get_shell(shell_type, Some(shell_path))) + .unwrap_or_else(ultimate_fallback_shell) +} + +pub fn get_shell(shell_type: ShellType, path: Option<&PathBuf>) -> Option { + match shell_type { + ShellType::Zsh => get_zsh_shell(path), + ShellType::Bash => get_bash_shell(path), + ShellType::PowerShell => get_powershell_shell(path), + ShellType::Sh => get_sh_shell(path), + ShellType::Cmd => get_cmd_shell(path), + } +} + +pub fn default_user_shell() -> DetectedShell { + default_user_shell_from_path(get_user_shell_path()) +} + +pub fn default_user_shell_from_path(user_shell_path: Option) -> DetectedShell { + if cfg!(windows) { + get_shell(ShellType::PowerShell, /*path*/ None).unwrap_or_else(ultimate_fallback_shell) + } else { + let user_default_shell = user_shell_path + .and_then(|shell| detect_shell_type(&shell)) + .and_then(|shell_type| get_shell(shell_type, /*path*/ None)); + + let shell_with_fallback = if cfg!(target_os = "macos") { + user_default_shell + .or_else(|| get_shell(ShellType::Zsh, /*path*/ None)) + .or_else(|| get_shell(ShellType::Bash, /*path*/ None)) + } else { + user_default_shell + .or_else(|| get_shell(ShellType::Bash, /*path*/ None)) + .or_else(|| get_shell(ShellType::Zsh, /*path*/ None)) + }; + + shell_with_fallback.unwrap_or_else(ultimate_fallback_shell) + } +} + +#[cfg(test)] +mod tests { + use super::*; + use pretty_assertions::assert_eq; + + #[test] + fn test_detect_shell_type() { + assert_eq!( + detect_shell_type(PathBuf::from("zsh")), + Some(ShellType::Zsh) + ); + assert_eq!( + detect_shell_type(PathBuf::from("bash")), + Some(ShellType::Bash) + ); + assert_eq!( + detect_shell_type(PathBuf::from("pwsh")), + Some(ShellType::PowerShell) + ); + assert_eq!( + detect_shell_type(PathBuf::from("powershell")), + Some(ShellType::PowerShell) + ); + assert_eq!(detect_shell_type(PathBuf::from("fish")), None); + assert_eq!(detect_shell_type(PathBuf::from("other")), None); + assert_eq!( + detect_shell_type(PathBuf::from("/bin/zsh")), + Some(ShellType::Zsh) + ); + assert_eq!( + detect_shell_type(PathBuf::from("/bin/bash")), + Some(ShellType::Bash) + ); + assert_eq!( + detect_shell_type(PathBuf::from("/usr/bin/bash")), + Some(ShellType::Bash) + ); + assert_eq!( + detect_shell_type(PathBuf::from("powershell.exe")), + Some(ShellType::PowerShell) + ); + assert_eq!( + detect_shell_type(PathBuf::from(if cfg!(windows) { + "C:\\windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" + } else { + "/usr/local/bin/pwsh" + })), + Some(ShellType::PowerShell) + ); + assert_eq!( + detect_shell_type(PathBuf::from("pwsh.exe")), + Some(ShellType::PowerShell) + ); + assert_eq!( + detect_shell_type(PathBuf::from("/usr/local/bin/pwsh")), + Some(ShellType::PowerShell) + ); + assert_eq!( + detect_shell_type(PathBuf::from("/bin/sh")), + Some(ShellType::Sh) + ); + assert_eq!(detect_shell_type(PathBuf::from("sh")), Some(ShellType::Sh)); + assert_eq!( + detect_shell_type(PathBuf::from("cmd")), + Some(ShellType::Cmd) + ); + assert_eq!( + detect_shell_type(PathBuf::from("cmd.exe")), + Some(ShellType::Cmd) + ); + } +} diff --git a/codex-rs/shell-escalation/Cargo.toml b/codex-rs/shell-escalation/Cargo.toml index a57db3ce53f..92ae8b033f3 100644 --- a/codex-rs/shell-escalation/Cargo.toml +++ b/codex-rs/shell-escalation/Cargo.toml @@ -13,7 +13,6 @@ workspace = true [dependencies] anyhow = { workspace = true } -async-trait = { workspace = true } clap = { workspace = true, features = ["derive"] } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } diff --git a/codex-rs/shell-escalation/src/lib.rs b/codex-rs/shell-escalation/src/lib.rs index 0f3c0afd300..53a55c4d83a 100644 --- a/codex-rs/shell-escalation/src/lib.rs +++ b/codex-rs/shell-escalation/src/lib.rs @@ -16,6 +16,8 @@ pub use unix::EscalationPermissions; #[cfg(unix)] pub use unix::EscalationPolicy; #[cfg(unix)] +pub use unix::EscalationPolicyFuture; +#[cfg(unix)] pub use unix::EscalationSession; #[cfg(unix)] pub use unix::ExecParams; @@ -28,6 +30,8 @@ pub use unix::ResolvedPermissionProfile; #[cfg(unix)] pub use unix::ShellCommandExecutor; #[cfg(unix)] +pub use unix::ShellCommandExecutorFuture; +#[cfg(unix)] pub use unix::Stopwatch; #[cfg(unix)] pub use unix::main_execve_wrapper; diff --git a/codex-rs/shell-escalation/src/unix/escalate_server.rs b/codex-rs/shell-escalation/src/unix/escalate_server.rs index 55abf7d7342..7d01bc04736 100644 --- a/codex-rs/shell-escalation/src/unix/escalate_server.rs +++ b/codex-rs/shell-escalation/src/unix/escalate_server.rs @@ -1,6 +1,8 @@ use std::collections::HashMap; +use std::future::Future; use std::os::fd::AsRawFd; use std::path::PathBuf; +use std::pin::Pin; use std::process::Stdio; use std::sync::Arc; use std::sync::Mutex; @@ -31,7 +33,6 @@ use crate::unix::socket::AsyncSocket; /// This lets `shell-escalation` own the Unix escalation protocol while the caller /// keeps control over process spawning, output capture, and sandbox integration. /// Implementations can capture any sandbox state they need. -#[async_trait::async_trait] pub trait ShellCommandExecutor: Send + Sync { /// Runs the requested shell command and returns the captured result. /// @@ -41,26 +42,29 @@ pub trait ShellCommandExecutor: Send + Sync { /// for the shell process. `after_spawn` should be invoked immediately after /// the shell process has been spawned so the parent copy of the inherited /// escalation socket can be closed. - async fn run( + fn run( &self, command: Vec, cwd: PathBuf, env_overlay: HashMap, cancel_rx: CancellationToken, after_spawn: Option>, - ) -> anyhow::Result; + ) -> ShellCommandExecutorFuture<'_, ExecResult>; /// Prepares an escalated subcommand for execution on the server side. - async fn prepare_escalated_exec( - &self, - program: &AbsolutePathBuf, - argv: &[String], - workdir: &AbsolutePathBuf, + fn prepare_escalated_exec<'a>( + &'a self, + program: &'a AbsolutePathBuf, + argv: &'a [String], + workdir: &'a AbsolutePathBuf, env: HashMap, execution: EscalationExecution, - ) -> anyhow::Result; + ) -> ShellCommandExecutorFuture<'a, PreparedExec>; } +pub type ShellCommandExecutorFuture<'a, T> = + Pin> + Send + 'a>>; + #[derive(Debug, serde::Deserialize, serde::Serialize)] pub struct ExecParams { /// The command string to pass to the shell via `-c` or `-lc`. @@ -377,6 +381,7 @@ async fn handle_escalate_session_with_policy( #[cfg(test)] mod tests { use super::*; + use crate::unix::escalation_policy::EscalationPolicyFuture; use codex_protocol::approvals::EscalationPermissions; use codex_protocol::models::AdditionalPermissionProfile as PermissionProfile; use codex_protocol::models::NetworkPermissions; @@ -401,15 +406,14 @@ mod tests { decision: EscalationDecision, } - #[async_trait::async_trait] impl EscalationPolicy for DeterministicEscalationPolicy { - async fn determine_action( - &self, - _file: &AbsolutePathBuf, - _argv: &[String], - _workdir: &AbsolutePathBuf, - ) -> anyhow::Result { - Ok(self.decision.clone()) + fn determine_action<'a>( + &'a self, + _file: &'a AbsolutePathBuf, + _argv: &'a [String], + _workdir: &'a AbsolutePathBuf, + ) -> EscalationPolicyFuture<'a> { + Box::pin(async move { Ok(self.decision.clone()) }) } } @@ -418,42 +422,30 @@ mod tests { expected_workdir: AbsolutePathBuf, } - #[async_trait::async_trait] impl EscalationPolicy for AssertingEscalationPolicy { - async fn determine_action( - &self, - file: &AbsolutePathBuf, - _argv: &[String], - workdir: &AbsolutePathBuf, - ) -> anyhow::Result { - assert_eq!(file, &self.expected_file); - assert_eq!(workdir, &self.expected_workdir); - Ok(EscalationDecision::run()) + fn determine_action<'a>( + &'a self, + file: &'a AbsolutePathBuf, + _argv: &'a [String], + workdir: &'a AbsolutePathBuf, + ) -> EscalationPolicyFuture<'a> { + Box::pin(async move { + assert_eq!(file, &self.expected_file); + assert_eq!(workdir, &self.expected_workdir); + Ok(EscalationDecision::run()) + }) } } struct ForwardingShellCommandExecutor; - #[async_trait::async_trait] - impl ShellCommandExecutor for ForwardingShellCommandExecutor { - async fn run( - &self, - _command: Vec, - _cwd: PathBuf, - _env_overlay: HashMap, - _cancel_rx: CancellationToken, - _after_spawn: Option>, - ) -> anyhow::Result { - unreachable!("run() is not used by handle_escalate_session_with_policy() tests") - } - + impl ForwardingShellCommandExecutor { async fn prepare_escalated_exec( &self, program: &AbsolutePathBuf, argv: &[String], workdir: &AbsolutePathBuf, env: HashMap, - _execution: EscalationExecution, ) -> anyhow::Result { Ok(PreparedExec { command: std::iter::once(program.to_string_lossy().to_string()) @@ -466,23 +458,39 @@ mod tests { } } - struct PermissionAssertingShellCommandExecutor { - expected_permissions: EscalationPermissions, - } - - #[async_trait::async_trait] - impl ShellCommandExecutor for PermissionAssertingShellCommandExecutor { - async fn run( + impl ShellCommandExecutor for ForwardingShellCommandExecutor { + fn run( &self, _command: Vec, _cwd: PathBuf, _env_overlay: HashMap, _cancel_rx: CancellationToken, _after_spawn: Option>, - ) -> anyhow::Result { - unreachable!("run() is not used by handle_escalate_session_with_policy() tests") + ) -> ShellCommandExecutorFuture<'_, ExecResult> { + Box::pin(async { + unreachable!("run() is not used by handle_escalate_session_with_policy() tests") + }) } + fn prepare_escalated_exec<'a>( + &'a self, + program: &'a AbsolutePathBuf, + argv: &'a [String], + workdir: &'a AbsolutePathBuf, + env: HashMap, + _execution: EscalationExecution, + ) -> ShellCommandExecutorFuture<'a, PreparedExec> { + Box::pin(ForwardingShellCommandExecutor::prepare_escalated_exec( + self, program, argv, workdir, env, + )) + } + } + + struct PermissionAssertingShellCommandExecutor { + expected_permissions: EscalationPermissions, + } + + impl PermissionAssertingShellCommandExecutor { async fn prepare_escalated_exec( &self, program: &AbsolutePathBuf, @@ -506,6 +514,36 @@ mod tests { } } + impl ShellCommandExecutor for PermissionAssertingShellCommandExecutor { + fn run( + &self, + _command: Vec, + _cwd: PathBuf, + _env_overlay: HashMap, + _cancel_rx: CancellationToken, + _after_spawn: Option>, + ) -> ShellCommandExecutorFuture<'_, ExecResult> { + Box::pin(async { + unreachable!("run() is not used by handle_escalate_session_with_policy() tests") + }) + } + + fn prepare_escalated_exec<'a>( + &'a self, + program: &'a AbsolutePathBuf, + argv: &'a [String], + workdir: &'a AbsolutePathBuf, + env: HashMap, + execution: EscalationExecution, + ) -> ShellCommandExecutorFuture<'a, PreparedExec> { + Box::pin( + PermissionAssertingShellCommandExecutor::prepare_escalated_exec( + self, program, argv, workdir, env, execution, + ), + ) + } + } + async fn wait_for_pid_file(pid_file: &std::path::Path) -> anyhow::Result { let deadline = Instant::now() + Duration::from_secs(5); loop { @@ -534,14 +572,10 @@ mod tests { after_spawn_invoked: Arc, } - #[async_trait::async_trait] - impl ShellCommandExecutor for AfterSpawnAssertingShellCommandExecutor { + impl AfterSpawnAssertingShellCommandExecutor { async fn run( &self, - _command: Vec, - _cwd: PathBuf, env_overlay: HashMap, - _cancel_rx: CancellationToken, after_spawn: Option>, ) -> anyhow::Result { let socket_fd = env_overlay @@ -560,16 +594,33 @@ mod tests { timed_out: false, }) } + } - async fn prepare_escalated_exec( + impl ShellCommandExecutor for AfterSpawnAssertingShellCommandExecutor { + fn run( &self, - _program: &AbsolutePathBuf, - _argv: &[String], - _workdir: &AbsolutePathBuf, + _command: Vec, + _cwd: PathBuf, + env_overlay: HashMap, + _cancel_rx: CancellationToken, + after_spawn: Option>, + ) -> ShellCommandExecutorFuture<'_, ExecResult> { + Box::pin(AfterSpawnAssertingShellCommandExecutor::run( + self, + env_overlay, + after_spawn, + )) + } + + fn prepare_escalated_exec<'a>( + &'a self, + _program: &'a AbsolutePathBuf, + _argv: &'a [String], + _workdir: &'a AbsolutePathBuf, _env: HashMap, _execution: EscalationExecution, - ) -> anyhow::Result { - unreachable!("prepare_escalated_exec() is not used by exec() tests") + ) -> ShellCommandExecutorFuture<'a, PreparedExec> { + Box::pin(async { unreachable!("prepare_escalated_exec() is not used by exec() tests") }) } } diff --git a/codex-rs/shell-escalation/src/unix/escalation_policy.rs b/codex-rs/shell-escalation/src/unix/escalation_policy.rs index c3da252dd9f..c77af22db73 100644 --- a/codex-rs/shell-escalation/src/unix/escalation_policy.rs +++ b/codex-rs/shell-escalation/src/unix/escalation_policy.rs @@ -1,14 +1,19 @@ +use std::future::Future; +use std::pin::Pin; + use codex_utils_absolute_path::AbsolutePathBuf; use crate::unix::escalate_protocol::EscalationDecision; /// Decides what action to take in response to an execve request from a client. -#[async_trait::async_trait] pub trait EscalationPolicy: Send + Sync { - async fn determine_action( - &self, - file: &AbsolutePathBuf, - argv: &[String], - workdir: &AbsolutePathBuf, - ) -> anyhow::Result; + fn determine_action<'a>( + &'a self, + file: &'a AbsolutePathBuf, + argv: &'a [String], + workdir: &'a AbsolutePathBuf, + ) -> EscalationPolicyFuture<'a>; } + +pub type EscalationPolicyFuture<'a> = + Pin> + Send + 'a>>; diff --git a/codex-rs/shell-escalation/src/unix/mod.rs b/codex-rs/shell-escalation/src/unix/mod.rs index 8fb8688443f..8e30056bb4d 100644 --- a/codex-rs/shell-escalation/src/unix/mod.rs +++ b/codex-rs/shell-escalation/src/unix/mod.rs @@ -72,7 +72,9 @@ pub use self::escalate_server::ExecParams; pub use self::escalate_server::ExecResult; pub use self::escalate_server::PreparedExec; pub use self::escalate_server::ShellCommandExecutor; +pub use self::escalate_server::ShellCommandExecutorFuture; pub use self::escalation_policy::EscalationPolicy; +pub use self::escalation_policy::EscalationPolicyFuture; pub use self::execve_wrapper::main_execve_wrapper; pub use self::stopwatch::Stopwatch; pub use codex_protocol::approvals::EscalationPermissions; diff --git a/codex-rs/skills/src/assets/samples/plugin-creator/scripts/validate_plugin.py b/codex-rs/skills/src/assets/samples/plugin-creator/scripts/validate_plugin.py index 64518064e5a..6f49cb0feda 100644 --- a/codex-rs/skills/src/assets/samples/plugin-creator/scripts/validate_plugin.py +++ b/codex-rs/skills/src/assets/samples/plugin-creator/scripts/validate_plugin.py @@ -307,10 +307,17 @@ def validate_app_manifest(path: Path, errors: list[str]) -> None: if not isinstance(value, dict): errors.append(f"`.app.json` app `{key}` must be an object") continue - reject_companion_unknown_fields(value, {"id"}, f"`.app.json` app `{key}`", errors) + reject_companion_unknown_fields( + value, {"id", "category"}, f"`.app.json` app `{key}`", errors + ) app_id = value.get("id") if not isinstance(app_id, str) or not app_id.strip(): errors.append(f"`.app.json` app `{key}` field `id` must be a non-empty string") + category = value.get("category") + if category is not None and (not isinstance(category, str) or not category.strip()): + errors.append( + f"`.app.json` app `{key}` field `category` must be a non-empty string" + ) def validate_mcp_manifest(path: Path, errors: list[str]) -> None: diff --git a/codex-rs/state/migrations/0036_threads_visible_sort_indexes.sql b/codex-rs/state/migrations/0036_threads_visible_sort_indexes.sql new file mode 100644 index 00000000000..33a83a9d7b8 --- /dev/null +++ b/codex-rs/state/migrations/0036_threads_visible_sort_indexes.sql @@ -0,0 +1,7 @@ +CREATE INDEX idx_threads_visible_created_at_ms + ON threads(archived, created_at_ms DESC) + WHERE preview <> ''; + +CREATE INDEX idx_threads_visible_updated_at_ms + ON threads(archived, updated_at_ms DESC) + WHERE preview <> ''; diff --git a/codex-rs/state/src/extract.rs b/codex-rs/state/src/extract.rs index 1bba63fbf3d..c1c2e56c934 100644 --- a/codex-rs/state/src/extract.rs +++ b/codex-rs/state/src/extract.rs @@ -50,7 +50,7 @@ fn apply_session_meta_from_item(metadata: &mut ThreadMetadata, meta_line: &Sessi } metadata.id = meta_line.meta.id; metadata.source = enum_to_string(&meta_line.meta.source); - metadata.thread_source = meta_line.meta.thread_source; + metadata.thread_source = meta_line.meta.thread_source.clone(); metadata.agent_nickname = meta_line.meta.agent_nickname.clone(); metadata.agent_role = meta_line.meta.agent_role.clone(); metadata.agent_path = meta_line.meta.agent_path.clone(); @@ -75,7 +75,7 @@ fn apply_turn_context(metadata: &mut ThreadMetadata, turn_ctx: &TurnContextItem) metadata.cwd = turn_ctx.cwd.clone(); } metadata.model = Some(turn_ctx.model.clone()); - metadata.reasoning_effort = turn_ctx.effort; + metadata.reasoning_effort = turn_ctx.effort.clone(); metadata.sandbox_policy = serde_json::to_string(&turn_ctx.permission_profile()).unwrap_or_default(); metadata.approval_mode = enum_to_string(&turn_ctx.approval_policy); @@ -356,6 +356,7 @@ mod tests { network: None, file_system_sandbox_policy: None, model: "gpt-5".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, @@ -394,6 +395,7 @@ mod tests { network: None, file_system_sandbox_policy: None, model: "gpt-5".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, @@ -429,6 +431,7 @@ mod tests { network: None, file_system_sandbox_policy: None, model: "gpt-5".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, @@ -460,6 +463,7 @@ mod tests { network: None, file_system_sandbox_policy: None, model: "gpt-5".to_string(), + comp_hash: None, personality: None, collaboration_mode: None, multi_agent_version: None, diff --git a/codex-rs/state/src/lib.rs b/codex-rs/state/src/lib.rs index cb8c711e651..264b737e9fe 100644 --- a/codex-rs/state/src/lib.rs +++ b/codex-rs/state/src/lib.rs @@ -57,15 +57,21 @@ pub use runtime::GoalStore; pub use runtime::GoalUpdate; pub use runtime::MemoryStore; pub use runtime::RemoteControlEnrollmentRecord; +pub use runtime::RuntimeDbBackup; pub use runtime::RuntimeDbPath; pub use runtime::ThreadFilterOptions; +pub use runtime::backup_runtime_db_for_fresh_start; pub use runtime::goals_db_filename; pub use runtime::goals_db_path; +pub use runtime::is_sqlite_corruption_error; pub use runtime::logs_db_filename; pub use runtime::logs_db_path; pub use runtime::memories_db_filename; pub use runtime::memories_db_path; +pub use runtime::runtime_db_path_for_corruption_error; pub use runtime::runtime_db_paths; +pub use runtime::sqlite_error_detail_is_corruption; +pub use runtime::sqlite_error_detail_is_lock; pub use runtime::sqlite_integrity_check; pub use runtime::state_db_filename; pub use runtime::state_db_path; diff --git a/codex-rs/state/src/model/thread_goal.rs b/codex-rs/state/src/model/thread_goal.rs index 4806250069b..12d2a78dac8 100644 --- a/codex-rs/state/src/model/thread_goal.rs +++ b/codex-rs/state/src/model/thread_goal.rs @@ -3,12 +3,14 @@ use anyhow::anyhow; use chrono::DateTime; use chrono::Utc; use codex_protocol::ThreadId; +use serde::Serialize; use sqlx::Row; use sqlx::sqlite::SqliteRow; use super::epoch_millis_to_datetime; -#[derive(Debug, Clone, Copy, PartialEq, Eq)] +#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)] +#[serde(rename_all = "snake_case")] pub enum ThreadGoalStatus { Active, Paused, diff --git a/codex-rs/state/src/model/thread_metadata.rs b/codex-rs/state/src/model/thread_metadata.rs index 8f1ac4f5566..a30f7e479b8 100644 --- a/codex-rs/state/src/model/thread_metadata.rs +++ b/codex-rs/state/src/model/thread_metadata.rs @@ -196,7 +196,7 @@ impl ThreadMetadataBuilder { created_at, updated_at, source, - thread_source: self.thread_source, + thread_source: self.thread_source.clone(), agent_nickname: self.agent_nickname.clone(), agent_role: self.agent_role.clone(), agent_path: self @@ -584,13 +584,13 @@ mod tests { } #[test] - fn thread_row_ignores_unknown_reasoning_effort_values() { + fn thread_row_preserves_model_defined_reasoning_effort_values() { let metadata = ThreadMetadata::try_from(thread_row(Some("future"))) .expect("thread metadata should parse"); assert_eq!( metadata, - expected_thread_metadata(/*reasoning_effort*/ None) + expected_thread_metadata(Some(ReasoningEffort::Custom("future".to_string()))) ); } } diff --git a/codex-rs/state/src/runtime.rs b/codex-rs/state/src/runtime.rs index b08545d7a62..2937bf0c2e4 100644 --- a/codex-rs/state/src/runtime.rs +++ b/codex-rs/state/src/runtime.rs @@ -62,6 +62,7 @@ mod backfill; mod goals; mod logs; mod memories; +mod recovery; mod remote_control; #[cfg(test)] mod test_support; @@ -72,6 +73,12 @@ pub use goals::GoalAccountingOutcome; pub use goals::GoalStore; pub use goals::GoalUpdate; pub use memories::MemoryStore; +pub use recovery::RuntimeDbBackup; +pub use recovery::backup_runtime_db_for_fresh_start; +pub use recovery::is_sqlite_corruption_error; +pub use recovery::runtime_db_path_for_corruption_error; +pub use recovery::sqlite_error_detail_is_corruption; +pub use recovery::sqlite_error_detail_is_lock; pub use remote_control::RemoteControlEnrollmentRecord; pub use threads::ThreadFilterOptions; @@ -200,6 +207,7 @@ impl StateRuntime { Ok(db) => Arc::new(db), Err(err) => { warn!("failed to open logs db at {}: {err}", logs_path.display()); + close_sqlite_pools(&[pool.as_ref()]).await; return Err(err); } }; @@ -208,6 +216,7 @@ impl StateRuntime { Ok(db) => Arc::new(db), Err(err) => { warn!("failed to open goals db at {}: {err}", goals_path.display()); + close_sqlite_pools(&[pool.as_ref(), logs_pool.as_ref()]).await; return Err(err); } }; @@ -224,6 +233,7 @@ impl StateRuntime { "failed to open memories db at {}: {err}", memories_path.display() ); + close_sqlite_pools(&[pool.as_ref(), logs_pool.as_ref(), goals_pool.as_ref()]).await; return Err(err); } }; @@ -236,7 +246,16 @@ impl StateRuntime { started.elapsed(), &backfill_state_result, ); - backfill_state_result?; + if let Err(err) = backfill_state_result { + close_sqlite_pools(&[ + pool.as_ref(), + logs_pool.as_ref(), + goals_pool.as_ref(), + memories_pool.as_ref(), + ]) + .await; + return Err(err); + } let started = Instant::now(); let thread_updated_at_millis_result: anyhow::Result> = sqlx::query_scalar("SELECT MAX(threads.updated_at_ms) FROM threads") @@ -250,7 +269,19 @@ impl StateRuntime { started.elapsed(), &thread_updated_at_millis_result, ); - let thread_updated_at_millis = thread_updated_at_millis_result?; + let thread_updated_at_millis = match thread_updated_at_millis_result { + Ok(value) => value, + Err(err) => { + close_sqlite_pools(&[ + pool.as_ref(), + logs_pool.as_ref(), + goals_pool.as_ref(), + memories_pool.as_ref(), + ]) + .await; + return Err(err); + } + }; let thread_updated_at_millis = thread_updated_at_millis.unwrap_or(0); let runtime = Arc::new(Self { thread_goals: GoalStore::new(Arc::clone(&goals_pool)), @@ -283,6 +314,14 @@ impl StateRuntime { &self.memories } + /// Close all SQLite pools and wait for outstanding pool workers to exit. + pub async fn close(&self) { + self.memories.close().await; + self.thread_goals.close().await; + self.logs_pool.close().await; + self.pool.close().await; + } + pub async fn clear_memory_data_in_sqlite_home(sqlite_home: &Path) -> anyhow::Result { let memories_path = MEMORIES_DB.path(sqlite_home); if !tokio::fs::try_exists(&memories_path).await? { @@ -302,6 +341,12 @@ impl StateRuntime { } } +async fn close_sqlite_pools(pools: &[&SqlitePool]) { + for pool in pools { + pool.close().await; + } +} + fn base_sqlite_options(path: &Path) -> SqliteConnectOptions { SqliteConnectOptions::new() .filename(path) @@ -367,7 +412,8 @@ async fn open_sqlite( started.elapsed(), &pool_result, ); - let pool = pool_result?; + let pool = pool_result + .map_err(|source| recovery::RuntimeDbInitError::new(spec.label, "open", path, source))?; let started = Instant::now(); let migrate_result = migrator.run(&pool).await.map_err(anyhow::Error::from); crate::telemetry::record_init_result( @@ -377,13 +423,26 @@ async fn open_sqlite( started.elapsed(), &migrate_result, ); - migrate_result?; + if let Err(source) = migrate_result { + pool.close().await; + return Err(recovery::RuntimeDbInitError::new(spec.label, "migrate", path, source).into()); + } Ok(pool) } pub(super) async fn ensure_backfill_state_row_in_pool( pool: &sqlx::SqlitePool, ) -> anyhow::Result<()> { + // Eagerly check if the operation would have no effect to avoid blocking waiting for a SQLite + // writer for no reason in the hot startup path. + if sqlx::query_scalar::<_, i64>("SELECT 1 FROM backfill_state WHERE id = 1") + .fetch_optional(pool) + .await? + .is_some() + { + return Ok(()); + } + sqlx::query( r#" INSERT INTO backfill_state (id, status, last_watermark, last_success_at, updated_at) diff --git a/codex-rs/state/src/runtime/backfill.rs b/codex-rs/state/src/runtime/backfill.rs index 77ab57fcedb..3bfa74fb9af 100644 --- a/codex-rs/state/src/runtime/backfill.rs +++ b/codex-rs/state/src/runtime/backfill.rs @@ -110,9 +110,11 @@ WHERE id = 1 #[cfg(test)] mod tests { use super::StateRuntime; + use super::base_sqlite_options; use super::test_support::unique_temp_dir; use chrono::Utc; use pretty_assertions::assert_eq; + use sqlx::Connection; #[tokio::test] async fn backfill_state_persists_progress_and_completion() { @@ -167,6 +169,61 @@ mod tests { let _ = tokio::fs::remove_dir_all(codex_home).await; } + #[tokio::test] + async fn get_backfill_state_succeeds_while_another_connection_holds_writer_slot() { + let codex_home = unique_temp_dir(); + let runtime = StateRuntime::init(codex_home.clone(), "test-provider".to_string()) + .await + .expect("initialize runtime"); + let mut write_connection = sqlx::SqliteConnection::connect_with(&base_sqlite_options( + &crate::state_db_path(codex_home.as_path()), + )) + .await + .expect("open write connection"); + let write_transaction = write_connection + .begin_with("BEGIN IMMEDIATE") + .await + .expect("acquire write lock"); + + let state = runtime + .get_backfill_state() + .await + .expect("get backfill state"); + assert_eq!(state, crate::BackfillState::default()); + + write_transaction + .rollback() + .await + .expect("release write lock"); + let _ = tokio::fs::remove_dir_all(codex_home).await; + } + + #[tokio::test] + async fn get_backfill_state_repairs_a_missing_singleton_row() { + let codex_home = unique_temp_dir(); + let runtime = StateRuntime::init(codex_home.clone(), "test-provider".to_string()) + .await + .expect("initialize runtime"); + sqlx::query("DELETE FROM backfill_state WHERE id = 1") + .execute(runtime.pool.as_ref()) + .await + .expect("delete backfill state row"); + + let state = runtime + .get_backfill_state() + .await + .expect("get repaired backfill state"); + assert_eq!(state, crate::BackfillState::default()); + let row_count = + sqlx::query_scalar::<_, i64>("SELECT COUNT(*) FROM backfill_state WHERE id = 1") + .fetch_one(runtime.pool.as_ref()) + .await + .expect("count repaired backfill state rows"); + assert_eq!(row_count, 1); + + let _ = tokio::fs::remove_dir_all(codex_home).await; + } + #[tokio::test] async fn backfill_claim_is_singleton_until_stale_and_blocked_when_complete() { let codex_home = unique_temp_dir(); diff --git a/codex-rs/state/src/runtime/goals.rs b/codex-rs/state/src/runtime/goals.rs index aa0e90462b0..e5769ccd1fd 100644 --- a/codex-rs/state/src/runtime/goals.rs +++ b/codex-rs/state/src/runtime/goals.rs @@ -11,6 +11,10 @@ impl GoalStore { pub(crate) fn new(pool: Arc) -> Self { Self { pool } } + + pub(crate) async fn close(&self) { + self.pool.close().await; + } } pub struct GoalUpdate { @@ -141,7 +145,16 @@ INSERT INTO thread_goals ( created_at_ms, updated_at_ms ) VALUES (?, ?, ?, ?, ?, 0, 0, ?, ?) -ON CONFLICT(thread_id) DO NOTHING +ON CONFLICT(thread_id) DO UPDATE SET + goal_id = excluded.goal_id, + objective = excluded.objective, + status = excluded.status, + token_budget = excluded.token_budget, + tokens_used = 0, + time_used_seconds = 0, + created_at_ms = excluded.created_at_ms, + updated_at_ms = excluded.updated_at_ms +WHERE thread_goals.status = 'complete' RETURNING thread_id, goal_id, @@ -368,18 +381,31 @@ WHERE thread_id = ? self.get_thread_goal(thread_id).await } - pub async fn delete_thread_goal(&self, thread_id: ThreadId) -> anyhow::Result { - let result = sqlx::query( + pub async fn delete_thread_goal( + &self, + thread_id: ThreadId, + ) -> anyhow::Result> { + let row = sqlx::query( r#" DELETE FROM thread_goals WHERE thread_id = ? +RETURNING + thread_id, + goal_id, + objective, + status, + token_budget, + tokens_used, + time_used_seconds, + created_at_ms, + updated_at_ms "#, ) .bind(thread_id.to_string()) - .execute(self.pool.as_ref()) + .fetch_optional(self.pool.as_ref()) .await?; - Ok(result.rows_affected() > 0) + row.map(|row| thread_goal_from_row(&row)).transpose() } pub async fn account_thread_goal_usage( @@ -613,7 +639,8 @@ mod tests { assert_eq!(0, replaced.tokens_used); assert_eq!(0, replaced.time_used_seconds); - assert!( + assert_eq!( + Some(replaced), runtime .thread_goals() .delete_thread_goal(thread_id) @@ -628,8 +655,9 @@ mod tests { .await .unwrap() ); - assert!( - !runtime + assert_eq!( + None, + runtime .thread_goals() .delete_thread_goal(thread_id) .await diff --git a/codex-rs/state/src/runtime/memories.rs b/codex-rs/state/src/runtime/memories.rs index 31015007968..895c254350f 100644 --- a/codex-rs/state/src/runtime/memories.rs +++ b/codex-rs/state/src/runtime/memories.rs @@ -35,6 +35,10 @@ impl MemoryStore { Self { pool, state_pool } } + pub(crate) async fn close(&self) { + self.pool.close().await; + } + /// Deletes all persisted memory state in one transaction. /// /// This removes every `stage1_outputs` row and all `jobs` rows for the diff --git a/codex-rs/state/src/runtime/recovery.rs b/codex-rs/state/src/runtime/recovery.rs new file mode 100644 index 00000000000..d9cf0bcdc9b --- /dev/null +++ b/codex-rs/state/src/runtime/recovery.rs @@ -0,0 +1,243 @@ +//! Backup-and-rebuild support for Codex runtime SQLite databases. +//! +//! Codex keeps several independent runtime SQLite databases under one SQLite +//! home. When SQLite reports that one of them is corrupt, automatic recovery +//! moves only that database file and its sidecars into a backup folder so the +//! other databases keep their data. + +use std::borrow::Cow; +use std::path::Path; +use std::path::PathBuf; + +const BACKUP_DIR_NAME: &str = "db-backups"; + +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct RuntimeDbBackup { + /// Path where the runtime database or sidecar lived before it was moved. + pub original_path: PathBuf, + /// Path where the runtime database or sidecar was backed up. + pub backup_path: PathBuf, +} + +#[derive(Debug)] +pub(crate) struct RuntimeDbInitError { + label: &'static str, + operation: &'static str, + path: PathBuf, + source: anyhow::Error, +} + +impl RuntimeDbInitError { + pub(crate) fn new( + label: &'static str, + operation: &'static str, + path: &Path, + source: anyhow::Error, + ) -> Self { + Self { + label, + operation, + path: path.to_path_buf(), + source, + } + } + + fn path(&self) -> &Path { + self.path.as_path() + } +} + +impl std::fmt::Display for RuntimeDbInitError { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + write!( + f, + "failed to {} {} at {}: {}", + self.operation, + self.label, + self.path.display(), + self.source + ) + } +} + +impl std::error::Error for RuntimeDbInitError { + fn source(&self) -> Option<&(dyn std::error::Error + 'static)> { + Some(self.source.as_ref()) + } +} + +/// Move one Codex runtime SQLite database out of the way so that database can +/// be recreated without discarding unrelated runtime databases. +pub async fn backup_runtime_db_for_fresh_start( + db_path: &Path, +) -> std::io::Result> { + let sqlite_home = db_path.parent().ok_or_else(|| { + std::io::Error::other(format!( + "database path does not have a parent directory: {}", + db_path.display() + )) + })?; + match tokio::fs::metadata(sqlite_home).await { + Ok(metadata) if metadata.is_dir() => backup_runtime_db_files(db_path).await, + Ok(_) => backup_blocking_sqlite_home(sqlite_home).await, + Err(err) if err.kind() == std::io::ErrorKind::NotFound => { + tokio::fs::create_dir_all(sqlite_home).await?; + Err(std::io::Error::other(format!( + "no Codex runtime database files were found to back up for {}", + db_path.display() + ))) + } + Err(err) => Err(err), + } +} + +pub fn runtime_db_path_for_corruption_error(err: &anyhow::Error) -> Option { + if !is_sqlite_corruption_error(err) { + return None; + } + err.chain() + .find_map(|source| source.downcast_ref::()) + .map(|err| err.path().to_path_buf()) +} + +pub fn is_sqlite_corruption_error(err: &anyhow::Error) -> bool { + err.chain().any(sqlite_error_source_is_corruption) +} + +fn sqlite_error_source_is_corruption(source: &(dyn std::error::Error + 'static)) -> bool { + let Some(err) = source.downcast_ref::() else { + return false; + }; + let sqlx::Error::Database(database_error) = err else { + return false; + }; + sqlite_error_detail_is_corruption(database_error.message()) + || database_error + .code() + .is_some_and(sqlite_database_code_is_corruption) +} + +fn sqlite_database_code_is_corruption(code: Cow<'_, str>) -> bool { + matches!( + code.as_ref().to_ascii_lowercase().as_str(), + "11" | "26" | "sqlite_corrupt" | "sqlite_notadb" + ) +} + +pub fn sqlite_error_detail_is_corruption(detail: &str) -> bool { + let detail = detail.to_ascii_lowercase(); + detail.contains("database disk image is malformed") + || detail.contains("database schema is malformed") + || detail.contains("database is corrupt") + || detail.contains("file is not a database") + || detail.contains("sqlite_corrupt") + || detail.contains("sqlite_notadb") + || detail.contains("(code: 11)") + || detail.contains("(code: 26)") +} + +pub fn sqlite_error_detail_is_lock(detail: &str) -> bool { + let detail = detail.to_ascii_lowercase(); + detail.contains("database is locked") || detail.contains("database is busy") +} + +async fn backup_runtime_db_files(db_path: &Path) -> std::io::Result> { + let sqlite_home = db_path.parent().ok_or_else(|| { + std::io::Error::other(format!( + "database path does not have a parent directory: {}", + db_path.display() + )) + })?; + backup_sqlite_paths(sqlite_home, sqlite_paths(db_path)).await +} + +async fn backup_sqlite_paths( + sqlite_home: &Path, + paths: impl IntoIterator, +) -> std::io::Result> { + let backup_dir = create_unique_backup_dir(sqlite_home.join(BACKUP_DIR_NAME).as_path()).await?; + let mut backups = Vec::new(); + + for path in paths { + if tokio::fs::try_exists(path.as_path()).await? { + let backup_path = backup_dir.join(file_name(path.as_path())?); + tokio::fs::rename(path.as_path(), backup_path.as_path()).await?; + backups.push(RuntimeDbBackup { + original_path: path, + backup_path, + }); + } + } + + if backups.is_empty() { + let _ = tokio::fs::remove_dir(backup_dir).await; + return Err(std::io::Error::other( + "no Codex runtime database files were found to back up", + )); + } + + Ok(backups) +} + +async fn backup_blocking_sqlite_home(sqlite_home: &Path) -> std::io::Result> { + let parent = sqlite_home.parent().ok_or_else(|| { + std::io::Error::other(format!( + "cannot create a backup folder for {}", + sqlite_home.display() + )) + })?; + let mut backup_dir_name = file_name(sqlite_home)?.to_os_string(); + backup_dir_name.push(format!(".{BACKUP_DIR_NAME}")); + let backup_parent = parent.join(backup_dir_name); + let backup_dir = create_unique_backup_dir(backup_parent.as_path()).await?; + let backup_path = backup_dir.join(file_name(sqlite_home)?); + tokio::fs::rename(sqlite_home, backup_path.as_path()).await?; + tokio::fs::create_dir_all(sqlite_home).await?; + Ok(vec![RuntimeDbBackup { + original_path: sqlite_home.to_path_buf(), + backup_path, + }]) +} + +fn sqlite_paths(db_path: &Path) -> Vec { + let mut wal_path = db_path.as_os_str().to_os_string(); + wal_path.push("-wal"); + let mut shm_path = db_path.as_os_str().to_os_string(); + shm_path.push("-shm"); + vec![ + db_path.to_path_buf(), + PathBuf::from(wal_path), + PathBuf::from(shm_path), + ] +} + +async fn create_unique_backup_dir(backup_parent: &Path) -> std::io::Result { + tokio::fs::create_dir_all(backup_parent).await?; + let timestamp = std::time::SystemTime::now() + .duration_since(std::time::UNIX_EPOCH) + .map_or(0, |duration| duration.as_secs()); + let mut sequence = 0_u32; + loop { + let backup_dir = backup_parent.join(format!("sqlite-{timestamp}-{sequence}")); + match tokio::fs::create_dir(backup_dir.as_path()).await { + Ok(()) => return Ok(backup_dir), + Err(err) if err.kind() == std::io::ErrorKind::AlreadyExists => { + sequence += 1; + } + Err(err) => return Err(err), + } + } +} + +fn file_name(path: &Path) -> std::io::Result<&std::ffi::OsStr> { + path.file_name().ok_or_else(|| { + std::io::Error::other(format!( + "cannot create a backup name for {}", + path.display() + )) + }) +} + +#[cfg(test)] +#[path = "recovery_tests.rs"] +mod tests; diff --git a/codex-rs/state/src/runtime/recovery_tests.rs b/codex-rs/state/src/runtime/recovery_tests.rs new file mode 100644 index 00000000000..7424dbcfe19 --- /dev/null +++ b/codex-rs/state/src/runtime/recovery_tests.rs @@ -0,0 +1,105 @@ +use super::*; +use crate::runtime::test_support::unique_temp_dir; +use pretty_assertions::assert_eq; + +#[tokio::test] +async fn backup_moves_only_requested_runtime_db_files_to_backup_folder() -> std::io::Result<()> { + let sqlite_home = unique_temp_dir(); + tokio::fs::create_dir_all(sqlite_home.as_path()).await?; + let runtime_paths = super::super::runtime_db_paths(sqlite_home.as_path()); + let mut expected_paths = Vec::new(); + for db_path in runtime_paths.iter().map(|db| db.path.as_path()) { + for path in sqlite_paths(db_path) { + tokio::fs::write(path.as_path(), path.display().to_string()).await?; + expected_paths.push(path); + } + } + let failed_db_path = super::super::logs_db_path(sqlite_home.as_path()); + let failed_paths = sqlite_paths(failed_db_path.as_path()); + + let backups = backup_runtime_db_for_fresh_start(failed_db_path.as_path()).await?; + + assert_eq!(backups.len(), failed_paths.len()); + for path in &failed_paths { + assert!(!tokio::fs::try_exists(path.as_path()).await?); + } + for path in expected_paths + .iter() + .filter(|path| !failed_paths.contains(path)) + { + assert!(tokio::fs::try_exists(path.as_path()).await?); + } + for backup in backups { + assert!( + backup + .backup_path + .starts_with(sqlite_home.join(BACKUP_DIR_NAME)) + ); + assert!(tokio::fs::try_exists(backup.backup_path.as_path()).await?); + } + Ok(()) +} + +#[tokio::test] +async fn backup_replaces_blocking_sqlite_home_file() -> std::io::Result<()> { + let temp_dir = unique_temp_dir(); + tokio::fs::create_dir_all(temp_dir.as_path()).await?; + let sqlite_home = temp_dir.join("sqlite-home"); + tokio::fs::write(sqlite_home.as_path(), b"not-a-directory").await?; + + let backups = backup_runtime_db_for_fresh_start( + super::super::state_db_path(sqlite_home.as_path()).as_path(), + ) + .await?; + + assert_eq!(backups.len(), 1); + assert!(tokio::fs::metadata(sqlite_home.as_path()).await?.is_dir()); + assert!( + backups[0] + .backup_path + .starts_with(temp_dir.join(format!("sqlite-home.{BACKUP_DIR_NAME}"))) + ); + assert!(tokio::fs::try_exists(backups[0].backup_path.as_path()).await?); + Ok(()) +} + +#[test] +fn sqlite_error_detail_classifies_corruption_and_lock_errors() { + assert!(sqlite_error_detail_is_corruption("file is not a database")); + assert!(sqlite_error_detail_is_corruption( + "error returned from database: (code: 11) database disk image is malformed" + )); + assert!(!sqlite_error_detail_is_corruption("database is locked")); + assert!(sqlite_error_detail_is_lock("database is locked")); + assert!(sqlite_error_detail_is_lock("database is busy")); +} + +#[tokio::test] +async fn runtime_db_path_for_corruption_error_returns_failed_database_path() -> std::io::Result<()> +{ + let sqlite_home = unique_temp_dir(); + tokio::fs::create_dir_all(sqlite_home.as_path()).await?; + let path = super::super::state_db_path(sqlite_home.as_path()); + tokio::fs::write(path.as_path(), b"not sqlite").await?; + + let err = match super::super::StateRuntime::init(sqlite_home, "openai".to_string()).await { + Ok(_) => panic!("malformed sqlite should fail to initialize"), + Err(err) => err, + }; + + assert_eq!(runtime_db_path_for_corruption_error(&err), Some(path)); + Ok(()) +} + +#[test] +fn runtime_db_path_for_corruption_error_ignores_corrupt_word_in_path() { + let path = PathBuf::from("/tmp/sqlite_corrupt/state_5.sqlite"); + let err = anyhow::Error::new(RuntimeDbInitError::new( + "state DB", + "open", + path.as_path(), + anyhow::anyhow!("permission denied"), + )); + + assert_eq!(runtime_db_path_for_corruption_error(&err), None); +} diff --git a/codex-rs/state/src/runtime/threads.rs b/codex-rs/state/src/runtime/threads.rs index 4cc7ee4dc10..98eff16c502 100644 --- a/codex-rs/state/src/runtime/threads.rs +++ b/codex-rs/state/src/runtime/threads.rs @@ -384,6 +384,7 @@ ON CONFLICT(child_thread_id) DO NOTHING &mut builder, crate::SortKey::UpdatedAt, SortDirection::Desc, + OrderByIndex::Enabled, /*limit*/ 1, ); @@ -399,14 +400,9 @@ ON CONFLICT(child_thread_id) DO NOTHING filters: ThreadFilterOptions<'_>, ) -> anyhow::Result { let limit = page_size.saturating_add(1); - let sort_key = filters.sort_key; - let sort_direction = filters.sort_direction; let mut builder = QueryBuilder::::new(""); - push_thread_select_columns(&mut builder); - builder.push(" FROM threads"); - push_thread_filters(&mut builder, filters); - push_thread_order_and_limit(&mut builder, sort_key, sort_direction, limit); + push_list_threads_query(&mut builder, filters, limit); let rows = builder.build().fetch_all(self.pool.as_ref()).await?; let mut items = rows @@ -418,7 +414,7 @@ ON CONFLICT(child_thread_id) DO NOTHING items.pop(); items .last() - .and_then(|item| anchor_from_item(item, sort_key)) + .and_then(|item| anchor_from_item(item, filters.sort_key)) } else { None }; @@ -453,7 +449,13 @@ ON CONFLICT(child_thread_id) DO NOTHING search_term: None, }, ); - push_thread_order_and_limit(&mut builder, sort_key, SortDirection::Desc, limit); + push_thread_order_and_limit( + &mut builder, + sort_key, + SortDirection::Desc, + OrderByIndex::Enabled, + limit, + ); let rows = builder.build().fetch_all(self.pool.as_ref()).await?; rows.into_iter() @@ -521,6 +523,7 @@ ON CONFLICT(id) DO NOTHING .bind( metadata .thread_source + .as_ref() .map(codex_protocol::protocol::ThreadSource::as_str), ) .bind(metadata.agent_nickname.as_deref()) @@ -753,6 +756,7 @@ ON CONFLICT(id) DO UPDATE SET .bind( metadata .thread_source + .as_ref() .map(codex_protocol::protocol::ThreadSource::as_str), ) .bind(metadata.agent_nickname.as_deref()) @@ -880,17 +884,117 @@ ON CONFLICT(id) DO UPDATE SET self.upsert_thread(&metadata).await } - /// Delete a thread metadata row by id. + /// Delete a thread and all associated state by id. pub async fn delete_thread(&self, thread_id: ThreadId) -> anyhow::Result { - let result = sqlx::query("DELETE FROM threads WHERE id = ?") - .bind(thread_id.to_string()) - .execute(self.pool.as_ref()) + self.delete_threads_strict(&[thread_id]).await + } + + /// Delete a set of threads and all associated state. + /// + /// Spawn edges and thread rows are deleted last so a failed delete can be retried with enough + /// state left to rediscover the same spawned subtree. + pub async fn delete_threads_strict(&self, thread_ids: &[ThreadId]) -> anyhow::Result { + if thread_ids.is_empty() { + return Ok(0); + } + + let thread_id_strings = thread_ids + .iter() + .map(ThreadId::to_string) + .collect::>(); + for (thread_id, thread_id_string) in thread_ids.iter().zip(&thread_id_strings) { + sqlx::query("DELETE FROM logs WHERE thread_id = ?") + .bind(thread_id_string) + .execute(self.logs_pool.as_ref()) + .await?; + self.memories.delete_thread_memory(*thread_id).await?; + self.thread_goals.delete_thread_goal(*thread_id).await?; + } + + let now = Utc::now().timestamp(); + let mut tx = self.pool.begin().await?; + for thread_id_string in &thread_id_strings { + for parent_thread_id_string in &thread_id_strings { + // If both the job runner and worker are being deleted, requeueing + // the worker item would leave a running job with no loop to consume it. + sqlx::query( + r#" +UPDATE agent_jobs +SET status = ?, updated_at = ?, completed_at = ?, last_error = ? +WHERE status IN (?, ?) + AND id IN ( + SELECT item.job_id + FROM agent_job_items AS item + JOIN thread_spawn_edges AS edge ON edge.child_thread_id = item.assigned_thread_id + WHERE item.status = ? AND item.assigned_thread_id = ? AND edge.parent_thread_id = ? + ) + "#, + ) + .bind(AgentJobStatus::Cancelled.as_str()) + .bind(now) + .bind(now) + .bind("agent job runner thread was deleted") + .bind(AgentJobStatus::Pending.as_str()) + .bind(AgentJobStatus::Running.as_str()) + .bind(AgentJobItemStatus::Running.as_str()) + .bind(thread_id_string) + .bind(parent_thread_id_string) + .execute(&mut *tx) + .await?; + } + sqlx::query("DELETE FROM thread_dynamic_tools WHERE thread_id = ?") + .bind(thread_id_string) + .execute(&mut *tx) + .await?; + sqlx::query( + r#" +UPDATE agent_job_items +SET + status = ?, + assigned_thread_id = NULL, + updated_at = ?, + last_error = ? +WHERE assigned_thread_id = ? AND status = ? + "#, + ) + .bind(AgentJobItemStatus::Pending.as_str()) + .bind(now) + .bind("assigned thread was deleted") + .bind(thread_id_string) + .bind(AgentJobItemStatus::Running.as_str()) + .execute(&mut *tx) + .await?; + sqlx::query( + r#" +UPDATE agent_job_items +SET assigned_thread_id = NULL, updated_at = ? +WHERE assigned_thread_id = ? + "#, + ) + .bind(now) + .bind(thread_id_string) + .execute(&mut *tx) + .await?; + } + for thread_id_string in &thread_id_strings { + sqlx::query( + "DELETE FROM thread_spawn_edges WHERE parent_thread_id = ? OR child_thread_id = ?", + ) + .bind(thread_id_string) + .bind(thread_id_string) + .execute(&mut *tx) .await?; - let rows_affected = result.rows_affected(); - self.memories.delete_thread_memory(thread_id).await?; - if rows_affected > 0 { - self.thread_goals.delete_thread_goal(thread_id).await?; } + let mut rows_affected = 0; + for thread_id_string in &thread_id_strings { + rows_affected += sqlx::query("DELETE FROM threads WHERE id = ?") + .bind(thread_id_string) + .execute(&mut *tx) + .await? + .rows_affected(); + } + tx.commit().await?; + Ok(rows_affected) } } @@ -915,6 +1019,29 @@ fn one_thread_id_from_rows( } } +fn push_list_threads_query( + builder: &mut QueryBuilder, + filters: ThreadFilterOptions<'_>, + limit: usize, +) { + push_thread_select_columns(builder); + builder.push(" FROM threads"); + push_thread_filters(builder, filters); + let order_by_index = match filters.cwd_filters { + // Multi-cwd listing is supported but at the time of writing has no current use in production. + // Preserve its query plan so the global timestamp index does not regress cwd filtering into a scan. + Some(cwd_filters) if cwd_filters.len() > 1 => OrderByIndex::Disabled, + Some(_) | None => OrderByIndex::Enabled, + }; + push_thread_order_and_limit( + builder, + filters.sort_key, + filters.sort_direction, + order_by_index, + limit, + ); +} + pub(super) fn push_thread_select_columns(builder: &mut QueryBuilder) { builder.push( r#" @@ -1055,10 +1182,21 @@ pub(super) fn push_thread_filters<'a>( } } +/// Controls whether SQLite may use the ordered column to satisfy `ORDER BY` from an index. +/// +/// Disabling it adds a unary `+` to the ordered column. This preserves the sort semantics while +/// preventing a timestamp-only index from winning over a more selective filtering index. +#[derive(Clone, Copy)] +pub(super) enum OrderByIndex { + Enabled, + Disabled, +} + pub(super) fn push_thread_order_and_limit( builder: &mut QueryBuilder, sort_key: SortKey, sort_direction: SortDirection, + order_by_index: OrderByIndex, limit: usize, ) { let order_column = match sort_key { @@ -1070,6 +1208,12 @@ pub(super) fn push_thread_order_and_limit( SortDirection::Desc => "DESC", }; builder.push(" ORDER BY "); + match order_by_index { + OrderByIndex::Enabled => {} + OrderByIndex::Disabled => { + builder.push("+"); + } + } builder.push(order_column); builder.push(" "); builder.push(order_direction); @@ -1092,12 +1236,14 @@ mod tests { use crate::DirectionalThreadSpawnEdgeStatus; use crate::runtime::test_support::test_thread_metadata; use crate::runtime::test_support::unique_temp_dir; + use anyhow::Result; use codex_protocol::protocol::EventMsg; use codex_protocol::protocol::GitInfo; use codex_protocol::protocol::SessionMeta; use codex_protocol::protocol::SessionMetaLine; use codex_protocol::protocol::SessionSource; use pretty_assertions::assert_eq; + use serde_json::json; use std::path::PathBuf; #[tokio::test] @@ -1138,6 +1284,180 @@ mod tests { assert_eq!(memory_mode, "disabled"); } + #[tokio::test] + async fn delete_thread_cleans_associated_state() -> Result<()> { + let codex_home = unique_temp_dir(); + let runtime = StateRuntime::init(codex_home.clone(), "test-provider".to_string()).await?; + let thread_id = ThreadId::from_string("00000000-0000-0000-0000-000000000401")?; + let child_thread_id = ThreadId::from_string("00000000-0000-0000-0000-000000000402")?; + runtime + .upsert_thread(&test_thread_metadata( + &codex_home, + thread_id, + codex_home.clone(), + )) + .await?; + seed_thread_cleanup_state(&runtime, thread_id, child_thread_id).await?; + sqlx::query("INSERT INTO thread_dynamic_tools (thread_id, position, name, description, input_schema) VALUES (?, ?, ?, ?, ?)") + .bind(thread_id.to_string()) + .bind(0_i64) + .bind("test_tool") + .bind("test dynamic tool") + .bind("{}") + .execute(runtime.pool.as_ref()) + .await?; + runtime + .create_agent_job( + &AgentJobCreateParams { + id: "job-1".to_string(), + name: "test-job".to_string(), + instruction: "Return a result".to_string(), + auto_export: true, + max_runtime_seconds: None, + output_schema_json: None, + input_headers: vec!["path".to_string()], + input_csv_path: "/tmp/in.csv".to_string(), + output_csv_path: "/tmp/out.csv".to_string(), + }, + &[AgentJobItemCreateParams { + item_id: "item-1".to_string(), + row_index: 0, + source_id: None, + row_json: json!({"path": "file-1"}), + }], + ) + .await?; + runtime.mark_agent_job_running("job-1").await?; + runtime + .mark_agent_job_item_running_with_thread( + "job-1", + "item-1", + &child_thread_id.to_string(), + ) + .await?; + + let rows = runtime + .delete_threads_strict(&[thread_id, child_thread_id]) + .await?; + + assert_eq!(rows, 1); + assert!(runtime.get_thread(thread_id).await?.is_none()); + let dynamic_tool_count: i64 = + sqlx::query_scalar("SELECT COUNT(*) FROM thread_dynamic_tools WHERE thread_id = ?") + .bind(thread_id.to_string()) + .fetch_one(runtime.pool.as_ref()) + .await?; + assert_eq!(dynamic_tool_count, 0); + assert_thread_cleanup_state(&runtime, thread_id).await?; + let job_item = runtime + .get_agent_job_item("job-1", "item-1") + .await? + .expect("job item should exist"); + assert_eq!(job_item.status, AgentJobItemStatus::Pending); + assert_eq!(job_item.assigned_thread_id, None); + assert_eq!( + job_item.last_error, + Some("assigned thread was deleted".to_string()) + ); + let job = runtime + .get_agent_job("job-1") + .await? + .expect("job should exist"); + assert_eq!(job.status, AgentJobStatus::Cancelled); + + let missing_thread_id = ThreadId::from_string("00000000-0000-0000-0000-000000000403")?; + let missing_child_thread_id = + ThreadId::from_string("00000000-0000-0000-0000-000000000404")?; + seed_thread_cleanup_state(&runtime, missing_thread_id, missing_child_thread_id).await?; + + assert_eq!(runtime.delete_thread(missing_thread_id).await?, 0); + assert_thread_cleanup_state(&runtime, missing_thread_id).await?; + Ok(()) + } + + #[tokio::test] + async fn delete_thread_keeps_retry_graph_on_cleanup_failure() -> Result<()> { + let codex_home = unique_temp_dir(); + let runtime = StateRuntime::init(codex_home.clone(), "test-provider".to_string()).await?; + let thread_id = ThreadId::from_string("00000000-0000-0000-0000-000000000405")?; + let child_thread_id = ThreadId::from_string("00000000-0000-0000-0000-000000000406")?; + runtime + .upsert_thread(&test_thread_metadata( + &codex_home, + thread_id, + codex_home.clone(), + )) + .await?; + seed_thread_cleanup_state(&runtime, thread_id, child_thread_id).await?; + + runtime.logs_pool.close().await; + runtime + .delete_thread(thread_id) + .await + .expect_err("closed log db should fail deletion"); + + assert!(runtime.get_thread(thread_id).await?.is_some()); + assert_eq!( + runtime.list_thread_spawn_descendants(thread_id).await?, + vec![child_thread_id] + ); + Ok(()) + } + + async fn seed_thread_cleanup_state( + runtime: &StateRuntime, + thread_id: ThreadId, + child_thread_id: ThreadId, + ) -> Result<()> { + runtime + .upsert_thread_spawn_edge( + thread_id, + child_thread_id, + DirectionalThreadSpawnEdgeStatus::Closed, + ) + .await?; + runtime + .thread_goals() + .replace_thread_goal( + thread_id, + "test goal", + crate::ThreadGoalStatus::Active, + /*token_budget*/ None, + ) + .await?; + sqlx::query("INSERT INTO logs (ts, ts_nanos, level, target, feedback_log_body, thread_id) VALUES (1, 0, 'INFO', 'test', 'feedback log', ?)") + .bind(thread_id.to_string()) + .execute(runtime.logs_pool.as_ref()) + .await?; + Ok(()) + } + + async fn assert_thread_cleanup_state( + runtime: &StateRuntime, + thread_id: ThreadId, + ) -> Result<()> { + let spawn_edge_count: i64 = sqlx::query_scalar( + "SELECT COUNT(*) FROM thread_spawn_edges WHERE parent_thread_id = ? OR child_thread_id = ?", + ) + .bind(thread_id.to_string()) + .bind(thread_id.to_string()) + .fetch_one(runtime.pool.as_ref()) + .await?; + assert_eq!(spawn_edge_count, 0); + assert_eq!( + runtime.thread_goals().get_thread_goal(thread_id).await?, + None + ); + let logs = runtime + .query_logs(&LogQuery { + thread_ids: vec![thread_id.to_string()], + ..Default::default() + }) + .await?; + assert!(logs.is_empty()); + Ok(()) + } + #[tokio::test] async fn list_threads_updated_after_returns_oldest_changes_first() { let codex_home = unique_temp_dir(); @@ -1253,9 +1573,9 @@ mod tests { } let cwd_filters = vec![first_cwd, second_cwd]; - let page = runtime + let first_page = runtime .list_threads( - /*page_size*/ 10, + /*page_size*/ 1, ThreadFilterOptions { archived_only: false, allowed_sources: &[], @@ -1270,8 +1590,44 @@ mod tests { .await .expect("list should succeed"); - let ids = page.items.iter().map(|item| item.id).collect::>(); - assert_eq!(ids, vec![second_id, first_id]); + let ids = first_page + .items + .iter() + .map(|item| item.id) + .collect::>(); + assert_eq!(ids, vec![second_id]); + assert_eq!( + first_page.next_anchor, + Some(Anchor { + ts: DateTime::::from_timestamp_millis(1_700_000_300_000) + .expect("valid timestamp"), + }) + ); + + let second_page = runtime + .list_threads( + /*page_size*/ 1, + ThreadFilterOptions { + archived_only: false, + allowed_sources: &[], + model_providers: None, + cwd_filters: Some(cwd_filters.as_slice()), + anchor: first_page.next_anchor.as_ref(), + sort_key: SortKey::UpdatedAt, + sort_direction: SortDirection::Desc, + search_term: None, + }, + ) + .await + .expect("second page should succeed"); + + let ids = second_page + .items + .iter() + .map(|item| item.id) + .collect::>(); + assert_eq!(ids, vec![first_id]); + assert_eq!(second_page.next_anchor, None); let page = runtime .list_threads( @@ -1293,6 +1649,85 @@ mod tests { assert_eq!(page.items, Vec::new()); } + #[tokio::test] + async fn list_threads_uses_indexes_matching_cwd_filters() { + let codex_home = unique_temp_dir(); + let runtime = StateRuntime::init(codex_home, "test-provider".to_string()) + .await + .expect("state db should initialize"); + + let model_providers = ["test-provider".to_string()]; + let cwd_filters = [ + PathBuf::from("/workspace/one"), + PathBuf::from("/workspace/two"), + ]; + let anchor = Anchor { + ts: DateTime::::from_timestamp(1_700_000_000, 0).expect("valid timestamp"), + }; + for (sort_key, visible_index, cwd_index) in [ + ( + SortKey::CreatedAt, + "idx_threads_visible_created_at_ms", + "idx_threads_archived_cwd_created_at_ms", + ), + ( + SortKey::UpdatedAt, + "idx_threads_visible_updated_at_ms", + "idx_threads_archived_cwd_updated_at_ms", + ), + ] { + for (cwd_filters, anchor, expected_index, expect_temp_sort) in [ + (None, None, visible_index, false), + (Some(&cwd_filters[..1]), None, cwd_index, false), + ( + Some(&cwd_filters[..]), + None, + "idx_threads_archived_cwd_", + true, + ), + (Some(&cwd_filters[..]), Some(&anchor), cwd_index, true), + ] { + let mut builder = QueryBuilder::::new("EXPLAIN QUERY PLAN "); + push_list_threads_query( + &mut builder, + ThreadFilterOptions { + archived_only: false, + allowed_sources: &[], + model_providers: Some(&model_providers), + cwd_filters, + anchor, + sort_key, + sort_direction: SortDirection::Desc, + search_term: None, + }, + /*limit*/ 201, + ); + let plan_details = builder + .build() + .fetch_all(runtime.pool.as_ref()) + .await + .expect("query plan should load") + .into_iter() + .map(|row| row.get::("detail")) + .collect::>(); + + assert!( + plan_details + .iter() + .any(|detail| detail.contains(expected_index)), + "query plan did not use {expected_index}: {plan_details:?}" + ); + assert_eq!( + plan_details + .iter() + .any(|detail| detail.contains("TEMP B-TREE")), + expect_temp_sort, + "unexpected sorting plan: {plan_details:?}" + ); + } + } + } + #[tokio::test] async fn apply_rollout_items_restores_memory_mode_from_session_meta() { let codex_home = unique_temp_dir(); diff --git a/codex-rs/thread-manager-sample/src/main.rs b/codex-rs/thread-manager-sample/src/main.rs index 9305a6f6684..5c8aae8b37e 100644 --- a/codex-rs/thread-manager-sample/src/main.rs +++ b/codex-rs/thread-manager-sample/src/main.rs @@ -16,6 +16,7 @@ use codex_core_api::AskForApproval; use codex_core_api::AuthCredentialsStoreMode; use codex_core_api::AuthManager; use codex_core_api::AutoCompactTokenLimitScope; +use codex_core_api::CodexHomeUserInstructionsProvider; use codex_core_api::CodexThread; use codex_core_api::Config; use codex_core_api::ConfigLayerStack; @@ -120,12 +121,16 @@ async fn run_main(arg0_paths: Arg0DispatchPaths) -> anyhow::Result<()> { .await?, ); let installation_id = resolve_installation_id(&config.codex_home).await?; + let user_instructions_provider = Arc::new(CodexHomeUserInstructionsProvider::new( + config.codex_home.clone(), + )); let thread_manager = ThreadManager::new( &config, auth_manager, SessionSource::Exec, environment_manager, empty_extension_registry(), + user_instructions_provider, /*analytics_events_client*/ None, Arc::clone(&thread_store), state_db, @@ -184,7 +189,6 @@ fn new_config(model: Option, arg0_paths: Arg0DispatchPaths) -> anyhow::R enforce_residency: Constrained::allow_any(/*initial_value*/ None), hide_agent_reasoning: false, show_raw_agent_reasoning: false, - user_instructions: None, base_instructions: None, developer_instructions: None, guardian_policy_config: None, @@ -238,6 +242,7 @@ fn new_config(model: Option, arg0_paths: Arg0DispatchPaths) -> anyhow::R codex_home, history: History::default(), ephemeral: true, + extra_config: None, file_opener: UriBasedFileOpener::VsCode, codex_self_exe: arg0_paths.codex_self_exe, codex_linux_sandbox_exe: arg0_paths.codex_linux_sandbox_exe, @@ -250,7 +255,6 @@ fn new_config(model: Option, arg0_paths: Arg0DispatchPaths) -> anyhow::R model_catalog: None, model_verbosity: None, chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(), - apps_mcp_path_override: None, apps_mcp_product_sku: None, realtime_audio: RealtimeAudioConfig::default(), experimental_realtime_ws_base_url: None, @@ -266,6 +270,7 @@ fn new_config(model: Option, arg0_paths: Arg0DispatchPaths) -> anyhow::R web_search_mode: Constrained::allow_any(WebSearchMode::Disabled), web_search_config: None, experimental_request_user_input_enabled: true, + code_mode: Default::default(), use_experimental_unified_exec_tool: false, background_terminal_max_timeout: 300_000, ghost_snapshot: GhostSnapshotConfig::default(), @@ -295,7 +300,6 @@ async fn run_turn(thread: &CodexThread, thread_id: &str, prompt: String) -> anyh text: prompt, text_elements: Vec::new(), }], - environments: None, final_output_json_schema: None, responsesapi_client_metadata: None, additional_context: Default::default(), @@ -326,6 +330,7 @@ async fn run_turn(thread: &CodexThread, thread_id: &str, prompt: String) -> anyh | EventMsg::CollabCloseEnd(_) | EventMsg::CollabResumeBegin(_) | EventMsg::CollabResumeEnd(_) + | EventMsg::SubAgentActivity(_) | EventMsg::AgentMessageContentDelta(_) | EventMsg::PlanDelta(_) | EventMsg::ReasoningContentDelta(_) diff --git a/codex-rs/thread-store/Cargo.toml b/codex-rs/thread-store/Cargo.toml index 5a0608b4db6..7c59cf72f35 100644 --- a/codex-rs/thread-store/Cargo.toml +++ b/codex-rs/thread-store/Cargo.toml @@ -13,7 +13,6 @@ doctest = false workspace = true [dependencies] -async-trait = { workspace = true } chrono = { workspace = true, features = ["serde"] } codex-git-utils = { workspace = true } codex-install-context = { workspace = true } diff --git a/codex-rs/thread-store/src/in_memory.rs b/codex-rs/thread-store/src/in_memory.rs index b02fc158554..472e3d35e3e 100644 --- a/codex-rs/thread-store/src/in_memory.rs +++ b/codex-rs/thread-store/src/in_memory.rs @@ -5,7 +5,6 @@ use std::sync::Mutex; use std::sync::MutexGuard; use std::sync::OnceLock; -use async_trait::async_trait; use chrono::Utc; use codex_protocol::ThreadId; use codex_protocol::models::PermissionProfile; @@ -14,10 +13,12 @@ use codex_protocol::protocol::RolloutItem; use codex_protocol::protocol::SessionMeta; use codex_protocol::protocol::SessionMetaLine; use codex_protocol::protocol::ThreadMemoryMode; +use codex_rollout::persisted_rollout_items; use crate::AppendThreadItemsParams; use crate::ArchiveThreadParams; use crate::CreateThreadParams; +use crate::DeleteThreadParams; use crate::ListThreadsParams; use crate::LoadThreadHistoryParams; use crate::ReadThreadByRolloutPathParams; @@ -29,6 +30,7 @@ use crate::ThreadMetadataPatch; use crate::ThreadPage; use crate::ThreadStore; use crate::ThreadStoreError; +use crate::ThreadStoreFuture; use crate::ThreadStoreResult; use crate::UpdateThreadMetadataParams; @@ -109,11 +111,13 @@ pub struct InMemoryThreadStoreCalls { pub discard_thread: usize, pub load_history: usize, pub read_thread: usize, + pub read_thread_with_history: usize, pub read_thread_by_rollout_path: usize, pub list_threads: usize, pub update_thread_metadata: usize, pub archive_thread: usize, pub unarchive_thread: usize, + pub delete_thread: usize, } /// In-memory [`ThreadStore`] implementation for tests and debug configs. @@ -156,13 +160,6 @@ impl InMemoryThreadStore { pub async fn calls(&self) -> InMemoryThreadStoreCalls { self.state.lock().await.calls.clone() } -} - -#[async_trait] -impl ThreadStore for InMemoryThreadStore { - fn as_any(&self) -> &dyn std::any::Any { - self - } async fn create_thread(&self, params: CreateThreadParams) -> ThreadStoreResult<()> { let mut state = self.state.lock().await; @@ -176,7 +173,7 @@ impl ThreadStore for InMemoryThreadStore { agent_role: params.source.get_agent_role(), agent_path: params.source.get_agent_path().map(Into::into), source: params.source.clone(), - thread_source: params.thread_source, + thread_source: params.thread_source.clone(), model_provider: Some(params.metadata.model_provider.clone()), base_instructions: Some(params.base_instructions.clone()), dynamic_tools: (!params.dynamic_tools.is_empty()).then(|| params.dynamic_tools.clone()), @@ -212,33 +209,17 @@ impl ThreadStore for InMemoryThreadStore { } async fn append_items(&self, params: AppendThreadItemsParams) -> ThreadStoreResult<()> { + let canonical_items = persisted_rollout_items(params.items.as_slice()); + if canonical_items.is_empty() { + return Ok(()); + } let mut state = self.state.lock().await; state.calls.append_items += 1; state .histories .entry(params.thread_id) .or_default() - .extend(params.items); - Ok(()) - } - - async fn persist_thread(&self, _thread_id: ThreadId) -> ThreadStoreResult<()> { - self.state.lock().await.calls.persist_thread += 1; - Ok(()) - } - - async fn flush_thread(&self, _thread_id: ThreadId) -> ThreadStoreResult<()> { - self.state.lock().await.calls.flush_thread += 1; - Ok(()) - } - - async fn shutdown_thread(&self, _thread_id: ThreadId) -> ThreadStoreResult<()> { - self.state.lock().await.calls.shutdown_thread += 1; - Ok(()) - } - - async fn discard_thread(&self, _thread_id: ThreadId) -> ThreadStoreResult<()> { - self.state.lock().await.calls.discard_thread += 1; + .extend(canonical_items); Ok(()) } @@ -262,6 +243,9 @@ impl ThreadStore for InMemoryThreadStore { async fn read_thread(&self, params: ReadThreadParams) -> ThreadStoreResult { let mut state = self.state.lock().await; state.calls.read_thread += 1; + if params.include_history { + state.calls.read_thread_with_history += 1; + } stored_thread_from_state(&state, params.thread_id, params.include_history) } @@ -282,7 +266,7 @@ impl ThreadStore for InMemoryThreadStore { stored_thread_from_state(&state, thread_id, params.include_history) } - async fn list_threads(&self, _params: ListThreadsParams) -> ThreadStoreResult { + async fn list_threads(&self) -> ThreadStoreResult { let mut state = self.state.lock().await; state.calls.list_threads += 1; let mut items = state @@ -316,18 +300,119 @@ impl ThreadStore for InMemoryThreadStore { stored_thread_from_state(&state, params.thread_id, /*include_history*/ false) } - async fn archive_thread(&self, _params: ArchiveThreadParams) -> ThreadStoreResult<()> { - self.state.lock().await.calls.archive_thread += 1; - Ok(()) + async fn delete_thread(&self, params: DeleteThreadParams) -> ThreadStoreResult<()> { + let mut state = self.state.lock().await; + state.calls.delete_thread += 1; + let existed = state.histories.remove(¶ms.thread_id).is_some(); + state.created_threads.remove(¶ms.thread_id); + state.names.remove(¶ms.thread_id); + state.metadata_updates.remove(¶ms.thread_id); + state + .rollout_paths + .retain(|_, thread_id| *thread_id != params.thread_id); + if existed { + Ok(()) + } else { + Err(ThreadStoreError::ThreadNotFound { + thread_id: params.thread_id, + }) + } } +} - async fn unarchive_thread( +impl ThreadStore for InMemoryThreadStore { + fn as_any(&self) -> &dyn std::any::Any { + self + } + + fn create_thread(&self, params: CreateThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(InMemoryThreadStore::create_thread(self, params)) + } + + fn resume_thread(&self, params: ResumeThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(InMemoryThreadStore::resume_thread(self, params)) + } + + fn append_items(&self, params: AppendThreadItemsParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(InMemoryThreadStore::append_items(self, params)) + } + + fn persist_thread(&self, _thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { + self.state.lock().await.calls.persist_thread += 1; + Ok(()) + }) + } + + fn flush_thread(&self, _thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { + self.state.lock().await.calls.flush_thread += 1; + Ok(()) + }) + } + + fn shutdown_thread(&self, _thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { + self.state.lock().await.calls.shutdown_thread += 1; + Ok(()) + }) + } + + fn discard_thread(&self, _thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { + self.state.lock().await.calls.discard_thread += 1; + Ok(()) + }) + } + + fn load_history( &self, - params: ArchiveThreadParams, - ) -> ThreadStoreResult { - let mut state = self.state.lock().await; - state.calls.unarchive_thread += 1; - stored_thread_from_state(&state, params.thread_id, /*include_history*/ false) + params: LoadThreadHistoryParams, + ) -> ThreadStoreFuture<'_, StoredThreadHistory> { + Box::pin(InMemoryThreadStore::load_history(self, params)) + } + + fn read_thread(&self, params: ReadThreadParams) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(InMemoryThreadStore::read_thread(self, params)) + } + + fn read_thread_by_rollout_path( + &self, + params: ReadThreadByRolloutPathParams, + ) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(InMemoryThreadStore::read_thread_by_rollout_path( + self, params, + )) + } + + fn list_threads(&self, _params: ListThreadsParams) -> ThreadStoreFuture<'_, ThreadPage> { + Box::pin(InMemoryThreadStore::list_threads(self)) + } + + fn update_thread_metadata( + &self, + params: UpdateThreadMetadataParams, + ) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(InMemoryThreadStore::update_thread_metadata(self, params)) + } + + fn archive_thread(&self, _params: ArchiveThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { + self.state.lock().await.calls.archive_thread += 1; + Ok(()) + }) + } + + fn unarchive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(async move { + let mut state = self.state.lock().await; + state.calls.unarchive_thread += 1; + stored_thread_from_state(&state, params.thread_id, /*include_history*/ false) + }) + } + + fn delete_thread(&self, params: DeleteThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(InMemoryThreadStore::delete_thread(self, params)) } } @@ -356,6 +441,7 @@ fn stored_thread_from_state( Ok(StoredThread { thread_id, + extra_config: created.extra_config.clone(), rollout_path: metadata .and_then(|metadata| metadata.rollout_path.clone()) .or(rollout_path), @@ -369,7 +455,7 @@ fn stored_thread_from_state( .and_then(|metadata| metadata.model_provider.clone()) .unwrap_or_else(|| "test".to_string()), model: metadata.and_then(|metadata| metadata.model.clone()), - reasoning_effort: metadata.and_then(|metadata| metadata.reasoning_effort), + reasoning_effort: metadata.and_then(|metadata| metadata.reasoning_effort.clone()), created_at: metadata .and_then(|metadata| metadata.created_at) .unwrap_or_else(Utc::now), @@ -387,8 +473,8 @@ fn stored_thread_from_state( .and_then(|metadata| metadata.source.clone()) .unwrap_or_else(|| created.source.clone()), thread_source: metadata - .and_then(|metadata| metadata.thread_source) - .unwrap_or(created.thread_source), + .and_then(|metadata| metadata.thread_source.clone()) + .unwrap_or_else(|| created.thread_source.clone()), agent_nickname: metadata.and_then(|metadata| metadata.agent_nickname.clone().flatten()), agent_role: metadata.and_then(|metadata| metadata.agent_role.clone().flatten()), agent_path: metadata.and_then(|metadata| metadata.agent_path.clone().flatten()), diff --git a/codex-rs/thread-store/src/lib.rs b/codex-rs/thread-store/src/lib.rs index 157d13004ff..d0ab3805c92 100644 --- a/codex-rs/thread-store/src/lib.rs +++ b/codex-rs/thread-store/src/lib.rs @@ -21,10 +21,13 @@ pub use live_thread::LiveThreadInitGuard; pub use local::LocalThreadStore; pub use local::LocalThreadStoreConfig; pub use store::ThreadStore; +pub use store::ThreadStoreFuture; pub use types::AppendThreadItemsParams; pub use types::ArchiveThreadParams; pub use types::ClearableField; pub use types::CreateThreadParams; +pub use types::DeleteThreadParams; +pub use types::ExtraConfig; pub use types::GitInfoPatch; pub use types::ItemPage; pub use types::ListItemsParams; @@ -38,6 +41,7 @@ pub use types::SearchThreadsParams; pub use types::SortDirection; pub use types::StoredThread; pub use types::StoredThreadHistory; +pub use types::StoredThreadItem; pub use types::StoredThreadSearchResult; pub use types::StoredTurn; pub use types::StoredTurnError; diff --git a/codex-rs/thread-store/src/live_thread.rs b/codex-rs/thread-store/src/live_thread.rs index d1487860c19..88d347f57ba 100644 --- a/codex-rs/thread-store/src/live_thread.rs +++ b/codex-rs/thread-store/src/live_thread.rs @@ -116,7 +116,11 @@ impl LiveThread { { Ok(history) => params.history = Some(history.items), Err(err) => { - let _ = thread_store.discard_thread(thread_id).await; + if let Err(discard_err) = thread_store.discard_thread(thread_id).await { + warn!( + "failed to discard thread persistence after resume history load failed: {discard_err}" + ); + } return Err(err); } } @@ -131,15 +135,18 @@ impl LiveThread { pub async fn append_items(&self, items: &[RolloutItem]) -> ThreadStoreResult<()> { let canonical_items = persisted_rollout_items(items); - if canonical_items.is_empty() { + if items.is_empty() { return Ok(()); } self.thread_store .append_items(AppendThreadItemsParams { thread_id: self.thread_id, - items: canonical_items.clone(), + items: items.to_vec(), }) .await?; + if canonical_items.is_empty() { + return Ok(()); + } let update = self .metadata_sync .lock() diff --git a/codex-rs/thread-store/src/local/delete_thread.rs b/codex-rs/thread-store/src/local/delete_thread.rs new file mode 100644 index 00000000000..ecd962f6472 --- /dev/null +++ b/codex-rs/thread-store/src/local/delete_thread.rs @@ -0,0 +1,210 @@ +//! Local hard-delete support for persisted threads. +//! +//! Existing rollout files are deleted before this operation reports success. A rollout file that +//! vanishes after discovery counts as already deleted. SQLite cleanup happens at the app-server +//! layer after every associated rollout has been removed so failed deletes can be retried. + +use std::io::ErrorKind; +use std::path::Path; + +use codex_rollout::ARCHIVED_SESSIONS_SUBDIR; +use codex_rollout::SESSIONS_SUBDIR; +use codex_rollout::find_archived_thread_path_by_id_str; +use codex_rollout::find_thread_path_by_id_str; +use codex_rollout::remove_thread_name_entries; + +use super::LocalThreadStore; +use super::helpers::matching_rollout_file_name; +use super::helpers::scoped_rollout_path; +use crate::DeleteThreadParams; +use crate::ThreadStoreError; +use crate::ThreadStoreResult; + +pub(super) async fn delete_thread( + store: &LocalThreadStore, + params: DeleteThreadParams, +) -> ThreadStoreResult<()> { + let thread_id = params.thread_id; + let thread_id_str = thread_id.to_string(); + let state_db_ctx = store.state_db().await; + let mut rollout_paths = Vec::new(); + + match find_thread_path_by_id_str( + store.config.codex_home.as_path(), + thread_id_str.as_str(), + state_db_ctx.as_deref(), + ) + .await + { + Ok(Some(path)) => rollout_paths.push(path), + Ok(None) => {} + Err(err) => { + return Err(ThreadStoreError::InvalidRequest { + message: format!("failed to locate thread id {thread_id}: {err}"), + }); + } + } + + match find_archived_thread_path_by_id_str( + store.config.codex_home.as_path(), + thread_id_str.as_str(), + state_db_ctx.as_deref(), + ) + .await + { + Ok(Some(path)) => { + if !rollout_paths.contains(&path) { + rollout_paths.push(path); + } + } + Ok(None) => {} + Err(err) => { + return Err(ThreadStoreError::InvalidRequest { + message: format!("failed to locate archived thread id {thread_id}: {err}"), + }); + } + } + + let found_rollout_path = !rollout_paths.is_empty(); + for rollout_path in rollout_paths { + delete_rollout_file(store, rollout_path.as_path(), thread_id)?; + } + remove_thread_name_entries(store.config.codex_home.as_path(), thread_id) + .await + .map_err(|err| ThreadStoreError::Internal { + message: format!("failed to delete thread name index entries for {thread_id}: {err}"), + })?; + + if !found_rollout_path { + return Err(ThreadStoreError::ThreadNotFound { thread_id }); + } + + store.live_recorders.lock().await.remove(&thread_id); + + Ok(()) +} + +fn delete_rollout_file( + store: &LocalThreadStore, + rollout_path: &Path, + thread_id: codex_protocol::ThreadId, +) -> ThreadStoreResult { + let plain_path = codex_rollout::plain_rollout_path(rollout_path); + let compressed_path = plain_path.with_extension("jsonl.zst"); + let deleted_plain = delete_rollout_path(store, plain_path.as_path(), thread_id)?; + let deleted_compressed = delete_rollout_path(store, compressed_path.as_path(), thread_id)?; + Ok(deleted_plain || deleted_compressed) +} + +fn delete_rollout_path( + store: &LocalThreadStore, + rollout_path: &Path, + thread_id: codex_protocol::ThreadId, +) -> ThreadStoreResult { + let canonical_rollout_path = scoped_rollout_path( + store.config.codex_home.join(SESSIONS_SUBDIR), + rollout_path, + "sessions", + ) + .or_else(|_| { + scoped_rollout_path( + store.config.codex_home.join(ARCHIVED_SESSIONS_SUBDIR), + rollout_path, + "archived sessions", + ) + }) + .or_else(|err| match rollout_path.try_exists() { + Ok(false) => Ok(rollout_path.to_path_buf()), + Ok(true) | Err(_) => Err(err), + })?; + matching_rollout_file_name(&canonical_rollout_path, thread_id, rollout_path)?; + match std::fs::remove_file(&canonical_rollout_path) { + Ok(()) => Ok(true), + Err(err) if err.kind() == ErrorKind::NotFound => Ok(false), + Err(err) => Err(ThreadStoreError::Internal { + message: format!( + "failed to delete rollout file `{}`: {err}", + canonical_rollout_path.display() + ), + }), + } +} + +#[cfg(test)] +mod tests { + use codex_protocol::ThreadId; + use pretty_assertions::assert_eq; + use tempfile::TempDir; + use uuid::Uuid; + + use super::*; + use crate::ThreadStore; + use crate::local::LocalThreadStore; + use crate::local::test_support::test_config; + use crate::local::test_support::write_archived_session_file; + use crate::local::test_support::write_session_file; + + #[tokio::test] + async fn delete_thread_removes_active_and_archived_rollouts() { + let home = TempDir::new().expect("temp dir"); + let store = LocalThreadStore::new(test_config(home.path()), /*state_db*/ None); + let active_path = + write_session_file(home.path(), "2025-01-03T12-00-00", Uuid::from_u128(301)) + .expect("session file"); + let compressed_path = active_path.with_extension("jsonl.zst"); + std::fs::write(&compressed_path, b"compressed sibling").expect("compressed sibling"); + let cases = [ + (Uuid::from_u128(301), active_path), + ( + Uuid::from_u128(302), + write_archived_session_file( + home.path(), + "2025-01-03T12-00-00", + Uuid::from_u128(302), + ) + .expect("archived session file"), + ), + ]; + + for (uuid, path) in cases { + let thread_id = ThreadId::from_string(&uuid.to_string()).expect("valid thread id"); + store + .delete_thread(DeleteThreadParams { thread_id }) + .await + .expect("delete thread"); + + assert!(!path.exists()); + } + assert!(!compressed_path.exists()); + } + + #[tokio::test] + async fn delete_rollout_file_treats_vanished_path_as_already_deleted() { + let home = TempDir::new().expect("temp dir"); + let store = LocalThreadStore::new(test_config(home.path()), /*state_db*/ None); + let uuid = Uuid::from_u128(305); + let thread_id = ThreadId::from_string(&uuid.to_string()).expect("valid thread id"); + let path = + write_session_file(home.path(), "2025-01-03T12-00-00", uuid).expect("session file"); + std::fs::remove_file(&path).expect("remove session file"); + + assert!(!delete_rollout_file(&store, path.as_path(), thread_id).expect("delete rollout")); + } + + #[tokio::test] + async fn delete_thread_reports_missing_thread() { + let home = TempDir::new().expect("temp dir"); + let store = LocalThreadStore::new(test_config(home.path()), /*state_db*/ None); + let thread_id = + ThreadId::from_string("00000000-0000-0000-0000-000000000304").expect("valid thread id"); + + let err = store + .delete_thread(DeleteThreadParams { thread_id }) + .await + .expect_err("missing thread should fail"); + assert_eq!( + err.to_string(), + "thread 00000000-0000-0000-0000-000000000304 not found" + ); + } +} diff --git a/codex-rs/thread-store/src/local/helpers.rs b/codex-rs/thread-store/src/local/helpers.rs index ae0650855ac..5acdcf09b66 100644 --- a/codex-rs/thread-store/src/local/helpers.rs +++ b/codex-rs/thread-store/src/local/helpers.rs @@ -122,6 +122,7 @@ pub(super) fn stored_thread_from_rollout_item( Some(StoredThread { thread_id, + extra_config: None, rollout_path: Some(rollout_path), forked_from_id: None, parent_thread_id: item.parent_thread_id, diff --git a/codex-rs/thread-store/src/local/live_writer.rs b/codex-rs/thread-store/src/local/live_writer.rs index 0b31ae0ea87..61c15a43d9a 100644 --- a/codex-rs/thread-store/src/local/live_writer.rs +++ b/codex-rs/thread-store/src/local/live_writer.rs @@ -5,6 +5,7 @@ use codex_protocol::protocol::ThreadMemoryMode; use codex_rollout::RolloutConfig; use codex_rollout::RolloutRecorder; use codex_rollout::RolloutRecorderParams; +use codex_rollout::persisted_rollout_items; use tracing::warn; use super::LocalThreadStore; @@ -77,9 +78,13 @@ pub(super) async fn append_items( store: &LocalThreadStore, params: AppendThreadItemsParams, ) -> ThreadStoreResult<()> { + let canonical_items = persisted_rollout_items(params.items.as_slice()); + if canonical_items.is_empty() { + return Ok(()); + } let recorder = store.live_recorder(params.thread_id).await?; recorder - .record_canonical_items(params.items.as_slice()) + .record_canonical_items(canonical_items.as_slice()) .await .map_err(thread_store_io_error)?; // LiveThread applies metadata immediately after append_items returns. Wait for the local diff --git a/codex-rs/thread-store/src/local/mod.rs b/codex-rs/thread-store/src/local/mod.rs index 146bfbd843c..dd49fd2a592 100644 --- a/codex-rs/thread-store/src/local/mod.rs +++ b/codex-rs/thread-store/src/local/mod.rs @@ -1,5 +1,6 @@ mod archive_thread; mod create_thread; +mod delete_thread; mod helpers; mod list_threads; mod live_writer; @@ -11,7 +12,6 @@ mod update_thread_metadata; #[cfg(test)] mod test_support; -use async_trait::async_trait; use codex_protocol::ThreadId; use codex_rollout::RolloutRecorder; use codex_rollout::StateDbHandle; @@ -24,6 +24,7 @@ use tokio::sync::Mutex; use crate::AppendThreadItemsParams; use crate::ArchiveThreadParams; use crate::CreateThreadParams; +use crate::DeleteThreadParams; use crate::ListThreadsParams; use crate::LoadThreadHistoryParams; use crate::ReadThreadByRolloutPathParams; @@ -36,6 +37,7 @@ use crate::ThreadPage; use crate::ThreadSearchPage; use crate::ThreadStore; use crate::ThreadStoreError; +use crate::ThreadStoreFuture; use crate::ThreadStoreResult; use crate::UpdateThreadMetadataParams; @@ -164,41 +166,6 @@ impl LocalThreadStore { } } } -} - -#[async_trait] -impl ThreadStore for LocalThreadStore { - fn as_any(&self) -> &dyn std::any::Any { - self - } - - async fn create_thread(&self, params: CreateThreadParams) -> ThreadStoreResult<()> { - live_writer::create_thread(self, params).await - } - - async fn resume_thread(&self, params: ResumeThreadParams) -> ThreadStoreResult<()> { - live_writer::resume_thread(self, params).await - } - - async fn append_items(&self, params: AppendThreadItemsParams) -> ThreadStoreResult<()> { - live_writer::append_items(self, params).await - } - - async fn persist_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()> { - live_writer::persist_thread(self, thread_id).await - } - - async fn flush_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()> { - live_writer::flush_thread(self, thread_id).await - } - - async fn shutdown_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()> { - live_writer::shutdown_thread(self, thread_id).await - } - - async fn discard_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()> { - live_writer::discard_thread(self, thread_id).await - } async fn load_history( &self, @@ -243,11 +210,7 @@ impl ThreadStore for LocalThreadStore { }) } - async fn read_thread(&self, params: ReadThreadParams) -> ThreadStoreResult { - read_thread::read_thread(self, params).await - } - - async fn read_thread_by_rollout_path( + async fn read_thread_by_rollout_path_params( &self, params: ReadThreadByRolloutPathParams, ) -> ThreadStoreResult { @@ -259,34 +222,89 @@ impl ThreadStore for LocalThreadStore { ) .await } +} - async fn list_threads(&self, params: ListThreadsParams) -> ThreadStoreResult { - list_threads::list_threads(self, params).await +impl ThreadStore for LocalThreadStore { + fn as_any(&self) -> &dyn std::any::Any { + self } - async fn search_threads( + fn create_thread(&self, params: CreateThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::create_thread(self, params).await }) + } + + fn resume_thread(&self, params: ResumeThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::resume_thread(self, params).await }) + } + + fn append_items(&self, params: AppendThreadItemsParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::append_items(self, params).await }) + } + + fn persist_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::persist_thread(self, thread_id).await }) + } + + fn flush_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::flush_thread(self, thread_id).await }) + } + + fn shutdown_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::shutdown_thread(self, thread_id).await }) + } + + fn discard_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { live_writer::discard_thread(self, thread_id).await }) + } + + fn load_history( + &self, + params: LoadThreadHistoryParams, + ) -> ThreadStoreFuture<'_, StoredThreadHistory> { + Box::pin(LocalThreadStore::load_history(self, params)) + } + + fn read_thread(&self, params: ReadThreadParams) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(async move { read_thread::read_thread(self, params).await }) + } + + fn read_thread_by_rollout_path( + &self, + params: ReadThreadByRolloutPathParams, + ) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(LocalThreadStore::read_thread_by_rollout_path_params( + self, params, + )) + } + + fn list_threads(&self, params: ListThreadsParams) -> ThreadStoreFuture<'_, ThreadPage> { + Box::pin(async move { list_threads::list_threads(self, params).await }) + } + + fn search_threads( &self, params: SearchThreadsParams, - ) -> ThreadStoreResult { - search_threads::search_threads(self, params).await + ) -> ThreadStoreFuture<'_, ThreadSearchPage> { + Box::pin(async move { search_threads::search_threads(self, params).await }) } - async fn update_thread_metadata( + fn update_thread_metadata( &self, params: UpdateThreadMetadataParams, - ) -> ThreadStoreResult { - update_thread_metadata::update_thread_metadata(self, params).await + ) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(async move { update_thread_metadata::update_thread_metadata(self, params).await }) } - async fn archive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreResult<()> { - archive_thread::archive_thread(self, params).await + fn archive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { archive_thread::archive_thread(self, params).await }) } - async fn unarchive_thread( - &self, - params: ArchiveThreadParams, - ) -> ThreadStoreResult { - unarchive_thread::unarchive_thread(self, params).await + fn unarchive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreFuture<'_, StoredThread> { + Box::pin(async move { unarchive_thread::unarchive_thread(self, params).await }) + } + + fn delete_thread(&self, params: DeleteThreadParams) -> ThreadStoreFuture<'_, ()> { + Box::pin(async move { delete_thread::delete_thread(self, params).await }) } } @@ -1013,6 +1031,7 @@ mod tests { fn create_thread_params(thread_id: ThreadId) -> CreateThreadParams { CreateThreadParams { thread_id, + extra_config: None, forked_from_id: None, parent_thread_id: None, source: SessionSource::Exec, diff --git a/codex-rs/thread-store/src/local/read_thread.rs b/codex-rs/thread-store/src/local/read_thread.rs index 52c8eb7a384..24bc32993cd 100644 --- a/codex-rs/thread-store/src/local/read_thread.rs +++ b/codex-rs/thread-store/src/local/read_thread.rs @@ -325,6 +325,7 @@ async fn stored_thread_from_sqlite_metadata( permission_profile_from_metadata_value(&metadata.sandbox_policy, metadata.cwd.as_path()); StoredThread { thread_id: metadata.id, + extra_config: None, rollout_path: Some(rollout_path), forked_from_id, parent_thread_id, @@ -390,6 +391,7 @@ fn stored_thread_from_meta_line( let rollout_path = codex_rollout::plain_rollout_path(path.as_path()); StoredThread { thread_id: meta_line.meta.id, + extra_config: None, rollout_path: Some(rollout_path), forked_from_id: meta_line.meta.forked_from_id, parent_thread_id: meta_line.meta.parent_thread_id, diff --git a/codex-rs/thread-store/src/local/search_threads.rs b/codex-rs/thread-store/src/local/search_threads.rs index 20f5da82433..c9394c39625 100644 --- a/codex-rs/thread-store/src/local/search_threads.rs +++ b/codex-rs/thread-store/src/local/search_threads.rs @@ -109,7 +109,8 @@ pub(super) async fn search_threads( ) .await?; for item in page.items { - let Some(snippet) = (match remaining_rollouts.remove(item.path.as_path()) { + let logical_path = codex_rollout::plain_rollout_path(item.path.as_path()); + let Some(snippet) = (match remaining_rollouts.remove(logical_path.as_path()) { Some(Some(snippet)) => Some(snippet), Some(None) => first_rollout_content_match_snippet(item.path.as_path(), search_term) .await diff --git a/codex-rs/thread-store/src/local/update_thread_metadata.rs b/codex-rs/thread-store/src/local/update_thread_metadata.rs index dc616e4da2a..7754b1a841c 100644 --- a/codex-rs/thread-store/src/local/update_thread_metadata.rs +++ b/codex-rs/thread-store/src/local/update_thread_metadata.rs @@ -221,7 +221,7 @@ async fn apply_metadata_update( patch.source.clone().unwrap_or(SessionSource::Unknown), ); builder.model_provider = patch.model_provider.clone(); - builder.thread_source = patch.thread_source.flatten(); + builder.thread_source = patch.thread_source.clone().flatten(); builder.agent_nickname = patch.agent_nickname.clone().flatten(); builder.agent_role = patch.agent_role.clone().flatten(); builder.agent_path = patch.agent_path.clone().flatten(); diff --git a/codex-rs/thread-store/src/store.rs b/codex-rs/thread-store/src/store.rs index 7276a980daa..ef02e85d508 100644 --- a/codex-rs/thread-store/src/store.rs +++ b/codex-rs/thread-store/src/store.rs @@ -1,10 +1,12 @@ -use async_trait::async_trait; use codex_protocol::ThreadId; use std::any::Any; +use std::future::Future; +use std::pin::Pin; use crate::AppendThreadItemsParams; use crate::ArchiveThreadParams; use crate::CreateThreadParams; +use crate::DeleteThreadParams; use crate::ItemPage; use crate::ListItemsParams; use crate::ListThreadsParams; @@ -23,82 +25,89 @@ use crate::ThreadStoreResult; use crate::TurnPage; use crate::UpdateThreadMetadataParams; +/// Future returned by [`ThreadStore`] operations. +pub type ThreadStoreFuture<'a, T> = Pin> + Send + 'a>>; + /// Storage-neutral thread persistence boundary. -#[async_trait] pub trait ThreadStore: Any + Send + Sync { /// Return this store as [`Any`] for implementation-owned escape hatches. fn as_any(&self) -> &dyn Any; /// Creates a new live thread. - async fn create_thread(&self, params: CreateThreadParams) -> ThreadStoreResult<()>; + fn create_thread(&self, params: CreateThreadParams) -> ThreadStoreFuture<'_, ()>; /// Reopens an existing thread for live appends. - async fn resume_thread(&self, params: ResumeThreadParams) -> ThreadStoreResult<()>; + fn resume_thread(&self, params: ResumeThreadParams) -> ThreadStoreFuture<'_, ()>; - /// Appends canonical rollout items to a live thread. + /// Appends raw rollout items to a live thread. /// - /// This is the raw history API. It does not infer metadata from item contents. Callers that - /// need metadata updates should call [`ThreadStore::update_thread_metadata`] with explicit - /// metadata facts prepared above the store. - async fn append_items(&self, params: AppendThreadItemsParams) -> ThreadStoreResult<()>; + /// Implementations should apply the shared rollout persistence policy before writing durable + /// replay history and before updating any implementation-owned projections. + fn append_items(&self, params: AppendThreadItemsParams) -> ThreadStoreFuture<'_, ()>; /// Materializes the thread if persistence is lazy, then persists all queued items. - async fn persist_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()>; + fn persist_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()>; /// Flushes all queued items and returns once they are durable/readable. - async fn flush_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()>; + fn flush_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()>; /// Flushes pending items and closes the live thread writer. - async fn shutdown_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()>; + fn shutdown_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()>; /// Discards the live thread writer without forcing pending in-memory items to become durable. /// /// Core calls this when session initialization fails after a live writer has been created. /// Implementations should release any live writer resources for the thread while preserving /// already-durable thread data. - async fn discard_thread(&self, thread_id: ThreadId) -> ThreadStoreResult<()>; + fn discard_thread(&self, thread_id: ThreadId) -> ThreadStoreFuture<'_, ()>; /// Loads persisted history for resume, fork, rollback, and memory jobs. - async fn load_history( + fn load_history( &self, params: LoadThreadHistoryParams, - ) -> ThreadStoreResult; + ) -> ThreadStoreFuture<'_, StoredThreadHistory>; /// Reads a thread summary and optionally its persisted history. - async fn read_thread(&self, params: ReadThreadParams) -> ThreadStoreResult; + fn read_thread(&self, params: ReadThreadParams) -> ThreadStoreFuture<'_, StoredThread>; /// Reads a rollout-backed thread by path when the store supports path-addressed lookups. /// /// Deprecated: new callers should use [`ThreadStore::read_thread`] instead. - async fn read_thread_by_rollout_path( + fn read_thread_by_rollout_path( &self, params: ReadThreadByRolloutPathParams, - ) -> ThreadStoreResult; + ) -> ThreadStoreFuture<'_, StoredThread>; /// Lists stored threads matching the supplied filters. - async fn list_threads(&self, params: ListThreadsParams) -> ThreadStoreResult; + fn list_threads(&self, params: ListThreadsParams) -> ThreadStoreFuture<'_, ThreadPage>; /// Searches stored threads and returns search-only preview metadata. - async fn search_threads( + fn search_threads( &self, _params: SearchThreadsParams, - ) -> ThreadStoreResult { - Err(ThreadStoreError::Unsupported { - operation: "thread/search", + ) -> ThreadStoreFuture<'_, ThreadSearchPage> { + Box::pin(async { + Err(ThreadStoreError::Unsupported { + operation: "thread/search", + }) }) } /// Lists turns within a stored thread. - async fn list_turns(&self, _params: ListTurnsParams) -> ThreadStoreResult { - Err(ThreadStoreError::Unsupported { - operation: "list_turns", + fn list_turns(&self, _params: ListTurnsParams) -> ThreadStoreFuture<'_, TurnPage> { + Box::pin(async { + Err(ThreadStoreError::Unsupported { + operation: "list_turns", + }) }) } /// Lists persisted items within a stored turn. - async fn list_items(&self, _params: ListItemsParams) -> ThreadStoreResult { - Err(ThreadStoreError::Unsupported { - operation: "list_items", + fn list_items(&self, _params: ListItemsParams) -> ThreadStoreFuture<'_, ItemPage> { + Box::pin(async { + Err(ThreadStoreError::Unsupported { + operation: "list_items", + }) }) } @@ -106,17 +115,17 @@ pub trait ThreadStore: Any + Send + Sync { /// /// Implementations should apply the supplied fields directly. Policy such as deciding whether /// an append-derived preview should be emitted belongs above the store. - async fn update_thread_metadata( + fn update_thread_metadata( &self, params: UpdateThreadMetadataParams, - ) -> ThreadStoreResult; + ) -> ThreadStoreFuture<'_, StoredThread>; /// Archives a thread. - async fn archive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreResult<()>; + fn archive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreFuture<'_, ()>; /// Unarchives a thread and returns its updated metadata. - async fn unarchive_thread( - &self, - params: ArchiveThreadParams, - ) -> ThreadStoreResult; + fn unarchive_thread(&self, params: ArchiveThreadParams) -> ThreadStoreFuture<'_, StoredThread>; + + /// Deletes a thread's persisted rollout data and associated metadata. + fn delete_thread(&self, params: DeleteThreadParams) -> ThreadStoreFuture<'_, ()>; } diff --git a/codex-rs/thread-store/src/thread_metadata_sync.rs b/codex-rs/thread-store/src/thread_metadata_sync.rs index d5673b3665d..3a379a48150 100644 --- a/codex-rs/thread-store/src/thread_metadata_sync.rs +++ b/codex-rs/thread-store/src/thread_metadata_sync.rs @@ -66,7 +66,7 @@ impl ThreadMetadataSync { created_at: Some(created_at), updated_at: Some(created_at), source: Some(params.source.clone()), - thread_source: Some(params.thread_source), + thread_source: Some(params.thread_source.clone()), agent_nickname: Some(params.source.get_nickname()), agent_role: Some(params.source.get_agent_role()), agent_path: Some(params.source.get_agent_path().map(Into::into)), @@ -201,7 +201,7 @@ impl ThreadMetadataSync { RolloutItem::SessionMeta(meta_line) if meta_line.meta.id == self.thread_id => { update.created_at = parse_session_timestamp(meta_line.meta.timestamp.as_str()); update.source = Some(meta_line.meta.source.clone()); - update.thread_source = Some(meta_line.meta.thread_source); + update.thread_source = Some(meta_line.meta.thread_source.clone()); update.agent_nickname = Some(meta_line.meta.agent_nickname.clone()); update.agent_role = Some(meta_line.meta.agent_role.clone()); update.agent_path = Some(meta_line.meta.agent_path.clone()); @@ -232,7 +232,7 @@ impl ThreadMetadataSync { update.cwd = Some(turn_ctx.cwd.clone()); } update.model = Some(turn_ctx.model.clone()); - update.reasoning_effort = turn_ctx.effort; + update.reasoning_effort = turn_ctx.effort.clone(); update.approval_mode = Some(turn_ctx.approval_policy); update.permission_profile = Some(turn_ctx.permission_profile()); } @@ -474,6 +474,7 @@ mod tests { let item = RolloutItem::Compacted(CompactedItem { message: "compacted".to_string(), replacement_history: None, + window_id: None, }); let first = sync diff --git a/codex-rs/thread-store/src/types.rs b/codex-rs/thread-store/src/types.rs index 1ab42a31175..741ca12bc2b 100644 --- a/codex-rs/thread-store/src/types.rs +++ b/codex-rs/thread-store/src/types.rs @@ -56,11 +56,17 @@ pub struct ThreadPersistenceMetadata { pub memory_mode: MemoryMode, } +/// Extra configuration fields for a thread. +#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)] +pub struct ExtraConfig {} + /// Parameters required to create a persisted thread. #[derive(Clone, Debug, Serialize, Deserialize)] pub struct CreateThreadParams { /// Thread id generated by Codex before opening persistence. pub thread_id: ThreadId, + /// Optional extra configuration fields for the thread. + pub extra_config: Option, /// Source thread id when this thread is created as a fork. pub forked_from_id: Option, /// The ID of the parent thread. This will only be set if this thread is a subagent. @@ -95,11 +101,14 @@ pub struct ResumeThreadParams { } /// Parameters for appending rollout items to a live thread. -#[derive(Clone, Debug, Serialize, Deserialize)] +#[derive(Clone, Debug)] pub struct AppendThreadItemsParams { /// Thread id to append to. pub thread_id: ThreadId, - /// Items to append in order. + /// Raw rollout items to append in order. + /// + /// Store implementations are responsible for applying the shared rollout persistence policy + /// before writing durable replay history or any implementation-owned projections. pub items: Vec, } @@ -291,6 +300,11 @@ pub struct StoredTurn { pub turn_id: String, /// Persisted rollout items associated with this turn, according to `items_view`. pub items: Vec, + /// Opaque serialized turn metadata supplied by a projected durable store. + pub metadata_json: Option>, + /// Semantic turn creation timestamp in milliseconds, when supplied by a projected durable + /// store. + pub turn_created_at_ms: Option, /// Amount of item detail included in `items`. pub items_view: StoredTurnItemsView, /// Store-owned status for API layer projection. @@ -333,11 +347,21 @@ pub struct ListItemsParams { pub sort_direction: SortDirection, } -/// A page of persisted rollout items within a turn. +/// A projected app-server `ThreadItem` snapshot within a turn. +#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)] +pub struct StoredThreadItem { + pub turn_id: Option, + pub item_key: String, + pub item_ordinal: u64, + pub item_created_at_ms: i64, + pub materialized_thread_item_json: Vec, +} + +/// A page of persisted items within a turn. #[derive(Clone, Debug, Serialize, Deserialize)] pub struct ItemPage { /// Items returned for this page. - pub items: Vec, + pub items: Vec, /// Opaque cursor to continue listing. pub next_cursor: Option, /// Opaque cursor for fetching in the opposite direction. @@ -349,6 +373,8 @@ pub struct ItemPage { pub struct StoredThread { /// Thread id. pub thread_id: ThreadId, + /// Optional extra configuration fields for the thread. + pub extra_config: Option, /// Local rollout path when the backing store is filesystem-based. pub rollout_path: Option, /// Source thread id when this thread was forked from another thread. @@ -645,6 +671,13 @@ pub struct ArchiveThreadParams { pub thread_id: ThreadId, } +/// Parameters for deleting a thread. +#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)] +pub struct DeleteThreadParams { + /// Thread id to delete. + pub thread_id: ThreadId, +} + #[cfg(test)] mod tests { use pretty_assertions::assert_eq; diff --git a/codex-rs/tools/Cargo.toml b/codex-rs/tools/Cargo.toml index 7cc0e348458..7d06acb0c08 100644 --- a/codex-rs/tools/Cargo.toml +++ b/codex-rs/tools/Cargo.toml @@ -8,10 +8,10 @@ version.workspace = true workspace = true [dependencies] -async-trait = { workspace = true } codex-app-server-protocol = { workspace = true } codex-code-mode = { workspace = true } codex-features = { workspace = true } +codex-file-system = { workspace = true } codex-protocol = { workspace = true } codex-utils-absolute-path = { workspace = true } codex-utils-output-truncation = { workspace = true } diff --git a/codex-rs/tools/src/json_schema.rs b/codex-rs/tools/src/json_schema.rs index 1b53ad98034..acffb78b116 100644 --- a/codex-rs/tools/src/json_schema.rs +++ b/codex-rs/tools/src/json_schema.rs @@ -6,13 +6,15 @@ use std::collections::BTreeMap; use std::collections::BTreeSet; const DEFINITION_TABLE_KEYS: [&str; 2] = ["$defs", "definitions"]; -const SCHEMA_CHILD_KEYS: [&str; 2] = ["items", "anyOf"]; +const SCHEMA_CHILD_KEYS: [&str; 4] = ["items", "anyOf", "oneOf", "allOf"]; +const COMPOSITION_SCHEMA_KEYS: [&str; 3] = ["anyOf", "oneOf", "allOf"]; /// Primitive JSON Schema type names we support in tool definitions. /// /// This mirrors the OpenAI Structured Outputs subset for JSON Schema `type`: /// string, number, boolean, integer, object, array, and null. -/// Keywords such as `enum`, `const`, and `anyOf` are modeled separately. +/// Keywords such as `enum`, `const`, `anyOf`, `oneOf`, and `allOf` are modeled +/// separately. /// See . #[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq)] #[serde(rename_all = "lowercase")] @@ -43,6 +45,9 @@ pub struct JsonSchema { pub schema_type: Option, #[serde(skip_serializing_if = "Option::is_none")] pub description: Option, + /// Responses-only marker for reviewed encrypted tool parameters. + #[serde(skip_serializing_if = "Option::is_none")] + pub encrypted: Option, #[serde(rename = "enum", skip_serializing_if = "Option::is_none")] pub enum_values: Option>, #[serde(skip_serializing_if = "Option::is_none")] @@ -58,6 +63,10 @@ pub struct JsonSchema { pub additional_properties: Option, #[serde(rename = "anyOf", skip_serializing_if = "Option::is_none")] pub any_of: Option>, + #[serde(rename = "oneOf", skip_serializing_if = "Option::is_none")] + pub one_of: Option>, + #[serde(rename = "allOf", skip_serializing_if = "Option::is_none")] + pub all_of: Option>, #[serde(rename = "$defs", skip_serializing_if = "Option::is_none")] pub defs: Option>, #[serde(skip_serializing_if = "Option::is_none")] @@ -82,6 +91,22 @@ impl JsonSchema { } } + pub fn one_of(variants: Vec, description: Option) -> Self { + Self { + description, + one_of: Some(variants), + ..Default::default() + } + } + + pub fn all_of(variants: Vec, description: Option) -> Self { + Self { + description, + all_of: Some(variants), + ..Default::default() + } + } + pub fn boolean(description: Option) -> Self { Self::typed(JsonSchemaPrimitiveType::Boolean, description) } @@ -90,6 +115,11 @@ impl JsonSchema { Self::typed(JsonSchemaPrimitiveType::String, description) } + pub fn with_encrypted(mut self) -> Self { + self.encrypted = Some(true); + self + } + pub fn number(description: Option) -> Self { Self::typed(JsonSchemaPrimitiveType::Number, description) } @@ -190,7 +220,7 @@ fn deserialize_tool_input_schema(input_schema: JsonValue) -> Result { + for value in values { + prune_schema_compositions(value); + } + } + JsonValue::Object(map) => { + if has_composition_keyword(map) { + *value = json!({}); + return; + } + + for_each_schema_child_mut(map, DefinitionTraversal::Skip, &mut |value| { + prune_schema_compositions(value); + }); + } + _ => {} + } +} + fn is_complex_schema_object(map: &serde_json::Map) -> bool { SCHEMA_CHILD_KEYS.iter().any(|key| map.contains_key(*key)) || map.contains_key("properties") @@ -396,10 +448,16 @@ fn is_complex_schema_object(map: &serde_json::Map) -> bool { || map.contains_key("$ref") } +fn has_composition_keyword(map: &serde_json::Map) -> bool { + COMPOSITION_SCHEMA_KEYS + .into_iter() + .any(|key| map.contains_key(key)) +} + /// Sanitize a JSON Schema (as serde_json::Value) so it can fit our limited /// schema representation. This function: /// - Ensures every typed schema object has a `"type"` when required. -/// - Preserves explicit `anyOf`. +/// - Preserves explicit `anyOf`, `oneOf`, and `allOf`. /// - Preserves `$ref` and reachable local `$defs` / `definitions`. /// - Collapses `const` into single-value `enum`. /// - Fills required child fields for object/array schema types, including @@ -435,8 +493,10 @@ fn sanitize_json_schema(value: &mut JsonValue) { if let Some(value) = map.get_mut("prefixItems") { sanitize_json_schema(value); } - if let Some(value) = map.get_mut("anyOf") { - sanitize_json_schema(value); + for key in COMPOSITION_SCHEMA_KEYS { + if let Some(value) = map.get_mut(key) { + sanitize_json_schema(value); + } } for table in DEFINITION_TABLE_KEYS { sanitize_schema_table(map, table); @@ -448,7 +508,8 @@ fn sanitize_json_schema(value: &mut JsonValue) { let mut schema_types = normalized_schema_types(map); - if schema_types.is_empty() && (map.contains_key("$ref") || map.contains_key("anyOf")) { + if schema_types.is_empty() && (map.contains_key("$ref") || has_composition_keyword(map)) + { return; } diff --git a/codex-rs/tools/src/json_schema_tests.rs b/codex-rs/tools/src/json_schema_tests.rs index 9315d43c004..3011c54f93c 100644 --- a/codex-rs/tools/src/json_schema_tests.rs +++ b/codex-rs/tools/src/json_schema_tests.rs @@ -24,6 +24,20 @@ fn parse_tool_input_schema_coerces_boolean_schemas() { assert_eq!(schema, JsonSchema::string(/*description*/ None)); } +#[test] +fn json_schema_serializes_encrypted_marker() { + let schema = JsonSchema::string(Some("Secret value".to_string())).with_encrypted(); + + assert_eq!( + serde_json::to_value(schema).expect("serialize schema"), + serde_json::json!({ + "type": "string", + "description": "Secret value", + "encrypted": true, + }) + ); +} + #[test] fn parse_tool_input_schema_infers_object_shape_and_defaults_properties() { // Example schema shape: @@ -714,6 +728,109 @@ fn parse_tool_input_schema_preserves_nested_any_of_property() { ); } +#[test] +fn parse_tool_input_schema_preserves_nested_one_of_property() { + // Example schema shape: + // { + // "type": "object", + // "properties": { + // "query": { + // "oneOf": [ + // { "const": "exact" }, + // { "type": "number" } + // ] + // } + // } + // } + // + // Expected normalization behavior: + // - The nested `oneOf` is preserved. + // - Child variants are recursively sanitized, including `const` to `enum`. + let schema = parse_tool_input_schema(&serde_json::json!({ + "type": "object", + "properties": { + "query": { + "oneOf": [ + { "const": "exact" }, + { "type": "number" } + ] + } + } + })) + .expect("parse schema"); + + assert_eq!( + schema, + JsonSchema::object( + BTreeMap::from([( + "query".to_string(), + JsonSchema::one_of( + vec![ + JsonSchema::string_enum( + vec![serde_json::json!("exact")], + /*description*/ None, + ), + JsonSchema::number(/*description*/ None), + ], + /*description*/ None, + ), + )]), + /*required*/ None, + /*additional_properties*/ None + ) + ); +} + +#[test] +fn parse_tool_input_schema_preserves_nested_all_of_property() { + // Example schema shape: + // { + // "type": "object", + // "properties": { + // "query": { + // "allOf": [ + // { "type": "string" }, + // { "description": "unrecognized by itself" } + // ] + // } + // } + // } + // + // Expected normalization behavior: + // - The nested `allOf` is preserved structurally rather than flattened. + // - Child variants are recursively sanitized. + let schema = parse_tool_input_schema(&serde_json::json!({ + "type": "object", + "properties": { + "query": { + "allOf": [ + { "type": "string" }, + { "description": "unrecognized by itself" } + ] + } + } + })) + .expect("parse schema"); + + assert_eq!( + schema, + JsonSchema::object( + BTreeMap::from([( + "query".to_string(), + JsonSchema::all_of( + vec![ + JsonSchema::string(/*description*/ None), + JsonSchema::default(), + ], + /*description*/ None, + ), + )]), + /*required*/ None, + /*additional_properties*/ None + ) + ); +} + #[test] fn parse_tool_input_schema_preserves_type_unions_without_rewriting_to_any_of() { // Example schema shape: @@ -1056,6 +1173,77 @@ fn parse_large_tool_input_schema_strips_descriptions_without_removing_descriptio ); } +#[test] +fn parse_large_tool_input_schema_prunes_compositions_as_last_resort() { + for composition_key in super::COMPOSITION_SCHEMA_KEYS { + let variants = vec![ + serde_json::json!({ + "type": "string", + "enum": ["first ".repeat(400)] + }), + serde_json::json!({ + "type": "string", + "enum": ["second ".repeat(400)] + }), + serde_json::json!({ + "type": "string", + "enum": ["third ".repeat(400)] + }), + ]; + + let mut choice = serde_json::Map::new(); + choice.insert( + composition_key.to_string(), + serde_json::Value::Array(variants), + ); + let schema = parse_tool_input_schema(&serde_json::json!({ + "type": "object", + "properties": { + "choice": choice + } + })) + .expect("parse schema"); + + assert_eq!( + serde_json::to_value(schema).expect("serialize schema"), + serde_json::json!({ + "type": "object", + "properties": { + "choice": {} + } + }) + ); + } +} + +#[test] +fn parse_large_tool_input_schema_prunes_single_composition_variant_if_still_over_budget() { + let schema = parse_tool_input_schema(&serde_json::json!({ + "type": "object", + "properties": { + "choice": { + "anyOf": [ + { + "type": "string", + "enum": ["x".repeat(4_500)] + } + ] + } + } + })) + .expect("parse schema"); + + assert_eq!( + serde_json::to_value(schema).expect("serialize schema"), + serde_json::json!({ + "type": "object", + "properties": { + "choice": {} + } + }) + ); +} + #[test] fn parse_large_tool_input_schema_preserves_object_enum_literal_descriptions() { let schema = parse_tool_input_schema(&serde_json::json!({ @@ -1112,7 +1300,12 @@ fn collapse_deep_schema_objects_traverses_schema_children() { "complex": { "type": "object", "properties": { - "leaf": { "type": "string" } + "nested": { + "type": "object", + "properties": { + "leaf": { "type": "string" } + } + } } }, "scalar": { @@ -1125,7 +1318,12 @@ fn collapse_deep_schema_objects_traverses_schema_children() { "items": { "type": "object", "properties": { - "leaf": { "type": "string" } + "nested": { + "type": "object", + "properties": { + "leaf": { "type": "string" } + } + } } } }, @@ -1134,7 +1332,12 @@ fn collapse_deep_schema_objects_traverses_schema_children() { "additionalProperties": { "type": "object", "properties": { - "leaf": { "type": "string" } + "nested": { + "type": "object", + "properties": { + "leaf": { "type": "string" } + } + } } } }, @@ -1143,7 +1346,12 @@ fn collapse_deep_schema_objects_traverses_schema_children() { { "type": "object", "properties": { - "leaf": { "type": "string" } + "nested": { + "type": "object", + "properties": { + "leaf": { "type": "string" } + } + } } }, { "type": "string" } @@ -1162,7 +1370,12 @@ fn collapse_deep_schema_objects_traverses_schema_children() { "object_parent": { "type": "object", "properties": { - "complex": {}, + "complex": { + "type": "object", + "properties": { + "nested": {} + } + }, "scalar": { "type": "string" } @@ -1170,15 +1383,30 @@ fn collapse_deep_schema_objects_traverses_schema_children() { }, "array_parent": { "type": "array", - "items": {} + "items": { + "type": "object", + "properties": { + "nested": {} + } + } }, "map_parent": { "type": "object", - "additionalProperties": {} + "additionalProperties": { + "type": "object", + "properties": { + "nested": {} + } + } }, "union_parent": { "anyOf": [ - {}, + { + "type": "object", + "properties": { + "nested": {} + } + }, { "type": "string" } ] } @@ -1383,10 +1611,24 @@ fn parse_tool_input_schema_collects_refs_from_schema_child_keywords() { {"$ref": "#/$defs/Choice"}, {"type": "string"} ] + }, + "exclusive_choice": { + "oneOf": [ + {"$ref": "#/$defs/ExclusiveChoice"}, + {"type": "integer"} + ] + }, + "combined": { + "allOf": [ + {"$ref": "#/$defs/Combined"}, + {"type": "object"} + ] } }, "$defs": { + "Combined": {"type": "object"}, "Choice": {"type": "boolean"}, + "ExclusiveChoice": {"type": "null"}, "Extra": {"type": "number"}, "Item": {"type": "string"}, "Unused": {"type": "null"} @@ -1405,6 +1647,18 @@ fn parse_tool_input_schema_collects_refs_from_schema_child_keywords() { {"type": "string"} ] }, + "combined": { + "allOf": [ + {"$ref": "#/$defs/Combined"}, + {"type": "object", "properties": {}} + ] + }, + "exclusive_choice": { + "oneOf": [ + {"$ref": "#/$defs/ExclusiveChoice"}, + {"type": "integer"} + ] + }, "items_holder": { "type": "array", "items": {"$ref": "#/$defs/Item"} @@ -1416,7 +1670,9 @@ fn parse_tool_input_schema_collects_refs_from_schema_child_keywords() { } }, "$defs": { + "Combined": {"type": "object", "properties": {}}, "Choice": {"type": "boolean"}, + "ExclusiveChoice": {"type": "null"}, "Extra": {"type": "number"}, "Item": {"type": "string"} } diff --git a/codex-rs/tools/src/lib.rs b/codex-rs/tools/src/lib.rs index 1cee3f7d2d5..8bcad849815 100644 --- a/codex-rs/tools/src/lib.rs +++ b/codex-rs/tools/src/lib.rs @@ -66,6 +66,7 @@ pub use tool_call::ConversationHistory; pub use tool_call::ExtensionTurnItem; pub use tool_call::NoopTurnItemEmitter; pub use tool_call::ToolCall; +pub use tool_call::ToolEnvironment; pub use tool_call::TurnItemEmissionFuture; pub use tool_call::TurnItemEmitter; pub use tool_config::ShellCommandBackendConfig; @@ -93,13 +94,13 @@ pub use tool_discovery::ToolSearchSourceInfo; pub use tool_discovery::collect_request_plugin_install_entries; pub use tool_discovery::filter_request_plugin_install_discoverable_tools_for_client; pub use tool_executor::ToolExecutor; +pub use tool_executor::ToolExecutorFuture; pub use tool_executor::ToolExposure; pub use tool_output::JsonToolOutput; pub use tool_output::ToolOutput; pub use tool_payload::ToolPayload; pub use tool_search::ToolSearchEntry; pub use tool_search::ToolSearchInfo; -pub use tool_search::default_tool_search_text; pub use tool_spec::ResponsesApiWebSearchFilters; pub use tool_spec::ResponsesApiWebSearchUserLocation; pub use tool_spec::ToolSpec; diff --git a/codex-rs/tools/src/request_plugin_install.rs b/codex-rs/tools/src/request_plugin_install.rs index 70e9cb093d1..5d6352b7f8c 100644 --- a/codex-rs/tools/src/request_plugin_install.rs +++ b/codex-rs/tools/src/request_plugin_install.rs @@ -47,6 +47,10 @@ pub struct RequestPluginInstallMeta<'a> { pub tool_name: &'a str, #[serde(skip_serializing_if = "Option::is_none")] pub install_url: Option<&'a str>, + #[serde(skip_serializing_if = "Option::is_none")] + pub remote_plugin_id: Option<&'a str>, + #[serde(skip_serializing_if = "Option::is_none")] + pub app_connector_ids: Option<&'a [String]>, } pub fn build_request_plugin_install_elicitation_request( @@ -57,8 +61,6 @@ pub fn build_request_plugin_install_elicitation_request( suggest_reason: &str, tool: &DiscoverableTool, ) -> McpServerElicitationRequestParams { - let tool_name = tool.name().to_string(); - let install_url = tool.install_url().map(ToString::to_string); let message = suggest_reason.to_string(); McpServerElicitationRequestParams { @@ -70,9 +72,7 @@ pub fn build_request_plugin_install_elicitation_request( args.tool_type, args.action_type, suggest_reason, - tool.id(), - tool_name.as_str(), - install_url.as_deref(), + tool, ))), message, requested_schema: McpElicitationSchema { @@ -108,19 +108,26 @@ fn build_request_plugin_install_meta<'a>( tool_type: DiscoverableToolType, action_type: DiscoverableToolAction, suggest_reason: &'a str, - tool_id: &'a str, - tool_name: &'a str, - install_url: Option<&'a str>, + tool: &'a DiscoverableTool, ) -> RequestPluginInstallMeta<'a> { + let (remote_plugin_id, app_connector_ids) = match tool { + DiscoverableTool::Connector(_) => (None, None), + DiscoverableTool::Plugin(plugin) => ( + plugin.remote_plugin_id.as_deref(), + Some(plugin.app_connector_ids.as_slice()), + ), + }; RequestPluginInstallMeta { codex_approval_kind: REQUEST_PLUGIN_INSTALL_APPROVAL_KIND_VALUE, persist: REQUEST_PLUGIN_INSTALL_PERSIST_ALWAYS_VALUE, tool_type, suggest_type: action_type, suggest_reason, - tool_id, - tool_name, - install_url, + tool_id: tool.id(), + tool_name: tool.name(), + install_url: tool.install_url(), + remote_plugin_id, + app_connector_ids, } } diff --git a/codex-rs/tools/src/request_plugin_install_tests.rs b/codex-rs/tools/src/request_plugin_install_tests.rs index ff2370ade73..ab8af9be670 100644 --- a/codex-rs/tools/src/request_plugin_install_tests.rs +++ b/codex-rs/tools/src/request_plugin_install_tests.rs @@ -57,6 +57,8 @@ fn build_request_plugin_install_elicitation_request_uses_expected_shape() { install_url: Some( "https://chatgpt.com/apps/google-calendar/connector_2128aebfecb84f64a069897515042a44" ), + remote_plugin_id: None, + app_connector_ids: None, })), message: "Plan and reference events from your calendar".to_string(), requested_schema: McpElicitationSchema { @@ -71,15 +73,16 @@ fn build_request_plugin_install_elicitation_request_uses_expected_shape() { } #[test] -fn build_request_plugin_install_elicitation_request_for_plugin_omits_install_url() { +fn build_request_plugin_install_elicitation_request_injects_plugin_metadata() { let args = RequestPluginInstallArgs { tool_type: DiscoverableToolType::Plugin, action_type: DiscoverableToolAction::Install, - tool_id: "sample@openai-curated".to_string(), + tool_id: "sample@openai-curated-remote".to_string(), suggest_reason: "Use the sample plugin's skills and MCP server".to_string(), }; let plugin = DiscoverableTool::Plugin(Box::new(DiscoverablePluginInfo { - id: "sample@openai-curated".to_string(), + id: "sample@openai-curated-remote".to_string(), + remote_plugin_id: Some("plugins~Plugin_sample".to_string()), name: "Sample Plugin".to_string(), description: Some("Includes skills, MCP servers, and apps.".to_string()), has_skills: true, @@ -109,9 +112,11 @@ fn build_request_plugin_install_elicitation_request_for_plugin_omits_install_url tool_type: DiscoverableToolType::Plugin, suggest_type: DiscoverableToolAction::Install, suggest_reason: "Use the sample plugin's skills and MCP server", - tool_id: "sample@openai-curated", + tool_id: "sample@openai-curated-remote", tool_name: "Sample Plugin", install_url: None, + remote_plugin_id: Some("plugins~Plugin_sample"), + app_connector_ids: Some(&["connector_calendar".to_string()]), })), message: "Use the sample plugin's skills and MCP server".to_string(), requested_schema: McpElicitationSchema { @@ -127,13 +132,28 @@ fn build_request_plugin_install_elicitation_request_for_plugin_omits_install_url #[test] fn build_request_plugin_install_meta_uses_expected_shape() { + let connector = DiscoverableTool::Connector(Box::new(AppInfo { + id: "connector_68df038e0ba48191908c8434991bbac2".to_string(), + name: "Gmail".to_string(), + description: None, + logo_url: None, + logo_url_dark: None, + distribution_channel: None, + branding: None, + app_metadata: None, + labels: None, + install_url: Some( + "https://chatgpt.com/apps/gmail/connector_68df038e0ba48191908c8434991bbac2".to_string(), + ), + is_accessible: false, + is_enabled: true, + plugin_display_names: Vec::new(), + })); let meta = build_request_plugin_install_meta( DiscoverableToolType::Connector, DiscoverableToolAction::Install, "Find and reference emails from your inbox", - "connector_68df038e0ba48191908c8434991bbac2", - "Gmail", - Some("https://chatgpt.com/apps/gmail/connector_68df038e0ba48191908c8434991bbac2"), + &connector, ); assert_eq!( @@ -149,6 +169,8 @@ fn build_request_plugin_install_meta_uses_expected_shape() { install_url: Some( "https://chatgpt.com/apps/gmail/connector_68df038e0ba48191908c8434991bbac2" ), + remote_plugin_id: None, + app_connector_ids: None, }, ); } diff --git a/codex-rs/tools/src/tool_call.rs b/codex-rs/tools/src/tool_call.rs index e3fc21e8644..fdbfffad863 100644 --- a/codex-rs/tools/src/tool_call.rs +++ b/codex-rs/tools/src/tool_call.rs @@ -1,9 +1,12 @@ use crate::FunctionCallError; use crate::ToolName; use crate::ToolPayload; +use codex_file_system::ExecutorFileSystem; +use codex_file_system::FileSystemSandboxContext; use codex_protocol::items::ImageGenerationItem; use codex_protocol::items::WebSearchItem; use codex_protocol::models::ResponseItem; +use codex_utils_absolute_path::AbsolutePathBuf; use codex_utils_output_truncation::TruncationPolicy; use std::future::Future; use std::pin::Pin; @@ -49,6 +52,19 @@ pub trait TurnItemEmitter: Send + Sync { fn emit_completed<'a>(&'a self, item: ExtensionTurnItem) -> TurnItemEmissionFuture<'a>; } +/// Host-owned turn environment summary visible to extension tools. +#[derive(Clone)] +pub struct ToolEnvironment { + /// Stable host environment id used to route executor-scoped capabilities. + pub environment_id: String, + /// Effective working directory for this turn in the environment. + pub cwd: AbsolutePathBuf, + /// Filesystem implementation for this environment. + pub file_system: Arc, + /// Sandbox context to use for filesystem operations. + pub file_system_sandbox_context: FileSystemSandboxContext, +} + /// Turn-item emitter used when a caller does not expose visible item emission. #[derive(Debug, Default, Clone, Copy)] pub struct NoopTurnItemEmitter; @@ -72,6 +88,7 @@ pub struct ToolCall { pub truncation_policy: TruncationPolicy, pub conversation_history: ConversationHistory, pub turn_item_emitter: Arc, + pub environments: Vec, pub payload: ToolPayload, } @@ -85,6 +102,7 @@ impl std::fmt::Debug for ToolCall { .field("truncation_policy", &self.truncation_policy) .field("conversation_history", &self.conversation_history) .field("turn_item_emitter", &"") + .field("environment_count", &self.environments.len()) .field("payload", &self.payload) .finish() } diff --git a/codex-rs/tools/src/tool_config_tests.rs b/codex-rs/tools/src/tool_config_tests.rs index 1b4d789394a..7a4738772ca 100644 --- a/codex-rs/tools/src/tool_config_tests.rs +++ b/codex-rs/tools/src/tool_config_tests.rs @@ -39,11 +39,13 @@ fn model_with_shell_type(shell_type: ConfigShellToolType) -> ModelInfo { context_window: None, max_context_window: None, auto_compact_token_limit: None, + comp_hash: None, effective_context_window_percent: 95, experimental_supported_tools: Vec::new(), input_modalities: codex_protocol::openai_models::default_input_modalities(), used_fallback_model_metadata: false, supports_search_tool: false, + use_responses_lite: false, auto_review_model_override: None, tool_mode: None, multi_agent_version: None, diff --git a/codex-rs/tools/src/tool_discovery.rs b/codex-rs/tools/src/tool_discovery.rs index ac5aac904b7..2584d7f17ae 100644 --- a/codex-rs/tools/src/tool_discovery.rs +++ b/codex-rs/tools/src/tool_discovery.rs @@ -93,6 +93,7 @@ pub fn filter_request_plugin_install_discoverable_tools_for_client( #[derive(Clone, Debug, PartialEq, Eq)] pub struct DiscoverablePluginInfo { pub id: String, + pub remote_plugin_id: Option, pub name: String, pub description: Option, pub has_skills: bool, diff --git a/codex-rs/tools/src/tool_discovery_tests.rs b/codex-rs/tools/src/tool_discovery_tests.rs index 6e45260c0ec..5a3310057ca 100644 --- a/codex-rs/tools/src/tool_discovery_tests.rs +++ b/codex-rs/tools/src/tool_discovery_tests.rs @@ -37,6 +37,7 @@ fn filter_request_plugin_install_discoverable_tools_for_codex_tui_omits_plugins( })), DiscoverableTool::Plugin(Box::new(DiscoverablePluginInfo { id: "slack@openai-curated".to_string(), + remote_plugin_id: None, name: "Slack".to_string(), description: Some("Search Slack messages".to_string()), has_skills: true, diff --git a/codex-rs/tools/src/tool_executor.rs b/codex-rs/tools/src/tool_executor.rs index 541d2443e0c..294b361f09a 100644 --- a/codex-rs/tools/src/tool_executor.rs +++ b/codex-rs/tools/src/tool_executor.rs @@ -3,6 +3,12 @@ use crate::ToolName; use crate::ToolOutput; use crate::ToolSearchInfo; use crate::ToolSpec; +use std::future::Future; +use std::pin::Pin; + +/// The boxed future returned by [`ToolExecutor::handle`]. +pub type ToolExecutorFuture<'a> = + Pin, FunctionCallError>> + Send + 'a>>; /// Controls where a tool is exposed to the model. #[derive(Clone, Copy, Debug, Eq, PartialEq)] @@ -40,7 +46,6 @@ impl ToolExposure { /// Implementations keep the model-visible spec tied to the executable runtime. /// Host crates can layer routing, hooks, telemetry, or other orchestration on /// top without reopening the spec/runtime split. -#[async_trait::async_trait] pub trait ToolExecutor: Send + Sync { /// The concrete tool name handled by this runtime instance. fn tool_name(&self) -> ToolName; @@ -53,15 +58,12 @@ pub trait ToolExecutor: Send + Sync { fn search_info(&self) -> Option { let spec = self.spec(); - ToolSearchInfo::from_tool_spec(&self.tool_name(), spec, /*source_info*/ None) + ToolSearchInfo::from_tool_spec(spec, /*source_info*/ None) } fn supports_parallel_tool_calls(&self) -> bool { false } - async fn handle( - &self, - invocation: Invocation, - ) -> Result, FunctionCallError>; + fn handle(&self, invocation: Invocation) -> ToolExecutorFuture<'_>; } diff --git a/codex-rs/tools/src/tool_output.rs b/codex-rs/tools/src/tool_output.rs index b61bb80de86..f2eed18fac9 100644 --- a/codex-rs/tools/src/tool_output.rs +++ b/codex-rs/tools/src/tool_output.rs @@ -18,6 +18,12 @@ pub trait ToolOutput: Send { fn success_for_logging(&self) -> bool; + /// Whether this output contains external context that should disable memory generation when + /// `memories.disable_on_external_context` is enabled. + fn contains_external_context(&self) -> bool { + false + } + fn to_response_item(&self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem; /// Returns the tool call id exposed to `PostToolUse` hooks for this output. @@ -58,6 +64,10 @@ where (**self).success_for_logging() } + fn contains_external_context(&self) -> bool { + (**self).contains_external_context() + } + fn to_response_item(&self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem { (**self).to_response_item(call_id, payload) } @@ -83,6 +93,7 @@ where pub struct JsonToolOutput { value: JsonValue, success: Option, + contains_external_context: bool, } impl JsonToolOutput { @@ -90,11 +101,21 @@ impl JsonToolOutput { Self { value, success: Some(true), + contains_external_context: false, } } pub fn with_success(value: JsonValue, success: Option) -> Self { - Self { value, success } + Self { + value, + success, + contains_external_context: false, + } + } + + pub fn with_external_context(mut self) -> Self { + self.contains_external_context = true; + self } } @@ -107,6 +128,10 @@ impl ToolOutput for JsonToolOutput { self.success.unwrap_or(true) } + fn contains_external_context(&self) -> bool { + self.contains_external_context + } + fn to_response_item(&self, call_id: &str, payload: &ToolPayload) -> ResponseInputItem { let output = FunctionCallOutputPayload { body: FunctionCallOutputBody::Text(self.value.to_string()), diff --git a/codex-rs/tools/src/tool_search.rs b/codex-rs/tools/src/tool_search.rs index ecb5504d4f0..1083d9ea926 100644 --- a/codex-rs/tools/src/tool_search.rs +++ b/codex-rs/tools/src/tool_search.rs @@ -2,7 +2,6 @@ use crate::JsonSchema; use crate::LoadableToolSpec; use crate::ResponsesApiNamespaceTool; use crate::ResponsesApiTool; -use crate::ToolName; use crate::ToolSearchSourceInfo; use crate::ToolSpec; use crate::default_namespace_description; @@ -21,11 +20,10 @@ pub struct ToolSearchInfo { impl ToolSearchInfo { pub fn from_tool_spec( - tool_name: &ToolName, spec: ToolSpec, source_info: Option, ) -> Option { - let search_text = default_tool_search_text(tool_name, &spec); + let search_text = default_tool_search_text(&spec); Self::from_spec(search_text, spec, source_info) } @@ -67,13 +65,8 @@ impl ToolSearchInfo { } } -pub fn default_tool_search_text(tool_name: &ToolName, spec: &ToolSpec) -> String { +fn default_tool_search_text(spec: &ToolSpec) -> String { let mut parts = Vec::new(); - push_search_part(&mut parts, tool_name.to_string()); - push_search_part(&mut parts, tool_name.name.replace('_', " ")); - if let Some(namespace) = &tool_name.namespace { - push_search_part(&mut parts, namespace.clone()); - } match spec { ToolSpec::Function(tool) => append_function_search_text(tool, &mut parts), @@ -137,3 +130,7 @@ fn push_search_part(parts: &mut Vec, part: String) { parts.push(part.to_string()); } } + +#[cfg(test)] +#[path = "tool_search_tests.rs"] +mod tests; diff --git a/codex-rs/tools/src/tool_search_tests.rs b/codex-rs/tools/src/tool_search_tests.rs new file mode 100644 index 00000000000..bf910c57f10 --- /dev/null +++ b/codex-rs/tools/src/tool_search_tests.rs @@ -0,0 +1,48 @@ +use super::*; +use pretty_assertions::assert_eq; +use std::collections::BTreeMap; + +#[test] +fn default_search_text_uses_model_visible_namespace_metadata_once() { + let mut schedule_schema = JsonSchema::object( + BTreeMap::from([( + "timezone".to_string(), + JsonSchema::string(Some("IANA timezone.".to_string())), + )]), + /*required*/ None, + /*additional_properties*/ None, + ); + schedule_schema.description = Some("Schedule settings.".to_string()); + let mut parameters = JsonSchema::object( + BTreeMap::from([ + ( + "mode".to_string(), + JsonSchema::string(Some("Update mode.".to_string())), + ), + ("schedule".to_string(), schedule_schema), + ]), + /*required*/ None, + /*additional_properties*/ None, + ); + parameters.description = Some("Automation options.".to_string()); + let spec = ToolSpec::Namespace(crate::ResponsesApiNamespace { + name: "codex_app".to_string(), + description: "Manage Codex automations.".to_string(), + tools: vec![ResponsesApiNamespaceTool::Function(ResponsesApiTool { + name: "automation_update".to_string(), + description: "Create or update automations.".to_string(), + strict: false, + defer_loading: None, + parameters, + output_schema: None, + })], + }); + + let search_info = ToolSearchInfo::from_tool_spec(spec, /*source_info*/ None) + .expect("namespace should be searchable"); + + assert_eq!( + search_info.entry.search_text, + "codex_app Manage Codex automations. automation_update automation update Create or update automations. Automation options. mode Update mode. schedule Schedule settings. timezone IANA timezone." + ); +} diff --git a/codex-rs/tools/tests/fixtures/json_schema_policy/google_drive.json b/codex-rs/tools/tests/fixtures/json_schema_policy/google_drive.json index bf37296cc02..518038aee50 100644 --- a/codex-rs/tools/tests/fixtures/json_schema_policy/google_drive.json +++ b/codex-rs/tools/tests/fixtures/json_schema_policy/google_drive.json @@ -53,13 +53,18 @@ { "pointer": "/properties/title/description", "value": "Copied file title." + }, + { + "pointer": "/properties/file/oneOf/0/type", + "value": "string" + }, + { + "pointer": "/properties/metadata/allOf/0/properties/source/type", + "value": "string" } ], "expected_pruned": [], - "expected_dropped_fields": [ - "/properties/file/oneOf", - "/properties/metadata/allOf" - ] + "expected_dropped_fields": [] } ] } diff --git a/codex-rs/tui/Cargo.toml b/codex-rs/tui/Cargo.toml index 581f67bf94f..b4b1933f7c4 100644 --- a/codex-rs/tui/Cargo.toml +++ b/codex-rs/tui/Cargo.toml @@ -125,7 +125,7 @@ uuid = { workspace = true } codex-windows-sandbox = { workspace = true } tokio-util = { workspace = true, features = ["time"] } -[target.'cfg(not(target_os = "linux"))'.dependencies] +[target.'cfg(all(not(target_os = "linux"), not(target_os = "android")))'.dependencies] cpal = "0.15" [target.'cfg(unix)'.dependencies] diff --git a/codex-rs/tui/prompt_for_init_command.md b/codex-rs/tui/prompt_for_init_command.md index b8fd3886b3e..e96b002df79 100644 --- a/codex-rs/tui/prompt_for_init_command.md +++ b/codex-rs/tui/prompt_for_init_command.md @@ -1,4 +1,5 @@ Generate a file named AGENTS.md that serves as a contributor guide for this repository. +Before writing, check whether AGENTS.md already exists in the current working directory. If it does, do not overwrite or modify it. Your goal is to produce a clear, concise, and well-structured document with descriptive headings and actionable explanations for each section. Follow the outline below, but adapt as needed — add sections if relevant, and omit those that do not apply to this project. diff --git a/codex-rs/tui/src/app.rs b/codex-rs/tui/src/app.rs index b1245db3ec3..0df5b81d5eb 100644 --- a/codex-rs/tui/src/app.rs +++ b/codex-rs/tui/src/app.rs @@ -11,11 +11,13 @@ use crate::app_event::ExitMode; use crate::app_event::FeedbackCategory; use crate::app_event::HistoryLookupResponse; use crate::app_event::PermissionProfileSelection; +use crate::app_event::PluginLocation; use crate::app_event::RateLimitRefreshOrigin; use crate::app_event::RealtimeAudioDeviceKind; #[cfg(target_os = "windows")] use crate::app_event::WindowsSandboxEnableMode; use crate::app_event_sender::AppEventSender; +use crate::app_server_session::AppServerBootstrap; use crate::app_server_session::AppServerSession; use crate::app_server_session::AppServerStartedThread; use crate::app_server_session::TurnPermissionsOverride; @@ -35,8 +37,6 @@ use crate::cwd_prompt::CwdPromptAction; use crate::diff_render::DiffSummary; use crate::exec_command::split_command_string; use crate::exec_command::strip_bash_lc_and_escape; -use crate::external_agent_config_migration_startup::ExternalAgentConfigMigrationStartupOutcome; -use crate::external_agent_config_migration_startup::handle_external_agent_config_migration_prompt_if_needed; use crate::external_editor; use crate::file_search::FileSearchManager; use crate::history_cell; @@ -51,8 +51,6 @@ use crate::legacy_core::config::ConfigBuilder; use crate::legacy_core::config::ConfigOverrides; use crate::legacy_core::config::PermissionProfileSnapshot; use crate::legacy_core::config::edit::ConfigEditsBuilder; -#[cfg(target_os = "windows")] -use crate::legacy_core::windows_sandbox::WindowsSandboxLevelExt; use crate::model_catalog::ModelCatalog; use crate::model_migration::ModelMigrationOutcome; use crate::model_migration::migration_copy_for_models; @@ -61,6 +59,7 @@ use crate::multi_agents::agent_picker_status_dot_spans; use crate::multi_agents::format_agent_picker_item_name; use crate::multi_agents::next_agent_shortcut_matches; use crate::multi_agents::previous_agent_shortcut_matches; +use crate::multi_agents::sub_agent_activity_display; use crate::pager_overlay::Overlay; use crate::render::highlight::highlight_bash_to_lines; use crate::render::renderable::Renderable; @@ -129,6 +128,7 @@ use codex_app_server_protocol::Turn; use codex_app_server_protocol::TurnError as AppServerTurnError; use codex_app_server_protocol::TurnStatus; use codex_app_server_protocol::WriteStatus; +use codex_config::CloudConfigBundleLoader; use codex_config::ConfigLayerStackOrdering; use codex_config::LoaderOverrides; use codex_config::types::ApprovalsReviewer; @@ -196,6 +196,7 @@ use toml::Value as TomlValue; use uuid::Uuid; mod agent_message_consolidation; mod agent_navigation; +mod agent_status_feed; mod app_server_event_targets; mod app_server_events; pub(crate) mod app_server_requests; @@ -265,6 +266,20 @@ fn collab_receiver_thread_ids(notification: &ServerNotification) -> Option<&[Str } } +fn sub_agent_activity_item(notification: &ServerNotification) -> Option<&ThreadItem> { + match notification { + ServerNotification::ItemStarted(notification) => match ¬ification.item { + ThreadItem::SubAgentActivity { .. } => Some(¬ification.item), + _ => None, + }, + ServerNotification::ItemCompleted(notification) => match ¬ification.item { + ThreadItem::SubAgentActivity { .. } => Some(¬ification.item), + _ => None, + }, + _ => None, + } +} + fn collab_receiver_is_not_found( notification: &ServerNotification, receiver_thread_id: &str, @@ -382,7 +397,7 @@ const COMMIT_ANIMATION_TICK: Duration = tui::TARGET_FRAME_INTERVAL; pub struct AppExitInfo { pub token_usage: TokenUsage, pub thread_id: Option, - pub thread_name: Option, + pub resume_hint: Option, pub update_action: Option, pub exit_reason: ExitReason, } @@ -392,7 +407,7 @@ impl AppExitInfo { Self { token_usage: TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::Fatal(message.into()), } @@ -418,10 +433,7 @@ fn session_summary( rollout_path: Option<&Path>, ) -> Option { let usage_line = (!token_usage.is_zero()).then(|| token_usage.to_string()); - let resumable_thread = resumable_thread(thread_id, thread_name, rollout_path); - let resume_hint = resumable_thread.as_ref().and_then(|thread| { - codex_utils_cli::resume_hint(thread.thread_name.as_deref(), Some(thread.thread_id)) - }); + let resume_hint = resume_hint_for_resumable_thread(thread_id, thread_name, rollout_path); if usage_line.is_none() && resume_hint.is_none() { return None; @@ -452,6 +464,15 @@ fn resumable_thread( }) } +fn resume_hint_for_resumable_thread( + thread_id: Option, + thread_name: Option, + rollout_path: Option<&Path>, +) -> Option { + let thread = resumable_thread(thread_id, thread_name, rollout_path)?; + codex_utils_cli::resume_hint(thread.thread_name.as_deref(), Some(thread.thread_id)) +} + fn rollout_path_is_resumable(rollout_path: &Path) -> bool { std::fs::metadata(rollout_path).is_ok_and(|metadata| metadata.is_file() && metadata.len() > 0) } @@ -489,6 +510,7 @@ pub(crate) struct App { cli_kv_overrides: Vec<(String, TomlValue)>, harness_overrides: ConfigOverrides, loader_overrides: LoaderOverrides, + cloud_config_bundle: CloudConfigBundleLoader, runtime_approval_policy_override: Option, runtime_permission_profile_override: Option, @@ -512,6 +534,8 @@ pub(crate) struct App { status_line_invalid_items_warned: Arc, // Shared across ChatWidget instances so invalid terminal-title config warnings only emit once. terminal_title_invalid_items_warned: Arc, + // Tracks active skill-load warnings so refreshes do not duplicate history cells. + skill_load_warnings: SkillLoadWarningState, // Esc-backtracking state grouped pub(crate) backtrack: crate::app_backtrack::BacktrackState, @@ -677,6 +701,25 @@ fn archived_session_guidance(err: &color_eyre::eyre::Report) -> Option { Some(message.to_string()) } +fn active_turn_interrupt_race(error: &TypedRequestError) -> Option { + let TypedRequestError::Server { method, source } = error else { + return None; + }; + if method != "turn/interrupt" { + return None; + } + let mismatch_prefix = "expected active turn id "; + let mismatch_separator = " but found "; + Some( + source + .message + .strip_prefix(mismatch_prefix)? + .split_once(mismatch_separator)? + .1 + .to_string(), + ) +} + impl App { pub fn chatwidget_init_for_forked_or_resumed_thread( &self, @@ -717,16 +760,18 @@ impl App { cli_kv_overrides: Vec<(String, TomlValue)>, harness_overrides: ConfigOverrides, loader_overrides: LoaderOverrides, + cloud_config_bundle: CloudConfigBundleLoader, initial_prompt: Option, initial_images: Vec, session_selection: SessionSelection, feedback: codex_feedback::CodexFeedback, is_first_run: bool, - entered_trust_nux: bool, should_prompt_windows_sandbox_nux_at_startup: bool, app_server_target: AppServerTarget, state_db: Option, environment_manager: Arc, + startup_elapsed_before_app: Duration, + startup_bootstrap: Option, startup_hooks_browser: Option, ) -> Result { use tokio_stream::StreamExt; @@ -742,41 +787,11 @@ impl App { let harness_overrides = normalize_harness_overrides_for_cwd(harness_overrides, &config.cwd)?; - let external_agent_config_migration_outcome = - handle_external_agent_config_migration_prompt_if_needed( - tui, - &mut app_server, - &mut config, - &cli_kv_overrides, - &harness_overrides, - entered_trust_nux, - ) - .await?; - let external_agent_config_migration_message = match external_agent_config_migration_outcome - { - ExternalAgentConfigMigrationStartupOutcome::Continue { success_message } => { - success_message - } - ExternalAgentConfigMigrationStartupOutcome::ExitRequested => { - app_server - .shutdown() - .await - .inspect_err(|err| { - tracing::warn!("app-server shutdown failed: {err}"); - }) - .ok(); - return Ok(AppExitInfo { - token_usage: TokenUsage::default(), - thread_id: None, - thread_name: None, - update_action: None, - exit_reason: ExitReason::UserRequested, - }); - } + let bootstrap = match startup_bootstrap { + Some(bootstrap) => bootstrap, + None => app_server.bootstrap(&config).await?, }; - let bootstrap_started_at = Instant::now(); - let bootstrap = app_server.bootstrap(&config).await?; - let bootstrap_ms = bootstrap_started_at.elapsed().as_millis(); + let bootstrap_ms = bootstrap.duration.as_millis(); let mut model = bootstrap.default_model; let available_models = bootstrap.available_models; let remote_connection = crate::status::remote_connection::remote_connection_status_value( @@ -967,10 +982,6 @@ impl App { }; chat_widget.remote_connection = remote_connection; let thread_and_widget_ms = thread_and_widget_started_at.elapsed().as_millis(); - if let Some(message) = external_agent_config_migration_message { - chat_widget.add_info_message(message, /*hint*/ None); - } - chat_widget .maybe_prompt_windows_sandbox_enable(should_prompt_windows_sandbox_nux_at_startup); @@ -996,6 +1007,7 @@ See the Codex keymap documentation for supported actions and examples." cli_kv_overrides, harness_overrides, loader_overrides, + cloud_config_bundle, runtime_approval_policy_override: None, runtime_permission_profile_override: None, file_search, @@ -1010,6 +1022,7 @@ See the Codex keymap documentation for supported actions and examples." commit_anim_running: Arc::new(AtomicBool::new(false)), status_line_invalid_items_warned: status_line_invalid_items_warned.clone(), terminal_title_invalid_items_warned: terminal_title_invalid_items_warned.clone(), + skill_load_warnings: SkillLoadWarningState::default(), backtrack: BacktrackState::default(), backtrack_render_pending: false, feedback: feedback.clone(), @@ -1054,7 +1067,7 @@ See the Codex keymap documentation for supported actions and examples." #[cfg(target_os = "windows")] { let startup_permission_profile = app.config.permissions.effective_permission_profile(); - let should_check = WindowsSandboxLevel::from_config(&app.config) + let should_check = crate::windows_sandbox::level_from_config(&app.config) != WindowsSandboxLevel::Disabled && managed_filesystem_sandbox_is_restricted(&startup_permission_profile) && !app @@ -1085,7 +1098,7 @@ See the Codex keymap documentation for supported actions and examples." tui.frame_requester().schedule_frame(); tracing::info!( - duration_ms = %startup_started_at.elapsed().as_millis(), + duration_ms = %(startup_elapsed_before_app + startup_started_at.elapsed()).as_millis(), bootstrap_ms = %bootstrap_ms, runtime_model_provider_ms = %runtime_model_provider_ms, thread_and_widget_ms = %thread_and_widget_ms, @@ -1209,15 +1222,16 @@ See the Codex keymap documentation for supported actions and examples." return Err(err); } }; - let resumable_thread = resumable_thread( - app.chat_widget.thread_id(), + let thread_id = app.chat_widget.thread_id().or(app.primary_thread_id); + let resume_hint = resume_hint_for_resumable_thread( + thread_id, app.chat_widget.thread_name(), app.chat_widget.rollout_path().as_deref(), ); Ok(AppExitInfo { token_usage: app.token_usage(), - thread_id: resumable_thread.as_ref().map(|thread| thread.thread_id), - thread_name: resumable_thread.and_then(|thread| thread.thread_name), + thread_id, + resume_hint, update_action: app.pending_update_action, exit_reason, }) diff --git a/codex-rs/tui/src/app/agent_navigation.rs b/codex-rs/tui/src/app/agent_navigation.rs index db9e47c5bc8..e329de90aba 100644 --- a/codex-rs/tui/src/app/agent_navigation.rs +++ b/codex-rs/tui/src/app/agent_navigation.rs @@ -19,6 +19,7 @@ //! updated or marked closed. use crate::multi_agents::AgentPickerThreadEntry; +use crate::multi_agents::SubAgentActivityDisplay; use crate::multi_agents::format_agent_picker_item_name; use crate::multi_agents::next_agent_shortcut; use crate::multi_agents::previous_agent_shortcut; @@ -86,16 +87,56 @@ impl AgentNavigationState { if !self.threads.contains_key(&thread_id) { self.order.push(thread_id); } + let (previous_agent_path, previous_is_running) = self + .threads + .get(&thread_id) + .map(|entry| (entry.agent_path.clone(), entry.is_running)) + .unwrap_or((None, false)); self.threads.insert( thread_id, AgentPickerThreadEntry { agent_nickname, agent_role, + agent_path: previous_agent_path, + is_running: previous_is_running && !is_closed, is_closed, }, ); } + pub(crate) fn record_sub_agent_activity(&mut self, activity: SubAgentActivityDisplay) { + if !self.threads.contains_key(&activity.thread_id) { + self.order.push(activity.thread_id); + } + let entry = + self.threads + .entry(activity.thread_id) + .or_insert_with(|| AgentPickerThreadEntry { + agent_nickname: None, + agent_role: None, + agent_path: None, + is_running: false, + is_closed: false, + }); + entry.agent_path = Some(activity.agent_path); + entry.is_running = activity.is_running_hint; + entry.is_closed = false; + } + + pub(crate) fn set_running(&mut self, thread_id: ThreadId, is_running: bool) { + if let Some(entry) = self.threads.get_mut(&thread_id) { + entry.is_running = is_running; + } + } + + pub(crate) fn set_agent_path(&mut self, thread_id: ThreadId, agent_path: Option) { + if let Some(agent_path) = agent_path + && let Some(entry) = self.threads.get_mut(&thread_id) + { + entry.agent_path = Some(agent_path); + } + } + /// Marks a thread as closed without removing it from the traversal cache. /// /// Closed threads stay in the picker and in spawn order so users can still review them and so @@ -105,6 +146,7 @@ impl AgentNavigationState { pub(crate) fn mark_closed(&mut self, thread_id: ThreadId) { if let Some(entry) = self.threads.get_mut(&thread_id) { entry.is_closed = true; + entry.is_running = false; } else { self.upsert( thread_id, /*agent_nickname*/ None, /*agent_role*/ None, @@ -155,6 +197,22 @@ impl AgentNavigationState { .collect() } + pub(crate) fn ordered_path_backed_subagent_threads( + &self, + primary_thread_id: Option, + ) -> Vec<(ThreadId, &AgentPickerThreadEntry)> { + self.ordered_threads() + .into_iter() + .filter(|(thread_id, entry)| { + Some(*thread_id) != primary_thread_id + && entry + .agent_path + .as_deref() + .is_some_and(|agent_path| !agent_path.trim().is_empty()) + }) + .collect() + } + /// Returns tracked thread ids in the same stable order used by the picker. pub(crate) fn tracked_thread_ids(&self) -> Vec { self.ordered_threads() @@ -217,6 +275,14 @@ impl AgentNavigationState { self.threads .get(&thread_id) .map(|entry| { + if !is_primary + && let Some(agent_path) = entry + .agent_path + .as_deref() + .filter(|agent_path| !agent_path.trim().is_empty()) + { + return format!("`{agent_path}`"); + } format_agent_picker_item_name( entry.agent_nickname.as_deref(), entry.agent_role.as_deref(), diff --git a/codex-rs/tui/src/app/agent_status_feed.rs b/codex-rs/tui/src/app/agent_status_feed.rs new file mode 100644 index 00000000000..baeb2d08070 --- /dev/null +++ b/codex-rs/tui/src/app/agent_status_feed.rs @@ -0,0 +1,209 @@ +//! Bounded, best-effort previews for the v2 `/agent` status output. + +use super::ThreadBufferedEvent; +use super::ThreadEventStore; +use crate::history_cell::HistoryCell; +use crate::history_cell::plain_lines; +use crate::text_formatting::truncate_text; +use codex_app_server_protocol::CollabAgentTool; +use codex_app_server_protocol::ServerNotification; +use codex_app_server_protocol::SubAgentActivityKind; +use codex_app_server_protocol::ThreadItem; +use ratatui::style::Stylize; +use ratatui::text::Line; +use std::collections::HashSet; + +const AGENT_STATUS_PREVIEW_LINES: usize = 3; +const AGENT_STATUS_PREVIEW_ITEMS: usize = 6; +const AGENT_STATUS_PREVIEW_GRAPHEMES: usize = 240; +const AGENT_STATUS_PREVIEW_INDENT: u16 = 4; + +#[derive(Debug)] +pub(super) struct AgentStatusHistoryCell { + entries: Vec, +} + +impl AgentStatusHistoryCell { + pub(super) fn new(entries: Vec) -> Self { + Self { entries } + } +} + +impl HistoryCell for AgentStatusHistoryCell { + fn display_lines(&self, width: u16) -> Vec> { + let mut lines: Vec> = vec![ + "/agent".magenta().into(), + "Sub-agents running".bold().into(), + "".into(), + ]; + + if self.entries.is_empty() { + lines.push(" • No sub-agents running.".italic().into()); + return lines; + } + + for entry in &self.entries { + lines.push(entry.title_line()); + let preview_width = width.saturating_sub(AGENT_STATUS_PREVIEW_INDENT).max(1); + let preview_lines = entry.preview_lines(preview_width); + if preview_lines.is_empty() { + lines.push(vec![" ".into(), "No recent activity yet.".dim().italic()].into()); + } else { + lines.extend(preview_lines.into_iter().map(indent_preview_line)); + } + lines.push("".into()); + } + let _ = lines.pop(); + lines + } + + fn raw_lines(&self) -> Vec> { + plain_lines(self.display_lines(u16::MAX)) + } +} + +#[derive(Debug)] +pub(super) struct AgentStatusThreadPreview { + agent_path: String, + activity: Vec, +} + +impl AgentStatusThreadPreview { + pub(super) fn from_store(agent_path: String, store: &ThreadEventStore) -> Self { + Self::from_events(agent_path, store.buffer.iter().rev()) + } + + pub(super) fn empty(agent_path: String) -> Self { + Self::from_events(agent_path, std::iter::empty()) + } + + fn from_events<'a>( + agent_path: String, + events: impl Iterator, + ) -> Self { + let mut seen_item_ids = HashSet::new(); + let mut activity = Vec::new(); + for event in events { + let item = match event { + ThreadBufferedEvent::Notification(ServerNotification::ItemCompleted(event)) => { + &event.item + } + ThreadBufferedEvent::Notification(ServerNotification::ItemStarted(event)) => { + &event.item + } + ThreadBufferedEvent::Notification(_) + | ThreadBufferedEvent::Request(_) + | ThreadBufferedEvent::HistoryEntryResponse(_) + | ThreadBufferedEvent::FeedbackSubmission(_) => continue, + }; + if !seen_item_ids.insert(item.id().to_string()) { + continue; + } + if let Some(summary) = activity_summary(item) { + activity.push(summary); + if activity.len() == AGENT_STATUS_PREVIEW_ITEMS { + break; + } + } + } + activity.reverse(); + Self { + agent_path, + activity, + } + } + + fn title_line(&self) -> Line<'static> { + vec![" • ".dim(), format!("`{}`", self.agent_path).cyan()].into() + } + + fn preview_lines(&self, width: u16) -> Vec> { + let mut lines = self + .activity + .iter() + .flat_map(|activity| textwrap::wrap(activity, width as usize)) + .filter(|line| !line.trim().is_empty()) + .map(|line| line.into_owned().dim().into()) + .collect::>(); + if lines.len() > AGENT_STATUS_PREVIEW_LINES { + lines.drain(..lines.len() - AGENT_STATUS_PREVIEW_LINES); + } + lines + } +} + +fn activity_summary(item: &ThreadItem) -> Option { + let summary = match item { + ThreadItem::AgentMessage { text, .. } | ThreadItem::Plan { text, .. } => text, + ThreadItem::Reasoning { summary, .. } => summary.last()?, + ThreadItem::CommandExecution { command, .. } => { + let command = truncate_text( + command, + AGENT_STATUS_PREVIEW_GRAPHEMES.saturating_sub("$ ".len()), + ); + return bounded_summary(&format!("$ {command}")); + } + ThreadItem::FileChange { changes, .. } => { + return bounded_summary(&format!("Updated {} file(s)", changes.len())); + } + ThreadItem::McpToolCall { server, tool, .. } => { + return bounded_summary(&format!("MCP {server}/{tool}")); + } + ThreadItem::DynamicToolCall { + namespace, tool, .. + } => { + let tool = namespace + .as_ref() + .map(|namespace| format!("{namespace}/{tool}")) + .unwrap_or_else(|| tool.clone()); + return bounded_summary(&format!("Tool {tool}")); + } + ThreadItem::CollabAgentToolCall { tool, .. } => { + let action = match tool { + CollabAgentTool::SpawnAgent => "Spawned an agent", + CollabAgentTool::SendInput => "Sent input to an agent", + CollabAgentTool::ResumeAgent => "Resumed an agent", + CollabAgentTool::Wait => "Waited for an agent", + CollabAgentTool::CloseAgent => "Closed an agent", + }; + return Some(action.to_string()); + } + ThreadItem::SubAgentActivity { + kind, agent_path, .. + } => { + let action = match kind { + SubAgentActivityKind::Started => "Started", + SubAgentActivityKind::Interacted => "Contacted", + SubAgentActivityKind::Interrupted => "Interrupted", + }; + return bounded_summary(&format!("{action} {agent_path}")); + } + ThreadItem::WebSearch { query, .. } => { + return bounded_summary(&format!("Web search: {query}")); + } + ThreadItem::ImageView { path, .. } => { + return bounded_summary(&format!("Viewed {}", path.display())); + } + ThreadItem::ImageGeneration { .. } => return Some("Generated an image".to_string()), + ThreadItem::EnteredReviewMode { .. } => return Some("Entered review mode".to_string()), + ThreadItem::ExitedReviewMode { .. } => return Some("Exited review mode".to_string()), + ThreadItem::ContextCompaction { .. } => return Some("Compacted context".to_string()), + ThreadItem::UserMessage { .. } | ThreadItem::HookPrompt { .. } => return None, + }; + bounded_summary(summary) +} + +fn bounded_summary(summary: &str) -> Option { + let summary = truncate_text(summary, AGENT_STATUS_PREVIEW_GRAPHEMES); + let summary = summary.split_whitespace().collect::>().join(" "); + (!summary.is_empty()).then_some(summary) +} + +fn indent_preview_line(mut line: Line<'static>) -> Line<'static> { + line.spans.insert(0, " ".into()); + line +} + +#[cfg(test)] +#[path = "agent_status_feed_tests.rs"] +mod tests; diff --git a/codex-rs/tui/src/app/agent_status_feed_tests.rs b/codex-rs/tui/src/app/agent_status_feed_tests.rs new file mode 100644 index 00000000000..5b8bc4b59b1 --- /dev/null +++ b/codex-rs/tui/src/app/agent_status_feed_tests.rs @@ -0,0 +1,109 @@ +use super::*; +use codex_app_server_protocol::CommandExecutionSource; +use codex_app_server_protocol::CommandExecutionStatus; +use codex_app_server_protocol::ItemCompletedNotification; +use codex_utils_absolute_path::AbsolutePathBuf; + +#[test] +fn agent_status_uses_bounded_buffered_activity() { + let mut store = ThreadEventStore::new(/*capacity*/ 8); + store.push_notification(ServerNotification::ItemCompleted( + ItemCompletedNotification { + item: ThreadItem::CommandExecution { + id: "command-1".to_string(), + command: "cargo test -p codex-tui".to_string(), + cwd: AbsolutePathBuf::try_from("/workspace").expect("absolute path"), + process_id: None, + source: CommandExecutionSource::Agent, + status: CommandExecutionStatus::Completed, + command_actions: Vec::new(), + aggregated_output: Some("unbounded output\n".repeat(10_000)), + exit_code: Some(0), + duration_ms: Some(42), + }, + thread_id: "thread-child".to_string(), + turn_id: "turn-1".to_string(), + completed_at_ms: 1, + }, + )); + store.push_notification(ServerNotification::ItemCompleted( + ItemCompletedNotification { + item: ThreadItem::AgentMessage { + id: "message-1".to_string(), + text: "Finished checking the focused TUI tests.".to_string(), + phase: None, + memory_citation: None, + }, + thread_id: "thread-child".to_string(), + turn_id: "turn-1".to_string(), + completed_at_ms: 2, + }, + )); + + let preview = AgentStatusThreadPreview::from_store("/root/reviewer".to_string(), &store); + let cell = AgentStatusHistoryCell::new(vec![preview]); + let rendered = cell + .display_lines(/*width*/ 80) + .iter() + .map(ToString::to_string) + .collect::>() + .join("\n"); + + insta::assert_snapshot!(rendered, @r###" + /agent + Sub-agents running + + • `/root/reviewer` + $ cargo test -p codex-tui + Finished checking the focused TUI tests. + "###); + assert!(!rendered.contains("unbounded output")); +} + +#[test] +fn agent_status_uses_reasoning_summaries_only() { + let mut store = ThreadEventStore::new(/*capacity*/ 8); + store.push_notification(ServerNotification::ItemCompleted( + ItemCompletedNotification { + item: ThreadItem::Reasoning { + id: "reasoning-with-summary".to_string(), + summary: vec!["safe summary".to_string()], + content: vec!["hidden raw reasoning".to_string()], + }, + thread_id: "thread-child".to_string(), + turn_id: "turn-1".to_string(), + completed_at_ms: 1, + }, + )); + store.push_notification(ServerNotification::ItemCompleted( + ItemCompletedNotification { + item: ThreadItem::Reasoning { + id: "reasoning-without-summary".to_string(), + summary: Vec::new(), + content: vec!["raw-only reasoning".to_string()], + }, + thread_id: "thread-child".to_string(), + turn_id: "turn-1".to_string(), + completed_at_ms: 2, + }, + )); + + let preview = AgentStatusThreadPreview::from_store("/root/reviewer".to_string(), &store); + let cell = AgentStatusHistoryCell::new(vec![preview]); + let rendered = cell + .display_lines(/*width*/ 80) + .iter() + .map(ToString::to_string) + .collect::>() + .join("\n"); + + insta::assert_snapshot!(rendered, @r###" + /agent + Sub-agents running + + • `/root/reviewer` + safe summary + "###); + assert!(!rendered.contains("hidden raw reasoning")); + assert!(!rendered.contains("raw-only reasoning")); +} diff --git a/codex-rs/tui/src/app/app_server_event_targets.rs b/codex-rs/tui/src/app/app_server_event_targets.rs index 0b2143b429b..fa2bab01115 100644 --- a/codex-rs/tui/src/app/app_server_event_targets.rs +++ b/codex-rs/tui/src/app/app_server_event_targets.rs @@ -35,6 +35,7 @@ pub(super) fn server_request_thread_id(request: &ServerRequest) -> Option Some(notification.thread_id.as_str()), + ServerNotification::ThreadDeleted(notification) => Some(notification.thread_id.as_str()), ServerNotification::ThreadUnarchived(notification) => Some(notification.thread_id.as_str()), ServerNotification::ThreadClosed(notification) => Some(notification.thread_id.as_str()), ServerNotification::ThreadNameUpdated(notification) => { @@ -118,6 +120,9 @@ pub(super) fn server_notification_thread_target( ServerNotification::ModelVerification(notification) => { Some(notification.thread_id.as_str()) } + ServerNotification::TurnModerationMetadata(notification) => { + Some(notification.thread_id.as_str()) + } ServerNotification::ThreadRealtimeStarted(notification) => { Some(notification.thread_id.as_str()) } @@ -144,8 +149,13 @@ pub(super) fn server_notification_thread_target( } ServerNotification::Warning(notification) => notification.thread_id.as_deref(), ServerNotification::GuardianWarning(notification) => Some(notification.thread_id.as_str()), + ServerNotification::McpServerStatusUpdated(notification) => { + match notification.thread_id.as_deref() { + Some(thread_id) => Some(thread_id), + None => return ServerNotificationThreadTarget::AppScoped, + } + } ServerNotification::SkillsChanged(_) - | ServerNotification::McpServerStatusUpdated(_) | ServerNotification::McpServerOauthLoginCompleted(_) | ServerNotification::AccountUpdated(_) | ServerNotification::AccountRateLimitsUpdated(_) @@ -181,6 +191,8 @@ mod tests { use crate::test_support::PathBufExt; use crate::test_support::test_path_buf; use codex_app_server_protocol::GuardianWarningNotification; + use codex_app_server_protocol::McpServerStartupState; + use codex_app_server_protocol::McpServerStatusUpdatedNotification; use codex_app_server_protocol::ServerNotification; use codex_app_server_protocol::ThreadSettings; use codex_app_server_protocol::ThreadSettingsUpdatedNotification; @@ -256,6 +268,37 @@ mod tests { assert_eq!(target, ServerNotificationThreadTarget::Thread(thread_id)); } + #[test] + fn mcp_startup_notifications_route_to_threads() { + let thread_id = ThreadId::new(); + let notification = + ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: Some(thread_id.to_string()), + name: "sentry".to_string(), + status: McpServerStartupState::Failed, + error: Some("sentry is not logged in".to_string()), + }); + + let target = server_notification_thread_target(¬ification); + + assert_eq!(target, ServerNotificationThreadTarget::Thread(thread_id)); + } + + #[test] + fn mcp_startup_notifications_without_threads_are_app_scoped() { + let notification = + ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: None, + name: "sentry".to_string(), + status: McpServerStartupState::Failed, + error: Some("sentry is not logged in".to_string()), + }); + + let target = server_notification_thread_target(¬ification); + + assert_eq!(target, ServerNotificationThreadTarget::AppScoped); + } + #[test] fn thread_settings_updated_notifications_route_to_threads() { let thread_id = ThreadId::new(); diff --git a/codex-rs/tui/src/app/app_server_events.rs b/codex-rs/tui/src/app/app_server_events.rs index 4aeba59aab2..6f6940c0675 100644 --- a/codex-rs/tui/src/app/app_server_events.rs +++ b/codex-rs/tui/src/app/app_server_events.rs @@ -15,10 +15,9 @@ use codex_app_server_protocol::ServerNotification; use codex_app_server_protocol::ServerRequest; impl App { - fn refresh_mcp_startup_expected_servers_from_config(&mut self) { + pub(super) fn refresh_mcp_startup_expected_servers_from_config(&mut self) { let enabled_config_mcp_servers: Vec = self - .chat_widget - .config_ref() + .config .mcp_servers .get() .iter() @@ -87,24 +86,32 @@ impl App { notification.plan_type, ), notification.plan_type, - matches!( - notification.auth_mode, - Some(AuthMode::Chatgpt) | Some(AuthMode::ChatgptAuthTokens) - ), + notification + .auth_mode + .is_some_and(AuthMode::has_chatgpt_account), ); return; } ServerNotification::ExternalAgentConfigImportCompleted(_) => { - let cwd = self.chat_widget.config_ref().cwd.to_path_buf(); + let should_report_completion = + app_server_client.consume_external_agent_config_import_completion(); if let Err(err) = self.refresh_in_memory_config_from_disk().await { tracing::warn!( error = %err, "failed to refresh config after external agent config import" ); } + let cwd = self.chat_widget.config_ref().cwd.to_path_buf(); self.chat_widget.refresh_plugin_mentions(); self.chat_widget.submit_op(AppCommand::reload_user_config()); self.fetch_plugins_list(app_server_client, cwd); + if should_report_completion { + self.chat_widget.add_info_message( + crate::external_agent_config_migration_flow::EXTERNAL_AGENT_CONFIG_MIGRATION_FINISHED_MESSAGE + .to_string(), + /*hint*/ None, + ); + } return; } ServerNotification::AppListUpdated(notification) => { @@ -142,6 +149,12 @@ impl App { ); return; } + ServerNotificationThreadTarget::AppScoped => { + tracing::debug!( + "ignoring app-scoped MCP startup notification without a TUI app-level target" + ); + return; + } ServerNotificationThreadTarget::Global => {} } diff --git a/codex-rs/tui/src/app/background_requests.rs b/codex-rs/tui/src/app/background_requests.rs index d90f511d6f9..a69d9874477 100644 --- a/codex-rs/tui/src/app/background_requests.rs +++ b/codex-rs/tui/src/app/background_requests.rs @@ -7,6 +7,7 @@ use super::plugin_mentions::fetch_plugin_mentions; use super::*; use crate::app_event::ConnectorsSnapshot; +use crate::config_update::format_config_error; use codex_app_server_protocol::AppsListParams; use codex_app_server_protocol::AppsListResponse; use codex_app_server_protocol::MarketplaceAddParams; @@ -240,7 +241,7 @@ impl App { &mut self, app_server: &AppServerSession, cwd: PathBuf, - marketplace_path: AbsolutePathBuf, + location: PluginLocation, plugin_name: String, plugin_display_name: String, ) { @@ -248,14 +249,14 @@ impl App { let app_event_tx = self.app_event_tx.clone(); tokio::spawn(async move { let cwd_for_event = cwd.clone(); - let marketplace_path_for_event = marketplace_path.clone(); + let location_for_event = location.clone(); let plugin_name_for_event = plugin_name.clone(); - let result = fetch_plugin_install(request_handle, marketplace_path, plugin_name) + let result = fetch_plugin_install(request_handle, location, plugin_name) .await .map_err(|err| format!("Failed to install plugin: {err}")); app_event_tx.send(AppEvent::PluginInstallLoaded { cwd: cwd_for_event, - marketplace_path: marketplace_path_for_event, + location: location_for_event, plugin_name: plugin_name_for_event, plugin_display_name, result, @@ -357,7 +358,12 @@ impl App { let result = write_hook_enabled(request_handle, key, enabled) .await .map(|_| ()) - .map_err(|err| format!("Failed to update hook config: {err}")); + .map_err(|err| { + format!( + "Failed to update hook config: {}", + format_config_error(&err) + ) + }); app_event_tx.send(AppEvent::HookEnabledSet { key: key_for_event, enabled, @@ -378,7 +384,7 @@ impl App { let result = write_hook_trust(request_handle, key, current_hash) .await .map(|_| ()) - .map_err(|err| format!("Failed to trust hook: {err}")); + .map_err(|err| format!("Failed to trust hook: {}", format_config_error(&err))); app_event_tx.send(AppEvent::HookTrusted { result }); }); } @@ -394,7 +400,7 @@ impl App { let result = write_hook_trusts(request_handle, updates) .await .map(|_| ()) - .map_err(|err| format!("Failed to trust hooks: {err}")); + .map_err(|err| format!("Failed to trust hooks: {}", format_config_error(&err))); app_event_tx.send(AppEvent::HookTrusted { result }); }); } @@ -829,16 +835,17 @@ pub(super) async fn fetch_marketplace_upgrade( } pub(super) async fn fetch_plugin_install( request_handle: AppServerRequestHandle, - marketplace_path: AbsolutePathBuf, + location: PluginLocation, plugin_name: String, ) -> Result { let request_id = RequestId::String(format!("plugin-install-{}", Uuid::new_v4())); + let (marketplace_path, remote_marketplace_name) = location.into_request_params(); request_handle .request_typed(ClientRequest::PluginInstall { request_id, params: PluginInstallParams { - marketplace_path: Some(marketplace_path), - remote_marketplace_name: None, + marketplace_path, + remote_marketplace_name, plugin_name, }, }) @@ -1056,6 +1063,26 @@ mod tests { ); } + #[test] + fn plugin_location_request_params_select_exactly_one_location() { + let local_path = test_absolute_path("/marketplaces/local"); + + assert_eq!( + PluginLocation::Local { + marketplace_path: local_path.clone() + } + .into_request_params(), + (Some(local_path), None) + ); + assert_eq!( + PluginLocation::Remote { + marketplace_name: "workspace-directory".to_string() + } + .into_request_params(), + (None, Some("workspace-directory".to_string())) + ); + } + #[test] fn mcp_inventory_maps_prefix_tool_names_by_server() { let statuses = vec![ diff --git a/codex-rs/tui/src/app/config_persistence.rs b/codex-rs/tui/src/app/config_persistence.rs index ec72c5974af..80ed84d01ed 100644 --- a/codex-rs/tui/src/app/config_persistence.rs +++ b/codex-rs/tui/src/app/config_persistence.rs @@ -34,7 +34,8 @@ impl App { .codex_home(self.config.codex_home.to_path_buf()) .cli_overrides(self.cli_kv_overrides.clone()) .harness_overrides(overrides) - .loader_overrides(self.loader_overrides.clone()); + .loader_overrides(self.loader_overrides.clone()) + .cloud_config_bundle(self.cloud_config_bundle.clone()); build_config_on_runtime_worker( builder, format!("Failed to rebuild config for cwd {cwd_display}"), @@ -55,7 +56,8 @@ impl App { .codex_home(self.config.codex_home.to_path_buf()) .cli_overrides(self.cli_kv_overrides.clone()) .harness_overrides(overrides) - .loader_overrides(self.loader_overrides.clone()); + .loader_overrides(self.loader_overrides.clone()) + .cloud_config_bundle(self.cloud_config_bundle.clone()); build_config_on_runtime_worker( builder, format!("Failed to rebuild config for permission profile {profile_id}"), @@ -482,9 +484,10 @@ impl App { { Ok(response) => response, Err(err) => { - tracing::error!(error = %err, "failed to persist feature flags"); + let error = crate::config_update::format_config_error(&err); + tracing::error!(error = %error, "failed to persist feature flags"); self.chat_widget - .add_error_message(format!("Failed to update experimental features: {err}")); + .add_error_message(format!("Failed to update experimental features: {error}")); return; } }; @@ -712,21 +715,17 @@ impl App { .add_info_message("Reset local memories.".to_string(), /*hint*/ None); } - pub(super) fn reasoning_label(reasoning_effort: Option) -> &'static str { + pub(super) fn reasoning_label(reasoning_effort: Option<&ReasoningEffortConfig>) -> String { match reasoning_effort { - Some(ReasoningEffortConfig::Minimal) => "minimal", - Some(ReasoningEffortConfig::Low) => "low", - Some(ReasoningEffortConfig::Medium) => "medium", - Some(ReasoningEffortConfig::High) => "high", - Some(ReasoningEffortConfig::XHigh) => "xhigh", - None | Some(ReasoningEffortConfig::None) => "default", + None | Some(ReasoningEffortConfig::None) => "default".to_string(), + Some(reasoning_effort) => reasoning_effort.as_str().to_string(), } } pub(super) fn reasoning_label_for( model: &str, - reasoning_effort: Option, - ) -> Option<&'static str> { + reasoning_effort: Option<&ReasoningEffortConfig>, + ) -> Option { (!model.starts_with("codex-auto-")).then(|| Self::reasoning_label(reasoning_effort)) } @@ -737,7 +736,7 @@ impl App { pub(super) fn on_update_reasoning_effort(&mut self, effort: Option) { // TODO(aibrahim): Remove this and don't use config as a state object. // Instead, explicitly pass the stored collaboration mode's effort into new sessions. - self.config.model_reasoning_effort = effort; + self.config.model_reasoning_effort = effort.clone(); self.chat_widget.set_reasoning_effort(effort); } @@ -965,7 +964,7 @@ impl App { fn propagate_windows_sandbox_turn_context(&self) { #[cfg(target_os = "windows")] { - let windows_sandbox_level = WindowsSandboxLevel::from_config(&self.config); + let windows_sandbox_level = crate::windows_sandbox::level_from_config(&self.config); self.app_event_tx .send(AppEvent::CodexOp(AppCommand::override_turn_context( /*cwd*/ None, @@ -1126,6 +1125,66 @@ mod tests { Ok(()) } + // Regression coverage for `/new` and `/clear`: cloud requirements + // must survive the config refresh that runs before thread transitions. + #[tokio::test] + async fn refresh_in_memory_config_from_disk_keeps_cloud_requirements_for_thread_transitions() + -> Result<()> { + let mut app = make_test_app().await; + let codex_home = tempdir()?; + let required_policy = codex_protocol::protocol::AskForApproval::Never; + let cloud_config_bundle = + codex_config::test_support::CloudConfigBundleFixture::loader_with_enterprise_requirement( + r#"allowed_approval_policies = ["never"]"#, + ); + + let config = ConfigBuilder::default() + .codex_home(codex_home.path().to_path_buf()) + .loader_overrides(LoaderOverrides::without_managed_config_for_tests()) + .cloud_config_bundle(cloud_config_bundle.clone()) + .build() + .await?; + app.config = config; + app.cloud_config_bundle = cloud_config_bundle; + let app_id = "unit_test_cloud_requirements_reload_marker"; + std::fs::write( + codex_home.path().join("config.toml"), + format!( + r#" +[apps.{app_id}] +enabled = false +"# + ), + )?; + + let assert_cloud_requirements = |app: &App| { + let config = app.fresh_session_config(); + assert_eq!( + config + .config_layer_stack + .requirements_toml() + .allowed_approval_policies + .clone(), + Some(vec![required_policy]) + ); + assert_eq!(config.permissions.approval_policy.value(), required_policy); + }; + + assert_cloud_requirements(&app); + assert_eq!(app_enabled_in_effective_config(&app.config, app_id), None); + + // This is the fallible reload that the best-effort `/new`, `/clear`, + // `/fork`, side-conversation, and session-picker paths wrap. + app.refresh_in_memory_config_from_disk().await?; + + assert_eq!( + app_enabled_in_effective_config(&app.config, app_id), + Some(false) + ); + assert_cloud_requirements(&app); + Ok(()) + } + #[tokio::test] async fn refresh_in_memory_config_from_disk_best_effort_keeps_current_config_on_error() -> Result<()> { diff --git a/codex-rs/tui/src/app/event_dispatch.rs b/codex-rs/tui/src/app/event_dispatch.rs index b4dfb93fb7f..48ad956789e 100644 --- a/codex-rs/tui/src/app/event_dispatch.rs +++ b/codex-rs/tui/src/app/event_dispatch.rs @@ -5,6 +5,8 @@ use super::resize_reflow::trailing_run_start; use super::*; +use crate::config_update::format_config_error; +use crate::external_agent_config_migration_flow::ExternalAgentConfigMigrationFlowOutcome; #[cfg(target_os = "windows")] use codex_config::types::WindowsSandboxModeToml; @@ -109,6 +111,31 @@ impl App { // Leaving alt-screen may blank the inline viewport; force a redraw either way. tui.frame_requester().schedule_frame(); } + AppEvent::OpenExternalAgentConfigMigration => { + match crate::external_agent_config_migration_flow::handle_external_agent_config_migration_prompt( + tui, + app_server, + &self.config, + ) + .await + { + Ok(ExternalAgentConfigMigrationFlowOutcome::Started(message)) => { + self.chat_widget.add_info_message(message, /*hint*/ None); + } + Ok(ExternalAgentConfigMigrationFlowOutcome::NoItems) => { + self.chat_widget.add_info_message( + crate::external_agent_config_migration_flow::EXTERNAL_AGENT_CONFIG_MIGRATION_NO_ITEMS_MESSAGE + .to_string(), + /*hint*/ None, + ); + } + Ok(ExternalAgentConfigMigrationFlowOutcome::Cancelled) => {} + Err(error_message) => { + self.chat_widget.add_error_message(error_message); + } + } + tui.frame_requester().schedule_frame(); + } AppEvent::ResumeSessionByIdOrName(id_or_name) => { match crate::lookup_session_target_with_app_server(app_server, &id_or_name).await? { Some(target_session) => { @@ -126,6 +153,9 @@ impl App { AppEvent::ArchiveCurrentThread => { return Ok(self.archive_current_thread(app_server).await); } + AppEvent::DeleteCurrentThread => { + return Ok(self.delete_current_thread(app_server).await); + } AppEvent::ForkCurrentSession => { self.session_telemetry.counter( "codex.thread.fork", @@ -572,14 +602,14 @@ impl App { } AppEvent::FetchPluginInstall { cwd, - marketplace_path, + location, plugin_name, plugin_display_name, } => { self.fetch_plugin_install( app_server, cwd, - marketplace_path, + location, plugin_name, plugin_display_name, ); @@ -600,7 +630,7 @@ impl App { } AppEvent::PluginInstallLoaded { cwd, - marketplace_path, + location, plugin_name, plugin_display_name, result, @@ -611,7 +641,7 @@ impl App { } let should_refresh_plugin_detail = self.chat_widget.on_plugin_install_loaded( cwd.clone(), - marketplace_path.clone(), + location.clone(), plugin_name.clone(), plugin_display_name, result, @@ -620,12 +650,14 @@ impl App { { self.fetch_plugins_list(app_server, cwd.clone()); if should_refresh_plugin_detail { + let (marketplace_path, remote_marketplace_name) = + location.into_request_params(); self.fetch_plugin_detail( app_server, cwd, PluginReadParams { - marketplace_path: Some(marketplace_path), - remote_marketplace_name: None, + marketplace_path, + remote_marketplace_name, plugin_name, }, ); @@ -750,7 +782,7 @@ impl App { self.chat_widget.on_connectors_loaded(result, is_final); } AppEvent::UpdateReasoningEffort(effort) => { - self.on_update_reasoning_effort(effort); + self.on_update_reasoning_effort(effort.clone()); self.sync_active_thread_reasoning_setting(app_server, effort) .await; } @@ -917,9 +949,7 @@ impl App { // If the elevated setup already ran on this machine, don't prompt for // elevation again - just flip the config to use the elevated path. - if crate::legacy_core::windows_sandbox::sandbox_setup_is_complete( - codex_home.as_path(), - ) { + if crate::windows_sandbox::sandbox_setup_is_complete(codex_home.as_path()) { tx.send(AppEvent::EnableWindowsSandboxForAgentMode { preset, mode: WindowsSandboxEnableMode::Elevated, @@ -932,7 +962,7 @@ impl App { self.windows_sandbox.setup_started_at = Some(Instant::now()); let session_telemetry = self.session_telemetry.clone(); tokio::task::spawn_blocking(move || { - let result = crate::legacy_core::windows_sandbox::run_elevated_setup( + let result = crate::windows_sandbox::run_elevated_setup( &permission_profile, workspace_roots.as_slice(), command_cwd.as_path(), @@ -956,9 +986,7 @@ impl App { let mut code_tag: Option = None; let mut message_tag: Option = None; if let Some((code, message)) = - crate::legacy_core::windows_sandbox::elevated_setup_failure_details( - &err, - ) + crate::windows_sandbox::elevated_setup_failure_details(&err) { code_tag = Some(code); message_tag = Some(message); @@ -971,7 +999,7 @@ impl App { tags.push(("message", message)); } session_telemetry.counter( - crate::legacy_core::windows_sandbox::elevated_setup_failure_metric_name( + crate::windows_sandbox::elevated_setup_failure_metric_name( &err, ), /*inc*/ 1, @@ -1042,12 +1070,12 @@ impl App { self.chat_widget.show_windows_sandbox_setup_status(); tokio::task::spawn_blocking(move || { if let Err(err) = - crate::legacy_core::windows_sandbox::run_legacy_setup_preflight( + codex_windows_sandbox::run_windows_sandbox_legacy_preflight( &permission_profile, workspace_roots.as_slice(), + codex_home.as_path(), command_cwd.as_path(), &env_map, - codex_home.as_path(), ) { session_telemetry.counter( @@ -1091,7 +1119,7 @@ impl App { tokio::task::spawn_blocking(move || { let requested_path = PathBuf::from(path); - let event = match crate::legacy_core::grant_read_root_non_elevated( + let event = match crate::windows_sandbox::grant_read_root_non_elevated( &permission_profile, workspace_roots.as_slice(), command_cwd.as_path(), @@ -1187,7 +1215,7 @@ impl App { self.config.permissions.windows_sandbox_mode, ); let windows_sandbox_level = - WindowsSandboxLevel::from_config(&self.config); + crate::windows_sandbox::level_from_config(&self.config); if let Some((sample_paths, extra_count, failed_scan)) = self.chat_widget.world_writable_warning_details() { @@ -1300,29 +1328,34 @@ impl App { AppEvent::PersistModelSelection { model, effort } => { match crate::config_update::write_config_batch( app_server.request_handle(), - crate::config_update::build_model_selection_edits(model.as_str(), effort), + crate::config_update::build_model_selection_edits( + model.as_str(), + effort.as_ref(), + ), ) .await { Ok(_) => { let effort_label = effort - .map(|selected_effort| selected_effort.to_string()) + .as_ref() + .map(std::string::ToString::to_string) .unwrap_or_else(|| "default".to_string()); tracing::info!("Selected model: {model}, Selected effort: {effort_label}"); let mut message = format!("Model changed to {model}"); - if let Some(label) = Self::reasoning_label_for(&model, effort) { + if let Some(label) = Self::reasoning_label_for(&model, effort.as_ref()) { message.push(' '); - message.push_str(label); + message.push_str(&label); } self.chat_widget.add_info_message(message, /*hint*/ None); } Err(err) => { + let error = format_config_error(&err); tracing::error!( - error = %err, + error = %error, "failed to persist model selection" ); self.chat_widget - .add_error_message(format!("Failed to save default model: {err}")); + .add_error_message(format!("Failed to save default model: {error}")); } } } @@ -1525,7 +1558,7 @@ impl App { return Ok(AppRunControl::Continue); } - let should_check = WindowsSandboxLevel::from_config(&self.config) + let should_check = crate::windows_sandbox::level_from_config(&self.config) != WindowsSandboxLevel::Disabled && permission_profile_is_managed_restricted && !self.chat_widget.world_writable_warning_hidden(); @@ -1607,7 +1640,7 @@ impl App { self.chat_widget.set_rate_limit_switch_prompt_hidden(hidden); } AppEvent::UpdatePlanModeReasoningEffort(effort) => { - self.config.plan_mode_reasoning_effort = effort; + self.config.plan_mode_reasoning_effort = effort.clone(); self.chat_widget.set_plan_mode_reasoning_effort(effort); self.sync_active_thread_plan_mode_reasoning_setting(app_server) .await; @@ -1941,9 +1974,10 @@ impl App { self.chat_widget.setup_status_line(items, use_theme_colors); } Err(err) => { - tracing::error!(error = %err, "failed to persist status line settings; keeping previous selection"); + let error = format_config_error(&err); + tracing::error!(error = %error, "failed to persist status line settings; keeping previous selection"); self.chat_widget.add_error_message(format!( - "Failed to save status line settings: {err}" + "Failed to save status line settings: {error}" )); } } @@ -2238,4 +2272,31 @@ impl App { } } } + + pub(super) async fn delete_current_thread( + &mut self, + app_server: &mut AppServerSession, + ) -> AppRunControl { + let Some(thread_id) = self.active_thread_id.or(self.chat_widget.thread_id()) else { + self.chat_widget + .add_error_message("A thread must start before it can be deleted.".to_string()); + return AppRunControl::Continue; + }; + if self.side_threads.contains_key(&thread_id) { + self.chat_widget.add_error_message( + "'/delete' is unavailable in side conversations. Press Ctrl+C to return to the main thread first." + .to_string(), + ); + return AppRunControl::Continue; + } + + match app_server.thread_delete(thread_id).await { + Ok(()) => AppRunControl::Exit(ExitReason::UserRequested), + Err(err) => { + self.chat_widget + .add_error_message(format!("Failed to delete current thread: {err}")); + AppRunControl::Continue + } + } + } } diff --git a/codex-rs/tui/src/app/history_ui.rs b/codex-rs/tui/src/app/history_ui.rs index 4cb5072daf0..0aff920e6dd 100644 --- a/codex-rs/tui/src/app/history_ui.rs +++ b/codex-rs/tui/src/app/history_ui.rs @@ -113,6 +113,7 @@ impl App { self.initial_history_replay_buffer = None; self.backtrack = BacktrackState::default(); self.backtrack_render_pending = false; + self.skill_load_warnings.clear(); } } diff --git a/codex-rs/tui/src/app/loaded_threads.rs b/codex-rs/tui/src/app/loaded_threads.rs index d988c80516d..aba08f08d96 100644 --- a/codex-rs/tui/src/app/loaded_threads.rs +++ b/codex-rs/tui/src/app/loaded_threads.rs @@ -14,8 +14,10 @@ //! `SessionSource::SubAgent(ThreadSpawn { parent_thread_id, .. })` edges until no new children are //! found. The primary thread itself is never included in the output. +use codex_app_server_protocol::SessionSource; use codex_app_server_protocol::Thread; use codex_protocol::ThreadId; +use codex_protocol::protocol::SubAgentSource; use std::collections::HashMap; use std::collections::HashSet; @@ -26,6 +28,7 @@ pub(crate) struct LoadedSubagentThread { pub(crate) thread_id: ThreadId, pub(crate) agent_nickname: Option, pub(crate) agent_role: Option, + pub(crate) agent_path: Option, } /// Walks the spawn tree rooted at `primary_thread_id` and returns every descendant subagent. @@ -84,6 +87,7 @@ pub(crate) fn find_loaded_subagent_threads_for_primary( thread_id, agent_nickname: thread.agent_nickname, agent_role: thread.agent_role, + agent_path: thread_spawn_agent_path(&thread.source), }) }) .collect(); @@ -91,16 +95,22 @@ pub(crate) fn find_loaded_subagent_threads_for_primary( loaded_threads } -fn thread_spawn_parent_thread_id( - source: &codex_app_server_protocol::SessionSource, -) -> Option { - let value = serde_json::to_value(source).ok()?; - let parent_thread_id = value - .get("subAgent")? - .get("thread_spawn")? - .get("parent_thread_id")? - .as_str()?; - ThreadId::from_string(parent_thread_id).ok() +fn thread_spawn_agent_path(source: &SessionSource) -> Option { + match source { + SessionSource::SubAgent(SubAgentSource::ThreadSpawn { agent_path, .. }) => { + agent_path.clone().map(String::from) + } + _ => None, + } +} + +fn thread_spawn_parent_thread_id(source: &SessionSource) -> Option { + match source { + SessionSource::SubAgent(SubAgentSource::ThreadSpawn { + parent_thread_id, .. + }) => Some(*parent_thread_id), + _ => None, + } } #[cfg(test)] @@ -208,11 +218,13 @@ mod tests { thread_id: child_thread_id, agent_nickname: Some("Scout".to_string()), agent_role: Some("explorer".to_string()), + agent_path: None, }, LoadedSubagentThread { thread_id: grandchild_thread_id, agent_nickname: Some("Atlas".to_string()), agent_role: Some("worker".to_string()), + agent_path: None, }, ] ); diff --git a/codex-rs/tui/src/app/session_lifecycle.rs b/codex-rs/tui/src/app/session_lifecycle.rs index 5e7985f108f..a961658c80c 100644 --- a/codex-rs/tui/src/app/session_lifecycle.rs +++ b/codex-rs/tui/src/app/session_lifecycle.rs @@ -8,6 +8,60 @@ use super::*; impl App { pub(super) async fn open_agent_picker(&mut self, app_server: &mut AppServerSession) { + self.backfill_loaded_subagent_threads(app_server).await; + // V2 subagents are identified by canonical paths observed from activity events or loaded + // thread metadata. Prefer local buffered turn state for liveness, and fall back to + // thread/read only when no local event channel exists. + let path_backed_thread_ids: Vec<_> = self + .agent_navigation + .ordered_path_backed_subagent_threads(self.primary_thread_id) + .into_iter() + .map(|(thread_id, _)| thread_id) + .collect(); + for thread_id in path_backed_thread_ids { + if let Some(channel) = self.thread_event_channels.get(&thread_id) + && channel.attachment() == ThreadEventAttachment::Live + { + let is_running = channel.store.lock().await.active_turn_id().is_some(); + self.agent_navigation.set_running(thread_id, is_running); + } else { + self.refresh_agent_picker_thread_liveness(app_server, thread_id) + .await; + } + } + let path_backed_threads = self + .agent_navigation + .ordered_path_backed_subagent_threads(self.primary_thread_id); + if !path_backed_threads.is_empty() { + let running_threads: Vec<_> = path_backed_threads + .into_iter() + .filter_map(|(thread_id, entry)| { + if !entry.is_running || entry.is_closed { + return None; + } + Some((thread_id, entry.agent_path.as_deref()?.trim().to_string())) + }) + .collect(); + let mut entries = Vec::new(); + for (thread_id, agent_path) in running_threads { + let preview = if let Some(channel) = self.thread_event_channels.get(&thread_id) { + let store = channel.store.lock().await; + super::agent_status_feed::AgentStatusThreadPreview::from_store( + agent_path, &store, + ) + } else { + super::agent_status_feed::AgentStatusThreadPreview::empty(agent_path) + }; + entries.push(preview); + } + + self.chat_widget + .add_to_history(super::agent_status_feed::AgentStatusHistoryCell::new( + entries, + )); + return; + } + let mut thread_ids = self.agent_navigation.tracked_thread_ids(); for thread_id in self.thread_event_channels.keys().copied() { if !thread_ids.contains(&thread_id) { @@ -44,14 +98,14 @@ impl App { let items: Vec = self .agent_navigation .ordered_threads() - .iter() + .into_iter() .enumerate() .map(|(idx, (thread_id, entry))| { - if self.active_thread_id == Some(*thread_id) { + if self.active_thread_id == Some(thread_id) { initial_selected_idx = Some(idx); } - let id = *thread_id; - let is_primary = self.primary_thread_id == Some(*thread_id); + let id = thread_id; + let is_primary = self.primary_thread_id == Some(thread_id); let name = format_agent_picker_item_name( entry.agent_nickname.as_deref(), entry.agent_role.as_deref(), @@ -62,7 +116,7 @@ impl App { name: name.clone(), name_prefix_spans: agent_picker_status_dot_spans(entry.is_closed), description: Some(uuid.clone()), - is_current: self.active_thread_id == Some(*thread_id), + is_current: self.active_thread_id == Some(thread_id), actions: vec![Box::new(move |tx| { tx.send(AppEvent::SelectAgentThread(id)); })], @@ -145,6 +199,14 @@ impl App { .await { Ok(thread) => { + let is_running = matches!( + thread.status, + codex_app_server_protocol::ThreadStatus::Active { .. } + ); + let is_closed = matches!( + thread.status, + codex_app_server_protocol::ThreadStatus::NotLoaded + ); self.upsert_agent_picker_thread( thread_id, thread.agent_nickname.or_else(|| { @@ -157,11 +219,9 @@ impl App { .as_ref() .and_then(|entry| entry.agent_role.clone()) }), - matches!( - thread.status, - codex_app_server_protocol::ThreadStatus::NotLoaded - ), + is_closed, ); + self.agent_navigation.set_running(thread_id, is_running); true } Err(err) => { @@ -186,6 +246,8 @@ impl App { is_closed, ); } + self.agent_navigation + .set_running(thread_id, /*is_running*/ false); true } } @@ -248,6 +310,9 @@ impl App { } }; let channel = self.ensure_thread_channel(thread_id); + if !live_attached { + channel.mark_replay_only(); + } let mut store = channel.store.lock().await; store.set_session(session, turns); Ok(live_attached) @@ -610,13 +675,17 @@ impl App { } for thread in find_loaded_subagent_threads_for_primary(threads, primary_thread_id) { + let agent_path = thread.agent_path; self.upsert_agent_picker_thread( thread.thread_id, thread.agent_nickname, thread.agent_role, /*is_closed*/ false, ); + self.agent_navigation + .set_agent_path(thread.thread_id, agent_path); } + self.sync_active_agent_label(); !had_read_error } diff --git a/codex-rs/tui/src/app/startup_prompts.rs b/codex-rs/tui/src/app/startup_prompts.rs index 802cda3f80c..57f70a559e0 100644 --- a/codex-rs/tui/src/app/startup_prompts.rs +++ b/codex-rs/tui/src/app/startup_prompts.rs @@ -4,6 +4,45 @@ //! catalog state into one-time TUI prompts or warning cells without owning the main event loop. use super::*; +use std::collections::HashSet; +use std::path::PathBuf; + +#[derive(Debug, PartialEq, Eq, Hash)] +struct SkillLoadWarningKey { + path: PathBuf, + message: String, +} + +#[derive(Debug, Default)] +pub(super) struct SkillLoadWarningState { + active: HashSet, +} + +impl SkillLoadWarningState { + pub(super) fn clear(&mut self) { + self.active.clear(); + } + + pub(super) fn newly_active_errors(&mut self, errors: &[SkillErrorInfo]) -> Vec { + let previous = std::mem::take(&mut self.active); + let mut current = HashSet::new(); + let mut newly_active = Vec::new(); + + for error in errors { + let key = SkillLoadWarningKey { + path: error.path.clone(), + message: error.message.clone(), + }; + let was_active = previous.contains(&key); + if current.insert(key) && !was_active { + newly_active.push(error.clone()); + } + } + + self.active = current; + newly_active + } +} pub(super) fn emit_skill_load_warnings(app_event_tx: &AppEventSender, errors: &[SkillErrorInfo]) { if errors.is_empty() { @@ -152,9 +191,11 @@ pub(super) fn apply_accepted_model_migration( }); config.model = Some(target_model.clone()); - config.model_reasoning_effort = Some(target_default_effort); + config.model_reasoning_effort = Some(target_default_effort.clone()); app_event_tx.send(AppEvent::UpdateModel(target_model.clone())); - app_event_tx.send(AppEvent::UpdateReasoningEffort(Some(target_default_effort))); + app_event_tx.send(AppEvent::UpdateReasoningEffort(Some( + target_default_effort.clone(), + ))); app_event_tx.send(AppEvent::PersistModelSelection { model: target_model, effort: Some(target_default_effort), @@ -240,7 +281,6 @@ pub(super) async fn handle_model_migration_prompt_if_needed( if let Some(ModelUpgrade { id: target_model, - reasoning_effort_mapping: _, migration_config_key, model_link, upgrade_copy, @@ -290,7 +330,7 @@ pub(super) async fn handle_model_migration_prompt_if_needed( app_event_tx, model.to_string(), target_model.clone(), - target_preset.default_reasoning_effort, + target_preset.default_reasoning_effort.clone(), ); } ModelMigrationOutcome::Rejected => { @@ -303,7 +343,7 @@ pub(super) async fn handle_model_migration_prompt_if_needed( return Some(AppExitInfo { token_usage: TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::UserRequested, }); @@ -335,8 +375,10 @@ mod tests { use super::*; use crate::test_support::PathBufExt; use pretty_assertions::assert_eq; + use ratatui::text::Line; use std::path::PathBuf; use tempfile::tempdir; + use tokio::sync::mpsc::unbounded_channel; #[test] fn normalize_harness_overrides_resolves_relative_add_dirs() -> Result<()> { @@ -356,4 +398,126 @@ mod tests { ); Ok(()) } + + fn skill_error(path: &str, message: &str) -> SkillErrorInfo { + SkillErrorInfo { + path: PathBuf::from(path), + message: message.to_string(), + } + } + + fn render_line_text(line: &Line<'static>) -> String { + line.spans + .iter() + .map(|span| span.content.as_ref()) + .collect() + } + + fn render_skill_load_warning_cells(errors: &[SkillErrorInfo]) -> String { + let (tx, mut rx) = unbounded_channel(); + let app_event_tx = AppEventSender::new(tx); + + emit_skill_load_warnings(&app_event_tx, errors); + + let mut rendered = Vec::new(); + while let Ok(AppEvent::InsertHistoryCell(cell)) = rx.try_recv() { + rendered.extend( + cell.display_lines(/*width*/ 120) + .iter() + .map(render_line_text), + ); + } + rendered.join("\n") + } + + #[test] + fn skill_load_warning_state_suppresses_repeated_active_errors() { + let mut state = SkillLoadWarningState::default(); + let error = skill_error("/repo/.codex/skills/abc/SKILL.md", "invalid description"); + + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + vec![error.clone()] + ); + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + Vec::::new() + ); + } + + #[test] + fn skill_load_warning_state_reemits_after_error_clears() { + let mut state = SkillLoadWarningState::default(); + let error = skill_error("/repo/.codex/skills/abc/SKILL.md", "invalid description"); + + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + vec![error.clone()] + ); + assert_eq!(state.newly_active_errors(&[]), Vec::::new()); + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + vec![error] + ); + } + + #[test] + fn skill_load_warning_state_displays_new_message_for_active_path() { + let mut state = SkillLoadWarningState::default(); + let initial = skill_error("/repo/.codex/skills/abc/SKILL.md", "invalid description"); + let changed = skill_error("/repo/.codex/skills/abc/SKILL.md", "invalid frontmatter"); + + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&initial)), + vec![initial] + ); + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&changed)), + vec![changed] + ); + } + + #[test] + fn skill_load_warning_state_clear_allows_active_error_again() { + let mut state = SkillLoadWarningState::default(); + let error = skill_error("/repo/.codex/skills/abc/SKILL.md", "invalid description"); + + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + vec![error.clone()] + ); + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + Vec::::new() + ); + + state.clear(); + + assert_eq!( + state.newly_active_errors(std::slice::from_ref(&error)), + vec![error] + ); + } + + #[test] + fn repeated_active_skill_load_warning_renders_once() { + let mut state = SkillLoadWarningState::default(); + let error = skill_error("/repo/.codex/skills/abc/SKILL.md", "invalid description"); + + let first_errors = state.newly_active_errors(std::slice::from_ref(&error)); + let repeated_errors = state.newly_active_errors(std::slice::from_ref(&error)); + let rendered = [ + render_skill_load_warning_cells(&first_errors), + render_skill_load_warning_cells(&repeated_errors), + ] + .into_iter() + .filter(|output| !output.is_empty()) + .collect::>() + .join("\n"); + + insta::assert_snapshot!(rendered, @r" +⚠ Skipped loading 1 skill(s) due to invalid SKILL.md files. +⚠ /repo/.codex/skills/abc/SKILL.md: invalid description +"); + } } diff --git a/codex-rs/tui/src/app/test_support.rs b/codex-rs/tui/src/app/test_support.rs index 9bbe0c60b47..e0eafaa23b7 100644 --- a/codex-rs/tui/src/app/test_support.rs +++ b/codex-rs/tui/src/app/test_support.rs @@ -6,12 +6,14 @@ use super::*; use crate::chatwidget::tests::make_chatwidget_manual_with_sender; +use codex_models_manager::test_support::construct_model_info_offline_for_tests; +use codex_models_manager::test_support::get_model_offline_for_tests; pub(super) async fn make_test_app() -> App { let (chat_widget, app_event_tx, _rx, _op_rx) = make_chatwidget_manual_with_sender().await; let config = chat_widget.config_ref().clone(); let file_search = FileSearchManager::new(config.cwd.to_path_buf(), app_event_tx.clone()); - let model = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model = get_model_offline_for_tests(config.model.as_deref()); let session_telemetry = test_session_telemetry(&config, model.as_str()); App { @@ -25,6 +27,7 @@ pub(super) async fn make_test_app() -> App { cli_kv_overrides: Vec::new(), harness_overrides: ConfigOverrides::default(), loader_overrides: LoaderOverrides::without_managed_config_for_tests(), + cloud_config_bundle: CloudConfigBundleLoader::default(), runtime_approval_policy_override: None, runtime_permission_profile_override: None, file_search, @@ -39,6 +42,7 @@ pub(super) async fn make_test_app() -> App { commit_anim_running: Arc::new(AtomicBool::new(false)), status_line_invalid_items_warned: Arc::new(AtomicBool::new(false)), terminal_title_invalid_items_warned: Arc::new(AtomicBool::new(false)), + skill_load_warnings: SkillLoadWarningState::default(), backtrack: BacktrackState::default(), backtrack_render_pending: false, feedback: codex_feedback::CodexFeedback::new(), @@ -66,7 +70,8 @@ pub(super) async fn make_test_app() -> App { } fn test_session_telemetry(config: &Config, model: &str) -> SessionTelemetry { - let model_info = crate::legacy_core::test_support::construct_model_info_offline(model, config); + let model_info = + construct_model_info_offline_for_tests(model, &config.to_models_manager_config()); SessionTelemetry::new( ThreadId::new(), model, diff --git a/codex-rs/tui/src/app/tests.rs b/codex-rs/tui/src/app/tests.rs index eb5e10c50f0..e8ed3e33da1 100644 --- a/codex-rs/tui/src/app/tests.rs +++ b/codex-rs/tui/src/app/tests.rs @@ -22,6 +22,7 @@ use crate::history_cell::PlainHistoryCell; use crate::history_cell::UserHistoryCell; use crate::history_cell::new_session_info; use crate::multi_agents::AgentPickerThreadEntry; +use crate::multi_agents::SubAgentActivityDisplay; use assert_matches::assert_matches; use crate::app_command::AppCommand as Op; @@ -74,6 +75,8 @@ use codex_app_server_protocol::TurnStatus; use codex_app_server_protocol::UserInput; use codex_app_server_protocol::UserInput as AppServerUserInput; use codex_app_server_protocol::WarningNotification; +use codex_models_manager::test_support::construct_model_info_offline_for_tests; +use codex_models_manager::test_support::get_model_offline_for_tests; use codex_otel::SessionTelemetry; use codex_protocol::ThreadId; use codex_protocol::config_types::CollaborationMode; @@ -306,7 +309,7 @@ async fn enqueue_primary_thread_session_replays_turns_before_initial_prompt_subm let thread_id = ThreadId::new(); let initial_prompt = "follow-up after replay".to_string(); let config = app.config.clone(); - let model = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model = get_model_offline_for_tests(config.model.as_deref()); app.chat_widget = ChatWidget::new_with_app_event(ChatWidgetInit { config, frame_requester: crate::tui::FrameRequester::test_dummy(), @@ -1164,6 +1167,8 @@ async fn collab_receiver_notification_caches_thread_without_app_server_read() { Some(&AgentPickerThreadEntry { agent_nickname: None, agent_role: None, + agent_path: None, + is_running: false, is_closed: false, }) ); @@ -1223,6 +1228,8 @@ async fn open_agent_picker_keeps_missing_threads_for_replay() -> Result<()> { Some(&AgentPickerThreadEntry { agent_nickname: None, agent_role: None, + agent_path: None, + is_running: false, is_closed: true, }) ); @@ -1256,6 +1263,88 @@ async fn open_agent_picker_preserves_cached_metadata_for_replay_threads() -> Res Some(&AgentPickerThreadEntry { agent_nickname: Some("Robie".to_string()), agent_role: Some("explorer".to_string()), + agent_path: None, + is_running: false, + is_closed: true, + }) + ); + Ok(()) +} + +#[tokio::test] +async fn open_agent_picker_clears_completed_path_backed_agent_running_state() -> Result<()> { + let mut app = Box::pin(make_test_app()).await; + let mut app_server = Box::pin(crate::start_embedded_app_server_for_picker( + app.chat_widget.config_ref(), + )) + .await + .expect("embedded app server"); + let thread_id = ThreadId::new(); + let channel = ThreadEventChannel::new(/*capacity*/ 4); + { + let mut store = channel.store.lock().await; + store.push_notification(turn_started_notification(thread_id, "turn-1")); + store.push_notification(turn_completed_notification( + thread_id, + "turn-1", + TurnStatus::Completed, + )); + } + app.thread_event_channels.insert(thread_id, channel); + app.agent_navigation + .record_sub_agent_activity(SubAgentActivityDisplay { + thread_id, + agent_path: "/root/child".to_string(), + is_running_hint: true, + }); + + Box::pin(app.open_agent_picker(&mut app_server)).await; + + assert_eq!( + app.agent_navigation.get(&thread_id), + Some(&AgentPickerThreadEntry { + agent_nickname: None, + agent_role: None, + agent_path: Some("/root/child".to_string()), + is_running: false, + is_closed: false, + }) + ); + Ok(()) +} + +#[tokio::test] +async fn open_agent_picker_refreshes_replay_only_path_backed_liveness() -> Result<()> { + let mut app = Box::pin(make_test_app()).await; + let mut app_server = Box::pin(crate::start_embedded_app_server_for_picker( + app.chat_widget.config_ref(), + )) + .await + .expect("embedded app server"); + let thread_id = ThreadId::new(); + let mut channel = ThreadEventChannel::new(/*capacity*/ 4); + channel.mark_replay_only(); + { + let mut store = channel.store.lock().await; + store.push_notification(turn_started_notification(thread_id, "turn-1")); + } + app.thread_event_channels.insert(thread_id, channel); + app.agent_navigation + .record_sub_agent_activity(SubAgentActivityDisplay { + thread_id, + agent_path: "/root/child".to_string(), + is_running_hint: true, + }); + + Box::pin(app.open_agent_picker(&mut app_server)).await; + + assert_eq!( + app.agent_navigation.get(&thread_id), + Some(&AgentPickerThreadEntry { + agent_nickname: None, + agent_role: None, + agent_path: Some("/root/child".to_string()), + is_running: false, is_closed: true, }) ); @@ -1310,6 +1399,8 @@ async fn open_agent_picker_marks_terminal_read_errors_closed() -> Result<()> { Some(&AgentPickerThreadEntry { agent_nickname: Some("Robie".to_string()), agent_role: Some("explorer".to_string()), + agent_path: None, + is_running: false, is_closed: true, }) ); @@ -1348,6 +1439,8 @@ fn open_agent_picker_marks_loaded_threads_open() -> Result<()> { Some(&AgentPickerThreadEntry { agent_nickname: None, agent_role: None, + agent_path: None, + is_running: false, is_closed: false, }) ); @@ -1824,7 +1917,7 @@ async fn update_feature_flags_enabling_guardian_selects_auto_review() -> Result< let config = std::fs::read_to_string(codex_home.path().join("config.toml"))?; assert!(config.contains("guardian_approval = true")); - assert!(config.contains("approvals_reviewer = \"guardian_subagent\"")); + assert!(config.contains("approvals_reviewer = \"auto_review\"")); assert!(config.contains("approval_policy = \"on-request\"")); assert!(config.contains("sandbox_mode = \"workspace-write\"")); app_server.shutdown().await?; @@ -1988,7 +2081,7 @@ async fn update_feature_flags_enabling_guardian_overrides_explicit_manual_review ); let config = std::fs::read_to_string(codex_home.path().join("config.toml"))?; - assert!(config.contains("approvals_reviewer = \"guardian_subagent\"")); + assert!(config.contains("approvals_reviewer = \"auto_review\"")); assert!(config.contains("guardian_approval = true")); assert!(config.contains("approval_policy = \"on-request\"")); assert!(config.contains("sandbox_mode = \"workspace-write\"")); @@ -2819,6 +2912,8 @@ async fn inactive_thread_started_notification_initializes_replay_session() -> Re Some(&AgentPickerThreadEntry { agent_nickname: Some("Robie".to_string()), agent_role: Some("explorer".to_string()), + agent_path: None, + is_running: false, is_closed: false, }) ); @@ -3353,24 +3448,33 @@ async fn side_thread_snapshot_skips_session_header_preamble() { } #[tokio::test] -async fn side_thread_ignores_global_mcp_startup_notifications() { +async fn primary_thread_ignores_child_mcp_startup_notifications() { let (mut app, mut app_event_rx, _op_rx) = make_test_app_with_channels().await; while app_event_rx.try_recv().is_ok() {} + let sentry_config = toml::from_str::("command = 'true'") + .expect("test MCP config should parse") + .try_into() + .expect("test MCP config should deserialize"); + app.config + .mcp_servers + .set(std::collections::HashMap::from([( + "sentry".to_string(), + sentry_config, + )])) + .expect("test MCP servers should accept any configuration"); let app_server = crate::start_embedded_app_server_for_picker(app.chat_widget.config_ref()) .await .expect("embedded app server"); let parent_thread_id = ThreadId::new(); - let side_thread_id = ThreadId::new(); + let child_thread_id = ThreadId::new(); app.primary_thread_id = Some(parent_thread_id); - app.active_thread_id = Some(side_thread_id); - app.side_threads - .insert(side_thread_id, SideThreadState::new(parent_thread_id)); - app.sync_side_thread_ui(); + app.active_thread_id = Some(parent_thread_id); app.handle_app_server_event( &app_server, codex_app_server_client::AppServerEvent::ServerNotification( ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: Some(child_thread_id.to_string()), name: "sentry".to_string(), status: McpServerStartupState::Failed, error: Some("sentry is not logged in".to_string()), @@ -3380,6 +3484,168 @@ async fn side_thread_ignores_global_mcp_startup_notifications() { .await; assert!(app_event_rx.try_recv().is_err()); + let mut child_snapshot = app + .thread_event_channels + .get(&child_thread_id) + .expect("child thread channel should be created") + .store + .lock() + .await + .snapshot(); + assert!( + matches!( + child_snapshot.events.as_slice(), + [ThreadBufferedEvent::Notification( + ServerNotification::McpServerStatusUpdated(_) + )] + ), + "child MCP startup notification should be buffered for the child thread" + ); + + app.apply_refreshed_snapshot_thread( + child_thread_id, + AppServerStartedThread { + session: test_thread_session(child_thread_id, test_path_buf("/tmp/child")), + turns: Vec::new(), + }, + &mut child_snapshot, + ) + .await; + app.replay_thread_snapshot(child_snapshot, /*resume_restored_queue*/ false); + + let mut rendered_cells = Vec::new(); + while let Ok(event) = app_event_rx.try_recv() { + if let AppEvent::InsertHistoryCell(cell) = event { + rendered_cells.push(lines_to_single_string(&cell.display_lines(/*width*/ 120))); + } + } + let rendered = rendered_cells.join("\n"); + assert_eq!(app.chat_widget.thread_id(), Some(child_thread_id)); + assert_eq!(rendered.matches("sentry is not logged in").count(), 1); + assert_eq!( + rendered + .matches("MCP startup incomplete (failed: sentry)") + .count(), + 1 + ); +} + +#[tokio::test] +async fn app_scoped_mcp_startup_notifications_do_not_render_in_active_thread() { + let (mut app, mut app_event_rx, _op_rx) = make_test_app_with_channels().await; + while app_event_rx.try_recv().is_ok() {} + let app_server = crate::start_embedded_app_server_for_picker(app.chat_widget.config_ref()) + .await + .expect("embedded app server"); + let thread_id = ThreadId::new(); + app.primary_thread_id = Some(thread_id); + app.active_thread_id = Some(thread_id); + + app.handle_app_server_event( + &app_server, + codex_app_server_client::AppServerEvent::ServerNotification( + ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: None, + name: "sentry".to_string(), + status: McpServerStartupState::Failed, + error: Some("sentry is not logged in".to_string()), + }), + ), + ) + .await; + + assert!(app_event_rx.try_recv().is_err()); + assert_eq!( + app.chat_widget.active_cell_transcript_lines(/*width*/ 120), + None + ); +} + +#[tokio::test] +async fn active_side_thread_renders_live_mcp_startup_notifications() { + let (mut app, mut app_event_rx, _op_rx) = make_test_app_with_channels().await; + while app_event_rx.try_recv().is_ok() {} + let sentry_config = toml::from_str::("command = 'true'") + .expect("test MCP config should parse") + .try_into() + .expect("test MCP config should deserialize"); + app.config + .mcp_servers + .set(std::collections::HashMap::from([( + "sentry".to_string(), + sentry_config, + )])) + .expect("test MCP servers should accept any configuration"); + let app_server = crate::start_embedded_app_server_for_picker(app.chat_widget.config_ref()) + .await + .expect("embedded app server"); + let parent_thread_id = ThreadId::new(); + let side_thread_id = ThreadId::new(); + app.primary_thread_id = Some(parent_thread_id); + app.side_threads + .insert(side_thread_id, SideThreadState::new(parent_thread_id)); + app.ensure_thread_channel(side_thread_id); + app.activate_thread_channel(side_thread_id).await; + app.replay_thread_snapshot( + ThreadEventSnapshot { + session: Some(test_thread_session( + side_thread_id, + test_path_buf("/tmp/side"), + )), + turns: Vec::new(), + events: Vec::new(), + input_state: None, + }, + /*resume_restored_queue*/ false, + ); + app.sync_side_thread_ui(); + + for status in [ + McpServerStartupState::Starting, + McpServerStartupState::Failed, + ] { + app.handle_app_server_event( + &app_server, + codex_app_server_client::AppServerEvent::ServerNotification( + ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: Some(side_thread_id.to_string()), + name: "sentry".to_string(), + status, + error: matches!(status, McpServerStartupState::Failed) + .then(|| "sentry is not logged in".to_string()), + }), + ), + ) + .await; + } + + let mut active_thread_events = Vec::new(); + let active_thread_rx = app + .active_thread_rx + .as_mut() + .expect("side thread receiver should be active"); + while let Ok(event) = active_thread_rx.try_recv() { + active_thread_events.push(event); + } + for event in active_thread_events { + app.handle_thread_event_now(event); + } + + let mut rendered_cells = Vec::new(); + while let Ok(event) = app_event_rx.try_recv() { + if let AppEvent::InsertHistoryCell(cell) = event { + rendered_cells.push(lines_to_single_string(&cell.display_lines(/*width*/ 120))); + } + } + let rendered = rendered_cells.join("\n"); + assert!(app.chat_widget.side_conversation_active()); + assert_eq!(rendered.matches("sentry is not logged in").count(), 1); + assert_eq!( + rendered + .matches("MCP startup incomplete (failed: sentry)") + .count(), + 1 + ); } #[tokio::test] @@ -3760,7 +4026,7 @@ async fn make_test_app() -> App { let (chat_widget, app_event_tx, _rx, _op_rx) = make_chatwidget_manual_with_sender().await; let config = chat_widget.config_ref().clone(); let file_search = FileSearchManager::new(config.cwd.to_path_buf(), app_event_tx.clone()); - let model = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model = get_model_offline_for_tests(config.model.as_deref()); let session_telemetry = test_session_telemetry(&config, model.as_str()); App { @@ -3774,6 +4040,7 @@ async fn make_test_app() -> App { cli_kv_overrides: Vec::new(), harness_overrides: ConfigOverrides::default(), loader_overrides: LoaderOverrides::without_managed_config_for_tests(), + cloud_config_bundle: CloudConfigBundleLoader::default(), runtime_approval_policy_override: None, runtime_permission_profile_override: None, file_search, @@ -3788,6 +4055,7 @@ async fn make_test_app() -> App { commit_anim_running: Arc::new(AtomicBool::new(false)), status_line_invalid_items_warned: Arc::new(AtomicBool::new(false)), terminal_title_invalid_items_warned: Arc::new(AtomicBool::new(false)), + skill_load_warnings: SkillLoadWarningState::default(), backtrack: BacktrackState::default(), backtrack_render_pending: false, feedback: codex_feedback::CodexFeedback::new(), @@ -3822,7 +4090,7 @@ async fn make_test_app_with_channels() -> ( let (chat_widget, app_event_tx, rx, op_rx) = make_chatwidget_manual_with_sender().await; let config = chat_widget.config_ref().clone(); let file_search = FileSearchManager::new(config.cwd.to_path_buf(), app_event_tx.clone()); - let model = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model = get_model_offline_for_tests(config.model.as_deref()); let session_telemetry = test_session_telemetry(&config, model.as_str()); ( @@ -3837,6 +4105,7 @@ async fn make_test_app_with_channels() -> ( cli_kv_overrides: Vec::new(), harness_overrides: ConfigOverrides::default(), loader_overrides: LoaderOverrides::without_managed_config_for_tests(), + cloud_config_bundle: CloudConfigBundleLoader::default(), runtime_approval_policy_override: None, runtime_permission_profile_override: None, file_search, @@ -3851,6 +4120,7 @@ async fn make_test_app_with_channels() -> ( commit_anim_running: Arc::new(AtomicBool::new(false)), status_line_invalid_items_warned: Arc::new(AtomicBool::new(false)), terminal_title_invalid_items_warned: Arc::new(AtomicBool::new(false)), + skill_load_warnings: SkillLoadWarningState::default(), backtrack: BacktrackState::default(), backtrack_render_pending: false, feedback: codex_feedback::CodexFeedback::new(), @@ -4339,7 +4609,8 @@ fn lines_to_single_string(lines: &[Line<'_>]) -> String { } fn test_session_telemetry(config: &Config, model: &str) -> SessionTelemetry { - let model_info = crate::legacy_core::test_support::construct_model_info_offline(model, config); + let model_info = + construct_model_info_offline_for_tests(model, &config.to_models_manager_config()); SessionTelemetry::new( ThreadId::new(), model, @@ -4441,6 +4712,23 @@ fn active_turn_steer_race_extracts_actual_turn_id_from_mismatch() { ); } +#[test] +fn active_turn_interrupt_race_extracts_actual_turn_id_from_mismatch() { + let error = TypedRequestError::Server { + method: "turn/interrupt".to_string(), + source: JSONRPCErrorError { + code: -32602, + message: "expected active turn id turn-expected but found turn-actual".to_string(), + data: None, + }, + }; + + assert_eq!( + active_turn_interrupt_race(&error), + Some("turn-actual".to_string()) + ); +} + #[tokio::test] async fn fresh_session_config_uses_current_service_tier() { let mut app = make_test_app().await; @@ -5241,7 +5529,7 @@ async fn override_turn_context_sends_thread_settings_update() { .expect("thread/start should succeed"); let thread_id = started.session.thread_id; let initial_model = started.session.model.clone(); - let initial_effort = started.session.reasoning_effort; + let initial_effort = started.session.reasoning_effort.clone(); app.enqueue_primary_thread_session(started.session, started.turns) .await .expect("primary thread should be registered"); @@ -5466,7 +5754,7 @@ async fn inactive_thread_settings_notification_updates_cached_collaboration_mode model: "gpt-plan".to_string(), model_provider: "openai".to_string(), service_tier: None, - effort: collaboration_mode.settings.reasoning_effort, + effort: collaboration_mode.settings.reasoning_effort.clone(), summary: None, collaboration_mode: collaboration_mode.clone(), personality: Some(Personality::Pragmatic), @@ -5576,6 +5864,34 @@ async fn clear_only_ui_reset_preserves_chat_session_state() { assert_eq!(app.chat_widget.composer_text_with_pending(), "draft prompt"); } +#[tokio::test] +async fn clear_only_ui_reset_allows_active_skill_warning_to_render_again() { + let mut app = make_test_app().await; + let error = SkillErrorInfo { + path: test_path_buf("/tmp/project/.codex/skills/abc/SKILL.md"), + message: "invalid description".to_string(), + }; + + assert_eq!( + app.skill_load_warnings + .newly_active_errors(std::slice::from_ref(&error)), + vec![error.clone()] + ); + assert_eq!( + app.skill_load_warnings + .newly_active_errors(std::slice::from_ref(&error)), + Vec::::new() + ); + + app.reset_app_ui_state_after_clear(); + + assert_eq!( + app.skill_load_warnings + .newly_active_errors(std::slice::from_ref(&error)), + vec![error] + ); +} + #[tokio::test] async fn backtrack_esc_does_not_steal_empty_vim_insert_escape() { let mut app = make_test_app().await; diff --git a/codex-rs/tui/src/app/tests/model_catalog.rs b/codex-rs/tui/src/app/tests/model_catalog.rs index 7d2eb9c125a..ac4a50af8f4 100644 --- a/codex-rs/tui/src/app/tests/model_catalog.rs +++ b/codex-rs/tui/src/app/tests/model_catalog.rs @@ -6,7 +6,7 @@ use pretty_assertions::assert_eq; use tokio::sync::mpsc::unbounded_channel; fn all_model_presets() -> Vec { - crate::legacy_core::test_support::all_model_presets().clone() + crate::test_support::TEST_MODEL_PRESETS.clone() } fn model_availability_nux_config(shown_count: &[(&str, u32)]) -> ModelAvailabilityNuxConfig { @@ -297,7 +297,6 @@ async fn model_migration_prompt_skips_when_target_missing_or_hidden() { .expect("preset present"); current.upgrade = Some(ModelUpgrade { id: "missing-target".to_string(), - reasoning_effort_mapping: None, migration_config_key: HIDE_GPT5_1_MIGRATION_PROMPT_CONFIG.to_string(), model_link: None, upgrade_copy: None, diff --git a/codex-rs/tui/src/app/thread_events.rs b/codex-rs/tui/src/app/thread_events.rs index a4e514a4339..48dc1d08487 100644 --- a/codex-rs/tui/src/app/thread_events.rs +++ b/codex-rs/tui/src/app/thread_events.rs @@ -31,6 +31,12 @@ pub(super) struct FeedbackThreadEvent { pub(super) result: Result, } +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub(super) enum ThreadEventAttachment { + Live, + ReplayOnly, +} + #[derive(Debug)] pub(super) struct ThreadEventStore { pub(super) session: Option, @@ -50,6 +56,7 @@ impl ThreadEventStore { ThreadBufferedEvent::Request(_) | ThreadBufferedEvent::Notification(ServerNotification::HookStarted(_)) | ThreadBufferedEvent::Notification(ServerNotification::HookCompleted(_)) + | ThreadBufferedEvent::Notification(ServerNotification::McpServerStatusUpdated(_)) | ThreadBufferedEvent::FeedbackSubmission(_) ) } @@ -284,6 +291,7 @@ pub(super) struct ThreadEventChannel { pub(super) sender: mpsc::Sender, pub(super) receiver: Option>, pub(super) store: Arc>, + attachment: ThreadEventAttachment, } impl ThreadEventChannel { @@ -293,9 +301,18 @@ impl ThreadEventChannel { sender, receiver: Some(receiver), store: Arc::new(Mutex::new(ThreadEventStore::new(capacity))), + attachment: ThreadEventAttachment::Live, } } + pub(super) fn mark_replay_only(&mut self) { + self.attachment = ThreadEventAttachment::ReplayOnly; + } + + pub(super) fn attachment(&self) -> ThreadEventAttachment { + self.attachment + } + #[cfg_attr(not(test), allow(dead_code))] pub(super) fn new_with_session( capacity: usize, @@ -309,6 +326,7 @@ impl ThreadEventChannel { store: Arc::new(Mutex::new(ThreadEventStore::new_with_session( capacity, session, turns, ))), + attachment: ThreadEventAttachment::Live, } } } @@ -590,4 +608,31 @@ mod tests { ] ); } + + #[test] + fn thread_event_store_rebase_preserves_mcp_startup_notifications() { + let thread_id = ThreadId::new(); + let notification = ServerNotification::McpServerStatusUpdated( + codex_app_server_protocol::McpServerStatusUpdatedNotification { + thread_id: Some(thread_id.to_string()), + name: "sentry".to_string(), + status: codex_app_server_protocol::McpServerStartupState::Failed, + error: Some("sentry is not logged in".to_string()), + }, + ); + let mut store = ThreadEventStore::new(/*capacity*/ 8); + store.push_notification(notification.clone()); + + store.rebase_buffer_after_session_refresh(); + + let snapshot = store.snapshot(); + let actual = match snapshot.events.as_slice() { + [ThreadBufferedEvent::Notification(actual)] => actual, + other => panic!("expected one buffered MCP notification, saw: {other:?}"), + }; + assert_eq!( + serde_json::to_value(actual).expect("MCP notification should serialize"), + serde_json::to_value(notification).expect("MCP notification should serialize"), + ); + } } diff --git a/codex-rs/tui/src/app/thread_goal_actions.rs b/codex-rs/tui/src/app/thread_goal_actions.rs index 59118017550..b1a1bd36786 100644 --- a/codex-rs/tui/src/app/thread_goal_actions.rs +++ b/codex-rs/tui/src/app/thread_goal_actions.rs @@ -6,6 +6,7 @@ use crate::bottom_pane::SelectionAction; use crate::bottom_pane::SelectionItem; use crate::bottom_pane::SelectionViewParams; use crate::bottom_pane::popup_consts::standard_popup_hint_line; +use crate::goal_display::GOAL_USAGE; use crate::goal_display::goal_status_label; use crate::goal_display::goal_usage_summary; use codex_app_server_protocol::ThreadGoal; @@ -39,7 +40,7 @@ impl App { let Some(goal) = response.goal else { self.chat_widget.add_info_message( - "Usage: /goal ".to_string(), + GOAL_USAGE.to_string(), Some("No goal is currently set.".to_string()), ); return; @@ -280,7 +281,7 @@ impl App { self.chat_widget .add_error_message("No goal is currently set.".to_string()); self.chat_widget.add_info_message( - "Usage: /goal ".to_string(), + GOAL_USAGE.to_string(), Some("Create a goal before editing it.".to_string()), ); } diff --git a/codex-rs/tui/src/app/thread_routing.rs b/codex-rs/tui/src/app/thread_routing.rs index 1bd28d5f65d..938174254af 100644 --- a/codex-rs/tui/src/app/thread_routing.rs +++ b/codex-rs/tui/src/app/thread_routing.rs @@ -500,9 +500,39 @@ impl App { match op { AppCommand::Interrupt { .. } => { if let Some(turn_id) = self.active_turn_id_for_thread(thread_id).await { - app_server.turn_interrupt(thread_id, turn_id).await?; + let mut interrupt_turn_id = turn_id; + for retried_after_turn_mismatch in [false, true] { + match app_server + .turn_interrupt(thread_id, interrupt_turn_id.clone()) + .await + { + Ok(()) => return Ok(true), + Err(error) if !retried_after_turn_mismatch => { + let Some(actual_turn_id) = active_turn_interrupt_race(&error) + else { + return Err(error).wrap_err("turn/interrupt failed in TUI"); + }; + if actual_turn_id == interrupt_turn_id { + return Err(error).wrap_err("turn/interrupt failed in TUI"); + } + // Review flows can swap the active turn before the TUI processes + // the corresponding notification. Retry once with the + // server-reported turn id so Ctrl+C/Esc do not fatally exit on that + // stale cache, but let lifecycle notifications own the cached + // active turn id. + interrupt_turn_id = actual_turn_id; + } + Err(error) => { + return Err(error).wrap_err("turn/interrupt failed in TUI"); + } + } + } + unreachable!("interrupt retry loop should return"); } else { - app_server.startup_interrupt(thread_id).await?; + app_server + .startup_interrupt(thread_id) + .await + .wrap_err("turn/interrupt failed in TUI")?; } Ok(true) } @@ -606,7 +636,7 @@ impl App { permissions_override, config.permissions.user_visible_workspace_roots(), model.to_string(), - *effort, + effort.clone(), *summary, service_tier.clone(), collaboration_mode.clone(), @@ -652,7 +682,12 @@ impl App { Ok(true) } AppCommand::Review { target } => { - app_server.review_start(thread_id, target.clone()).await?; + let response = app_server.review_start(thread_id, target.clone()).await?; + let review_thread_id = ThreadId::from_string(&response.review_thread_id) + .wrap_err("review/start returned invalid review thread id")?; + let store = Arc::clone(&self.ensure_thread_channel(review_thread_id).store); + let mut store = store.lock().await; + store.active_turn_id = Some(response.turn.id); Ok(true) } AppCommand::CleanBackgroundTerminals => { @@ -896,6 +931,14 @@ impl App { &mut self, notification: &ServerNotification, ) { + if let Some(activity) = + sub_agent_activity_item(notification).and_then(sub_agent_activity_display) + { + self.agent_navigation.record_sub_agent_activity(activity); + self.sync_active_agent_label(); + return; + } + let Some(receiver_thread_ids) = collab_receiver_thread_ids(notification) else { return; }; @@ -1261,6 +1304,7 @@ impl App { snapshot: ThreadEventSnapshot, resume_restored_queue: bool, ) { + self.refresh_mcp_startup_expected_servers_from_config(); let should_buffer_replay = self.terminal_resize_reflow_enabled() && (!snapshot.turns.is_empty() || !snapshot.events.is_empty()); if should_buffer_replay { @@ -1342,6 +1386,7 @@ impl App { pub(super) fn handle_skills_list_response(&mut self, response: SkillsListResponse) { let cwd = self.chat_widget.config_ref().cwd.clone(); let errors = errors_for_cwd(&cwd, &response); + let errors = self.skill_load_warnings.newly_active_errors(&errors); emit_skill_load_warnings(&self.app_event_tx, &errors); self.chat_widget.handle_skills_list_response(response); } diff --git a/codex-rs/tui/src/app/thread_settings.rs b/codex-rs/tui/src/app/thread_settings.rs index 27c435af3fd..84dcebe1a82 100644 --- a/codex-rs/tui/src/app/thread_settings.rs +++ b/codex-rs/tui/src/app/thread_settings.rs @@ -124,7 +124,7 @@ impl App { .as_ref() .map(|profile| profile.id.clone()), model: model.clone(), - effort: effort.unwrap_or_default(), + effort: effort.clone().unwrap_or_default(), summary: *summary, service_tier: service_tier.clone(), collaboration_mode: collaboration_mode.clone(), @@ -172,7 +172,7 @@ impl App { fn apply_thread_settings_to_session(session: &mut ThreadSessionState, settings: &ThreadSettings) { if settings.collaboration_mode.mode == ModeKind::Default { session.model = settings.model.clone(); - session.reasoning_effort = settings.effort; + session.reasoning_effort = settings.effort.clone(); } session.model_provider_id = settings.model_provider.clone(); session.service_tier = settings.service_tier.clone(); @@ -190,7 +190,7 @@ fn apply_thread_settings_to_session(session: &mut ThreadSessionState, settings: .settings .model .clone_from(&settings.model); - collaboration_mode.settings.reasoning_effort = settings.effort; + collaboration_mode.settings.reasoning_effort = settings.effort.clone(); session.collaboration_mode = Some(Box::new(collaboration_mode)); } diff --git a/codex-rs/tui/src/app_event.rs b/codex-rs/tui/src/app_event.rs index c2f9ee3f312..ee6364c0de0 100644 --- a/codex-rs/tui/src/app_event.rs +++ b/codex-rs/tui/src/app_event.rs @@ -109,6 +109,21 @@ pub(crate) struct ConnectorsSnapshot { pub(crate) connectors: Vec, } +#[derive(Debug, Clone, PartialEq, Eq)] +pub(crate) enum PluginLocation { + Local { marketplace_path: AbsolutePathBuf }, + Remote { marketplace_name: String }, +} + +impl PluginLocation { + pub(crate) fn into_request_params(self) -> (Option, Option) { + match self { + PluginLocation::Local { marketplace_path } => (Some(marketplace_path), None), + PluginLocation::Remote { marketplace_name } => (None, Some(marketplace_name)), + } + } +} + /// Distinguishes why a rate-limit refresh was requested so the completion /// handler can route the result correctly. /// @@ -206,12 +221,18 @@ pub(crate) enum AppEvent { /// Open the resume picker inside the running TUI session. OpenResumePicker, + /// Open the external agent migration picker inside the running TUI session. + OpenExternalAgentConfigMigration, + /// Resume a thread by UUID or thread name inside the running TUI session. ResumeSessionByIdOrName(String), /// Archive the current active main thread and exit after it succeeds. ArchiveCurrentThread, + /// Permanently delete the current active main thread and exit after it succeeds. + DeleteCurrentThread, + /// Fork the current session into a new thread. ForkCurrentSession, @@ -493,7 +514,7 @@ pub(crate) enum AppEvent { /// Install a specific plugin from a marketplace. FetchPluginInstall { cwd: PathBuf, - marketplace_path: AbsolutePathBuf, + location: PluginLocation, plugin_name: String, plugin_display_name: String, }, @@ -501,7 +522,7 @@ pub(crate) enum AppEvent { /// Result of installing a plugin. PluginInstallLoaded { cwd: PathBuf, - marketplace_path: AbsolutePathBuf, + location: PluginLocation, plugin_name: String, plugin_display_name: String, result: Result, diff --git a/codex-rs/tui/src/app_server_session.rs b/codex-rs/tui/src/app_server_session.rs index 2290640ab42..47184cfee28 100644 --- a/codex-rs/tui/src/app_server_session.rs +++ b/codex-rs/tui/src/app_server_session.rs @@ -11,6 +11,7 @@ use crate::session_state::MessageHistoryMetadata; use crate::session_state::ThreadSessionState; use crate::status::StatusAccountDisplay; use crate::status::plan_type_display_name; +use crate::terminal_visualization_instructions::with_terminal_visualization_instructions; use codex_app_server_client::AppServerClient; use codex_app_server_client::AppServerEvent; use codex_app_server_client::AppServerRequestHandle; @@ -52,6 +53,8 @@ use codex_app_server_protocol::ThreadBackgroundTerminalsCleanParams; use codex_app_server_protocol::ThreadBackgroundTerminalsCleanResponse; use codex_app_server_protocol::ThreadCompactStartParams; use codex_app_server_protocol::ThreadCompactStartResponse; +use codex_app_server_protocol::ThreadDeleteParams; +use codex_app_server_protocol::ThreadDeleteResponse; use codex_app_server_protocol::ThreadForkParams; use codex_app_server_protocol::ThreadForkResponse; use codex_app_server_protocol::ThreadGoalClearParams; @@ -127,10 +130,16 @@ use color_eyre::eyre::Result; use color_eyre::eyre::WrapErr; use std::collections::HashMap; use std::path::PathBuf; +use std::sync::atomic::AtomicBool; +use std::sync::atomic::Ordering; +use std::time::Duration; +use std::time::Instant; use uuid::Uuid; const JSONRPC_INVALID_REQUEST: i64 = -32600; const JSONRPC_METHOD_NOT_FOUND: i64 = -32601; +pub(crate) const EXTERNAL_AGENT_CONFIG_IMPORT_IN_PROGRESS_MESSAGE: &str = + "A previous agent import is still running. Wait for it to finish before importing again."; const THREAD_SETTINGS_UPDATE_METHOD: &str = "thread/settings/update"; fn bootstrap_request_error(context: &'static str, err: TypedRequestError) -> color_eyre::Report { @@ -150,6 +159,7 @@ fn is_thread_settings_update_unsupported(source: &JSONRPCErrorError) -> bool { /// fetched asynchronously after bootstrap returns so that the TUI can render /// its first frame without waiting for the rate-limit round-trip. pub(crate) struct AppServerBootstrap { + pub(crate) duration: Duration, pub(crate) account_email: Option, pub(crate) auth_mode: Option, pub(crate) status_account_display: Option, @@ -172,6 +182,7 @@ pub(crate) struct AppServerSession { thread_settings_update_supported: bool, default_model: Option, available_models: Vec, + external_agent_config_import_completion_pending: AtomicBool, } #[derive(Clone, Copy, Debug, PartialEq, Eq)] @@ -215,6 +226,7 @@ impl AppServerSession { thread_settings_update_supported: true, default_model: None, available_models: Vec::new(), + external_agent_config_import_completion_pending: AtomicBool::new(false), } } @@ -231,6 +243,10 @@ impl AppServerSession { matches!(self.thread_params_mode, ThreadParamsMode::Remote) } + pub(crate) fn uses_embedded_app_server(&self) -> bool { + matches!(&self.client, AppServerClient::InProcess(_)) + } + pub(crate) fn server_version(&self) -> Option<&str> { let AppServerClient::Remote(client) = &self.client else { return None; @@ -239,6 +255,7 @@ impl AppServerSession { } pub(crate) async fn bootstrap(&mut self, config: &Config) -> Result { + let started_at = Instant::now(); let account = self.read_account().await?; let model_request_id = self.next_request_id(); let models: ModelListResponse = self @@ -314,6 +331,7 @@ impl AppServerSession { None => (None, None, None, None, FeedbackAudience::External, false), }; Ok(AppServerBootstrap { + duration: started_at.elapsed(), account_email, auth_mode, status_account_display, @@ -351,21 +369,48 @@ impl AppServerSession { self.client .request_typed(ClientRequest::ExternalAgentConfigDetect { request_id, params }) .await - .wrap_err("externalAgentConfig/detect failed during TUI startup") + .wrap_err("externalAgentConfig/detect failed during agent import") } pub(crate) async fn external_agent_config_import( &mut self, migration_items: Vec, - ) -> Result { + ) -> Result<()> { + // Mark the import active before sending the request so a fast completion notification + // cannot arrive before the TUI records it. + if self + .external_agent_config_import_completion_pending + .swap(true, Ordering::Relaxed) + { + color_eyre::eyre::bail!(EXTERNAL_AGENT_CONFIG_IMPORT_IN_PROGRESS_MESSAGE); + } let request_id = self.next_request_id(); - self.client + let response: Result = self + .client .request_typed(ClientRequest::ExternalAgentConfigImport { request_id, params: ExternalAgentConfigImportParams { migration_items }, }) .await - .wrap_err("externalAgentConfig/import failed during TUI startup") + .wrap_err("externalAgentConfig/import failed during agent import"); + match response { + Ok(_) => Ok(()), + Err(err) => { + self.external_agent_config_import_completion_pending + .store(false, Ordering::Relaxed); + Err(err) + } + } + } + + pub(crate) fn external_agent_config_import_in_progress(&self) -> bool { + self.external_agent_config_import_completion_pending + .load(Ordering::Relaxed) + } + + pub(crate) fn consume_external_agent_config_import_completion(&self) -> bool { + self.external_agent_config_import_completion_pending + .swap(false, Ordering::Relaxed) } pub(crate) async fn next_event(&mut self) -> Option { @@ -583,6 +628,21 @@ impl AppServerSession { Ok(()) } + pub(crate) async fn thread_delete(&mut self, thread_id: ThreadId) -> Result<()> { + let request_id = self.next_request_id(); + let _: ThreadDeleteResponse = self + .client + .request_typed(ClientRequest::ThreadDelete { + request_id, + params: ThreadDeleteParams { + thread_id: thread_id.to_string(), + }, + }) + .await + .wrap_err("failed to delete session")?; + Ok(()) + } + pub(crate) async fn thread_unarchive(&mut self, thread_id: ThreadId) -> Result { let request_id = self.next_request_id(); let response: ThreadUnarchiveResponse = self @@ -708,12 +768,7 @@ impl AppServerSession { additional_context: None, environments: None, cwd: Some(cwd), - runtime_workspace_roots: Some( - workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect(), - ), + runtime_workspace_roots: Some(workspace_roots.to_vec()), approval_policy: Some(approval_policy), approvals_reviewer: Some(approvals_reviewer.into()), sandbox_policy, @@ -735,7 +790,7 @@ impl AppServerSession { &mut self, thread_id: ThreadId, turn_id: String, - ) -> Result<()> { + ) -> std::result::Result<(), TypedRequestError> { let request_id = self.next_request_id(); let _: TurnInterruptResponse = self .client @@ -746,12 +801,14 @@ impl AppServerSession { turn_id, }, }) - .await - .wrap_err("turn/interrupt failed in TUI")?; + .await?; Ok(()) } - pub(crate) async fn startup_interrupt(&mut self, thread_id: ThreadId) -> Result<()> { + pub(crate) async fn startup_interrupt( + &mut self, + thread_id: ThreadId, + ) -> std::result::Result<(), TypedRequestError> { self.turn_interrupt(thread_id, String::new()).await } @@ -1191,10 +1248,12 @@ pub(crate) fn status_account_display_from_auth_mode( Some(AuthMode::ApiKey) => Some(StatusAccountDisplay::ApiKey), Some(AuthMode::Chatgpt) | Some(AuthMode::ChatgptAuthTokens) - | Some(AuthMode::AgentIdentity) => Some(StatusAccountDisplay::ChatGpt { + | Some(AuthMode::AgentIdentity) + | Some(AuthMode::PersonalAccessToken) => Some(StatusAccountDisplay::ChatGpt { email: None, plan: plan_type.map(plan_type_display_name), }), + Some(AuthMode::BedrockApiKey) => None, None => None, } } @@ -1204,7 +1263,6 @@ fn model_preset_from_api_model(model: ApiModel) -> ModelPreset { let upgrade_info = model.upgrade_info.clone(); ModelUpgrade { id: upgrade_id, - reasoning_effort_mapping: None, migration_config_key: model.model.clone(), model_link: upgrade_info .as_ref() @@ -1273,7 +1331,8 @@ fn config_request_overrides_from_config( "model_reasoning_effort", config .model_reasoning_effort - .map(|effort| effort.to_string()), + .as_ref() + .map(std::string::ToString::to_string), ); insert( "model_reasoning_summary", @@ -1403,13 +1462,7 @@ fn thread_start_params_from_config( model_provider: thread_params_mode.model_provider_from_config(config), service_tier: service_tier_override_from_config(config), cwd: thread_cwd_from_config(config, thread_params_mode, remote_cwd_override), - runtime_workspace_roots: Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect(), - ), + runtime_workspace_roots: Some(config.workspace_roots.clone()), approval_policy: Some(config.permissions.approval_policy.value().into()), approvals_reviewer: approvals_reviewer_override_from_config(config), sandbox, @@ -1418,6 +1471,9 @@ fn thread_start_params_from_config( ephemeral: Some(config.ephemeral), session_start_source, thread_source: Some(ThreadSource::User), + developer_instructions: with_terminal_visualization_instructions( + config, /*control_instructions*/ None, + ), ..ThreadStartParams::default() } } @@ -1444,18 +1500,15 @@ fn thread_resume_params_from_config( model_provider: thread_params_mode.model_provider_from_config(&config), service_tier: service_tier_override_from_config(&config), cwd: thread_cwd_from_config(&config, thread_params_mode, remote_cwd_override), - runtime_workspace_roots: Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect(), - ), + runtime_workspace_roots: Some(config.workspace_roots.clone()), approval_policy: Some(config.permissions.approval_policy.value().into()), approvals_reviewer: approvals_reviewer_override_from_config(&config), sandbox, permissions, config: config_request_overrides_from_config(&config), + developer_instructions: with_terminal_visualization_instructions( + &config, /*control_instructions*/ None, + ), ..ThreadResumeParams::default() } } @@ -1482,20 +1535,17 @@ fn thread_fork_params_from_config( model_provider: thread_params_mode.model_provider_from_config(&config), service_tier: service_tier_override_from_config(&config), cwd: thread_cwd_from_config(&config, thread_params_mode, remote_cwd_override), - runtime_workspace_roots: Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect(), - ), + runtime_workspace_roots: Some(config.workspace_roots.clone()), approval_policy: Some(config.permissions.approval_policy.value().into()), approvals_reviewer: approvals_reviewer_override_from_config(&config), sandbox, permissions, config: config_request_overrides_from_config(&config), base_instructions: config.base_instructions.clone(), - developer_instructions: config.developer_instructions.clone(), + developer_instructions: with_terminal_visualization_instructions( + &config, + config.developer_instructions.clone(), + ), ephemeral: config.ephemeral, thread_source: Some(ThreadSource::User), ..ThreadForkParams::default() @@ -1586,7 +1636,7 @@ async fn thread_session_state_from_thread_start_response( response.cwd.clone(), response.runtime_workspace_roots.clone(), response.instruction_sources.clone(), - response.reasoning_effort, + response.reasoning_effort.clone(), config, ) .await @@ -1627,7 +1677,7 @@ async fn thread_session_state_from_thread_resume_response( response.cwd.clone(), response.runtime_workspace_roots.clone(), response.instruction_sources.clone(), - response.reasoning_effort, + response.reasoning_effort.clone(), config, ) .await @@ -1659,7 +1709,7 @@ async fn thread_session_state_from_thread_fork_response( response.cwd.clone(), response.runtime_workspace_roots.clone(), response.instruction_sources.clone(), - response.reasoning_effort, + response.reasoning_effort.clone(), config, ) .await @@ -1766,6 +1816,7 @@ mod tests { use codex_app_server_protocol::ThreadStatus; use codex_app_server_protocol::Turn; use codex_app_server_protocol::TurnStatus; + use codex_features::Feature; use codex_protocol::config_types::Personality; use codex_protocol::config_types::ReasoningSummary; use codex_protocol::config_types::ServiceTier; @@ -1885,13 +1936,7 @@ mod tests { assert_eq!(params.cwd, Some(config.cwd.to_string_lossy().to_string())); assert_eq!( params.runtime_workspace_roots, - Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect() - ) + Some(config.workspace_roots.clone()) ); assert_eq!(params.sandbox, None); assert_eq!( @@ -2009,13 +2054,7 @@ mod tests { &config.permissions.effective_permission_profile(), config.cwd.as_path(), ); - let expected_runtime_workspace_roots = Some( - config - .workspace_roots - .iter() - .map(AbsolutePathBuf::to_path_buf) - .collect::>(), - ); + let expected_runtime_workspace_roots = Some(config.workspace_roots.clone()); let start = thread_start_params_from_config( &config, @@ -2265,6 +2304,79 @@ mod tests { ); } + #[tokio::test] + async fn terminal_visualization_instructions_are_gated_for_all_tui_thread_flows() { + let temp_dir = tempfile::tempdir().expect("tempdir"); + let mut config = build_config(&temp_dir).await; + config.developer_instructions = Some("Developer override.".to_string()); + let thread_id = ThreadId::new(); + + let control_start = thread_start_params_from_config( + &config, + ThreadParamsMode::Embedded, + /*remote_cwd_override*/ None, + /*session_start_source*/ None, + ); + let control_resume = thread_resume_params_from_config( + config.clone(), + thread_id, + ThreadParamsMode::Embedded, + /*remote_cwd_override*/ None, + ); + let control_fork = thread_fork_params_from_config( + config.clone(), + thread_id, + ThreadParamsMode::Embedded, + /*remote_cwd_override*/ None, + ); + + assert_eq!(control_start.developer_instructions, None); + assert_eq!(control_resume.developer_instructions, None); + assert_eq!( + control_fork.developer_instructions.as_deref(), + Some("Developer override.") + ); + + let _ = config + .features + .enable(Feature::TerminalVisualizationInstructions); + let treatment_start = thread_start_params_from_config( + &config, + ThreadParamsMode::Embedded, + /*remote_cwd_override*/ None, + /*session_start_source*/ None, + ); + let treatment_resume = thread_resume_params_from_config( + config.clone(), + thread_id, + ThreadParamsMode::Embedded, + /*remote_cwd_override*/ None, + ); + let treatment_fork = thread_fork_params_from_config( + config, + thread_id, + ThreadParamsMode::Embedded, + /*remote_cwd_override*/ None, + ); + let expected = format!( + "Developer override.\n\n{}", + crate::terminal_visualization_instructions::TERMINAL_VISUALIZATION_INSTRUCTIONS + ); + + assert_eq!( + treatment_start.developer_instructions.as_deref(), + Some(expected.as_str()) + ); + assert_eq!( + treatment_resume.developer_instructions.as_deref(), + Some(expected.as_str()) + ); + assert_eq!( + treatment_fork.developer_instructions.as_deref(), + Some(expected.as_str()) + ); + } + #[tokio::test] async fn resume_response_restores_turns_from_thread_items() { let temp_dir = tempfile::tempdir().expect("tempdir"); diff --git a/codex-rs/tui/src/bottom_pane/chat_composer.rs b/codex-rs/tui/src/bottom_pane/chat_composer.rs index 5a39b53aa94..6ebfac43357 100644 --- a/codex-rs/tui/src/bottom_pane/chat_composer.rs +++ b/codex-rs/tui/src/bottom_pane/chat_composer.rs @@ -1258,6 +1258,11 @@ impl ChatComposer { self.draft.textarea.cursor() + if self.draft.is_bash_mode { 1 } else { 0 } } + #[cfg(test)] + pub(crate) fn cursor(&self) -> usize { + self.current_cursor() + } + fn history_navigation_cursor(&self) -> usize { if self.draft.is_bash_mode && self.draft.textarea.cursor() == 0 { 0 diff --git a/codex-rs/tui/src/bottom_pane/mod.rs b/codex-rs/tui/src/bottom_pane/mod.rs index 9bada615f61..cdd4c752d3f 100644 --- a/codex-rs/tui/src/bottom_pane/mod.rs +++ b/codex-rs/tui/src/bottom_pane/mod.rs @@ -786,6 +786,7 @@ impl BottomPane { local_image_paths, mention_bindings, ); + self.composer.move_cursor_to_end(); self.request_redraw(); } @@ -824,6 +825,11 @@ impl BottomPane { self.composer.current_text() } + #[cfg(test)] + pub(crate) fn composer_cursor(&self) -> usize { + self.composer.cursor() + } + pub(crate) fn composer_draft_snapshot(&self) -> chat_composer::ComposerDraftSnapshot { self.composer.draft_snapshot() } diff --git a/codex-rs/tui/src/chatwidget.rs b/codex-rs/tui/src/chatwidget.rs index c9827a4e712..d8326f31012 100644 --- a/codex-rs/tui/src/chatwidget.rs +++ b/codex-rs/tui/src/chatwidget.rs @@ -58,13 +58,8 @@ use crate::bottom_pane::TerminalTitleItem; use crate::bottom_pane::TerminalTitleSetupView; use crate::diff_model::FileChange; use crate::git_action_directives::parse_assistant_markdown; -use crate::legacy_core::DEFAULT_AGENTS_MD_FILENAME; use crate::legacy_core::config::Config; -use crate::legacy_core::config::Constrained; -use crate::legacy_core::config::ConstraintResult; use crate::legacy_core::config::PermissionProfileSnapshot; -#[cfg(any(target_os = "windows", test))] -use crate::legacy_core::windows_sandbox::WindowsSandboxLevelExt; use crate::mention_codec::LinkedMention; use crate::mention_codec::encode_history_mentions; use crate::model_catalog::ModelCatalog; @@ -127,6 +122,8 @@ use codex_app_server_protocol::TurnPlanStepStatus; use codex_app_server_protocol::TurnStatus; use codex_app_server_protocol::UserInput; use codex_config::ConfigLayerStackOrdering; +use codex_config::Constrained; +use codex_config::ConstraintResult; use codex_config::types::ApprovalsReviewer; use codex_config::types::Notifications; use codex_config::types::WindowsSandboxModeToml; @@ -257,11 +254,16 @@ fn queued_message_edit_hint_binding( .or_else(|| bindings.first().copied()) } +fn normalize_thread_name(name: &str) -> Option { + let trimmed = name.trim(); + (!trimmed.is_empty()).then(|| trimmed.to_string()) +} + use crate::app_event::AppEvent; use crate::app_event::ExitMode; use crate::app_event::PermissionProfileSelection; use crate::app_event::RateLimitRefreshOrigin; -#[cfg(any(target_os = "windows", test))] +#[cfg(target_os = "windows")] use crate::app_event::WindowsSandboxEnableMode; use crate::app_event_sender::AppEventSender; use crate::auto_review_denials; diff --git a/codex-rs/tui/src/chatwidget/constructor.rs b/codex-rs/tui/src/chatwidget/constructor.rs index efd252c15d7..10a785ed2b6 100644 --- a/codex-rs/tui/src/chatwidget/constructor.rs +++ b/codex-rs/tui/src/chatwidget/constructor.rs @@ -251,13 +251,12 @@ impl ChatWidget { .bottom_pane .set_queued_message_edit_binding(widget.queued_message_edit_hint_binding); #[cfg(target_os = "windows")] - widget.bottom_pane.set_windows_degraded_sandbox_active( - crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED - && matches!( - WindowsSandboxLevel::from_config(&widget.config), - WindowsSandboxLevel::RestrictedToken - ), - ); + widget + .bottom_pane + .set_windows_degraded_sandbox_active(matches!( + crate::windows_sandbox::level_from_config(&widget.config), + WindowsSandboxLevel::RestrictedToken + )); widget.update_collaboration_mode_indicator(); widget diff --git a/codex-rs/tui/src/chatwidget/hook_lifecycle.rs b/codex-rs/tui/src/chatwidget/hook_lifecycle.rs index 6545d839a5b..04fa87f7de0 100644 --- a/codex-rs/tui/src/chatwidget/hook_lifecycle.rs +++ b/codex-rs/tui/src/chatwidget/hook_lifecycle.rs @@ -6,6 +6,13 @@ use super::*; impl ChatWidget { + /// Drop transient live hook status without flushing it into history. + pub(super) fn clear_active_hook_cell(&mut self) { + if self.active_hook_cell.take().is_some() { + self.bump_active_cell_revision(); + } + } + pub(super) fn on_hook_started(&mut self, run: codex_app_server_protocol::HookRunSummary) { self.record_visible_turn_activity(); self.flush_answer_stream_with_separator(); diff --git a/codex-rs/tui/src/chatwidget/input_flow.rs b/codex-rs/tui/src/chatwidget/input_flow.rs index 3930224e044..ddb118baecd 100644 --- a/codex-rs/tui/src/chatwidget/input_flow.rs +++ b/codex-rs/tui/src/chatwidget/input_flow.rs @@ -166,7 +166,7 @@ impl ChatWidget { mut collaboration_mode: CollaborationModeMask, ) { if collaboration_mode.mode == Some(ModeKind::Plan) - && let Some(effort) = self.config.plan_mode_reasoning_effort + && let Some(effort) = self.config.plan_mode_reasoning_effort.clone() { collaboration_mode.reasoning_effort = Some(Some(effort)); } diff --git a/codex-rs/tui/src/chatwidget/interaction.rs b/codex-rs/tui/src/chatwidget/interaction.rs index a94d483f0d7..49fdd438f84 100644 --- a/codex-rs/tui/src/chatwidget/interaction.rs +++ b/codex-rs/tui/src/chatwidget/interaction.rs @@ -112,6 +112,20 @@ impl ChatWidget { return; } + const REVIEW_STEER_UNAVAILABLE_MESSAGE: &str = "Steer messages aren't supported during /review. Press Ctrl+C now to cancel the review."; + + if self.chat_keymap.interrupt_turn.is_pressed(key_event) + && self.review.is_review_mode + && (!self.input_queue.pending_steers.is_empty() + || !self.input_queue.rejected_steers_queue.is_empty()) + && self.bottom_pane.is_task_running() + && self.bottom_pane.no_modal_or_popup_active() + && !self.should_handle_vim_insert_escape(key_event) + { + self.add_warning_message(REVIEW_STEER_UNAVAILABLE_MESSAGE.to_string()); + return; + } + if self.chat_keymap.interrupt_turn.is_pressed(key_event) && !self.input_queue.pending_steers.is_empty() && self.bottom_pane.is_task_running() @@ -288,7 +302,7 @@ impl ChatWidget { /*initial_text*/ existing_name.unwrap_or_default().to_string(), /*context_label*/ None, Box::new(move |name: String| { - let Some(name) = crate::legacy_core::util::normalize_thread_name(&name) else { + let Some(name) = normalize_thread_name(&name) else { tx.send(AppEvent::InsertHistoryCell(Box::new( history_cell::new_error_event("Thread name cannot be empty.".to_string()), ))); diff --git a/codex-rs/tui/src/chatwidget/mcp_startup.rs b/codex-rs/tui/src/chatwidget/mcp_startup.rs index 05d3def3292..32839b437f0 100644 --- a/codex-rs/tui/src/chatwidget/mcp_startup.rs +++ b/codex-rs/tui/src/chatwidget/mcp_startup.rs @@ -83,7 +83,13 @@ impl ChatWidget { // per-server failures immediately. let mut startup_status = self.mcp_startup_status.take().unwrap_or_default(); if let McpStartupStatus::Failed { error } = &status { - self.on_warning(error); + let already_reported = matches!( + startup_status.get(&server), + Some(McpStartupStatus::Failed { error: previous }) if previous == error + ); + if !already_reported { + self.on_warning(error); + } } startup_status.insert(server, status); startup_status diff --git a/codex-rs/tui/src/chatwidget/model_popups.rs b/codex-rs/tui/src/chatwidget/model_popups.rs index 2c0d5aba95e..90fd6c2cc39 100644 --- a/codex-rs/tui/src/chatwidget/model_popups.rs +++ b/codex-rs/tui/src/chatwidget/model_popups.rs @@ -100,11 +100,11 @@ impl ChatWidget { let model = preset.model.clone(); let should_prompt_plan_mode_scope = self.should_prompt_plan_mode_reasoning_scope( model.as_str(), - Some(preset.default_reasoning_effort), + Some(preset.default_reasoning_effort.clone()), ); let actions = Self::model_selection_actions( model.clone(), - Some(preset.default_reasoning_effort), + Some(preset.default_reasoning_effort.clone()), should_prompt_plan_mode_scope, ); SelectionItem { @@ -222,16 +222,16 @@ impl ChatWidget { if should_prompt_plan_mode_scope { tx.send(AppEvent::OpenPlanReasoningScopePrompt { model: model_for_action.clone(), - effort: effort_for_action, + effort: effort_for_action.clone(), }); return; } tx.send(AppEvent::UpdateModel(model_for_action.clone())); - tx.send(AppEvent::UpdateReasoningEffort(effort_for_action)); + tx.send(AppEvent::UpdateReasoningEffort(effort_for_action.clone())); tx.send(AppEvent::PersistModelSelection { model: model_for_action.clone(), - effort: effort_for_action, + effort: effort_for_action.clone(), }); })] } @@ -261,30 +261,34 @@ impl ChatWidget { model: String, effort: Option, ) { - let reasoning_phrase = match effort { + let reasoning_phrase = match effort.as_ref() { Some(ReasoningEffortConfig::None) => "no reasoning".to_string(), Some(selected_effort) => { format!( "{} reasoning", - Self::reasoning_effort_label(selected_effort).to_lowercase() + Self::reasoning_effort_sentence_label(selected_effort) ) } None => "the selected reasoning".to_string(), }; let plan_only_description = format!("Always use {reasoning_phrase} in Plan mode."); let plan_reasoning_source = if let Some(plan_override) = - self.config.plan_mode_reasoning_effort + self.config.plan_mode_reasoning_effort.as_ref() { format!( "user-chosen Plan override ({})", - Self::reasoning_effort_label(plan_override).to_lowercase() + Self::reasoning_effort_sentence_label(plan_override) ) } else if let Some(plan_mask) = collaboration_modes::plan_mask(self.model_catalog.as_ref()) { - match plan_mask.reasoning_effort.flatten() { + match plan_mask + .reasoning_effort + .as_ref() + .and_then(|effort| effort.as_ref()) + { Some(plan_effort) => format!( "built-in Plan default ({})", - Self::reasoning_effort_label(plan_effort).to_lowercase() + Self::reasoning_effort_sentence_label(plan_effort) ), None => "built-in Plan default (no reasoning)".to_string(), } @@ -298,20 +302,21 @@ impl ChatWidget { let plan_only_actions: Vec = vec![Box::new({ let model = model.clone(); + let effort = effort.clone(); move |tx| { tx.send(AppEvent::UpdateModel(model.clone())); - tx.send(AppEvent::UpdatePlanModeReasoningEffort(effort)); - tx.send(AppEvent::PersistPlanModeReasoningEffort(effort)); + tx.send(AppEvent::UpdatePlanModeReasoningEffort(effort.clone())); + tx.send(AppEvent::PersistPlanModeReasoningEffort(effort.clone())); } })]; let all_modes_actions: Vec = vec![Box::new(move |tx| { tx.send(AppEvent::UpdateModel(model.clone())); - tx.send(AppEvent::UpdateReasoningEffort(effort)); - tx.send(AppEvent::UpdatePlanModeReasoningEffort(effort)); - tx.send(AppEvent::PersistPlanModeReasoningEffort(effort)); + tx.send(AppEvent::UpdateReasoningEffort(effort.clone())); + tx.send(AppEvent::UpdatePlanModeReasoningEffort(effort.clone())); + tx.send(AppEvent::PersistPlanModeReasoningEffort(effort.clone())); tx.send(AppEvent::PersistModelSelection { model: model.clone(), - effort, + effort: effort.clone(), }); })]; @@ -344,7 +349,7 @@ impl ChatWidget { /// Open a popup to choose the reasoning effort (stage 2) for the given model. pub(crate) fn open_reasoning_popup(&mut self, preset: ModelPreset) { - let default_effort: ReasoningEffortConfig = preset.default_reasoning_effort; + let default_effort = preset.default_reasoning_effort; let supported = preset.supported_reasoning_efforts; let in_plan_mode = self.collaboration_modes_enabled() && self.active_mode_kind() == ModeKind::Plan; @@ -362,7 +367,7 @@ impl ChatWidget { } else { None }; - let warning_text = warn_effort.map(|effort| { + let warning_text = warn_effort.as_ref().map(|effort| { let effort_label = Self::reasoning_effort_label(effort); format!("⚠ {effort_label} reasoning effort can quickly consume Plus plan rate limits.") }); @@ -370,30 +375,20 @@ impl ChatWidget { || preset.model.starts_with("gpt-5.1-codex-max") || preset.model.starts_with("gpt-5.2"); - struct EffortChoice { - stored: Option, - display: ReasoningEffortConfig, - } - let mut choices: Vec = Vec::new(); - for effort in ReasoningEffortConfig::iter() { - if supported.iter().any(|option| option.effort == effort) { - choices.push(EffortChoice { - stored: Some(effort), - display: effort, - }); - } - } + let mut choices: Vec = supported + .iter() + .map(|option| option.effort.clone()) + .collect(); if choices.is_empty() { - choices.push(EffortChoice { - stored: Some(default_effort), - display: default_effort, - }); + choices.push(default_effort.clone()); } if choices.len() == 1 { - let selected_effort = choices.first().and_then(|c| c.stored); + let selected_effort = choices.first().cloned(); let selected_model = preset.model; - if self.should_prompt_plan_mode_reasoning_scope(&selected_model, selected_effort) { + if self + .should_prompt_plan_mode_reasoning_scope(&selected_model, selected_effort.clone()) + { self.app_event_tx .send(AppEvent::OpenPlanReasoningScopePrompt { model: selected_model, @@ -405,12 +400,10 @@ impl ChatWidget { return; } - let default_choice: Option = choices - .iter() - .any(|choice| choice.stored == Some(default_effort)) - .then_some(Some(default_effort)) - .flatten() - .or_else(|| choices.iter().find_map(|choice| choice.stored)) + let default_choice = choices + .contains(&default_effort) + .then(|| default_effort.clone()) + .or_else(|| choices.first().cloned()) .or(Some(default_effort)); let model_slug = preset.model.to_string(); @@ -419,40 +412,33 @@ impl ChatWidget { if in_plan_mode { self.config .plan_mode_reasoning_effort - .or(self.effective_reasoning_effort()) + .clone() + .or_else(|| self.effective_reasoning_effort()) } else { self.effective_reasoning_effort() } } else { - default_choice + default_choice.clone() }; - let selection_choice = highlight_choice.or(default_choice); + let selection_choice = highlight_choice.clone().or_else(|| default_choice.clone()); let initial_selected_idx = choices .iter() - .position(|choice| choice.stored == selection_choice) - .or_else(|| { - selection_choice - .and_then(|effort| choices.iter().position(|choice| choice.display == effort)) - }); + .position(|choice| Some(choice) == selection_choice.as_ref()); let mut items: Vec = Vec::new(); for choice in choices.iter() { - let effort = choice.display; - let mut effort_label = Self::reasoning_effort_label(effort).to_string(); - if choice.stored == default_choice { + let effort = choice.clone(); + let mut effort_label = Self::reasoning_effort_label(&effort); + if Some(choice) == default_choice.as_ref() { effort_label.push_str(" (default)"); } - let description = choice - .stored - .and_then(|effort| { - supported - .iter() - .find(|option| option.effort == effort) - .map(|option| option.description.to_string()) - }) + let description = supported + .iter() + .find(|option| option.effort == effort) + .map(|option| option.description.to_string()) .filter(|text| !text.is_empty()); - let show_warning = warn_for_model && warn_effort == Some(effort); + let show_warning = warn_for_model && warn_effort.as_ref() == Some(&effort); let selected_description = if show_warning { warning_text.as_ref().map(|warning_message| { description.as_ref().map_or_else( @@ -465,21 +451,23 @@ impl ChatWidget { }; let model_for_action = model_slug.clone(); - let choice_effort = choice.stored; - let should_prompt_plan_mode_scope = - self.should_prompt_plan_mode_reasoning_scope(model_slug.as_str(), choice_effort); + let choice_effort = Some(effort); + let should_prompt_plan_mode_scope = self.should_prompt_plan_mode_reasoning_scope( + model_slug.as_str(), + choice_effort.clone(), + ); let actions: Vec = vec![Box::new(move |tx| { if should_prompt_plan_mode_scope { tx.send(AppEvent::OpenPlanReasoningScopePrompt { model: model_for_action.clone(), - effort: choice_effort, + effort: choice_effort.clone(), }); } else { tx.send(AppEvent::UpdateModel(model_for_action.clone())); - tx.send(AppEvent::UpdateReasoningEffort(choice_effort)); + tx.send(AppEvent::UpdateReasoningEffort(choice_effort.clone())); tx.send(AppEvent::PersistModelSelection { model: model_for_action.clone(), - effort: choice_effort, + effort: choice_effort.clone(), }); } })]; @@ -488,7 +476,7 @@ impl ChatWidget { name: effort_label, description, selected_description, - is_current: is_current_model && choice.stored == highlight_choice, + is_current: is_current_model && Some(choice) == highlight_choice.as_ref(), actions, dismiss_on_select: true, ..Default::default() @@ -509,14 +497,22 @@ impl ChatWidget { }); } - pub(super) fn reasoning_effort_label(effort: ReasoningEffortConfig) -> &'static str { + pub(super) fn reasoning_effort_label(effort: &ReasoningEffortConfig) -> String { + match effort { + ReasoningEffortConfig::None => "None".to_string(), + ReasoningEffortConfig::Minimal => "Minimal".to_string(), + ReasoningEffortConfig::Low => "Low".to_string(), + ReasoningEffortConfig::Medium => "Medium".to_string(), + ReasoningEffortConfig::High => "High".to_string(), + ReasoningEffortConfig::XHigh => "Extra high".to_string(), + ReasoningEffortConfig::Custom(value) => value.clone(), + } + } + + pub(super) fn reasoning_effort_sentence_label(effort: &ReasoningEffortConfig) -> String { match effort { - ReasoningEffortConfig::None => "None", - ReasoningEffortConfig::Minimal => "Minimal", - ReasoningEffortConfig::Low => "Low", - ReasoningEffortConfig::Medium => "Medium", - ReasoningEffortConfig::High => "High", - ReasoningEffortConfig::XHigh => "Extra high", + ReasoningEffortConfig::Custom(value) => value.clone(), + effort => Self::reasoning_effort_label(effort).to_lowercase(), } } @@ -531,7 +527,7 @@ impl ChatWidget { } fn apply_model_and_effort(&self, model: String, effort: Option) { - self.apply_model_and_effort_without_persist(model.clone(), effort); + self.apply_model_and_effort_without_persist(model.clone(), effort.clone()); self.app_event_tx .send(AppEvent::PersistModelSelection { model, effort }); } diff --git a/codex-rs/tui/src/chatwidget/permission_popups.rs b/codex-rs/tui/src/chatwidget/permission_popups.rs index c0d492d7aab..1283a9e4901 100644 --- a/codex-rs/tui/src/chatwidget/permission_popups.rs +++ b/codex-rs/tui/src/chatwidget/permission_popups.rs @@ -29,7 +29,7 @@ impl ChatWidget { let presets: Vec = builtin_approval_presets(); #[cfg(target_os = "windows")] - let windows_sandbox_level = WindowsSandboxLevel::from_config(&self.config); + let windows_sandbox_level = crate::windows_sandbox::level_from_config(&self.config); #[cfg(target_os = "windows")] let windows_degraded_sandbox_enabled = matches!(windows_sandbox_level, WindowsSandboxLevel::RestrictedToken); @@ -37,9 +37,7 @@ impl ChatWidget { let windows_degraded_sandbox_enabled = false; let show_elevate_sandbox_hint = - crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED - && windows_degraded_sandbox_enabled - && presets.iter().any(|preset| preset.id == "auto"); + windows_degraded_sandbox_enabled && presets.iter().any(|preset| preset.id == "auto"); let guardian_disabled_reason = |enabled: bool| { let mut next_features = self.config.features.get().clone(); @@ -326,13 +324,13 @@ impl ChatWidget { if approvals_reviewer == ApprovalsReviewer::User && preset.id == "auto" { #[cfg(target_os = "windows")] { - if WindowsSandboxLevel::from_config(&self.config) == WindowsSandboxLevel::Disabled { + if crate::windows_sandbox::level_from_config(&self.config) + == WindowsSandboxLevel::Disabled + { let preset = preset.clone(); - if crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED - && crate::legacy_core::windows_sandbox::sandbox_setup_is_complete( - self.config.codex_home.as_path(), - ) - { + if crate::windows_sandbox::sandbox_setup_is_complete( + self.config.codex_home.as_path(), + ) { return vec![Box::new(move |tx| { tx.send(AppEvent::EnableWindowsSandboxForAgentMode { preset: preset.clone(), diff --git a/codex-rs/tui/src/chatwidget/plugins.rs b/codex-rs/tui/src/chatwidget/plugins.rs index 746f42fce94..9bc62fe261f 100644 --- a/codex-rs/tui/src/chatwidget/plugins.rs +++ b/codex-rs/tui/src/chatwidget/plugins.rs @@ -5,6 +5,7 @@ use std::time::Instant; use super::ChatWidget; use crate::app_event::AppEvent; +use crate::app_event::PluginLocation; use crate::bottom_pane::ColumnWidthMode; use crate::bottom_pane::SelectionAction; use crate::bottom_pane::SelectionItem; @@ -25,17 +26,18 @@ use crate::tui::FrameRequester; use codex_app_server_protocol::MarketplaceAddResponse; use codex_app_server_protocol::MarketplaceRemoveResponse; use codex_app_server_protocol::MarketplaceUpgradeResponse; +use codex_app_server_protocol::PluginAvailability; use codex_app_server_protocol::PluginDetail; use codex_app_server_protocol::PluginInstallPolicy; use codex_app_server_protocol::PluginInstallResponse; use codex_app_server_protocol::PluginListResponse; use codex_app_server_protocol::PluginMarketplaceEntry; use codex_app_server_protocol::PluginReadResponse; +use codex_app_server_protocol::PluginSource; use codex_app_server_protocol::PluginSummary; use codex_app_server_protocol::PluginUninstallResponse; use codex_core_plugins::OPENAI_CURATED_MARKETPLACE_NAME; use codex_features::Feature; -use codex_utils_absolute_path::AbsolutePathBuf; use crossterm::event::KeyCode; use crossterm::event::KeyEvent; use crossterm::event::KeyEventKind; @@ -453,7 +455,7 @@ impl ChatWidget { pub(crate) fn on_plugin_install_loaded( &mut self, cwd: PathBuf, - _marketplace_path: AbsolutePathBuf, + _location: PluginLocation, _plugin_name: String, plugin_display_name: String, result: Result, @@ -1625,19 +1627,22 @@ impl ChatWidget { ) -> SelectionViewParams { let marketplace_label = plugin.marketplace_name.clone(); let display_name = plugin_display_name(&plugin.summary); - let detail_status_label = if plugin.summary.installed { - if plugin.summary.enabled { - "Installed" + let detail_status_label = + if plugin.summary.availability == PluginAvailability::DisabledByAdmin { + "Disabled by admin" + } else if plugin.summary.installed { + if plugin.summary.enabled { + "Installed" + } else { + "Disabled" + } } else { - "Disabled" - } - } else { - match plugin.summary.install_policy { - PluginInstallPolicy::NotAvailable => "Not installable", - PluginInstallPolicy::Available => "Can be installed", - PluginInstallPolicy::InstalledByDefault => "Available by default", - } - }; + match plugin.summary.install_policy { + PluginInstallPolicy::NotAvailable => "Not installable", + PluginInstallPolicy::Available => "Can be installed", + PluginInstallPolicy::InstalledByDefault => "Available by default", + } + }; let mut header = ColumnRenderable::new(); header.push(Line::from("Plugins".bold())); header.push(Line::from( @@ -1676,23 +1681,40 @@ impl ChatWidget { }]; if plugin.summary.installed { - let uninstall_cwd = self.config.cwd.to_path_buf(); - let plugin_id = plugin.summary.id.clone(); - let plugin_display_name = display_name; + if let Some(plugin_id) = plugin_uninstall_id(&plugin.summary) { + let uninstall_cwd = self.config.cwd.to_path_buf(); + let plugin_display_name = display_name; + items.push(SelectionItem { + name: "Uninstall plugin".to_string(), + description: Some("Remove this plugin now.".to_string()), + selected_description: Some("Remove this plugin now.".to_string()), + actions: vec![Box::new(move |tx| { + tx.send(AppEvent::OpenPluginUninstallLoading { + plugin_display_name: plugin_display_name.clone(), + }); + tx.send(AppEvent::FetchPluginUninstall { + cwd: uninstall_cwd.clone(), + plugin_id: plugin_id.clone(), + plugin_display_name: plugin_display_name.clone(), + }); + })], + ..Default::default() + }); + } else { + items.push(SelectionItem { + name: "Uninstall plugin".to_string(), + description: Some( + "This remote plugin did not provide an uninstall identity.".to_string(), + ), + is_disabled: true, + ..Default::default() + }); + } + } else if plugin.summary.availability == PluginAvailability::DisabledByAdmin { items.push(SelectionItem { - name: "Uninstall plugin".to_string(), - description: Some("Remove this plugin now.".to_string()), - selected_description: Some("Remove this plugin now.".to_string()), - actions: vec![Box::new(move |tx| { - tx.send(AppEvent::OpenPluginUninstallLoading { - plugin_display_name: plugin_display_name.clone(), - }); - tx.send(AppEvent::FetchPluginUninstall { - cwd: uninstall_cwd.clone(), - plugin_id: plugin_id.clone(), - plugin_display_name: plugin_display_name.clone(), - }); - })], + name: "Install plugin".to_string(), + description: Some("This plugin is disabled by your workspace admin.".to_string()), + is_disabled: true, ..Default::default() }); } else if plugin.summary.install_policy == PluginInstallPolicy::NotAvailable { @@ -1704,9 +1726,9 @@ impl ChatWidget { is_disabled: true, ..Default::default() }); - } else if let Some(marketplace_path) = plugin.marketplace_path.clone() { + } else if let Some(location) = plugin_detail_location(plugin) { let install_cwd = self.config.cwd.to_path_buf(); - let plugin_name = plugin.summary.name.clone(); + let plugin_name = plugin_request_name(&plugin.summary); let plugin_display_name = display_name; items.push(SelectionItem { name: "Install plugin".to_string(), @@ -1718,7 +1740,7 @@ impl ChatWidget { }); tx.send(AppEvent::FetchPluginInstall { cwd: install_cwd.clone(), - marketplace_path: marketplace_path.clone(), + location: location.clone(), plugin_name: plugin_name.clone(), plugin_display_name: plugin_display_name.clone(), }); @@ -1728,7 +1750,7 @@ impl ChatWidget { } else { items.push(SelectionItem { name: "Install plugin".to_string(), - description: Some("Installing remote plugins is not supported yet.".to_string()), + description: Some("This plugin did not provide an install location.".to_string()), is_disabled: true, ..Default::default() }); @@ -1792,9 +1814,12 @@ impl ChatWidget { } else { plugin_brief_description_without_marketplace(plugin, status_label_width) }; - let can_view_details = marketplace.path.is_some(); + let plugin_detail_request = plugin_detail_request_for_entry(marketplace, plugin); + let can_view_details = plugin_detail_request.is_some(); + let disabled_by_admin = plugin.availability == PluginAvailability::DisabledByAdmin; + let can_toggle_plugin = plugin.installed && !disabled_by_admin; let selected_status_label = format!("{status_label: = if let Some(marketplace_path) = marketplace_path { - vec![Box::new(move |tx| { - tx.send(AppEvent::OpenPluginDetailLoading { - plugin_display_name: plugin_display_name.clone(), - }); - tx.send(AppEvent::FetchPluginDetail { - cwd: cwd.clone(), - params: codex_app_server_protocol::PluginReadParams { - marketplace_path: Some(marketplace_path.clone()), - remote_marketplace_name: None, - plugin_name: plugin_name.clone(), - }, - }); - })] - } else { - Vec::new() - }; + let actions: Vec = + if let Some((location, plugin_name)) = plugin_detail_request { + vec![Box::new(move |tx| { + tx.send(AppEvent::OpenPluginDetailLoading { + plugin_display_name: plugin_display_name.clone(), + }); + let (marketplace_path, remote_marketplace_name) = + location.clone().into_request_params(); + tx.send(AppEvent::FetchPluginDetail { + cwd: cwd.clone(), + params: codex_app_server_protocol::PluginReadParams { + marketplace_path, + remote_marketplace_name, + plugin_name: plugin_name.clone(), + }, + }); + })] + } else { + Vec::new() + }; let is_disabled = !can_view_details && !plugin.installed; - let disabled_reason = - is_disabled.then(|| "remote plugin details are not available yet".to_string()); + let disabled_reason = is_disabled.then(|| "plugin details are unavailable".to_string()); items.push(SelectionItem { name: display_name, toggle, - toggle_placeholder: (!plugin.installed).then_some("[-] "), + toggle_placeholder: (!can_toggle_plugin).then_some("[-] "), description: Some(description), selected_description: Some(selected_description), search_value: Some(search_value), @@ -2082,6 +2113,9 @@ fn plugin_brief_description_without_marketplace( } fn plugin_status_label(plugin: &PluginSummary) -> &'static str { + if plugin.availability == PluginAvailability::DisabledByAdmin { + return "Disabled by admin"; + } if plugin.installed { if plugin.enabled { "Installed" @@ -2097,6 +2131,59 @@ fn plugin_status_label(plugin: &PluginSummary) -> &'static str { } } +fn plugin_location_for_marketplace( + marketplace: &PluginMarketplaceEntry, + plugin: &PluginSummary, +) -> Option { + if let Some(marketplace_path) = marketplace.path.clone() { + return Some(PluginLocation::Local { marketplace_path }); + } + plugin_remote_identity(plugin).map(|_| PluginLocation::Remote { + marketplace_name: marketplace.name.clone(), + }) +} + +fn plugin_detail_location(plugin: &PluginDetail) -> Option { + if let Some(marketplace_path) = plugin.marketplace_path.clone() { + return Some(PluginLocation::Local { marketplace_path }); + } + plugin_remote_identity(&plugin.summary).map(|_| PluginLocation::Remote { + marketplace_name: plugin.marketplace_name.clone(), + }) +} + +fn plugin_detail_request_for_entry( + marketplace: &PluginMarketplaceEntry, + plugin: &PluginSummary, +) -> Option<(PluginLocation, String)> { + plugin_location_for_marketplace(marketplace, plugin) + .map(|location| (location, plugin_request_name(plugin))) +} + +fn plugin_request_name(plugin: &PluginSummary) -> String { + if matches!(&plugin.source, PluginSource::Remote) + && let Some(remote_plugin_id) = plugin_remote_identity(plugin) + { + return remote_plugin_id; + } + plugin.name.clone() +} + +fn plugin_remote_identity(plugin: &PluginSummary) -> Option { + plugin + .share_context + .as_ref() + .map(|context| context.remote_plugin_id.clone()) + .or_else(|| plugin.remote_plugin_id.clone()) +} + +fn plugin_uninstall_id(plugin: &PluginSummary) -> Option { + if matches!(&plugin.source, PluginSource::Remote) { + return plugin_remote_identity(plugin); + } + Some(plugin.id.clone()) +} + fn plugin_description(plugin: &PluginSummary) -> Option { plugin .interface diff --git a/codex-rs/tui/src/chatwidget/protocol.rs b/codex-rs/tui/src/chatwidget/protocol.rs index 6d56330367f..51e4cedf85b 100644 --- a/codex-rs/tui/src/chatwidget/protocol.rs +++ b/codex-rs/tui/src/chatwidget/protocol.rs @@ -6,12 +6,15 @@ impl ChatWidget { notification: ServerNotification, replay_kind: Option, ) { - if self.active_side_conversation - && replay_kind.is_none() - && matches!(notification, ServerNotification::McpServerStatusUpdated(_)) + // Reject misrouted child updates before shared notification handling mutates parent state. + if let ServerNotification::McpServerStatusUpdated(notification) = ¬ification + && let (Some(notification_thread_id), Some(thread_id)) = + (notification.thread_id.as_deref(), self.thread_id()) + && notification_thread_id != thread_id.to_string() { return; } + let from_replay = replay_kind.is_some(); let is_resume_initial_replay = matches!(replay_kind, Some(ReplayKind::ResumeInitialMessages)); @@ -221,6 +224,7 @@ impl ChatWidget { | ServerNotification::ThreadStarted(_) | ServerNotification::ThreadStatusChanged(_) | ServerNotification::ThreadArchived(_) + | ServerNotification::ThreadDeleted(_) | ServerNotification::ThreadUnarchived(_) | ServerNotification::RawResponseItemCompleted(_) | ServerNotification::CommandExecOutputDelta(_) @@ -233,6 +237,7 @@ impl ChatWidget { | ServerNotification::RemoteControlStatusChanged(_) | ServerNotification::ExternalAgentConfigImportCompleted(_) | ServerNotification::FsChanged(_) + | ServerNotification::TurnModerationMetadata(_) | ServerNotification::FuzzyFileSearchSessionUpdated(_) | ServerNotification::FuzzyFileSearchSessionCompleted(_) | ServerNotification::ThreadRealtimeTranscriptDelta(_) @@ -332,6 +337,7 @@ impl ChatWidget { reasoning_effort, agents_states, }), + item @ ThreadItem::SubAgentActivity { .. } => self.on_sub_agent_activity(item), ThreadItem::EnteredReviewMode { review, .. } if !from_replay => { self.enter_review_mode_with_hint(review, /*from_replay*/ false); } diff --git a/codex-rs/tui/src/chatwidget/rate_limits.rs b/codex-rs/tui/src/chatwidget/rate_limits.rs index f831b5a0074..efb0b636288 100644 --- a/codex-rs/tui/src/chatwidget/rate_limits.rs +++ b/codex-rs/tui/src/chatwidget/rate_limits.rs @@ -343,14 +343,16 @@ impl ChatWidget { /*active_permission_profile*/ None, /*windows_sandbox_level*/ None, Some(switch_model_for_events.clone()), - Some(Some(default_effort)), + Some(Some(default_effort.clone())), /*summary*/ None, /*service_tier*/ None, /*collaboration_mode*/ None, /*personality*/ None, ))); tx.send(AppEvent::UpdateModel(switch_model_for_events.clone())); - tx.send(AppEvent::UpdateReasoningEffort(Some(default_effort))); + tx.send(AppEvent::UpdateReasoningEffort(Some( + default_effort.clone(), + ))); })]; let keep_actions: Vec = Vec::new(); diff --git a/codex-rs/tui/src/chatwidget/reasoning_shortcuts.rs b/codex-rs/tui/src/chatwidget/reasoning_shortcuts.rs index 612dbe7ddde..404bf870295 100644 --- a/codex-rs/tui/src/chatwidget/reasoning_shortcuts.rs +++ b/codex-rs/tui/src/chatwidget/reasoning_shortcuts.rs @@ -8,15 +8,14 @@ //! The shortcut state machine is deliberately narrow: it only handles key //! presses when no modal or popup owns input, it anchors unset reasoning to the //! current model preset's default, and it walks only efforts advertised by the -//! active model. Unsupported current efforts are not normalized eagerly; the -//! next shortcut moves to the nearest supported effort in the requested -//! direction. +//! active model. Unsupported efforts anchor to the model default, or the first +//! advertised effort when the default is absent, before stepping through the +//! advertised order. use codex_protocol::config_types::ModeKind; use codex_protocol::openai_models::ModelPreset; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; use crossterm::event::KeyEvent; -use strum::IntoEnumIterator; use super::ChatWidget; use crate::app_event::AppEvent; @@ -30,8 +29,8 @@ pub(super) enum ReasoningShortcutDirection { } impl ReasoningShortcutDirection { - fn bound_message(self, effort: ReasoningEffortConfig) -> String { - let label = ChatWidget::reasoning_effort_label(effort).to_lowercase(); + fn bound_message(self, effort: &ReasoningEffortConfig) -> String { + let label = ChatWidget::reasoning_effort_sentence_label(effort); match self { Self::Lower => format!("Reasoning is already at the lowest level ({label})."), Self::Raise => format!("Reasoning is already at the highest level ({label})."), @@ -90,12 +89,23 @@ impl ChatWidget { }; let choices = reasoning_choices(&preset); - let current_effort = self + let configured_effort = self .effective_reasoning_effort() - .unwrap_or(preset.default_reasoning_effort); - let Some(next_effort) = next_reasoning_effort(&choices, Some(current_effort), direction) + .unwrap_or_else(|| preset.default_reasoning_effort.clone()); + let current_effort = if choices.contains(&configured_effort) { + configured_effort + } else if choices.contains(&preset.default_reasoning_effort) { + preset.default_reasoning_effort + } else { + choices + .first() + .cloned() + .unwrap_or(preset.default_reasoning_effort) + }; + let Some(next_effort) = + next_reasoning_effort(&choices, Some(current_effort.clone()), direction) else { - self.add_info_message(direction.bound_message(current_effort), /*hint*/ None); + self.add_info_message(direction.bound_message(¤t_effort), /*hint*/ None); return true; }; @@ -120,18 +130,13 @@ impl ChatWidget { } fn reasoning_choices(preset: &ModelPreset) -> Vec { - let mut choices = Vec::new(); - for effort in ReasoningEffortConfig::iter() { - if preset - .supported_reasoning_efforts - .iter() - .any(|option| option.effort == effort) - { - choices.push(effort); - } - } + let mut choices: Vec = preset + .supported_reasoning_efforts + .iter() + .map(|option| option.effort.clone()) + .collect(); if choices.is_empty() { - choices.push(preset.default_reasoning_effort); + choices.push(preset.default_reasoning_effort.clone()); } choices } @@ -142,33 +147,17 @@ fn next_reasoning_effort( direction: ReasoningShortcutDirection, ) -> Option { let current_effort = current_effort?; - if choices.is_empty() { - return None; - } - - let current_rank = effort_rank(current_effort); - match direction { - ReasoningShortcutDirection::Lower => choices - .iter() - .rev() - .copied() - .find(|choice| effort_rank(*choice) < current_rank), - ReasoningShortcutDirection::Raise => choices - .iter() - .copied() - .find(|choice| effort_rank(*choice) > current_rank), + if let Some(current_index) = choices.iter().position(|choice| choice == ¤t_effort) { + return match direction { + ReasoningShortcutDirection::Lower => current_index + .checked_sub(1) + .and_then(|index| choices.get(index)) + .cloned(), + ReasoningShortcutDirection::Raise => choices.get(current_index + 1).cloned(), + }; } -} -fn effort_rank(effort: ReasoningEffortConfig) -> i32 { - match effort { - ReasoningEffortConfig::None => 0, - ReasoningEffortConfig::Minimal => 1, - ReasoningEffortConfig::Low => 2, - ReasoningEffortConfig::Medium => 3, - ReasoningEffortConfig::High => 4, - ReasoningEffortConfig::XHigh => 5, - } + None } #[cfg(test)] @@ -214,24 +203,52 @@ mod tests { } #[test] - fn next_reasoning_effort_skips_to_supported_level_from_unsupported_current() { + fn next_reasoning_effort_does_not_infer_position_for_unsupported_current() { let choices = vec![ReasoningEffortConfig::Low, ReasoningEffortConfig::High]; assert_eq!( - next_reasoning_effort( - &choices, - Some(ReasoningEffortConfig::Medium), - ReasoningShortcutDirection::Raise, + ( + next_reasoning_effort( + &choices, + Some(ReasoningEffortConfig::Medium), + ReasoningShortcutDirection::Raise, + ), + next_reasoning_effort( + &choices, + Some(ReasoningEffortConfig::Medium), + ReasoningShortcutDirection::Lower, + ), ), - Some(ReasoningEffortConfig::High) + (None, None) ); + } + + #[test] + fn next_reasoning_effort_uses_advertised_order_for_custom_levels() { + let custom_effort = ReasoningEffortConfig::Custom("max".to_string()); + let choices = vec![ + ReasoningEffortConfig::High, + ReasoningEffortConfig::Low, + custom_effort.clone(), + ]; + assert_eq!( - next_reasoning_effort( - &choices, - Some(ReasoningEffortConfig::Medium), - ReasoningShortcutDirection::Lower, + ( + next_reasoning_effort( + &choices, + Some(ReasoningEffortConfig::High), + ReasoningShortcutDirection::Raise, + ), + next_reasoning_effort( + &choices, + Some(custom_effort), + ReasoningShortcutDirection::Lower, + ), ), - Some(ReasoningEffortConfig::Low) + ( + Some(ReasoningEffortConfig::Low), + Some(ReasoningEffortConfig::Low), + ) ); } diff --git a/codex-rs/tui/src/chatwidget/replay.rs b/codex-rs/tui/src/chatwidget/replay.rs index f0211aaca15..bdb8b8d3a19 100644 --- a/codex-rs/tui/src/chatwidget/replay.rs +++ b/codex-rs/tui/src/chatwidget/replay.rs @@ -190,6 +190,7 @@ impl ChatWidget { reasoning_effort, agents_states, }), + item @ ThreadItem::SubAgentActivity { .. } => self.on_sub_agent_activity(item), ThreadItem::DynamicToolCall { .. } => {} } diff --git a/codex-rs/tui/src/chatwidget/session_flow.rs b/codex-rs/tui/src/chatwidget/session_flow.rs index 6eb5910afe1..004f64c7267 100644 --- a/codex-rs/tui/src/chatwidget/session_flow.rs +++ b/codex-rs/tui/src/chatwidget/session_flow.rs @@ -79,7 +79,7 @@ impl ChatWidget { let default_model = session.model.clone(); self.current_collaboration_mode = self.current_collaboration_mode.with_updates( Some(default_model.clone()), - Some(session.reasoning_effort), + Some(session.reasoning_effort.clone()), /*developer_instructions*/ None, ); match session.collaboration_mode.as_deref() { @@ -93,7 +93,7 @@ impl ChatWidget { Some(&default_model), ); if let Some(mask) = self.active_collaboration_mask.as_mut() { - mask.reasoning_effort = Some(session.reasoning_effort); + mask.reasoning_effort = Some(session.reasoning_effort.clone()); } self.update_collaboration_mode_indicator(); self.refresh_plan_mode_nudge(); diff --git a/codex-rs/tui/src/chatwidget/settings.rs b/codex-rs/tui/src/chatwidget/settings.rs index 45dbc362e99..bed42e2bb47 100644 --- a/codex-rs/tui/src/chatwidget/settings.rs +++ b/codex-rs/tui/src/chatwidget/settings.rs @@ -58,13 +58,11 @@ impl ChatWidget { pub(crate) fn set_windows_sandbox_mode(&mut self, mode: Option) { self.config.permissions.windows_sandbox_mode = mode; #[cfg(target_os = "windows")] - self.bottom_pane.set_windows_degraded_sandbox_active( - crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED - && matches!( - WindowsSandboxLevel::from_config(&self.config), - WindowsSandboxLevel::RestrictedToken - ), - ); + self.bottom_pane + .set_windows_degraded_sandbox_active(matches!( + crate::windows_sandbox::level_from_config(&self.config), + WindowsSandboxLevel::RestrictedToken + )); } #[cfg_attr(not(target_os = "windows"), allow(dead_code))] @@ -121,13 +119,11 @@ impl ChatWidget { feature, Feature::WindowsSandbox | Feature::WindowsSandboxElevated ) { - self.bottom_pane.set_windows_degraded_sandbox_active( - crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED - && matches!( - WindowsSandboxLevel::from_config(&self.config), - WindowsSandboxLevel::RestrictedToken - ), - ); + self.bottom_pane + .set_windows_degraded_sandbox_active(matches!( + crate::windows_sandbox::level_from_config(&self.config), + WindowsSandboxLevel::RestrictedToken + )); } enabled } @@ -159,7 +155,7 @@ impl ChatWidget { /// so the footer reflects it without waiting for the next mode switch. /// Passing `None` resets to the Plan-mode preset default. pub(crate) fn set_plan_mode_reasoning_effort(&mut self, effort: Option) { - self.config.plan_mode_reasoning_effort = effort; + self.config.plan_mode_reasoning_effort = effort.clone(); if self.collaboration_modes_enabled() && let Some(mask) = self.active_collaboration_mask.as_mut() && mask.mode == Some(ModeKind::Plan) @@ -182,7 +178,7 @@ impl ChatWidget { pub(crate) fn set_reasoning_effort(&mut self, effort: Option) { self.current_collaboration_mode = self.current_collaboration_mode.with_updates( /*model*/ None, - Some(effort), + Some(effort.clone()), /*developer_instructions*/ None, ); if self.collaboration_modes_enabled() @@ -471,7 +467,7 @@ impl ChatWidget { let current_effort = self.current_collaboration_mode.reasoning_effort(); self.active_collaboration_mask .as_ref() - .and_then(|mask| mask.reasoning_effort) + .and_then(|mask| mask.reasoning_effort.clone()) .unwrap_or(current_effort) } @@ -590,7 +586,7 @@ impl ChatWidget { name: mode_kind.display_name().to_string(), mode: Some(mode_kind), model: Some(settings.model.clone()), - reasoning_effort: Some(settings.reasoning_effort), + reasoning_effort: Some(settings.reasoning_effort.clone()), developer_instructions: Some(settings.developer_instructions), }); self.update_collaboration_mode_indicator(); @@ -712,7 +708,7 @@ impl ChatWidget { let previous_model = self.current_model().to_string(); let previous_effort = self.effective_reasoning_effort(); if mask.mode == Some(ModeKind::Plan) - && let Some(effort) = self.config.plan_mode_reasoning_effort + && let Some(effort) = self.config.plan_mode_reasoning_effort.clone() { mask.reasoning_effort = Some(Some(effort)); } @@ -732,13 +728,9 @@ impl ChatWidget { { let mut message = format!("Model changed to {next_model}"); if !next_model.starts_with("codex-auto-") { - let reasoning_label = match next_effort { - Some(ReasoningEffortConfig::Minimal) => "minimal", - Some(ReasoningEffortConfig::Low) => "low", - Some(ReasoningEffortConfig::Medium) => "medium", - Some(ReasoningEffortConfig::High) => "high", - Some(ReasoningEffortConfig::XHigh) => "xhigh", + let reasoning_label = match next_effort.as_ref() { None | Some(ReasoningEffortConfig::None) => "default", + Some(effort) => effort.as_str(), }; message.push(' '); message.push_str(reasoning_label); diff --git a/codex-rs/tui/src/chatwidget/slash_dispatch.rs b/codex-rs/tui/src/chatwidget/slash_dispatch.rs index 08c6db56dc4..5d0efea2fc3 100644 --- a/codex-rs/tui/src/chatwidget/slash_dispatch.rs +++ b/codex-rs/tui/src/chatwidget/slash_dispatch.rs @@ -13,6 +13,7 @@ use crate::bottom_pane::slash_commands::BuiltinCommandFlags; use crate::bottom_pane::slash_commands::ServiceTierCommand; use crate::bottom_pane::slash_commands::SlashCommandItem; use crate::bottom_pane::slash_commands::find_slash_command; +use crate::goal_display::GOAL_USAGE; #[derive(Clone, Copy, Debug, PartialEq, Eq)] enum SlashCommandDispatchSource { @@ -32,7 +33,6 @@ struct PreparedSlashCommandArgs { const SIDE_STARTING_CONTEXT_LABEL: &str = "Side starting..."; const SIDE_SLASH_COMMAND_UNAVAILABLE_HINT: &str = "Press Ctrl+C to return to the main thread first."; -const GOAL_USAGE: &str = "Usage: /goal "; const GOAL_USAGE_HINT: &str = "Example: /goal improve benchmark coverage"; const RAW_USAGE: &str = "Usage: /raw [on|off]"; @@ -193,6 +193,34 @@ impl ChatWidget { }); self.request_redraw(); } + SlashCommand::Delete => { + self.bottom_pane.show_selection_view(SelectionViewParams { + title: Some("Delete this session?".to_string()), + subtitle: Some( + "Cannot be undone. Subagent threads will also be deleted.".to_string(), + ), + footer_hint: Some(standard_popup_hint_line()), + items: vec![ + SelectionItem { + name: "No, keep this session".to_string(), + description: Some("Return to the current session".to_string()), + dismiss_on_select: true, + ..Default::default() + }, + SelectionItem { + name: "Yes, delete and exit".to_string(), + description: Some("Permanently delete this session now".to_string()), + actions: vec![Box::new(|tx| { + tx.send(AppEvent::DeleteCurrentThread); + })], + dismiss_on_select: true, + ..Default::default() + }, + ], + ..Default::default() + }); + self.request_redraw(); + } SlashCommand::Clear => { self.app_event_tx.send(AppEvent::ClearUi); } @@ -213,14 +241,6 @@ impl ChatWidget { .send(AppEvent::OpenDesktopThread { thread_id }); } SlashCommand::Init => { - let init_target = self.config.cwd.join(DEFAULT_AGENTS_MD_FILENAME); - if init_target.exists() { - let message = format!( - "{DEFAULT_AGENTS_MD_FILENAME} already exists here. Skipping /init to avoid overwriting it." - ); - self.add_info_message(message, /*hint*/ None); - return; - } const INIT_PROMPT: &str = include_str!("../../prompt_for_init_command.md"); self.submit_user_message(INIT_PROMPT.to_string().into()); } @@ -297,12 +317,11 @@ impl ChatWidget { SlashCommand::ElevateSandbox => { #[cfg(target_os = "windows")] { - let windows_sandbox_level = WindowsSandboxLevel::from_config(&self.config); + let windows_sandbox_level = + crate::windows_sandbox::level_from_config(&self.config); let windows_degraded_sandbox_enabled = matches!(windows_sandbox_level, WindowsSandboxLevel::RestrictedToken); - if !windows_degraded_sandbox_enabled - || !crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED - { + if !windows_degraded_sandbox_enabled { // This command should not be visible/recognized outside degraded mode, // but guard anyway in case something dispatches it directly. return; @@ -406,6 +425,10 @@ impl ChatWidget { SlashCommand::Skills => { self.open_skills_menu(); } + SlashCommand::Import => { + self.app_event_tx + .send(AppEvent::OpenExternalAgentConfigMigration); + } SlashCommand::Hooks => { self.add_hooks_output(); } @@ -662,7 +685,7 @@ impl ChatWidget { } self.session_telemetry .counter("codex.thread.rename", /*inc*/ 1, &[]); - let Some(name) = crate::legacy_core::util::normalize_thread_name(&args) else { + let Some(name) = normalize_thread_name(&args) else { self.add_error_message("Thread name cannot be empty.".to_string()); return; }; @@ -944,7 +967,7 @@ impl ChatWidget { fn builtin_command_flags(&self) -> BuiltinCommandFlags { #[cfg(target_os = "windows")] let allow_elevate_sandbox = { - let windows_sandbox_level = WindowsSandboxLevel::from_config(&self.config); + let windows_sandbox_level = crate::windows_sandbox::level_from_config(&self.config); matches!(windows_sandbox_level, WindowsSandboxLevel::RestrictedToken) }; #[cfg(not(target_os = "windows"))] @@ -990,6 +1013,7 @@ impl ChatWidget { SlashCommand::Feedback | SlashCommand::New | SlashCommand::Archive + | SlashCommand::Delete | SlashCommand::Clear | SlashCommand::Resume | SlashCommand::Fork @@ -1018,6 +1042,7 @@ impl ChatWidget { | SlashCommand::Logout | SlashCommand::Mention | SlashCommand::Skills + | SlashCommand::Import | SlashCommand::Hooks | SlashCommand::Title | SlashCommand::Statusline diff --git a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__chained_config_error_wraps_in_history_snapshot.snap b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__chained_config_error_wraps_in_history_snapshot.snap new file mode 100644 index 00000000000..a3a7e21365e --- /dev/null +++ b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__chained_config_error_wraps_in_history_snapshot.snap @@ -0,0 +1,7 @@ +--- +source: tui/src/chatwidget/tests/config_errors_tests.rs +expression: normalize_snapshot_paths(term.backend().vt100().screen().contents()) +--- +■ Failed to save default model: config/batchWrite failed +in TUI: Invalid configuration: features.fast_mode=true +is not supported; allowed set [fast_mode=false] diff --git a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__completed_turn_clears_visible_running_hook.snap b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__completed_turn_clears_visible_running_hook.snap new file mode 100644 index 00000000000..e41954e4151 --- /dev/null +++ b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__completed_turn_clears_visible_running_hook.snap @@ -0,0 +1,8 @@ +--- +source: tui/src/chatwidget/tests/status_and_layout.rs +expression: "format!(\"before completion:\\n{before_completion}after completion:\\n{}\",\nactive_hook_blob(&chat))" +--- +before completion: +• Running PostToolUse hook +after completion: + diff --git a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__model_reasoning_selection_popup.snap b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__model_reasoning_selection_popup.snap index baef861f4c8..a436136570e 100644 --- a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__model_reasoning_selection_popup.snap +++ b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__model_reasoning_selection_popup.snap @@ -6,7 +6,8 @@ expression: popup 1. Low Fast responses with lighter reasoning 2. Medium (default) Balances speed and reasoning depth for everyday tasks -› 3. High (current) Greater reasoning depth for complex problems - 4. Extra high Extra high reasoning depth for complex problems + 3. max Maximum available reasoning +› 4. High (current) Greater reasoning depth for complex problems + 5. Extra high Extra high reasoning depth for complex problems Press enter to confirm or esc to go back diff --git a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__review_submission_warning_snapshot.snap b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__review_submission_warning_snapshot.snap index c8bbb7c2a41..1a28a9222bc 100644 --- a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__review_submission_warning_snapshot.snap +++ b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__review_submission_warning_snapshot.snap @@ -1,7 +1,7 @@ --- source: tui/src/chatwidget/tests/review_mode.rs -expression: lines_to_single_string(last) +assertion_line: 307 +expression: last --- -⚠ Steer messages aren't supported during /review. Send your message after the - review finishes, or press Ctrl+C now to cancel the review. - +⚠ Steer messages aren't supported during /review. Press Ctrl+C now to cancel the + review. diff --git a/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__slash_delete_confirmation_popup.snap b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__slash_delete_confirmation_popup.snap new file mode 100644 index 00000000000..de5c0610a07 --- /dev/null +++ b/codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__slash_delete_confirmation_popup.snap @@ -0,0 +1,11 @@ +--- +source: tui/src/chatwidget/tests/slash_commands.rs +expression: popup +--- + Delete this session? + Cannot be undone. Subagent threads will also be deleted. + +› 1. No, keep this session Return to the current session + 2. Yes, delete and exit Permanently delete this session now + + Press enter to confirm or esc to go back diff --git a/codex-rs/tui/src/chatwidget/status_controls.rs b/codex-rs/tui/src/chatwidget/status_controls.rs index d0394464fa3..d4de7383140 100644 --- a/codex-rs/tui/src/chatwidget/status_controls.rs +++ b/codex-rs/tui/src/chatwidget/status_controls.rs @@ -212,7 +212,7 @@ impl ChatWidget { }); let reasoning_effort_override = Some( self.effective_reasoning_effort() - .or(self.config.model_reasoning_effort) + .or_else(|| self.config.model_reasoning_effort.clone()) .or(model_default_reasoning_effort), ); let rate_limit_snapshots: Vec = self @@ -382,15 +382,11 @@ impl ChatWidget { } pub(super) fn status_line_reasoning_effort_label( - effort: Option, - ) -> &'static str { + effort: Option<&ReasoningEffortConfig>, + ) -> String { match effort { - Some(ReasoningEffortConfig::Minimal) => "minimal", - Some(ReasoningEffortConfig::Low) => "low", - Some(ReasoningEffortConfig::Medium) => "medium", - Some(ReasoningEffortConfig::High) => "high", - Some(ReasoningEffortConfig::XHigh) => "xhigh", - None | Some(ReasoningEffortConfig::None) => "default", + None | Some(ReasoningEffortConfig::None) => "default".to_string(), + Some(effort) => effort.as_str().to_string(), } } } diff --git a/codex-rs/tui/src/chatwidget/status_surfaces.rs b/codex-rs/tui/src/chatwidget/status_surfaces.rs index d8facdb0cff..592dd043817 100644 --- a/codex-rs/tui/src/chatwidget/status_surfaces.rs +++ b/codex-rs/tui/src/chatwidget/status_surfaces.rs @@ -562,7 +562,7 @@ impl ChatWidget { match item { StatusLineItem::ModelName => Some(self.model_display_name().to_string()), StatusLineItem::ModelWithReasoning => Some(self.model_with_reasoning_display_name()), - StatusLineItem::Reasoning => Some(self.reasoning_display_name().to_string()), + StatusLineItem::Reasoning => Some(self.reasoning_display_name()), StatusLineItem::CurrentDir => { Some(format_directory_display( self.status_line_cwd(), @@ -762,15 +762,16 @@ impl ChatWidget { /*max_chars*/ 32, )), TerminalTitleItem::Reasoning => Some(Self::truncate_terminal_title_part( - self.reasoning_display_name().to_string(), + self.reasoning_display_name(), /*max_chars*/ 32, )), TerminalTitleItem::TaskProgress => self.terminal_title_task_progress(), } } - fn reasoning_display_name(&self) -> &'static str { - Self::status_line_reasoning_effort_label(self.effective_reasoning_effort()) + fn reasoning_display_name(&self) -> String { + let effort = self.effective_reasoning_effort(); + Self::status_line_reasoning_effort_label(effort.as_ref()) } fn model_with_reasoning_display_name(&self) -> String { diff --git a/codex-rs/tui/src/chatwidget/streaming.rs b/codex-rs/tui/src/chatwidget/streaming.rs index 3dd9f26ee99..848b0c2ef33 100644 --- a/codex-rs/tui/src/chatwidget/streaming.rs +++ b/codex-rs/tui/src/chatwidget/streaming.rs @@ -38,7 +38,8 @@ impl ChatWidget { // Consolidate the run of streaming AgentMessageCells into a single AgentMarkdownCell // that can re-render from source on resize. if let Some(source) = source { - let source = parse_assistant_markdown(&source).visible_markdown; + let source = + parse_assistant_markdown(&source, self.config.cwd.as_path()).visible_markdown; self.app_event_tx.send(AppEvent::ConsolidateAgentMessage { source, cwd: self.config.cwd.to_path_buf(), @@ -261,7 +262,7 @@ impl ChatWidget { AgentMessageContent::Text { text } => message.push_str(text), } } - let parsed = parse_assistant_markdown(&message); + let parsed = parse_assistant_markdown(&message, self.config.cwd.as_path()); self.finalize_completed_assistant_message( (!parsed.visible_markdown.is_empty()).then_some(parsed.visible_markdown.as_str()), ); diff --git a/codex-rs/tui/src/chatwidget/tests.rs b/codex-rs/tui/src/chatwidget/tests.rs index 2da524910aa..c20768e10e1 100644 --- a/codex-rs/tui/src/chatwidget/tests.rs +++ b/codex-rs/tui/src/chatwidget/tests.rs @@ -21,8 +21,6 @@ pub(super) use crate::diff_model::FileChange; pub(super) use crate::history_cell::UserHistoryCell; pub(super) use crate::legacy_core::config::Config; pub(super) use crate::legacy_core::config::ConfigBuilder; -pub(super) use crate::legacy_core::config::Constrained; -pub(super) use crate::legacy_core::config::ConstraintError; pub(super) use crate::model_catalog::ModelCatalog; pub(super) use crate::test_backend::VT100Backend; pub(super) use crate::test_support::PathBufExt; @@ -120,6 +118,8 @@ pub(super) use codex_app_server_protocol::UserInput; pub(super) use codex_app_server_protocol::UserInput as AppServerUserInput; pub(super) use codex_app_server_protocol::WarningNotification; pub(super) use codex_config::ConfigLayerStack; +pub(super) use codex_config::Constrained; +pub(super) use codex_config::ConstraintError; pub(super) use codex_config::RequirementSource; pub(super) use codex_config::types::ApprovalsReviewer; pub(super) use codex_config::types::Notifications; @@ -129,6 +129,8 @@ pub(super) use codex_core_skills::model::SkillMetadata; pub(super) use codex_features::FEATURES; pub(super) use codex_features::Feature; pub(super) use codex_git_utils::CommitLogEntry; +pub(super) use codex_models_manager::test_support::construct_model_info_offline_for_tests; +pub(super) use codex_models_manager::test_support::get_model_offline_for_tests; pub(super) use codex_otel::RuntimeMetricsSummary; pub(super) use codex_otel::SessionTelemetry; pub(super) use codex_protocol::ThreadId; @@ -219,6 +221,8 @@ macro_rules! assert_chatwidget_snapshot { mod app_server; mod approval_requests; mod composer_submission; +#[path = "tests/config_errors_tests.rs"] +mod config_errors; mod exec_flow; mod goal_menu; mod goal_validation; diff --git a/codex-rs/tui/src/chatwidget/tests/composer_submission.rs b/codex-rs/tui/src/chatwidget/tests/composer_submission.rs index f3e32b2eb42..154add1d670 100644 --- a/codex-rs/tui/src/chatwidget/tests/composer_submission.rs +++ b/codex-rs/tui/src/chatwidget/tests/composer_submission.rs @@ -730,6 +730,7 @@ async fn queued_restore_with_remote_images_keeps_local_placeholder_mapping() { }); assert_eq!(chat.bottom_pane.composer_text(), text); + assert_eq!(chat.bottom_pane.composer_cursor(), text.len()); assert_eq!(chat.bottom_pane.composer_text_elements(), text_elements); assert_eq!(chat.bottom_pane.composer_local_images(), local_images); assert_eq!(chat.remote_image_urls(), remote_image_urls); diff --git a/codex-rs/tui/src/chatwidget/tests/config_errors_tests.rs b/codex-rs/tui/src/chatwidget/tests/config_errors_tests.rs new file mode 100644 index 00000000000..645c01f0f41 --- /dev/null +++ b/codex-rs/tui/src/chatwidget/tests/config_errors_tests.rs @@ -0,0 +1,25 @@ +use super::*; + +#[tokio::test] +async fn chained_config_error_wraps_in_history_snapshot() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.add_error_message( + "Failed to save default model: config/batchWrite failed in TUI: Invalid configuration: features.fast_mode=true is not supported; allowed set [fast_mode=false]" + .to_string(), + ); + + let width = 56; + let height = 8; + let backend = VT100Backend::new(width, height); + let mut term = crate::custom_terminal::Terminal::with_options(backend).expect("terminal"); + term.set_viewport_area(ratatui::layout::Rect::new(0, 0, width, height)); + for lines in drain_insert_history(&mut rx) { + crate::insert_history::insert_history_lines(&mut term, lines) + .expect("insert history lines"); + } + + assert_chatwidget_snapshot!( + "chained_config_error_wraps_in_history_snapshot", + normalize_snapshot_paths(term.backend().vt100().screen().contents()) + ); +} diff --git a/codex-rs/tui/src/chatwidget/tests/helpers.rs b/codex-rs/tui/src/chatwidget/tests/helpers.rs index cfc9278ded3..3dfc373b592 100644 --- a/codex-rs/tui/src/chatwidget/tests/helpers.rs +++ b/codex-rs/tui/src/chatwidget/tests/helpers.rs @@ -19,7 +19,6 @@ pub(super) async fn test_config() -> Config { config.cwd = PathBuf::from(test_path_display("/tmp/project")).abs(); config.config_layer_stack = ConfigLayerStack::default(); config.startup_warnings.clear(); - config.user_instructions = None; config } @@ -119,7 +118,8 @@ pub(super) fn snapshot(percent: f64) -> RateLimitSnapshot { } pub(super) fn test_session_telemetry(config: &Config, model: &str) -> SessionTelemetry { - let model_info = crate::legacy_core::test_support::construct_model_info_offline(model, config); + let model_info = + construct_model_info_offline_for_tests(model, &config.to_models_manager_config()); SessionTelemetry::new( ThreadId::new(), model, @@ -136,7 +136,7 @@ pub(super) fn test_session_telemetry(config: &Config, model: &str) -> SessionTel pub(super) fn test_model_catalog(_config: &Config) -> Arc { Arc::new(ModelCatalog::new( - crate::legacy_core::test_support::all_model_presets().clone(), + crate::test_support::TEST_MODEL_PRESETS.clone(), )) } @@ -152,9 +152,9 @@ pub(super) async fn make_chatwidget_manual( let app_event_tx = AppEventSender::new(tx_raw); let (op_tx, op_rx) = unbounded_channel::(); let mut cfg = test_config().await; - let resolved_model = model_override.map(str::to_owned).unwrap_or_else(|| { - crate::legacy_core::test_support::get_model_offline(cfg.model.as_deref()) - }); + let resolved_model = model_override + .map(str::to_owned) + .unwrap_or_else(|| get_model_offline_for_tests(cfg.model.as_deref())); if let Some(model) = model_override { cfg.model = Some(model.to_string()); } @@ -1337,6 +1337,34 @@ pub(super) fn plugins_test_summary( } } +pub(super) fn plugins_test_remote_summary( + remote_plugin_id: &str, + name: &str, + display_name: Option<&str>, + description: Option<&str>, + installed: bool, +) -> PluginSummary { + PluginSummary { + id: remote_plugin_id.to_string(), + remote_plugin_id: Some(remote_plugin_id.to_string()), + local_version: None, + name: name.to_string(), + share_context: None, + source: PluginSource::Remote, + installed, + enabled: true, + install_policy: PluginInstallPolicy::Available, + auth_policy: PluginAuthPolicy::OnInstall, + availability: PluginAvailability::Available, + interface: Some(plugins_test_interface( + display_name, + description, + /*long_description*/ None, + )), + keywords: Vec::new(), + } +} + pub(super) fn plugins_test_curated_marketplace( plugins: Vec, ) -> PluginMarketplaceEntry { @@ -1386,7 +1414,7 @@ pub(super) fn plugins_test_detail( description: Option<&str>, skills: &[&str], hooks: &[(codex_app_server_protocol::HookEventName, usize)], - apps: &[(&str, bool)], + apps: &[&str], mcp_servers: &[&str], ) -> PluginDetail { PluginDetail { @@ -1421,14 +1449,15 @@ pub(super) fn plugins_test_detail( .collect(), apps: apps .iter() - .map(|(name, needs_auth)| AppSummary { + .map(|name| AppSummary { id: format!("{name}-id"), name: (*name).to_string(), description: Some(format!("{name} app")), install_url: Some(format!("https://example.test/{name}")), - needs_auth: *needs_auth, + category: None, }) .collect(), + app_templates: Vec::new(), mcp_servers: mcp_servers.iter().map(|name| (*name).to_string()).collect(), } } diff --git a/codex-rs/tui/src/chatwidget/tests/mcp_startup.rs b/codex-rs/tui/src/chatwidget/tests/mcp_startup.rs index ba862a52934..60efbe1353b 100644 --- a/codex-rs/tui/src/chatwidget/tests/mcp_startup.rs +++ b/codex-rs/tui/src/chatwidget/tests/mcp_startup.rs @@ -4,6 +4,7 @@ use pretty_assertions::assert_eq; fn notify_mcp_status(chat: &mut ChatWidget, name: &str, status: McpServerStartupState) { chat.handle_server_notification( ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: Some("thread-1".to_string()), name: name.to_string(), status, error: None, @@ -15,6 +16,7 @@ fn notify_mcp_status(chat: &mut ChatWidget, name: &str, status: McpServerStartup fn notify_mcp_status_error(chat: &mut ChatWidget, name: &str, error: &str) { chat.handle_server_notification( ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: Some("thread-1".to_string()), name: name.to_string(), status: McpServerStartupState::Failed, error: Some(error.to_string()), @@ -23,6 +25,83 @@ fn notify_mcp_status_error(chat: &mut ChatWidget, name: &str, error: &str) { ); } +#[tokio::test] +async fn mcp_startup_ignores_status_for_other_thread() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.show_welcome_banner = false; + chat.set_mcp_startup_expected_servers(["sentry".to_string()]); + let parent_thread_id = ThreadId::new(); + let child_thread_id = ThreadId::new(); + chat.thread_id = Some(parent_thread_id); + chat.on_stream_error( + "Connection interrupted, retrying".to_string(), + /*additional_details*/ None, + ); + let status_before = chat.status_state.current_status.clone(); + let retry_status_header_before = chat.status_state.retry_status_header.clone(); + + for status in [ + McpServerStartupState::Starting, + McpServerStartupState::Failed, + ] { + chat.handle_server_notification( + ServerNotification::McpServerStatusUpdated(McpServerStatusUpdatedNotification { + thread_id: Some(child_thread_id.to_string()), + name: "sentry".to_string(), + status, + error: matches!(status, McpServerStartupState::Failed) + .then(|| "sentry is not logged in".to_string()), + }), + /*replay_kind*/ None, + ); + } + + assert!(drain_insert_history(&mut rx).is_empty()); + assert!(!chat.bottom_pane.is_task_running()); + assert!(chat.mcp_startup_status.is_none()); + assert_eq!(chat.status_state.current_status, status_before); + assert_eq!( + chat.status_state.retry_status_header, + retry_status_header_before + ); +} + +#[tokio::test] +async fn mcp_startup_dedupes_same_round_duplicate_failure_warning() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.show_welcome_banner = false; + chat.set_mcp_startup_expected_servers(["alpha".to_string(), "beta".to_string()]); + + notify_mcp_status(&mut chat, "alpha", McpServerStartupState::Starting); + notify_mcp_status_error( + &mut chat, + "alpha", + "MCP client for `alpha` failed to start: handshake failed", + ); + notify_mcp_status_error( + &mut chat, + "alpha", + "MCP client for `alpha` failed to start: handshake failed", + ); + + let failure_text = drain_insert_history(&mut rx) + .iter() + .map(|lines| lines_to_single_string(lines)) + .collect::(); + assert_eq!( + failure_text, + "⚠ MCP client for `alpha` failed to start: handshake failed\n" + ); + + notify_mcp_status(&mut chat, "beta", McpServerStartupState::Ready); + + let summary_text = drain_insert_history(&mut rx) + .iter() + .map(|lines| lines_to_single_string(lines)) + .collect::(); + assert_eq!(summary_text, "⚠ MCP startup incomplete (failed: alpha)\n"); +} + #[tokio::test] async fn mcp_startup_header_booting_snapshot() { let (mut chat, _rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; @@ -110,6 +189,11 @@ async fn app_server_mcp_startup_failure_renders_warning_history() { assert!(drain_insert_history(&mut rx).is_empty()); assert!(chat.bottom_pane.is_task_running()); + notify_mcp_status_error( + &mut chat, + "alpha", + "MCP client for `alpha` failed to start: handshake failed", + ); notify_mcp_status_error( &mut chat, "alpha", diff --git a/codex-rs/tui/src/chatwidget/tests/plan_mode.rs b/codex-rs/tui/src/chatwidget/tests/plan_mode.rs index 74cd5270385..984c71d1ab8 100644 --- a/codex-rs/tui/src/chatwidget/tests/plan_mode.rs +++ b/codex-rs/tui/src/chatwidget/tests/plan_mode.rs @@ -1447,7 +1447,7 @@ async fn collaboration_modes_defaults_to_code_on_startup() { assert_eq!(chat.active_collaboration_mode_kind(), ModeKind::Default); assert_eq!( chat.current_model(), - crate::legacy_core::test_support::get_model_offline(chat.config.model.as_deref()) + get_model_offline_for_tests(chat.config.model.as_deref()) ); } @@ -1482,7 +1482,7 @@ async fn make_startup_chat_with_cli_overrides( .build() .await .expect("config"); - let resolved_model = crate::legacy_core::test_support::get_model_offline(cfg.model.as_deref()); + let resolved_model = get_model_offline_for_tests(cfg.model.as_deref()); let session_telemetry = test_session_telemetry(&cfg, resolved_model.as_str()); let init = ChatWidgetInit { config: cfg.clone(), diff --git a/codex-rs/tui/src/chatwidget/tests/popups_and_settings.rs b/codex-rs/tui/src/chatwidget/tests/popups_and_settings.rs index bcc960e6478..736be9fa2a6 100644 --- a/codex-rs/tui/src/chatwidget/tests/popups_and_settings.rs +++ b/codex-rs/tui/src/chatwidget/tests/popups_and_settings.rs @@ -6,6 +6,7 @@ use codex_app_server_protocol::HookErrorInfo; use codex_app_server_protocol::HooksListEntry; use codex_app_server_protocol::HooksListResponse; use codex_app_server_protocol::MarketplaceRemoveResponse; +use codex_app_server_protocol::PluginAvailability; use codex_features::Stage; use pretty_assertions::assert_eq; @@ -68,7 +69,7 @@ async fn experimental_mode_plan_is_ignored_on_startup() { .build() .await .expect("config"); - let resolved_model = crate::legacy_core::test_support::get_model_offline(cfg.model.as_deref()); + let resolved_model = get_model_offline_for_tests(cfg.model.as_deref()); let session_telemetry = test_session_telemetry(&cfg, resolved_model.as_str()); let init = ChatWidgetInit { config: cfg.clone(), @@ -653,7 +654,7 @@ async fn plugin_detail_popup_snapshot_shows_install_actions_and_capability_summa (codex_app_server_protocol::HookEventName::PreToolUse, 1), (codex_app_server_protocol::HookEventName::Stop, 2), ], - &[("Figma", true), ("Slack", false)], + &["Figma", "Slack"], &["figma-mcp", "docs-mcp"], ), }), @@ -697,7 +698,7 @@ async fn plugin_detail_popup_hides_disclosure_for_installed_plugins() { (codex_app_server_protocol::HookEventName::PreToolUse, 1), (codex_app_server_protocol::HookEventName::Stop, 2), ], - &[("Figma", true), ("Slack", false)], + &["Figma", "Slack"], &["figma-mcp", "docs-mcp"], ), }), @@ -714,6 +715,350 @@ async fn plugin_detail_popup_hides_disclosure_for_installed_plugins() { ); } +#[tokio::test] +async fn plugins_popup_remote_row_opens_remote_detail() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Plugins, /*enabled*/ true); + + let popup = render_loaded_plugins_popup( + &mut chat, + plugins_test_response(vec![PluginMarketplaceEntry { + name: "workspace-directory".to_string(), + path: None, + interface: Some(MarketplaceInterface { + display_name: Some("Workspace".to_string()), + }), + plugins: vec![plugins_test_remote_summary( + "plugins~Plugin_calendar", + "calendar", + Some("Calendar"), + Some("Workspace schedules."), + /*installed*/ false, + )], + }]), + ); + let remote_row = popup + .lines() + .find(|line| line.contains("Calendar")) + .expect("expected remote plugin row"); + assert!( + remote_row.contains("Available") + && remote_row.contains("Press Enter to install or view plugin details."), + "expected remote plugin row to be viewable, got:\n{remote_row}" + ); + + while rx.try_recv().is_ok() {} + chat.handle_key_event(KeyEvent::from(KeyCode::Enter)); + + match rx.try_recv() { + Ok(AppEvent::OpenPluginDetailLoading { + plugin_display_name, + }) => { + assert_eq!(plugin_display_name, "Calendar"); + } + other => panic!("expected OpenPluginDetailLoading event, got {other:?}"), + } + match rx.try_recv() { + Ok(AppEvent::FetchPluginDetail { cwd: _, params }) => { + assert_eq!(params.marketplace_path, None); + assert_eq!( + params.remote_marketplace_name, + Some("workspace-directory".to_string()) + ); + assert_eq!(params.plugin_name, "plugins~Plugin_calendar"); + } + other => panic!("expected FetchPluginDetail event, got {other:?}"), + } +} + +#[tokio::test] +async fn plugin_detail_remote_install_uses_remote_location() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Plugins, /*enabled*/ true); + + let summary = plugins_test_remote_summary( + "plugins~Plugin_linear", + "linear", + Some("Linear"), + Some("Issue tracking."), + /*installed*/ false, + ); + let cwd = chat.config.cwd.clone(); + chat.on_plugins_loaded( + cwd.to_path_buf(), + Ok(plugins_test_response(vec![PluginMarketplaceEntry { + name: "workspace-shared-with-me-private".to_string(), + path: None, + interface: Some(MarketplaceInterface { + display_name: Some("Shared with me".to_string()), + }), + plugins: vec![summary.clone()], + }])), + ); + chat.add_plugins_output(); + chat.on_plugin_detail_loaded( + cwd.to_path_buf(), + Ok(PluginReadResponse { + plugin: PluginDetail { + marketplace_name: "workspace-shared-with-me-private".to_string(), + marketplace_path: None, + summary, + description: Some("Install shared Linear plugin.".to_string()), + skills: Vec::new(), + hooks: Vec::new(), + apps: Vec::new(), + app_templates: Vec::new(), + mcp_servers: Vec::new(), + }, + }), + ); + let popup = render_bottom_popup(&chat, /*width*/ 100); + assert!( + popup.contains("Install plugin") && popup.contains("Install this plugin now."), + "expected remote detail to offer install, got:\n{popup}" + ); + + while rx.try_recv().is_ok() {} + chat.handle_key_event(KeyEvent::from(KeyCode::Down)); + chat.handle_key_event(KeyEvent::from(KeyCode::Enter)); + + match rx.try_recv() { + Ok(AppEvent::OpenPluginInstallLoading { + plugin_display_name, + }) => { + assert_eq!(plugin_display_name, "Linear"); + } + other => panic!("expected OpenPluginInstallLoading event, got {other:?}"), + } + match rx.try_recv() { + Ok(AppEvent::FetchPluginInstall { + cwd: _, + location: crate::app_event::PluginLocation::Remote { marketplace_name }, + plugin_name, + plugin_display_name, + }) => { + assert_eq!(marketplace_name, "workspace-shared-with-me-private"); + assert_eq!(plugin_name, "plugins~Plugin_linear"); + assert_eq!(plugin_display_name, "Linear"); + } + other => panic!("expected remote FetchPluginInstall event, got {other:?}"), + } +} + +#[tokio::test] +async fn plugin_detail_remote_uninstall_uses_remote_plugin_id() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Plugins, /*enabled*/ true); + + let summary = plugins_test_remote_summary( + "plugins~Plugin_linear", + "linear", + Some("Linear"), + Some("Issue tracking."), + /*installed*/ true, + ); + let cwd = chat.config.cwd.clone(); + chat.on_plugins_loaded( + cwd.to_path_buf(), + Ok(plugins_test_response(vec![PluginMarketplaceEntry { + name: "workspace-shared-with-me-private".to_string(), + path: None, + interface: Some(MarketplaceInterface { + display_name: Some("Shared with me".to_string()), + }), + plugins: vec![summary.clone()], + }])), + ); + chat.add_plugins_output(); + chat.on_plugin_detail_loaded( + cwd.to_path_buf(), + Ok(PluginReadResponse { + plugin: PluginDetail { + marketplace_name: "workspace-shared-with-me-private".to_string(), + marketplace_path: None, + summary, + description: Some("Installed shared Linear plugin.".to_string()), + skills: Vec::new(), + hooks: Vec::new(), + apps: Vec::new(), + app_templates: Vec::new(), + mcp_servers: Vec::new(), + }, + }), + ); + + while rx.try_recv().is_ok() {} + chat.handle_key_event(KeyEvent::from(KeyCode::Down)); + chat.handle_key_event(KeyEvent::from(KeyCode::Enter)); + + match rx.try_recv() { + Ok(AppEvent::OpenPluginUninstallLoading { + plugin_display_name, + }) => { + assert_eq!(plugin_display_name, "Linear"); + } + other => panic!("expected OpenPluginUninstallLoading event, got {other:?}"), + } + match rx.try_recv() { + Ok(AppEvent::FetchPluginUninstall { + plugin_id, + plugin_display_name, + .. + }) => { + assert_eq!(plugin_id, "plugins~Plugin_linear"); + assert_eq!(plugin_display_name, "Linear"); + } + other => panic!("expected remote FetchPluginUninstall event, got {other:?}"), + } +} + +#[tokio::test] +async fn plugin_detail_remote_without_remote_id_disables_uninstall_action() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Plugins, /*enabled*/ true); + + let summary = PluginSummary { + source: PluginSource::Remote, + ..plugins_test_summary( + "linear@workspace-shared-with-me-private", + "linear", + Some("Linear"), + Some("Issue tracking."), + /*installed*/ true, + /*enabled*/ true, + PluginInstallPolicy::Available, + ) + }; + let cwd = chat.config.cwd.clone(); + chat.on_plugins_loaded( + cwd.to_path_buf(), + Ok(plugins_test_response(vec![PluginMarketplaceEntry { + name: "workspace-shared-with-me-private".to_string(), + path: None, + interface: Some(MarketplaceInterface { + display_name: Some("Shared with me".to_string()), + }), + plugins: vec![summary.clone()], + }])), + ); + chat.add_plugins_output(); + chat.on_plugin_detail_loaded( + cwd.to_path_buf(), + Ok(PluginReadResponse { + plugin: PluginDetail { + marketplace_name: "workspace-shared-with-me-private".to_string(), + marketplace_path: None, + summary, + description: Some("Installed shared Linear plugin.".to_string()), + skills: Vec::new(), + hooks: Vec::new(), + apps: Vec::new(), + app_templates: Vec::new(), + mcp_servers: Vec::new(), + }, + }), + ); + + let popup = render_bottom_popup(&chat, /*width*/ 120); + assert!( + popup.contains("This remote plugin did not provide an uninstall identity.") + && !popup.contains("Remove this plugin now."), + "expected missing remote ID to disable uninstall, got:\n{popup}" + ); + + while rx.try_recv().is_ok() {} + assert!( + rx.try_recv().is_err(), + "expected no action after rendering disabled uninstall state" + ); +} + +#[tokio::test] +async fn plugin_detail_admin_disabled_plugin_blocks_install() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Plugins, /*enabled*/ true); + + let summary = PluginSummary { + availability: PluginAvailability::DisabledByAdmin, + ..plugins_test_summary( + "plugin-admin-blocked", + "admin-blocked", + Some("Admin Blocked"), + Some("Blocked by policy."), + /*installed*/ false, + /*enabled*/ true, + PluginInstallPolicy::Available, + ) + }; + let response = plugins_test_response(vec![plugins_test_curated_marketplace(vec![ + summary.clone(), + ])]); + let cwd = chat.config.cwd.clone(); + chat.on_plugins_loaded(cwd.to_path_buf(), Ok(response)); + chat.add_plugins_output(); + chat.on_plugin_detail_loaded( + cwd.to_path_buf(), + Ok(PluginReadResponse { + plugin: plugins_test_detail(summary, Some("Blocked by policy."), &[], &[], &[], &[]), + }), + ); + + let popup = render_bottom_popup(&chat, /*width*/ 100); + assert!( + popup.contains("Admin Blocked · Disabled by admin") + && popup.contains("This plugin is disabled by your workspace admin.") + && !popup.contains("Install this plugin now."), + "expected admin-disabled detail to block install, got:\n{popup}" + ); + + while rx.try_recv().is_ok() {} + assert!( + rx.try_recv().is_err(), + "expected no action after rendering disabled install state" + ); +} + +#[tokio::test] +async fn plugins_popup_admin_disabled_installed_plugin_has_no_toggle_hint() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Plugins, /*enabled*/ true); + + let summary = PluginSummary { + availability: PluginAvailability::DisabledByAdmin, + ..plugins_test_summary( + "plugin-admin-blocked", + "admin-blocked", + Some("Admin Blocked"), + Some("Blocked by policy."), + /*installed*/ true, + /*enabled*/ true, + PluginInstallPolicy::Available, + ) + }; + render_loaded_plugins_popup( + &mut chat, + plugins_test_response(vec![plugins_test_curated_marketplace(vec![summary])]), + ); + + let popup = render_bottom_popup(&chat, /*width*/ 100); + assert!( + popup.contains("Disabled by admin") + && popup.contains("Press Enter to view plugin details.") + && !popup.contains("Space to disable"), + "expected admin-disabled installed plugin to omit toggle hint, got:\n{popup}" + ); + + while rx.try_recv().is_ok() {} + let before = render_bottom_popup(&chat, /*width*/ 100); + chat.handle_key_event(KeyEvent::new(KeyCode::Char(' '), KeyModifiers::NONE)); + let after = render_bottom_popup(&chat, /*width*/ 100); + assert!( + rx.try_recv().is_err(), + "space should not toggle admin-disabled installed plugins" + ); + assert_eq!(after, before); +} + #[tokio::test] async fn plugin_detail_error_popup_skips_disabled_row_numbering() { let (mut chat, _rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; @@ -2405,13 +2750,55 @@ async fn model_reasoning_selection_popup_snapshot() { set_chatgpt_auth(&mut chat); chat.set_reasoning_effort(Some(ReasoningEffortConfig::High)); - let preset = get_available_model(&chat, "gpt-5.4"); + let mut preset = get_available_model(&chat, "gpt-5.4"); + preset.supported_reasoning_efforts.insert( + 2, + ReasoningEffortPreset { + effort: ReasoningEffortConfig::Custom("max".to_string()), + description: "Maximum available reasoning".to_string(), + }, + ); chat.open_reasoning_popup(preset); let popup = render_bottom_popup(&chat, /*width*/ 80); assert_chatwidget_snapshot!("model_reasoning_selection_popup", popup); } +#[tokio::test] +async fn model_reasoning_selection_popup_applies_custom_effort() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(Some("gpt-5.4")).await; + let custom_effort = ReasoningEffortConfig::Custom("max".to_string()); + chat.set_reasoning_effort(Some(ReasoningEffortConfig::XHigh)); + + let mut preset = get_available_model(&chat, "gpt-5.4"); + preset + .supported_reasoning_efforts + .push(ReasoningEffortPreset { + effort: custom_effort.clone(), + description: "Maximum available reasoning".to_string(), + }); + chat.open_reasoning_popup(preset); + while rx.try_recv().is_ok() {} + + chat.handle_key_event(KeyEvent::from(KeyCode::Down)); + chat.handle_key_event(KeyEvent::from(KeyCode::Enter)); + + let selected_effort_events = std::iter::from_fn(|| rx.try_recv().ok()) + .filter_map(|event| match event { + AppEvent::UpdateReasoningEffort(effort) => Some((None, effort)), + AppEvent::PersistModelSelection { model, effort } => Some((Some(model), effort)), + _ => None, + }) + .collect::>(); + assert_eq!( + selected_effort_events, + vec![ + (None, Some(custom_effort.clone())), + (Some("gpt-5.4".to_string()), Some(custom_effort)), + ] + ); +} + #[tokio::test] async fn model_reasoning_selection_popup_extra_high_warning_snapshot() { let (mut chat, _rx, _op_rx) = make_chatwidget_manual(Some("gpt-5.2")).await; diff --git a/codex-rs/tui/src/chatwidget/tests/review_mode.rs b/codex-rs/tui/src/chatwidget/tests/review_mode.rs index faf8636ad80..af5816cac29 100644 --- a/codex-rs/tui/src/chatwidget/tests/review_mode.rs +++ b/codex-rs/tui/src/chatwidget/tests/review_mode.rs @@ -285,6 +285,29 @@ async fn steer_rejection_queues_review_follow_up_before_existing_queued_messages } } +#[tokio::test] +async fn esc_with_review_queued_steers_shows_warning_and_does_not_interrupt() { + let (mut chat, mut rx, mut op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.thread_id = Some(ThreadId::new()); + handle_turn_started(&mut chat, "turn-1"); + handle_entered_review_mode(&mut chat, "feature branch"); + let _ = drain_insert_history(&mut rx); + chat.input_queue + .pending_steers + .push_back(pending_steer("review follow-up")); + chat.refresh_pending_input_preview(); + + chat.handle_key_event(KeyEvent::new(KeyCode::Esc, KeyModifiers::NONE)); + + assert!(!chat.input_queue.submit_pending_steers_after_interrupt); + assert_eq!(chat.input_queue.pending_steers.len(), 1); + assert_no_submit_op(&mut op_rx); + + let cells = drain_insert_history(&mut rx); + let last = lines_to_single_string(cells.last().expect("review warning")); + assert_chatwidget_snapshot!("review_submission_warning_snapshot", last); +} + #[tokio::test] async fn live_agent_message_renders_during_review_mode() { let (mut chat, mut rx, _ops) = make_chatwidget_manual(/*model_override*/ None).await; diff --git a/codex-rs/tui/src/chatwidget/tests/slash_commands.rs b/codex-rs/tui/src/chatwidget/tests/slash_commands.rs index 099ae1d76d8..e61ffd48fe7 100644 --- a/codex-rs/tui/src/chatwidget/tests/slash_commands.rs +++ b/codex-rs/tui/src/chatwidget/tests/slash_commands.rs @@ -565,35 +565,14 @@ async fn ctrl_d_with_modal_open_does_not_quit() { } #[tokio::test] -async fn slash_init_skips_when_project_doc_exists() { - let (mut chat, mut rx, mut op_rx) = make_chatwidget_manual(/*model_override*/ None).await; - let tempdir = tempdir().unwrap(); - let existing_path = tempdir.path().join(DEFAULT_AGENTS_MD_FILENAME); - std::fs::write(&existing_path, "existing instructions").unwrap(); - chat.config.cwd = tempdir.path().to_path_buf().abs(); +async fn slash_init_does_not_depend_on_loaded_instruction_sources() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.instruction_source_paths = vec![chat.config.cwd.join("project-instructions.md")]; submit_composer_text(&mut chat, "/init"); - match op_rx.try_recv() { - Err(TryRecvError::Empty) => {} - other => panic!("expected no Codex op to be sent, got {other:?}"), - } - - let cells = drain_insert_history(&mut rx); - assert_eq!(cells.len(), 1, "expected one info message"); - let rendered = lines_to_single_string(&cells[0]); - assert!( - rendered.contains(DEFAULT_AGENTS_MD_FILENAME), - "info message should mention the existing file: {rendered:?}" - ); - assert!( - rendered.contains("Skipping /init"), - "info message should explain why /init was skipped: {rendered:?}" - ); - assert_eq!( - std::fs::read_to_string(existing_path).unwrap(), - "existing instructions" - ); + assert_eq!(chat.input_queue.queued_user_messages.len(), 1); + assert!(drain_insert_history(&mut rx).is_empty()); assert_eq!(recall_latest_after_clearing(&mut chat), "/init"); } @@ -784,6 +763,21 @@ async fn goal_control_slash_commands_emit_goal_events() { } } +#[tokio::test] +async fn goal_control_slash_command_without_thread_shows_full_usage() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + chat.set_feature_enabled(Feature::Goals, /*enabled*/ true); + + submit_composer_text(&mut chat, "/goal pause"); + + let cells = drain_insert_history(&mut rx); + assert_eq!(cells.len(), 1, "expected goal usage message"); + insta::assert_snapshot!( + lines_to_single_string(&cells[0]), + @"• Usage: /goal [|clear|edit|pause|resume] The session must start before you can change a goal." + ); +} + #[tokio::test] async fn goal_edit_slash_command_opens_goal_editor() { for thread_id in [Some(ThreadId::new()), None] { @@ -1867,6 +1861,18 @@ async fn slash_resume_opens_picker() { assert_matches!(rx.try_recv(), Ok(AppEvent::OpenResumePicker)); } +#[tokio::test] +async fn slash_import_opens_claude_code_import_picker() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + + chat.dispatch_command(SlashCommand::Import); + + assert_matches!( + rx.try_recv(), + Ok(AppEvent::OpenExternalAgentConfigMigration) + ); +} + #[tokio::test] async fn slash_archive_confirmation_requests_current_thread_archive() { let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; @@ -1885,6 +1891,24 @@ async fn slash_archive_confirmation_requests_current_thread_archive() { assert_matches!(rx.try_recv(), Ok(AppEvent::ArchiveCurrentThread)); } +#[tokio::test] +async fn slash_delete_confirmation_requests_current_thread_delete() { + let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + + chat.dispatch_command(SlashCommand::Delete); + + assert!(chat.bottom_pane.has_active_view()); + assert_matches!(rx.try_recv(), Err(TryRecvError::Empty)); + + let popup = render_bottom_popup(&chat, /*width*/ 80); + assert_chatwidget_snapshot!("slash_delete_confirmation_popup", popup); + + chat.handle_key_event(KeyEvent::from(KeyCode::Down)); + chat.handle_key_event(KeyEvent::from(KeyCode::Enter)); + + assert_matches!(rx.try_recv(), Ok(AppEvent::DeleteCurrentThread)); +} + #[tokio::test] async fn slash_resume_with_arg_requests_named_session() { let (mut chat, mut rx, mut op_rx) = make_chatwidget_manual(/*model_override*/ None).await; diff --git a/codex-rs/tui/src/chatwidget/tests/status_and_layout.rs b/codex-rs/tui/src/chatwidget/tests/status_and_layout.rs index 3d08daa4271..62aede458d0 100644 --- a/codex-rs/tui/src/chatwidget/tests/status_and_layout.rs +++ b/codex-rs/tui/src/chatwidget/tests/status_and_layout.rs @@ -411,7 +411,7 @@ async fn configured_pet_load_is_deferred_until_after_construction() { let mut cfg = test_config().await; cfg.tui_pet = Some(crate::pets::DEFAULT_PET_ID.to_string()); crate::pets::write_test_pack(&cfg.codex_home); - let resolved_model = crate::legacy_core::test_support::get_model_offline(cfg.model.as_deref()); + let resolved_model = get_model_offline_for_tests(cfg.model.as_deref()); let session_telemetry = test_session_telemetry(&cfg, resolved_model.as_str()); let init = ChatWidgetInit { config: cfg.clone(), @@ -2173,6 +2173,32 @@ async fn interrupted_turn_clears_visible_running_hook() { ); } +#[tokio::test] +async fn completed_turn_clears_visible_running_hook() { + let (mut chat, _rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; + + handle_hook_started( + &mut chat, + hook_started_run( + "post-tool-use:0:/tmp/hooks.json", + codex_app_server_protocol::HookEventName::PostToolUse, + /*status_message*/ None, + ), + ); + reveal_running_hooks(&mut chat); + let before_completion = active_hook_blob(&chat); + + handle_turn_completed(&mut chat, "turn-1", /*duration_ms*/ None); + + assert_chatwidget_snapshot!( + "completed_turn_clears_visible_running_hook", + format!( + "before completion:\n{before_completion}after completion:\n{}", + active_hook_blob(&chat) + ) + ); +} + #[tokio::test] async fn status_line_fast_mode_renders_on_and_off() { let (mut chat, _rx, _op_rx) = make_chatwidget_manual(/*model_override*/ None).await; diff --git a/codex-rs/tui/src/chatwidget/tool_lifecycle.rs b/codex-rs/tui/src/chatwidget/tool_lifecycle.rs index 5df5e7bc124..43d4c2e3cf1 100644 --- a/codex-rs/tui/src/chatwidget/tool_lifecycle.rs +++ b/codex-rs/tui/src/chatwidget/tool_lifecycle.rs @@ -144,6 +144,13 @@ impl ChatWidget { } } + pub(super) fn on_sub_agent_activity(&mut self, item: ThreadItem) { + self.record_visible_turn_activity(); + if let Some(cell) = multi_agents::sub_agent_activity_history_cell(&item) { + self.on_collab_event(cell); + } + } + pub(crate) fn handle_file_change_completed_now(&mut self, item: ThreadItem) { let ThreadItem::FileChange { status, .. } = item else { return; diff --git a/codex-rs/tui/src/chatwidget/turn_runtime.rs b/codex-rs/tui/src/chatwidget/turn_runtime.rs index bbea783cf20..3e413c82a4f 100644 --- a/codex-rs/tui/src/chatwidget/turn_runtime.rs +++ b/codex-rs/tui/src/chatwidget/turn_runtime.rs @@ -59,9 +59,7 @@ impl ChatWidget { self.quit_shortcut_key = None; self.update_task_running_state(); self.status_state.retry_status_header = None; - if self.active_hook_cell.take().is_some() { - self.bump_active_cell_revision(); - } + self.clear_active_hook_cell(); self.status_state.pending_status_indicator_restore = false; self.bottom_pane .set_interrupt_hint_visible(/*visible*/ true); @@ -89,9 +87,9 @@ impl ChatWidget { // source only when no earlier item-level event (AgentMessageItem, plan // commit, review output) already recorded markdown for this turn. This // prevents the final summary from overwriting a more specific source. - let sanitized_last_agent_message = last_agent_message - .as_deref() - .map(|message| parse_assistant_markdown(message).visible_markdown); + let sanitized_last_agent_message = last_agent_message.as_deref().map(|message| { + parse_assistant_markdown(message, self.config.cwd.as_path()).visible_markdown + }); if let Some(message) = sanitized_last_agent_message .as_ref() .filter(|message| !message.is_empty()) @@ -162,6 +160,7 @@ impl ChatWidget { // Mark task stopped and request redraw now that all content is in history. self.status_state.pending_status_indicator_restore = false; self.input_queue.user_turn_pending_start = false; + self.clear_active_hook_cell(); self.turn_lifecycle.finish(); self.update_task_running_state(); self.running_commands.clear(); @@ -302,9 +301,7 @@ impl ChatWidget { // Turn-scoped hook rows are transient live state; once the turn is over, // do not leave an orphaned running row behind if no matching completion // event arrived before cancellation. - if self.active_hook_cell.take().is_some() { - self.bump_active_cell_revision(); - } + self.clear_active_hook_cell(); // Reset running state and clear streaming buffers. self.input_queue.user_turn_pending_start = false; self.turn_lifecycle.finish(); diff --git a/codex-rs/tui/src/chatwidget/windows_sandbox_prompts.rs b/codex-rs/tui/src/chatwidget/windows_sandbox_prompts.rs index e92180d4902..89ea3a9bc51 100644 --- a/codex-rs/tui/src/chatwidget/windows_sandbox_prompts.rs +++ b/codex-rs/tui/src/chatwidget/windows_sandbox_prompts.rs @@ -15,7 +15,7 @@ impl ChatWidget { #[cfg(any(target_os = "windows", test))] pub(super) fn elevated_windows_sandbox_setup_required(&self) -> bool { - WindowsSandboxLevel::from_config(&self.config) == WindowsSandboxLevel::Elevated + crate::windows_sandbox::level_from_config(&self.config) == WindowsSandboxLevel::Elevated && self .config .config_layer_stack @@ -23,9 +23,7 @@ impl ChatWidget { .windows_sandbox_mode .source .is_some() - && !crate::legacy_core::windows_sandbox::sandbox_setup_is_complete( - self.config.codex_home.as_path(), - ) + && !crate::windows_sandbox::sandbox_setup_is_complete(self.config.codex_home.as_path()) } #[cfg(target_os = "windows")] @@ -226,54 +224,6 @@ impl ChatWidget { ) { use ratatui_macros::line; - if !crate::legacy_core::windows_sandbox::ELEVATED_SANDBOX_NUX_ENABLED { - // Legacy flow (pre-NUX): explain the experimental sandbox and let the user enable it - // directly (no elevation prompts). - let mut header = ColumnRenderable::new(); - header.push(*Box::new( - Paragraph::new(vec![ - line!["Agent mode on Windows uses an experimental sandbox to limit network and filesystem access.".bold()], - line!["Learn more: https://developers.openai.com/codex/windows"], - ]) - .wrap(Wrap { trim: false }), - )); - - let preset_clone = preset; - let items = vec![ - SelectionItem { - name: "Enable experimental sandbox".to_string(), - description: None, - actions: vec![Box::new(move |tx| { - tx.send(AppEvent::EnableWindowsSandboxForAgentMode { - preset: preset_clone.clone(), - mode: WindowsSandboxEnableMode::Legacy, - profile_selection: profile_selection.clone(), - }); - })], - dismiss_on_select: true, - ..Default::default() - }, - SelectionItem { - name: "Go back".to_string(), - description: None, - actions: vec![Box::new(|tx| { - tx.send(AppEvent::OpenApprovalsPopup); - })], - dismiss_on_select: true, - ..Default::default() - }, - ]; - - self.bottom_pane.show_selection_view(SelectionViewParams { - title: None, - footer_hint: Some(standard_popup_hint_line()), - items, - header: Box::new(header), - ..Default::default() - }); - return; - } - self.session_telemetry.counter( "codex.windows_sandbox.elevated_prompt_shown", /*inc*/ 1, @@ -508,7 +458,7 @@ impl ChatWidget { #[cfg(target_os = "windows")] pub(crate) fn maybe_prompt_windows_sandbox_enable(&mut self, show_now: bool) { - let windows_sandbox_level = WindowsSandboxLevel::from_config(&self.config); + let windows_sandbox_level = crate::windows_sandbox::level_from_config(&self.config); let setup_is_required = windows_sandbox_level == WindowsSandboxLevel::Disabled || self.elevated_windows_sandbox_setup_required(); if show_now diff --git a/codex-rs/tui/src/config_update.rs b/codex-rs/tui/src/config_update.rs index a882b21231c..a71f34b52bc 100644 --- a/codex-rs/tui/src/config_update.rs +++ b/codex-rs/tui/src/config_update.rs @@ -23,6 +23,7 @@ use codex_utils_absolute_path::AbsolutePathBuf; use color_eyre::eyre::Result; use color_eyre::eyre::WrapErr; use serde_json::Value as JsonValue; +use std::fmt::Display; use std::path::Path; use uuid::Uuid; @@ -43,6 +44,10 @@ pub(crate) fn app_scoped_key_path(app_id: &str, key_path: &str) -> String { format!("apps.{app_id}.{key_path}") } +pub(crate) fn format_config_error(err: &impl Display) -> String { + format!("{err:#}") +} + fn trusted_project_edit(project_path: &Path) -> ConfigEdit { let project_key = project_trust_key(project_path) .replace('\\', "\\\\") @@ -203,27 +208,5 @@ pub(crate) async fn write_skill_enabled( } #[cfg(test)] -mod tests { - use super::*; - use pretty_assertions::assert_eq; - - #[test] - fn app_scoped_key_path_quotes_dotted_app_ids() { - assert_eq!( - app_scoped_key_path("plugin.linear", "enabled"), - "apps.\"plugin.linear\".enabled" - ); - } - - #[test] - fn trusted_project_edit_targets_project_trust_level() { - assert_eq!( - trusted_project_edit(Path::new("/workspace/team.project")), - ConfigEdit { - key_path: "projects.\"/workspace/team.project\".trust_level".to_string(), - value: serde_json::json!("trusted"), - merge_strategy: MergeStrategy::Replace, - } - ); - } -} +#[path = "config_update_tests.rs"] +mod tests; diff --git a/codex-rs/tui/src/config_update_tests.rs b/codex-rs/tui/src/config_update_tests.rs new file mode 100644 index 00000000000..ee7508862c1 --- /dev/null +++ b/codex-rs/tui/src/config_update_tests.rs @@ -0,0 +1,40 @@ +use super::*; +use color_eyre::eyre::WrapErr; +use pretty_assertions::assert_eq; +use std::path::Path; + +#[test] +fn app_scoped_key_path_quotes_dotted_app_ids() { + assert_eq!( + app_scoped_key_path("plugin.linear", "enabled"), + "apps.\"plugin.linear\".enabled" + ); +} + +#[test] +fn trusted_project_edit_targets_project_trust_level() { + assert_eq!( + trusted_project_edit(Path::new("/workspace/team.project")), + ConfigEdit { + key_path: "projects.\"/workspace/team.project\".trust_level".to_string(), + value: serde_json::json!("trusted"), + merge_strategy: MergeStrategy::Replace, + } + ); +} + +#[test] +fn format_config_error_preserves_server_validation_message() { + let err = Err::<(), _>(color_eyre::eyre::eyre!( + "config/batchWrite failed: Invalid configuration: features.fast_mode=true violates \ + managed requirements; allowed set [fast_mode=false]" + )) + .wrap_err("config/batchWrite failed in TUI") + .unwrap_err(); + + assert_eq!( + format_config_error(&err), + "config/batchWrite failed in TUI: config/batchWrite failed: Invalid configuration: \ + features.fast_mode=true violates managed requirements; allowed set [fast_mode=false]" + ); +} diff --git a/codex-rs/tui/src/debug_config.rs b/codex-rs/tui/src/debug_config.rs index 562df95989a..d1dde975f3d 100644 --- a/codex-rs/tui/src/debug_config.rs +++ b/codex-rs/tui/src/debug_config.rs @@ -1,5 +1,6 @@ use crate::history_cell::PlainHistoryCell; use crate::legacy_core::config::Config; +use crate::legacy_core::config::Permissions; use crate::session_state::SessionNetworkProxyRuntime; use codex_app_server_protocol::ConfigLayerSource; use codex_config::CONFIG_TOML_FILE; @@ -15,6 +16,8 @@ use codex_config::ResidencyRequirement; use codex_config::SandboxModeRequirement; use codex_config::WebSearchModeRequirement; use codex_config::format_config_layer_source; +use codex_protocol::models::PermissionProfile; +use codex_protocol::permissions::NetworkSandboxPolicy; use ratatui::style::Stylize; use ratatui::text::Line; use toml::Value as TomlValue; @@ -23,7 +26,9 @@ pub(crate) fn new_debug_config_output( config: &Config, session_network_proxy: Option<&SessionNetworkProxyRuntime>, ) -> PlainHistoryCell { - let mut lines = render_debug_config_lines(&config.config_layer_stack); + let mut lines = render_debug_config_lines(&config.config_layer_stack, |mode| { + sandbox_mode_is_allowed_by_permissions(&config.permissions, mode) + }); if let Some(proxy) = session_network_proxy { lines.push("".into()); @@ -49,6 +54,24 @@ pub(crate) fn new_debug_config_output( PlainHistoryCell::new(lines) } +fn sandbox_mode_is_allowed_by_permissions( + permissions: &Permissions, + mode: SandboxModeRequirement, +) -> bool { + let permission_profile = match mode { + SandboxModeRequirement::ReadOnly => PermissionProfile::read_only(), + SandboxModeRequirement::WorkspaceWrite => PermissionProfile::workspace_write(), + SandboxModeRequirement::DangerFullAccess => PermissionProfile::Disabled, + SandboxModeRequirement::ExternalSandbox => PermissionProfile::External { + network: NetworkSandboxPolicy::Restricted, + }, + }; + + permissions + .can_set_permission_profile(&permission_profile) + .is_ok() +} + fn session_all_proxy_url(http_addr: &str, socks_addr: &str, socks_enabled: bool) -> String { if socks_enabled { format!("socks5h://{socks_addr}") @@ -57,7 +80,10 @@ fn session_all_proxy_url(http_addr: &str, socks_addr: &str, socks_enabled: bool) } } -fn render_debug_config_lines(stack: &ConfigLayerStack) -> Vec> { +fn render_debug_config_lines( + stack: &ConfigLayerStack, + sandbox_mode_is_effectively_allowed: impl Fn(SandboxModeRequirement) -> bool, +) -> Vec> { let mut lines = vec!["/debug-config".magenta().into(), "".into()]; lines.push( @@ -122,6 +148,7 @@ fn render_debug_config_lines(stack: &ConfigLayerStack) -> Vec> { modes .iter() .copied() + .filter(|mode| sandbox_mode_is_effectively_allowed(*mode)) .map(format_sandbox_mode_requirement) .collect::>(), ); @@ -515,15 +542,18 @@ fn format_network_unix_socket_permission( #[cfg(test)] mod tests { use super::render_debug_config_lines; + use super::sandbox_mode_is_allowed_by_permissions; use super::session_all_proxy_url; - use crate::legacy_core::config::Constrained; + use crate::legacy_core::config::Permissions; use codex_app_server_protocol::AskForApproval; use codex_app_server_protocol::ConfigLayerSource; use codex_config::ConfigLayerEntry; use codex_config::ConfigLayerStack; use codex_config::ConfigRequirements; use codex_config::ConfigRequirementsToml; + use codex_config::Constrained; use codex_config::ConstrainedWithSource; + use codex_config::ConstraintError; use codex_config::FeatureRequirementsToml; use codex_config::FilesystemConstraints; use codex_config::HookEventsToml; @@ -542,6 +572,7 @@ mod tests { use codex_config::SandboxModeRequirement; use codex_config::Sourced; use codex_config::WebSearchModeRequirement; + use codex_config::sandbox_mode_requirement_for_permission_profile; use codex_protocol::config_types::ApprovalsReviewer; use codex_protocol::config_types::WebSearchMode; use codex_protocol::models::PermissionProfile; @@ -571,6 +602,20 @@ mod tests { .join("\n") } + fn render_stack_to_text(stack: &ConfigLayerStack) -> String { + render_stack_to_text_with_sandbox_mode_filter(stack, |_| true) + } + + fn render_stack_to_text_with_sandbox_mode_filter( + stack: &ConfigLayerStack, + sandbox_mode_is_effectively_allowed: impl Fn(SandboxModeRequirement) -> bool, + ) -> String { + render_to_text(&render_debug_config_lines( + stack, + sandbox_mode_is_effectively_allowed, + )) + } + #[test] fn debug_config_output_lists_all_layers_including_disabled() { let system_file = if cfg!(windows) { @@ -604,7 +649,7 @@ mod tests { ) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); assert!(rendered.contains("(enabled)")); assert!(rendered.contains("(disabled)")); assert!(rendered.contains("reason: project is untrusted")); @@ -702,7 +747,8 @@ mod tests { allowed_approval_policies: Some(vec![AskForApproval::OnRequest.to_core()]), allowed_approvals_reviewers: Some(vec![ApprovalsReviewer::AutoReview]), allowed_sandbox_modes: Some(vec![SandboxModeRequirement::ReadOnly]), - allowed_permissions: None, + allowed_permission_profiles: None, + default_permissions: None, remote_sandbox_config: None, allowed_web_search_modes: Some(vec![WebSearchModeRequirement::Cached]), allow_managed_hooks_only: Some(true), @@ -748,13 +794,13 @@ mod tests { ) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); let requirements_source = (RequirementSource::LegacyManagedConfigTomlFromMdm).to_string(); assert!(rendered.contains(&format!( "allowed_approval_policies: on-request (source: {requirements_source})" ))); assert!(rendered.contains( - "allowed_approvals_reviewers: guardian_subagent (source: MDM managed_config.toml (legacy))" + "allowed_approvals_reviewers: auto_review (source: MDM managed_config.toml (legacy))" )); assert!( rendered.contains( @@ -799,6 +845,93 @@ mod tests { assert!(!rendered.contains(" - rules:")); } + #[test] + fn debug_config_output_filters_sandbox_modes_blocked_by_deny_read_requirements() { + let requirements_file = if cfg!(windows) { + absolute_path("C:\\ProgramData\\OpenAI\\Codex\\requirements.toml") + } else { + absolute_path("/etc/codex/requirements.toml") + }; + let denied_path = if cfg!(windows) { + absolute_path("C:\\Users\\alice\\.gitconfig") + } else { + absolute_path("/home/alice/.gitconfig") + }; + + let requirements = ConfigRequirements { + permission_profile: ConstrainedWithSource::new( + Constrained::allow_any(PermissionProfile::read_only()), + Some(RequirementSource::SystemRequirementsToml { + file: requirements_file.clone(), + }), + ), + filesystem: Some(Sourced::new( + FilesystemConstraints { + deny_read: vec![denied_path.into()], + }, + RequirementSource::SystemRequirementsToml { + file: requirements_file.clone(), + }, + )), + ..ConfigRequirements::default() + }; + let requirements_toml = ConfigRequirementsToml { + allowed_sandbox_modes: Some(vec![ + SandboxModeRequirement::ReadOnly, + SandboxModeRequirement::WorkspaceWrite, + SandboxModeRequirement::DangerFullAccess, + SandboxModeRequirement::ExternalSandbox, + ]), + ..ConfigRequirementsToml::default() + }; + let stack = ConfigLayerStack::new(Vec::new(), requirements, requirements_toml) + .expect("config layer stack"); + let constrained_permission_profile = + Constrained::new(PermissionProfile::read_only(), |candidate| { + let mode = sandbox_mode_requirement_for_permission_profile(candidate); + match mode { + SandboxModeRequirement::ReadOnly | SandboxModeRequirement::WorkspaceWrite => { + Ok(()) + } + SandboxModeRequirement::DangerFullAccess + | SandboxModeRequirement::ExternalSandbox => { + Err(ConstraintError::InvalidValue { + field_name: "sandbox_mode", + candidate: format!("{mode:?}"), + allowed: "[read-only, workspace-write]".to_string(), + requirement_source: RequirementSource::Unknown, + }) + } + } + }) + .expect("constrained permission profile"); + let permissions = Permissions::from_approval_and_profile( + Constrained::allow_any(AskForApproval::OnRequest.to_core()), + constrained_permission_profile, + ) + .expect("permissions"); + + let rendered = render_stack_to_text_with_sandbox_mode_filter(&stack, |mode| { + sandbox_mode_is_allowed_by_permissions(&permissions, mode) + }); + #[cfg(not(windows))] + insta::assert_snapshot!( + "debug_config_effective_sandbox_modes_with_deny_read", + rendered.as_str() + ); + assert!( + rendered.contains( + format!( + "allowed_sandbox_modes: read-only, workspace-write (source: {})", + requirements_file.as_path().display() + ) + .as_str() + ) + ); + assert!(!rendered.contains("danger-full-access")); + assert!(!rendered.contains("external-sandbox")); + } + #[test] fn debug_config_output_lists_approvals_reviewer_as_requirement() { let requirements = ConfigRequirements { @@ -815,9 +948,9 @@ mod tests { let stack = ConfigLayerStack::new(Vec::new(), requirements, requirements_toml) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); assert!(rendered.contains( - "allowed_approvals_reviewers: guardian_subagent (source: MDM managed_config.toml (legacy))" + "allowed_approvals_reviewers: auto_review (source: MDM managed_config.toml (legacy))" )); assert!(!rendered.contains("Requirements:\n ")); } @@ -850,7 +983,7 @@ mod tests { ConfigLayerStack::new(Vec::new(), requirements, ConfigRequirementsToml::default()) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); let requirements_source = (RequirementSource::LegacyManagedConfigTomlFromMdm).to_string(); assert!(rendered.contains(&format!( "experimental_network: unix_sockets={{/tmp/blocked.sock=deny, /tmp/codex.sock=allow}} (source: {requirements_source})" @@ -879,7 +1012,7 @@ writable_roots = ["/tmp"] ) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); assert!(rendered.contains("session-flags (enabled)")); assert!(rendered.contains(" - model = \"gpt-5\"")); assert!(rendered.contains(" - sandbox_workspace_write.network_access = true")); @@ -913,7 +1046,7 @@ approval_policy = "never" ) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); assert!(rendered.contains("legacy managed_config.toml (MDM) (enabled)")); assert!(rendered.contains("MDM value:")); assert!(rendered.contains("# managed by MDM")); @@ -950,7 +1083,7 @@ approval_policy = "never" ) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); assert!(rendered.contains("enterprise-managed (Base policy, cfg_123) (enabled)")); assert!(rendered.contains("Enterprise-managed config value:")); assert!(!rendered.contains("MDM value:")); @@ -973,7 +1106,8 @@ approval_policy = "never" allowed_approval_policies: None, allowed_approvals_reviewers: None, allowed_sandbox_modes: None, - allowed_permissions: None, + allowed_permission_profiles: None, + default_permissions: None, remote_sandbox_config: None, allowed_web_search_modes: Some(Vec::new()), allow_managed_hooks_only: None, @@ -995,7 +1129,7 @@ approval_policy = "never" let stack = ConfigLayerStack::new(Vec::new(), requirements, requirements_toml) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); let requirements_source = (RequirementSource::LegacyManagedConfigTomlFromMdm).to_string(); assert!(rendered.contains(&format!( "allowed_web_search_modes: disabled (source: {requirements_source})" @@ -1041,7 +1175,7 @@ approval_policy = "never" let stack = ConfigLayerStack::new(Vec::new(), requirements, requirements_toml) .expect("config layer stack"); - let rendered = render_to_text(&render_debug_config_lines(&stack)); + let rendered = render_stack_to_text(&stack); let requirements_source = (RequirementSource::LegacyManagedConfigTomlFromMdm).to_string(); assert!(rendered.contains("hooks:")); assert!(rendered.contains("handlers=1")); diff --git a/codex-rs/tui/src/external_agent_config_migration.rs b/codex-rs/tui/src/external_agent_config_migration.rs index 1ce9d44751e..d1c4582d682 100644 --- a/codex-rs/tui/src/external_agent_config_migration.rs +++ b/codex-rs/tui/src/external_agent_config_migration.rs @@ -1,10 +1,8 @@ use crate::diff_render::display_path_for; -use crate::key_hint; -use crate::line_truncation::truncate_line_with_ellipsis_if_overflow; -use crate::render::Insets; -use crate::render::RectExt as _; -use crate::selection_list::selection_option_row_with_dim; -use crate::style::accent_style; +use crate::external_agent_config_migration_model::ExternalAgentConfigMigrationGroupModel; +use crate::external_agent_config_migration_model::external_agent_config_migration_groups; +use crate::external_agent_config_migration_model::external_agent_config_migration_item_detail; +use crate::external_agent_config_migration_model::external_agent_config_migration_item_label; use crate::tui::FrameRequester; use crate::tui::Tui; use crate::tui::TuiEvent; @@ -14,25 +12,16 @@ use crossterm::event::KeyCode; use crossterm::event::KeyEvent; use crossterm::event::KeyEventKind; use crossterm::event::KeyModifiers; -use ratatui::buffer::Buffer; -use ratatui::layout::Constraint; -use ratatui::layout::Layout; -use ratatui::layout::Rect; use ratatui::prelude::Stylize as _; use ratatui::text::Line; -use ratatui::widgets::Clear; -use ratatui::widgets::Paragraph; -use ratatui::widgets::Widget; -use ratatui::widgets::WidgetRef; -use ratatui::widgets::Wrap; use tokio_stream::StreamExt; +mod render; + #[derive(Clone, Debug, PartialEq, Eq)] pub(crate) enum ExternalAgentConfigMigrationOutcome { Proceed(Vec), Skip, - SkipForever, - Exit, } #[derive(Clone, Copy, Debug, PartialEq, Eq)] @@ -44,34 +33,26 @@ enum FocusArea { #[derive(Clone, Copy, Debug, PartialEq, Eq)] enum ActionMenuOption { Proceed, + Customize, Skip, - SkipForever, + Back, } impl ActionMenuOption { fn label(self) -> &'static str { match self { - Self::Proceed => "Proceed with selected", - Self::Skip => "Skip for now", - Self::SkipForever => "Don't ask again", - } - } - - fn previous(self) -> Option { - match self { - Self::Proceed => None, - Self::Skip => Some(Self::Proceed), - Self::SkipForever => Some(Self::Skip), + Self::Proceed => "Import selected", + Self::Customize => "Customize selection", + Self::Skip => "Cancel", + Self::Back => "Review selection", } } +} - fn next(self) -> Option { - match self { - Self::Proceed => Some(Self::Skip), - Self::Skip => Some(Self::SkipForever), - Self::SkipForever => None, - } - } +#[derive(Clone, Copy, Debug, PartialEq, Eq)] +enum MigrationView { + Summary, + Customize, } #[derive(Clone, Debug, PartialEq, Eq)] @@ -136,6 +117,8 @@ pub(crate) async fn run_external_agent_config_migration_prompt( struct ExternalAgentConfigMigrationScreen { request_frame: FrameRequester, items: Vec, + groups: Vec, + view: MigrationView, selected_item_idx: Option, scroll_top: usize, focus: FocusArea, @@ -151,44 +134,67 @@ impl ExternalAgentConfigMigrationScreen { } fn first_available_action(&self) -> ActionMenuOption { - if self.proceed_enabled() { - ActionMenuOption::Proceed - } else { - ActionMenuOption::Skip + match self.available_actions().first() { + Some(action) => *action, + None => ActionMenuOption::Back, } } - fn previous_available_action(&self, action: ActionMenuOption) -> Option { - let mut candidate = action.previous(); - while let Some(option) = candidate { - if option != ActionMenuOption::Proceed || self.proceed_enabled() { - return Some(option); - } - candidate = option.previous(); + fn last_available_action(&self) -> ActionMenuOption { + match self.available_actions().last() { + Some(action) => *action, + None => ActionMenuOption::Back, } - None + } + + fn previous_available_action(&self, action: ActionMenuOption) -> Option { + let actions = self.available_actions(); + actions + .iter() + .position(|candidate| *candidate == action) + .and_then(|idx| idx.checked_sub(1)) + .and_then(|idx| actions.get(idx)) + .copied() } fn next_available_action(&self, action: ActionMenuOption) -> Option { - let mut candidate = action.next(); - while let Some(option) = candidate { - if option != ActionMenuOption::Proceed || self.proceed_enabled() { - return Some(option); + let actions = self.available_actions(); + actions + .iter() + .position(|candidate| *candidate == action) + .and_then(|idx| actions.get(idx + 1)) + .copied() + } + + fn available_actions(&self) -> Vec { + match self.view { + MigrationView::Summary => { + let mut actions = Vec::new(); + if self.proceed_enabled() { + actions.push(ActionMenuOption::Proceed); + } + actions.extend([ActionMenuOption::Customize, ActionMenuOption::Skip]); + actions } - candidate = option.next(); + MigrationView::Customize => vec![ActionMenuOption::Back], } - None } fn normalize_highlighted_action(&mut self) { - if self.highlighted_action == ActionMenuOption::Proceed && !self.proceed_enabled() { + if !self.available_actions().contains(&self.highlighted_action) { self.highlighted_action = self.first_available_action(); } } fn display_description(item: &ExternalAgentConfigMigrationItem) -> String { + // App-server descriptions use migration vocabulary. Normalize that prefix so the TUI + // consistently uses the user-facing import vocabulary. + let description = item + .description + .strip_prefix("Migrate ") + .map_or_else(|| item.description.clone(), |rest| format!("Import {rest}")); let Some(cwd) = item.cwd.as_deref() else { - return item.description.clone(); + return description; }; fn reformat_description( @@ -207,33 +213,23 @@ impl ExternalAgentConfigMigrationScreen { )) } - if let Some(reformatted) = - reformat_description(&item.description, "Migrate ", " into ", cwd) - { + if let Some(reformatted) = reformat_description(&description, "Import ", " into ", cwd) { return reformatted; } if let Some(reformatted) = - reformat_description(&item.description, "Migrate skills from ", " to ", cwd) + reformat_description(&description, "Import skills from ", " to ", cwd) { return reformatted; } - if let Some(reformatted) = reformat_description(&item.description, "Migrate ", " to ", cwd) - { + if let Some(reformatted) = reformat_description(&description, "Import ", " to ", cwd) { return reformatted; } - if let Some(reformatted) = reformat_description(&item.description, "Import ", " to ", cwd) { - return reformatted; - } - - if let Some(source) = item - .description - .strip_prefix("Migrate enabled plugins from ") - { + if let Some(source) = description.strip_prefix("Import enabled plugins from ") { let description = format!( - "Migrate enabled plugins from {}", + "Import enabled plugins from {}", display_path_for(std::path::Path::new(source), cwd) ); if let Some(details) = &item.details { @@ -260,7 +256,7 @@ impl ExternalAgentConfigMigrationScreen { return description; } - item.description.clone() + description } fn new( @@ -269,6 +265,7 @@ impl ExternalAgentConfigMigrationScreen { selected_items: &[ExternalAgentConfigMigrationItem], error: Option, ) -> Self { + let groups = external_agent_config_migration_groups(items); let items = items .iter() .cloned() @@ -277,18 +274,22 @@ impl ExternalAgentConfigMigrationScreen { item, }) .collect::>(); - let selected_item_idx = (!items.is_empty()).then_some(0); - Self { + let selected_item_idx = (!groups.is_empty()).then_some(0); + let mut screen = Self { request_frame, items, + groups, + view: MigrationView::Summary, selected_item_idx, scroll_top: 0, - focus: FocusArea::Items, + focus: FocusArea::Actions, highlighted_action: ActionMenuOption::Proceed, done: false, outcome: ExternalAgentConfigMigrationOutcome::Skip, error, - } + }; + screen.normalize_highlighted_action(); + screen } fn plugin_detail_lines(plugin_groups: &[PluginsMigration]) -> Vec> { @@ -341,12 +342,6 @@ impl ExternalAgentConfigMigrationScreen { fn proceed(&mut self) { let selected = self.selected_items(); - if selected.is_empty() { - self.error = Some("Select at least one item or choose a skip option.".to_string()); - self.request_frame.schedule_frame(); - return; - } - self.finish_with(ExternalAgentConfigMigrationOutcome::Proceed(selected)); } @@ -354,14 +349,6 @@ impl ExternalAgentConfigMigrationScreen { self.finish_with(ExternalAgentConfigMigrationOutcome::Skip); } - fn skip_forever(&mut self) { - self.finish_with(ExternalAgentConfigMigrationOutcome::SkipForever); - } - - fn exit(&mut self) { - self.finish_with(ExternalAgentConfigMigrationOutcome::Exit); - } - fn selected_items(&self) -> Vec { self.items .iter() @@ -374,6 +361,22 @@ impl ExternalAgentConfigMigrationScreen { self.items.iter().filter(|item| item.enabled).count() } + fn group_selection_marker( + &self, + group: &ExternalAgentConfigMigrationGroupModel, + ) -> &'static str { + let enabled_count = group + .item_indices + .iter() + .filter(|idx| self.items[**idx].enabled) + .count(); + match enabled_count { + 0 => " ", + count if count == group.item_indices.len() => "x", + _ => "-", + } + } + fn set_all_enabled(&mut self, enabled: bool) { for item in &mut self.items { item.enabled = enabled; @@ -384,7 +387,7 @@ impl ExternalAgentConfigMigrationScreen { } fn toggle_selected_item(&mut self) { - if self.focus != FocusArea::Items { + if self.view != MigrationView::Customize || self.focus != FocusArea::Items { return; } let Some(selected_idx) = self.selected_item_idx else { @@ -393,26 +396,51 @@ impl ExternalAgentConfigMigrationScreen { let Some(item) = self.items.get_mut(selected_idx) else { return; }; - item.enabled = !item.enabled; self.error = None; self.normalize_highlighted_action(); self.request_frame.schedule_frame(); } + fn customize(&mut self) { + self.view = MigrationView::Customize; + self.selected_item_idx = (!self.items.is_empty()).then_some(0); + self.scroll_top = 0; + self.focus = FocusArea::Items; + self.highlighted_action = ActionMenuOption::Back; + self.request_frame.schedule_frame(); + } + + fn back_to_summary(&mut self) { + self.view = MigrationView::Summary; + self.selected_item_idx = (!self.groups.is_empty()).then_some(0); + self.scroll_top = 0; + self.focus = FocusArea::Actions; + self.highlighted_action = self.first_available_action(); + self.request_frame.schedule_frame(); + } + fn move_up(&mut self) { + if self.view == MigrationView::Summary { + self.focus = FocusArea::Actions; + self.highlighted_action = self + .previous_available_action(self.highlighted_action) + .unwrap_or_else(|| self.last_available_action()); + self.request_frame.schedule_frame(); + return; + } match self.focus { FocusArea::Items => match self.selected_item_idx { Some(0) => { self.focus = FocusArea::Actions; - self.highlighted_action = ActionMenuOption::SkipForever; + self.highlighted_action = self.last_available_action(); } Some(idx) => { self.selected_item_idx = Some(idx.saturating_sub(1)); } None => { self.focus = FocusArea::Actions; - self.highlighted_action = ActionMenuOption::SkipForever; + self.highlighted_action = self.last_available_action(); } }, FocusArea::Actions => { @@ -431,6 +459,14 @@ impl ExternalAgentConfigMigrationScreen { } fn move_down(&mut self) { + if self.view == MigrationView::Summary { + self.focus = FocusArea::Actions; + self.highlighted_action = self + .next_available_action(self.highlighted_action) + .unwrap_or_else(|| self.first_available_action()); + self.request_frame.schedule_frame(); + return; + } match self.focus { FocusArea::Items => match self.selected_item_idx { Some(idx) if idx + 1 < self.items.len() => { @@ -461,8 +497,9 @@ impl ExternalAgentConfigMigrationScreen { FocusArea::Items => self.toggle_selected_item(), FocusArea::Actions => match self.highlighted_action { ActionMenuOption::Proceed => self.proceed(), + ActionMenuOption::Customize => self.customize(), ActionMenuOption::Skip => self.skip(), - ActionMenuOption::SkipForever => self.skip_forever(), + ActionMenuOption::Back => self.back_to_summary(), }, } } @@ -471,39 +508,47 @@ impl ExternalAgentConfigMigrationScreen { if key_event.kind == KeyEventKind::Release { return; } - if is_ctrl_exit_combo(key_event) { - self.exit(); + self.skip(); return; } match key_event.code { KeyCode::Up | KeyCode::Char('k') => self.move_up(), KeyCode::Down | KeyCode::Char('j') => self.move_down(), - KeyCode::Char('1') => { - self.focus = FocusArea::Actions; - self.highlighted_action = ActionMenuOption::Proceed; - self.proceed(); + KeyCode::Char(number @ '1'..='9') => self.select_numbered_action(number), + KeyCode::Char('c') if self.view == MigrationView::Summary => self.customize(), + KeyCode::Char('b') if self.view == MigrationView::Customize => self.back_to_summary(), + KeyCode::Char(' ') if self.view == MigrationView::Customize => { + self.toggle_selected_item(); } - KeyCode::Char('2') => { - self.focus = FocusArea::Actions; - self.highlighted_action = ActionMenuOption::Skip; - self.skip(); + KeyCode::Char('a') if self.view == MigrationView::Customize => { + self.set_all_enabled(/*enabled*/ true); } - KeyCode::Char('3') => { - self.focus = FocusArea::Actions; - self.highlighted_action = ActionMenuOption::SkipForever; - self.skip_forever(); + KeyCode::Char('n') if self.view == MigrationView::Customize => { + self.set_all_enabled(/*enabled*/ false); } - KeyCode::Char(' ') => self.toggle_selected_item(), - KeyCode::Char('a') => self.set_all_enabled(/*enabled*/ true), - KeyCode::Char('n') => self.set_all_enabled(/*enabled*/ false), KeyCode::Enter => self.confirm_selection(), - KeyCode::Esc => self.skip(), + KeyCode::Esc => match self.view { + MigrationView::Summary => self.skip(), + MigrationView::Customize => self.back_to_summary(), + }, _ => {} } } + fn select_numbered_action(&mut self, number: char) { + let Some(index) = number.to_digit(10).and_then(|number| number.checked_sub(1)) else { + return; + }; + let Some(action) = self.available_actions().get(index as usize).copied() else { + return; + }; + self.focus = FocusArea::Actions; + self.highlighted_action = action; + self.confirm_selection(); + } + fn ensure_selected_item_visible(&mut self) { let Some(selected_idx) = self.selected_item_idx else { self.scroll_top = 0; @@ -534,12 +579,47 @@ impl ExternalAgentConfigMigrationScreen { fn section_title(cwd: Option<&std::path::Path>) -> Line<'static> { match cwd { - Some(cwd) => Line::from(vec!["Project: ".bold(), cwd.display().to_string().dim()]), + Some(cwd) => Line::from(vec![ + "Current project: ".bold(), + cwd.display().to_string().dim(), + ]), None => Line::from("Home".bold()), } } fn build_render_lines(&self) -> Vec { + match self.view { + MigrationView::Summary => self.build_summary_render_lines(), + MigrationView::Customize => self.build_customize_render_lines(), + } + } + + fn build_summary_render_lines(&self) -> Vec { + self.groups + .iter() + .enumerate() + .flat_map(|(idx, group)| { + [ + RenderLineEntry { + item_idx: Some(idx), + kind: RenderLineKind::Item, + line: Line::from(format!( + " [{}] {}", + self.group_selection_marker(group), + group.label + )), + }, + RenderLineEntry { + item_idx: None, + kind: RenderLineKind::ItemDetail, + line: Line::from(format!(" {}", group.description)), + }, + ] + }) + .collect() + } + + fn build_customize_render_lines(&self) -> Vec { let mut lines = Vec::new(); let mut current_scope: Option> = None; for (idx, item) in self.items.iter().enumerate() { @@ -562,12 +642,28 @@ impl ExternalAgentConfigMigrationScreen { lines.push(RenderLineEntry { item_idx: Some(idx), kind: RenderLineKind::Item, - line: Line::from(format!( - " [{}] {}", - if item.enabled { "x" } else { " " }, - Self::display_description(&item.item) - )), + line: Line::from(vec![ + " ".into(), + format!( + "[{}] {}", + if item.enabled { "x" } else { " " }, + external_agent_config_migration_item_label(&item.item) + ) + .into(), + ]), + }); + lines.push(RenderLineEntry { + item_idx: None, + kind: RenderLineKind::ItemDetail, + line: Line::from(format!(" {}", Self::display_description(&item.item))), }); + if let Some(details) = external_agent_config_migration_item_detail(&item.item) { + lines.push(RenderLineEntry { + item_idx: None, + kind: RenderLineKind::ItemDetail, + line: Line::from(format!(" {details}")), + }); + } if let Some(details) = &item.item.details { for line in Self::plugin_detail_lines(&details.plugins) { lines.push(RenderLineEntry { @@ -580,194 +676,25 @@ impl ExternalAgentConfigMigrationScreen { } lines } - - fn render_items(&self, area: Rect, buf: &mut Buffer) { - if area.height == 0 || area.width == 0 { - return; - } - let rows = self.build_render_lines(); - let visible_rows = area.height as usize; - let mut start_idx = self.scroll_top.min(rows.len().saturating_sub(1)); - if let Some(selected_item_idx) = self.selected_item_idx { - let selected_render_idx = self.selected_render_line_index(selected_item_idx); - if selected_render_idx < start_idx { - start_idx = selected_render_idx; - } else if visible_rows > 0 { - let bottom = start_idx + visible_rows - 1; - if selected_render_idx > bottom { - start_idx = selected_render_idx + 1 - visible_rows; - } - } - } - - let mut y = area.y; - for entry in rows.iter().skip(start_idx).take(visible_rows) { - if y >= area.y + area.height { - break; - } - - let selected = - self.focus == FocusArea::Items && self.selected_item_idx == entry.item_idx; - let mut line = entry.line.clone(); - if selected { - line.spans.iter_mut().for_each(|span| { - span.style = span.style.patch(accent_style()); - }); - } else if entry.kind != RenderLineKind::Item && !line.spans.is_empty() { - line.spans.iter_mut().for_each(|span| { - span.style = span.style.dim(); - }); - } - let line = truncate_line_with_ellipsis_if_overflow(line, area.width as usize); - line.render( - Rect { - x: area.x, - y, - width: area.width, - height: 1, - }, - buf, - ); - y = y.saturating_add(1); - } - } -} - -impl WidgetRef for &ExternalAgentConfigMigrationScreen { - fn render_ref(&self, area: Rect, buf: &mut Buffer) { - Clear.render(area, buf); - - let inner_area = area.inset(Insets::vh(/*v*/ 1, /*h*/ 2)); - let error_height = u16::from(self.error.is_some()); - let fixed_height = 1u16 + 2u16 + error_height + 1u16 + 4u16 + 1u16; - let list_height = - self.render_line_count() - .max(1) - .min(inner_area.height.saturating_sub(fixed_height) as usize) as u16; - let [ - header_area, - intro_area, - error_area, - list_area, - list_gap_area, - actions_area, - footer_area, - _spacer_area, - ] = Layout::vertical([ - Constraint::Length(1), - Constraint::Length(2), - Constraint::Length(error_height), - Constraint::Length(list_height), - Constraint::Length(1), - Constraint::Length(4), - Constraint::Length(1), - Constraint::Fill(1), - ]) - .areas(inner_area); - - let heading = Line::from(vec!["> ".into(), "External agent config detected".bold()]); - heading.render(header_area, buf); - - Paragraph::new(vec![ - Line::from("We found settings from another agent that you can add to this project."), - Line::from("Select what to import"), - ]) - .wrap(Wrap { trim: false }) - .render(intro_area, buf); - - if let Some(error) = &self.error { - Paragraph::new(error.clone().red().to_string()) - .wrap(Wrap { trim: false }) - .render(error_area, buf); - } - - self.render_items(list_area, buf); - Clear.render(list_gap_area, buf); - - let [ - actions_intro_area, - proceed_area, - skip_area, - skip_forever_area, - ] = Layout::vertical([ - Constraint::Length(1), - Constraint::Length(1), - Constraint::Length(1), - Constraint::Length(1), - ]) - .areas(actions_area); - let actions_intro = format!( - "Selected {} of {} item(s).", - self.selected_count(), - self.items.len() - ); - Paragraph::new(actions_intro) - .wrap(Wrap { trim: false }) - .render(actions_intro_area, buf); - selection_option_row_with_dim( - /*index*/ 0, - ActionMenuOption::Proceed.label().to_string(), - self.focus == FocusArea::Actions - && self.highlighted_action == ActionMenuOption::Proceed, - /*dim*/ self.focus != FocusArea::Actions || !self.proceed_enabled(), - ) - .render(proceed_area, buf); - selection_option_row_with_dim( - /*index*/ 1, - ActionMenuOption::Skip.label().to_string(), - self.focus == FocusArea::Actions && self.highlighted_action == ActionMenuOption::Skip, - /*dim*/ self.focus != FocusArea::Actions, - ) - .render(skip_area, buf); - selection_option_row_with_dim( - /*index*/ 2, - ActionMenuOption::SkipForever.label().to_string(), - self.focus == FocusArea::Actions - && self.highlighted_action == ActionMenuOption::SkipForever, - /*dim*/ self.focus != FocusArea::Actions, - ) - .render(skip_forever_area, buf); - - Line::from(vec![ - "Use ".dim(), - key_hint::plain(KeyCode::Up).into(), - "/".dim(), - key_hint::plain(KeyCode::Down).into(), - " to move, ".dim(), - key_hint::plain(KeyCode::Char(' ')).into(), - " to toggle, ".dim(), - "1".cyan(), - "/".dim(), - "2".cyan(), - "/".dim(), - "3".cyan(), - " to choose, ".dim(), - "a".cyan(), - "/".dim(), - "n".cyan(), - " for all/none".dim(), - ]) - .render(footer_area, buf); - } } fn is_ctrl_exit_combo(key_event: KeyEvent) -> bool { - key_event.modifiers.contains(KeyModifiers::CONTROL) - && matches!(key_event.code, KeyCode::Char('c') | KeyCode::Char('d')) + matches!(key_event.code, KeyCode::Char('c' | 'd')) + && key_event.modifiers.contains(KeyModifiers::CONTROL) } #[cfg(test)] mod tests { - use super::ActionMenuOption; use super::ExternalAgentConfigMigrationOutcome; use super::ExternalAgentConfigMigrationScreen; - use super::FocusArea; + use super::MigrationView; use crate::custom_terminal::Terminal; use crate::test_backend::VT100Backend; use crate::tui::FrameRequester; use codex_app_server_protocol::ExternalAgentConfigMigrationItem; use codex_app_server_protocol::ExternalAgentConfigMigrationItemType; use codex_app_server_protocol::PluginsMigration; + use codex_app_server_protocol::SessionMigration; use crossterm::event::KeyCode; use crossterm::event::KeyEvent; use crossterm::event::KeyModifiers; @@ -829,6 +756,19 @@ mod tests { cwd: None, details: None, }, + ExternalAgentConfigMigrationItem { + item_type: ExternalAgentConfigMigrationItemType::Sessions, + description: "Migrate recent chat sessions".to_string(), + cwd: None, + details: Some(codex_app_server_protocol::MigrationDetails { + sessions: vec![SessionMigration { + path: PathBuf::from("/Users/alex/.claude/projects/project/session.jsonl"), + cwd: project_root.clone(), + title: Some("Investigate migration UX".to_string()), + }], + ..Default::default() + }), + }, ExternalAgentConfigMigrationItem { item_type: ExternalAgentConfigMigrationItemType::Plugins, description: format!( @@ -864,7 +804,13 @@ mod tests { frame.render_widget_ref(screen, frame.area()); } terminal.flush().expect("flush"); - terminal.backend().to_string() + terminal + .backend() + .to_string() + .lines() + .map(str::trim_end) + .collect::>() + .join("\n") } #[test] @@ -877,13 +823,56 @@ mod tests { /*error*/ None, ); - let rendered = render_screen(&screen, /*width*/ 80, /*height*/ 21); + let rendered = render_screen(&screen, /*width*/ 80, /*height*/ 24); #[cfg(windows)] assert_snapshot!("external_agent_config_migration_prompt_windows", rendered); #[cfg(not(windows))] assert_snapshot!("external_agent_config_migration_prompt", rendered); } + #[test] + fn customize_snapshot() { + let items = sample_items(); + let mut screen = ExternalAgentConfigMigrationScreen::new( + FrameRequester::test_dummy(), + &items, + &items, + /*error*/ None, + ); + screen.customize(); + + let rendered = render_screen(&screen, /*width*/ 80, /*height*/ 30); + #[cfg(windows)] + assert_snapshot!( + "external_agent_config_migration_customize_windows", + rendered + ); + #[cfg(not(windows))] + assert_snapshot!("external_agent_config_migration_customize", rendered); + } + + #[test] + fn customize_action_snapshot() { + let items = sample_items(); + let mut screen = ExternalAgentConfigMigrationScreen::new( + FrameRequester::test_dummy(), + &items, + &items, + /*error*/ None, + ); + screen.customize(); + screen.move_up(); + + let rendered = render_screen(&screen, /*width*/ 80, /*height*/ 30); + #[cfg(windows)] + assert_snapshot!( + "external_agent_config_migration_customize_action_windows", + rendered + ); + #[cfg(not(windows))] + assert_snapshot!("external_agent_config_migration_customize_action", rendered); + } + #[test] fn proceed_returns_selected_items() { let items = sample_items(); @@ -894,9 +883,6 @@ mod tests { /*error*/ None, ); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); screen.handle_key(KeyEvent::new(KeyCode::Enter, KeyModifiers::NONE)); assert!(screen.is_done()); @@ -916,16 +902,19 @@ mod tests { /*error*/ None, ); + screen.handle_key(KeyEvent::new(KeyCode::Char('c'), KeyModifiers::NONE)); screen.handle_key(KeyEvent::new(KeyCode::Char(' '), KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Enter, KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(KeyCode::Char('b'), KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(KeyCode::Char('1'), KeyModifiers::NONE)); assert!(screen.is_done()); assert_eq!( screen.outcome(), - ExternalAgentConfigMigrationOutcome::Proceed(vec![items[1].clone(), items[2].clone(),]) + ExternalAgentConfigMigrationOutcome::Proceed(vec![ + items[1].clone(), + items[2].clone(), + items[3].clone(), + ]) ); } @@ -946,7 +935,7 @@ mod tests { } #[test] - fn skip_forever_returns_skip_forever_outcome() { + fn numeric_shortcuts_follow_visible_actions_when_proceed_is_disabled() { let items = sample_items(); let mut screen = ExternalAgentConfigMigrationScreen::new( FrameRequester::test_dummy(), @@ -955,58 +944,46 @@ mod tests { /*error*/ None, ); - screen.move_down(); - screen.move_down(); - screen.move_down(); - screen.move_down(); - screen.move_down(); - screen.confirm_selection(); + screen.handle_key(KeyEvent::new(KeyCode::Char('c'), KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(KeyCode::Char('n'), KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(KeyCode::Char('b'), KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(KeyCode::Char('1'), KeyModifiers::NONE)); - assert_eq!( - screen.outcome(), - ExternalAgentConfigMigrationOutcome::SkipForever - ); + assert_eq!(screen.view, MigrationView::Customize); } #[test] - fn proceed_requires_at_least_one_selected_item() { + fn empty_selection_enter_opens_customize_instead_of_proceeding() { let items = sample_items(); let mut screen = ExternalAgentConfigMigrationScreen::new( FrameRequester::test_dummy(), &items, - &items, + &[], /*error*/ None, ); - screen.handle_key(KeyEvent::new(KeyCode::Char('n'), KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Char('1'), KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(KeyCode::Enter, KeyModifiers::NONE)); assert!(!screen.is_done()); - assert_eq!(screen.highlighted_action, ActionMenuOption::Proceed); - let rendered = render_screen(&screen, /*width*/ 80, /*height*/ 20); - assert!( - rendered.contains("Select at least one item or choose a skip option."), - "expected inline validation error, got:\n{rendered}" - ); + assert_eq!(screen.view, MigrationView::Customize); } #[test] - fn proceed_action_is_skipped_when_no_items_are_selected() { + fn control_exit_shortcuts_cancel_prompt() { let items = sample_items(); - let mut screen = ExternalAgentConfigMigrationScreen::new( - FrameRequester::test_dummy(), - &items, - &items, - /*error*/ None, - ); + for key_code in [KeyCode::Char('c'), KeyCode::Char('d')] { + let mut screen = ExternalAgentConfigMigrationScreen::new( + FrameRequester::test_dummy(), + &items, + &items, + /*error*/ None, + ); - screen.handle_key(KeyEvent::new(KeyCode::Char('n'), KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); - screen.handle_key(KeyEvent::new(KeyCode::Down, KeyModifiers::NONE)); + screen.handle_key(KeyEvent::new(key_code, KeyModifiers::CONTROL)); - assert_eq!(screen.focus, FocusArea::Actions); - assert_eq!(screen.highlighted_action, ActionMenuOption::Skip); + assert!(screen.is_done()); + assert_eq!(screen.outcome(), ExternalAgentConfigMigrationOutcome::Skip); + } } #[test] @@ -1025,28 +1002,42 @@ mod tests { ExternalAgentConfigMigrationOutcome::Proceed(items.clone()) ); + let mut customize_screen = ExternalAgentConfigMigrationScreen::new( + FrameRequester::test_dummy(), + &items, + &items, + /*error*/ None, + ); + customize_screen.handle_key(KeyEvent::new(KeyCode::Char('2'), KeyModifiers::NONE)); + assert_eq!(customize_screen.view, MigrationView::Customize); + customize_screen.handle_key(KeyEvent::new(KeyCode::Char('1'), KeyModifiers::NONE)); + assert_eq!(customize_screen.view, MigrationView::Summary); + let mut skip_screen = ExternalAgentConfigMigrationScreen::new( FrameRequester::test_dummy(), &items, &items, /*error*/ None, ); - skip_screen.handle_key(KeyEvent::new(KeyCode::Char('2'), KeyModifiers::NONE)); + skip_screen.handle_key(KeyEvent::new(KeyCode::Char('3'), KeyModifiers::NONE)); assert_eq!( skip_screen.outcome(), ExternalAgentConfigMigrationOutcome::Skip ); + } - let mut skip_forever_screen = ExternalAgentConfigMigrationScreen::new( + #[test] + fn summary_does_not_toggle_selection() { + let items = sample_items(); + let mut screen = ExternalAgentConfigMigrationScreen::new( FrameRequester::test_dummy(), &items, &items, /*error*/ None, ); - skip_forever_screen.handle_key(KeyEvent::new(KeyCode::Char('3'), KeyModifiers::NONE)); - assert_eq!( - skip_forever_screen.outcome(), - ExternalAgentConfigMigrationOutcome::SkipForever - ); + + screen.handle_key(KeyEvent::new(KeyCode::Char(' '), KeyModifiers::NONE)); + + assert_eq!(screen.selected_items(), items); } } diff --git a/codex-rs/tui/src/external_agent_config_migration/render.rs b/codex-rs/tui/src/external_agent_config_migration/render.rs new file mode 100644 index 00000000000..4d518906c48 --- /dev/null +++ b/codex-rs/tui/src/external_agent_config_migration/render.rs @@ -0,0 +1,206 @@ +use super::*; +use crate::key_hint; +use crate::line_truncation::truncate_line_with_ellipsis_if_overflow; +use crate::render::Insets; +use crate::render::RectExt as _; +use crate::selection_list::selection_option_row_with_dim; +use ratatui::buffer::Buffer; +use ratatui::layout::Constraint; +use ratatui::layout::Layout; +use ratatui::layout::Rect; +use ratatui::widgets::Clear; +use ratatui::widgets::Paragraph; +use ratatui::widgets::Widget; +use ratatui::widgets::WidgetRef; +use ratatui::widgets::Wrap; + +impl ExternalAgentConfigMigrationScreen { + fn render_items(&self, area: Rect, buf: &mut Buffer) { + if area.height == 0 || area.width == 0 { + return; + } + let rows = self.build_render_lines(); + let visible_rows = area.height as usize; + let mut start_idx = self.scroll_top.min(rows.len().saturating_sub(1)); + if let Some(selected_item_idx) = self.selected_item_idx { + let selected_render_idx = self.selected_render_line_index(selected_item_idx); + if selected_render_idx < start_idx { + start_idx = selected_render_idx; + } else if visible_rows > 0 { + let bottom = start_idx + visible_rows - 1; + if selected_render_idx > bottom { + start_idx = selected_render_idx + 1 - visible_rows; + } + } + } + + let mut y = area.y; + for entry in rows.iter().skip(start_idx).take(visible_rows) { + if y >= area.y + area.height { + break; + } + + let selected = + self.focus == FocusArea::Items && self.selected_item_idx == entry.item_idx; + let mut line = entry.line.clone(); + if selected { + if let Some(cursor) = line.spans.first_mut() { + cursor.content = "› ".into(); + } + line.spans.iter_mut().for_each(|span| { + span.style = span.style.cyan().bold(); + }); + } else if entry.kind != RenderLineKind::Item && !line.spans.is_empty() { + line.spans.iter_mut().for_each(|span| { + span.style = span.style.dim(); + }); + } + let line = truncate_line_with_ellipsis_if_overflow(line, area.width as usize); + line.render( + Rect { + x: area.x, + y, + width: area.width, + height: 1, + }, + buf, + ); + y = y.saturating_add(1); + } + } +} + +impl WidgetRef for &ExternalAgentConfigMigrationScreen { + fn render_ref(&self, area: Rect, buf: &mut Buffer) { + Clear.render(area, buf); + + let inner_area = area.inset(Insets::vh(/*v*/ 1, /*h*/ 2)); + let error_height = u16::from(self.error.is_some()); + let intro_lines = match self.view { + MigrationView::Summary => vec![ + Line::from("Bring over your setup, current project, and recent chats."), + Line::from("Codex may add files to your current project folder."), + Line::from("Your existing agent setup will not be changed."), + Line::from("Cloud-hosted chat data cannot be imported."), + ], + MigrationView::Customize => vec![ + Line::from("Choose the items to import."), + Line::from("Codex may add files to your current project folder."), + Line::from("Your existing agent setup will not be changed."), + ], + }; + let intro_height = intro_lines.len() as u16; + let actions = self.available_actions(); + let actions_height = actions.len() as u16 + 1; + let fixed_height = 1u16 + intro_height + error_height + 1u16 + actions_height + 1u16; + let list_height = + self.render_line_count() + .max(1) + .min(inner_area.height.saturating_sub(fixed_height) as usize) as u16; + let [ + header_area, + intro_area, + error_area, + list_area, + list_gap_area, + actions_area, + footer_area, + _spacer_area, + ] = Layout::vertical([ + Constraint::Length(1), + Constraint::Length(intro_height), + Constraint::Length(error_height), + Constraint::Length(list_height), + Constraint::Length(1), + Constraint::Length(actions_height), + Constraint::Length(1), + Constraint::Fill(1), + ]) + .areas(inner_area); + + let title = match self.view { + MigrationView::Summary => "Import from another coding agent", + MigrationView::Customize => "Choose what to import", + }; + let heading = Line::from(vec!["> ".into(), title.bold()]); + heading.render(header_area, buf); + + Paragraph::new(intro_lines) + .wrap(Wrap { trim: false }) + .render(intro_area, buf); + + if let Some(error) = &self.error { + Paragraph::new(error.clone().red().to_string()) + .wrap(Wrap { trim: false }) + .render(error_area, buf); + } + + self.render_items(list_area, buf); + Clear.render(list_gap_area, buf); + + let action_areas = Layout::vertical(std::iter::repeat_n( + Constraint::Length(1), + actions.len() + 1, + )) + .split(actions_area); + let item_label = if self.items.len() == 1 { + "item" + } else { + "items" + }; + let actions_intro = format!( + "Selected {} of {} {item_label}.", + self.selected_count(), + self.items.len() + ); + Paragraph::new(actions_intro) + .wrap(Wrap { trim: false }) + .render(action_areas[0], buf); + for (idx, action) in actions.iter().enumerate() { + selection_option_row_with_dim( + idx, + action.label().to_string(), + self.focus == FocusArea::Actions && self.highlighted_action == *action, + /*dim*/ self.focus != FocusArea::Actions, + ) + .render(action_areas[idx + 1], buf); + } + + let footer = match self.view { + MigrationView::Summary => Line::from(vec![ + "Use ".dim(), + key_hint::plain(KeyCode::Up).into(), + "/".dim(), + key_hint::plain(KeyCode::Down).into(), + " to move, ".dim(), + key_hint::plain(KeyCode::Enter).into(), + " to select, ".dim(), + "c".cyan(), + " to customize".dim(), + ]), + MigrationView::Customize if self.focus == FocusArea::Actions => Line::from(vec![ + "Press ".dim(), + key_hint::plain(KeyCode::Enter).into(), + " to continue, ".dim(), + key_hint::plain(KeyCode::Up).into(), + "/".dim(), + key_hint::plain(KeyCode::Down).into(), + " to move, ".dim(), + "b".cyan(), + " to go back".dim(), + ]), + MigrationView::Customize => Line::from(vec![ + "Use ".dim(), + key_hint::plain(KeyCode::Up).into(), + "/".dim(), + key_hint::plain(KeyCode::Down).into(), + " to move, ".dim(), + key_hint::plain(KeyCode::Char(' ')).into(), + " to toggle, ".dim(), + "b".cyan(), + " to go back".dim(), + ]), + }; + footer.render(footer_area, buf); + } +} diff --git a/codex-rs/tui/src/external_agent_config_migration_flow.rs b/codex-rs/tui/src/external_agent_config_migration_flow.rs new file mode 100644 index 00000000000..f0fabe3a015 --- /dev/null +++ b/codex-rs/tui/src/external_agent_config_migration_flow.rs @@ -0,0 +1,125 @@ +use crate::app_server_session::AppServerSession; +use crate::app_server_session::EXTERNAL_AGENT_CONFIG_IMPORT_IN_PROGRESS_MESSAGE; +use crate::external_agent_config_migration::ExternalAgentConfigMigrationOutcome; +use crate::external_agent_config_migration::run_external_agent_config_migration_prompt; +use crate::legacy_core::config::Config; +use crate::tui; +use codex_app_server_protocol::ExternalAgentConfigDetectParams; + +pub(crate) const EXTERNAL_AGENT_CONFIG_MIGRATION_FINISHED_MESSAGE: &str = + "Agent import finished. Run /import again to check for additional items."; +pub(crate) const EXTERNAL_AGENT_CONFIG_MIGRATION_NO_ITEMS_MESSAGE: &str = + "No supported agent setup was found to import."; +pub(crate) const EXTERNAL_AGENT_CONFIG_MIGRATION_REMOTE_UNAVAILABLE_MESSAGE: &str = + "Agent import is unavailable in remote sessions. Start Codex locally and run /import."; +pub(crate) const EXTERNAL_AGENT_CONFIG_MIGRATION_DAEMON_UNAVAILABLE_MESSAGE: &str = "Agent import is unavailable while Codex is connected to the local app-server daemon. Stop the daemon, restart Codex, and run /import."; + +pub(crate) enum ExternalAgentConfigMigrationFlowOutcome { + Started(String), + NoItems, + Cancelled, +} + +fn external_agent_config_migration_success_message(remaining_item_count: usize) -> String { + let message = "Agent import started. You can keep working while it finishes. Imported setup will apply to new chats."; + match remaining_items_handoff(remaining_item_count) { + Some(remaining_items_handoff) => format!("{message} {remaining_items_handoff}"), + None => message.to_string(), + } +} + +fn remaining_items_handoff(remaining_item_count: usize) -> Option { + match remaining_item_count { + 0 => None, + 1 => Some( + "1 additional item remains. After it finishes, run /import again to review it." + .to_string(), + ), + _ => Some(format!( + "{remaining_item_count} additional items remain. After it finishes, run /import again to review them." + )), + } +} + +pub(crate) async fn handle_external_agent_config_migration_prompt( + tui: &mut tui::Tui, + app_server: &mut AppServerSession, + config: &Config, +) -> Result { + if app_server.uses_remote_workspace() { + return Err(EXTERNAL_AGENT_CONFIG_MIGRATION_REMOTE_UNAVAILABLE_MESSAGE.to_string()); + } + if !app_server.uses_embedded_app_server() { + return Err(EXTERNAL_AGENT_CONFIG_MIGRATION_DAEMON_UNAVAILABLE_MESSAGE.to_string()); + } + if app_server.external_agent_config_import_in_progress() { + return Err(EXTERNAL_AGENT_CONFIG_IMPORT_IN_PROGRESS_MESSAGE.to_string()); + } + + let cwd = config.cwd.to_path_buf(); + let detected_items = match app_server + .external_agent_config_detect(ExternalAgentConfigDetectParams { + include_home: true, + cwds: Some(vec![cwd.clone()]), + }) + .await + { + Ok(response) => response.items, + Err(err) => { + tracing::warn!( + error = %err, + cwd = %cwd.display(), + "failed to detect external agent config migrations" + ); + return Err(format!("Could not check for agent setup: {err}")); + } + }; + + if detected_items.is_empty() { + return Ok(ExternalAgentConfigMigrationFlowOutcome::NoItems); + } + + let mut selected_items = detected_items.clone(); + let mut error: Option = None; + + loop { + match run_external_agent_config_migration_prompt( + tui, + &detected_items, + &selected_items, + error.as_deref(), + ) + .await + { + ExternalAgentConfigMigrationOutcome::Proceed(items) => { + selected_items = items.clone(); + match app_server.external_agent_config_import(items).await { + Ok(()) => { + let remaining_item_count = + detected_items.len().saturating_sub(selected_items.len()); + let success_message = + external_agent_config_migration_success_message(remaining_item_count); + return Ok(ExternalAgentConfigMigrationFlowOutcome::Started( + success_message, + )); + } + Err(err) => { + tracing::warn!( + error = %err, + cwd = %cwd.display(), + "failed to import external agent config migration items" + ); + error = Some(format!("Import failed: {err}")); + } + } + } + ExternalAgentConfigMigrationOutcome::Skip => { + return Ok(ExternalAgentConfigMigrationFlowOutcome::Cancelled); + } + } + } +} + +#[cfg(test)] +#[path = "external_agent_config_migration_flow_tests.rs"] +mod tests; diff --git a/codex-rs/tui/src/external_agent_config_migration_flow_tests.rs b/codex-rs/tui/src/external_agent_config_migration_flow_tests.rs new file mode 100644 index 00000000000..913b55607fe --- /dev/null +++ b/codex-rs/tui/src/external_agent_config_migration_flow_tests.rs @@ -0,0 +1,21 @@ +use super::*; + +#[test] +fn external_agent_config_migration_messages_snapshot() { + let cases = [0, 1, 2]; + + let messages = cases + .map(external_agent_config_migration_success_message) + .into_iter() + .chain([ + EXTERNAL_AGENT_CONFIG_MIGRATION_FINISHED_MESSAGE.to_string(), + EXTERNAL_AGENT_CONFIG_MIGRATION_NO_ITEMS_MESSAGE.to_string(), + EXTERNAL_AGENT_CONFIG_MIGRATION_REMOTE_UNAVAILABLE_MESSAGE.to_string(), + EXTERNAL_AGENT_CONFIG_MIGRATION_DAEMON_UNAVAILABLE_MESSAGE.to_string(), + EXTERNAL_AGENT_CONFIG_IMPORT_IN_PROGRESS_MESSAGE.to_string(), + ]) + .collect::>() + .join("\n"); + + insta::assert_snapshot!("external_agent_config_migration_messages", messages); +} diff --git a/codex-rs/tui/src/external_agent_config_migration_model.rs b/codex-rs/tui/src/external_agent_config_migration_model.rs new file mode 100644 index 00000000000..d03e238da3a --- /dev/null +++ b/codex-rs/tui/src/external_agent_config_migration_model.rs @@ -0,0 +1,147 @@ +use codex_app_server_protocol::ExternalAgentConfigMigrationItem; +use codex_app_server_protocol::ExternalAgentConfigMigrationItemType; +use std::collections::BTreeSet; + +#[derive(Clone, Debug)] +pub(crate) struct ExternalAgentConfigMigrationGroupModel { + pub(crate) label: String, + pub(crate) description: &'static str, + pub(crate) item_indices: Vec, +} + +pub(crate) fn external_agent_config_migration_groups( + items: &[ExternalAgentConfigMigrationItem], +) -> Vec { + let tools_and_setup = items + .iter() + .enumerate() + .filter_map(|(idx, item)| { + (item.cwd.is_none() && item.item_type != ExternalAgentConfigMigrationItemType::Sessions) + .then_some(idx) + }) + .collect::>(); + let projects = items + .iter() + .enumerate() + .filter_map(|(idx, item)| { + (item.cwd.is_some() && item.item_type != ExternalAgentConfigMigrationItemType::Sessions) + .then_some(idx) + }) + .collect::>(); + let chat_sessions = items + .iter() + .enumerate() + .filter_map(|(idx, item)| { + (item.item_type == ExternalAgentConfigMigrationItemType::Sessions).then_some(idx) + }) + .collect::>(); + + let mut groups = Vec::new(); + if !tools_and_setup.is_empty() { + groups.push(ExternalAgentConfigMigrationGroupModel { + label: "Tools & setup".to_string(), + description: "Settings, instructions, integrations, agents, commands, and skills", + item_indices: tools_and_setup, + }); + } + if !projects.is_empty() { + let project_count = projects + .iter() + .filter_map(|idx| items[*idx].cwd.as_deref()) + .collect::>() + .len(); + groups.push(ExternalAgentConfigMigrationGroupModel { + label: if project_count == 1 { + "Current project".to_string() + } else { + format!("Projects ({project_count})") + }, + description: "Add Codex files alongside your existing project files", + item_indices: projects, + }); + } + if !chat_sessions.is_empty() { + let session_count = chat_sessions + .iter() + .filter_map(|idx| items[*idx].details.as_ref()) + .map(|details| details.sessions.len()) + .sum::(); + groups.push(ExternalAgentConfigMigrationGroupModel { + label: format!("Chat sessions ({session_count})"), + description: "Last 30 days of chats", + item_indices: chat_sessions, + }); + } + groups +} + +pub(crate) fn external_agent_config_migration_item_label( + item: &ExternalAgentConfigMigrationItem, +) -> &'static str { + match item.item_type { + ExternalAgentConfigMigrationItemType::AgentsMd => "Instructions (CLAUDE.md -> AGENTS.md)", + ExternalAgentConfigMigrationItemType::Config => "Settings (settings.json -> config.toml)", + ExternalAgentConfigMigrationItemType::Skills => "Skills", + ExternalAgentConfigMigrationItemType::Plugins => "Plugins", + ExternalAgentConfigMigrationItemType::McpServerConfig => "MCP servers", + ExternalAgentConfigMigrationItemType::Subagents => "Agents", + ExternalAgentConfigMigrationItemType::Hooks => "Hooks", + ExternalAgentConfigMigrationItemType::Commands => "Slash commands", + ExternalAgentConfigMigrationItemType::Sessions => "Recent chat sessions", + } +} + +pub(crate) fn external_agent_config_migration_item_detail( + item: &ExternalAgentConfigMigrationItem, +) -> Option { + let details = item.details.as_ref()?; + match item.item_type { + ExternalAgentConfigMigrationItemType::Plugins => None, + ExternalAgentConfigMigrationItemType::McpServerConfig => Some(format_counted_details( + "MCP server", + details.mcp_servers.len(), + details + .mcp_servers + .iter() + .map(|server| server.name.as_str()), + )), + ExternalAgentConfigMigrationItemType::Subagents => Some(format_counted_details( + "agent", + details.subagents.len(), + details.subagents.iter().map(|agent| agent.name.as_str()), + )), + ExternalAgentConfigMigrationItemType::Hooks => Some(format_counted_details( + "hook", + details.hooks.len(), + details.hooks.iter().map(|hook| hook.name.as_str()), + )), + ExternalAgentConfigMigrationItemType::Commands => Some(format_counted_details( + "slash command", + details.commands.len(), + details.commands.iter().map(|command| command.name.as_str()), + )), + ExternalAgentConfigMigrationItemType::Sessions => Some(format_counted_details( + "chat session", + details.sessions.len(), + details + .sessions + .iter() + .filter_map(|session| session.title.as_deref()), + )), + ExternalAgentConfigMigrationItemType::AgentsMd + | ExternalAgentConfigMigrationItemType::Config + | ExternalAgentConfigMigrationItemType::Skills => None, + } +} + +fn format_counted_details<'a>( + noun: &str, + count: usize, + names: impl Iterator, +) -> String { + let suffix = if count == 1 { "" } else { "s" }; + match names.take(4).collect::>() { + names if names.is_empty() => format!("{count} {noun}{suffix}"), + names => format!("{count} {noun}{suffix}: {}", names.join(", ")), + } +} diff --git a/codex-rs/tui/src/external_agent_config_migration_startup.rs b/codex-rs/tui/src/external_agent_config_migration_startup.rs deleted file mode 100644 index 3ec2ca39033..00000000000 --- a/codex-rs/tui/src/external_agent_config_migration_startup.rs +++ /dev/null @@ -1,567 +0,0 @@ -use crate::app_server_session::AppServerSession; -use crate::external_agent_config_migration::ExternalAgentConfigMigrationOutcome; -use crate::external_agent_config_migration::run_external_agent_config_migration_prompt; -use crate::legacy_core::config::Config; -use crate::legacy_core::config::ConfigBuilder; -use crate::legacy_core::config::ConfigOverrides; -use crate::legacy_core::config::edit::ConfigEdit; -use crate::legacy_core::config::edit::ConfigEditsBuilder; -use crate::tui; -use codex_app_server_protocol::ExternalAgentConfigDetectParams; -use codex_app_server_protocol::ExternalAgentConfigMigrationItem; -use codex_features::Feature; -use color_eyre::eyre::Result; -use color_eyre::eyre::WrapErr; -use std::collections::BTreeSet; -use std::path::Path; -use std::time::SystemTime; -use std::time::UNIX_EPOCH; -use toml::Value as TomlValue; - -const EXTERNAL_CONFIG_MIGRATION_PROMPT_COOLDOWN_SECS: i64 = 5 * 24 * 60 * 60; - -pub(crate) enum ExternalAgentConfigMigrationStartupOutcome { - Continue { success_message: Option }, - ExitRequested, -} - -fn should_show_external_agent_config_migration_prompt( - config: &Config, - entered_trust_nux: bool, -) -> bool { - entered_trust_nux && config.features.enabled(Feature::ExternalMigration) -} - -fn external_config_migration_project_key(path: &Path) -> String { - path.display().to_string() -} - -fn is_external_config_migration_scope_hidden(config: &Config, cwd: Option<&Path>) -> bool { - match cwd { - Some(cwd) => config - .notices - .external_config_migration_prompts - .projects - .get(&external_config_migration_project_key(cwd)) - .copied() - .unwrap_or(false), - None => config - .notices - .external_config_migration_prompts - .home - .unwrap_or(false), - } -} - -fn external_config_migration_last_prompted_at(config: &Config, cwd: Option<&Path>) -> Option { - match cwd { - Some(cwd) => config - .notices - .external_config_migration_prompts - .project_last_prompted_at - .get(&external_config_migration_project_key(cwd)) - .copied(), - None => { - config - .notices - .external_config_migration_prompts - .home_last_prompted_at - } - } -} - -fn is_external_config_migration_scope_cooling_down( - config: &Config, - cwd: Option<&Path>, - now_unix_seconds: i64, -) -> bool { - external_config_migration_last_prompted_at(config, cwd).is_some_and(|last_prompted_at| { - last_prompted_at.saturating_add(EXTERNAL_CONFIG_MIGRATION_PROMPT_COOLDOWN_SECS) - > now_unix_seconds - }) -} - -fn visible_external_agent_config_migration_items( - config: &Config, - items: Vec, - now_unix_seconds: i64, -) -> Vec { - items - .into_iter() - .filter(|item| { - !is_external_config_migration_scope_hidden(config, item.cwd.as_deref()) - && !is_external_config_migration_scope_cooling_down( - config, - item.cwd.as_deref(), - now_unix_seconds, - ) - }) - .collect() -} - -fn external_agent_config_migration_success_message( - items: &[ExternalAgentConfigMigrationItem], -) -> String { - if items.iter().any(|item| { - item.item_type == codex_app_server_protocol::ExternalAgentConfigMigrationItemType::Plugins - }) { - "External config migration completed. Plugin migration is still in progress and may take a few minutes." - .to_string() - } else { - "External config migration completed successfully.".to_string() - } -} - -fn unix_seconds_now() -> i64 { - SystemTime::now() - .duration_since(UNIX_EPOCH) - .unwrap_or_default() - .as_secs() as i64 -} - -async fn persist_external_agent_config_migration_prompt_shown( - config: &mut Config, - items: &[ExternalAgentConfigMigrationItem], - now_unix_seconds: i64, -) -> Result<()> { - let mut edits = Vec::new(); - if items.iter().any(|item| item.cwd.is_none()) { - edits.push( - ConfigEdit::SetNoticeExternalConfigMigrationPromptHomeLastPromptedAt(now_unix_seconds), - ); - } - - for project in items - .iter() - .filter_map(|item| item.cwd.as_deref()) - .map(external_config_migration_project_key) - { - edits.push( - ConfigEdit::SetNoticeExternalConfigMigrationPromptProjectLastPromptedAt( - project, - now_unix_seconds, - ), - ); - } - - if edits.is_empty() { - return Ok(()); - } - - ConfigEditsBuilder::for_config(config) - .with_edits(edits) - .apply() - .await - .map_err(|err| color_eyre::eyre::eyre!("{err}")) - .wrap_err("Failed to save external config migration prompt timestamp")?; - - if items.iter().any(|item| item.cwd.is_none()) { - config - .notices - .external_config_migration_prompts - .home_last_prompted_at = Some(now_unix_seconds); - } - for project in items - .iter() - .filter_map(|item| item.cwd.as_deref()) - .map(external_config_migration_project_key) - { - config - .notices - .external_config_migration_prompts - .project_last_prompted_at - .insert(project, now_unix_seconds); - } - - Ok(()) -} - -async fn persist_external_agent_config_migration_prompt_dismissal( - config: &mut Config, - items: &[ExternalAgentConfigMigrationItem], -) -> Result<()> { - let hide_home = items.iter().any(|item| item.cwd.is_none()); - let projects = items - .iter() - .filter_map(|item| item.cwd.as_deref()) - .map(external_config_migration_project_key) - .collect::>(); - - let mut edits = Vec::new(); - if hide_home - && !config - .notices - .external_config_migration_prompts - .home - .unwrap_or(false) - { - edits.push(ConfigEdit::SetNoticeHideExternalConfigMigrationPromptHome( - true, - )); - } - for project in &projects { - if !config - .notices - .external_config_migration_prompts - .projects - .get(project) - .copied() - .unwrap_or(false) - { - edits.push( - ConfigEdit::SetNoticeHideExternalConfigMigrationPromptProject( - project.clone(), - true, - ), - ); - } - } - - if edits.is_empty() { - return Ok(()); - } - - ConfigEditsBuilder::for_config(config) - .with_edits(edits) - .apply() - .await - .map_err(|err| color_eyre::eyre::eyre!("{err}")) - .wrap_err("Failed to save external config migration prompt preference")?; - - if hide_home { - config.notices.external_config_migration_prompts.home = Some(true); - } - for project in projects { - config - .notices - .external_config_migration_prompts - .projects - .insert(project, true); - } - - Ok(()) -} - -pub(crate) async fn handle_external_agent_config_migration_prompt_if_needed( - tui: &mut tui::Tui, - app_server: &mut AppServerSession, - config: &mut Config, - cli_kv_overrides: &[(String, TomlValue)], - harness_overrides: &ConfigOverrides, - entered_trust_nux: bool, -) -> Result { - if !should_show_external_agent_config_migration_prompt(config, entered_trust_nux) { - return Ok(ExternalAgentConfigMigrationStartupOutcome::Continue { - success_message: None, - }); - } - - let now_unix_seconds = unix_seconds_now(); - let detected_items = match app_server - .external_agent_config_detect(ExternalAgentConfigDetectParams { - include_home: true, - cwds: Some(vec![config.cwd.to_path_buf()]), - }) - .await - { - Ok(response) => { - visible_external_agent_config_migration_items(config, response.items, now_unix_seconds) - } - Err(err) => { - tracing::warn!( - error = %err, - cwd = %config.cwd.display(), - "failed to detect external agent config migrations; continuing startup" - ); - return Ok(ExternalAgentConfigMigrationStartupOutcome::Continue { - success_message: None, - }); - } - }; - - if detected_items.is_empty() { - return Ok(ExternalAgentConfigMigrationStartupOutcome::Continue { - success_message: None, - }); - } - - if let Err(err) = persist_external_agent_config_migration_prompt_shown( - config, - &detected_items, - now_unix_seconds, - ) - .await - { - tracing::warn!( - error = %err, - cwd = %config.cwd.display(), - "failed to persist external config migration prompt timestamp" - ); - } - - let mut selected_items = detected_items.clone(); - let mut error: Option = None; - - loop { - match run_external_agent_config_migration_prompt( - tui, - &detected_items, - &selected_items, - error.as_deref(), - ) - .await - { - ExternalAgentConfigMigrationOutcome::Proceed(items) => { - selected_items = items.clone(); - match app_server.external_agent_config_import(items).await { - Ok(_) => { - let success_message = - external_agent_config_migration_success_message(&selected_items); - *config = ConfigBuilder::default() - .codex_home(config.codex_home.to_path_buf()) - .cli_overrides(cli_kv_overrides.to_vec()) - .harness_overrides(harness_overrides.clone()) - .build() - .await - .wrap_err("Failed to reload config after external agent migration")?; - return Ok(ExternalAgentConfigMigrationStartupOutcome::Continue { - success_message: Some(success_message), - }); - } - Err(err) => { - tracing::warn!( - error = %err, - cwd = %config.cwd.display(), - "failed to import external agent config migration items" - ); - error = Some(format!("Migration failed: {err}")); - } - } - } - ExternalAgentConfigMigrationOutcome::Skip => { - return Ok(ExternalAgentConfigMigrationStartupOutcome::Continue { - success_message: None, - }); - } - ExternalAgentConfigMigrationOutcome::SkipForever => { - match persist_external_agent_config_migration_prompt_dismissal( - config, - &detected_items, - ) - .await - { - Ok(()) => { - return Ok(ExternalAgentConfigMigrationStartupOutcome::Continue { - success_message: None, - }); - } - Err(err) => { - tracing::warn!( - error = %err, - cwd = %config.cwd.display(), - "failed to persist external config migration prompt dismissal" - ); - error = Some(format!("Failed to save preference: {err}")); - } - } - } - ExternalAgentConfigMigrationOutcome::Exit => { - return Ok(ExternalAgentConfigMigrationStartupOutcome::ExitRequested); - } - } - } -} - -#[cfg(test)] -mod tests { - use super::*; - use codex_app_server_protocol::ExternalAgentConfigMigrationItemType; - use pretty_assertions::assert_eq; - use std::path::PathBuf; - use tempfile::tempdir; - - #[tokio::test] - async fn visible_external_agent_config_migration_items_omits_hidden_scopes() { - let codex_home = tempdir().expect("temp codex home"); - let mut config = ConfigBuilder::default() - .codex_home(codex_home.path().to_path_buf()) - .build() - .await - .expect("config"); - config.notices.external_config_migration_prompts.home = Some(true); - config - .notices - .external_config_migration_prompts - .projects - .insert("/tmp/project".to_string(), true); - - let visible = visible_external_agent_config_migration_items( - &config, - vec![ - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Config, - description: "home".to_string(), - cwd: None, - details: None, - }, - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::AgentsMd, - description: "project".to_string(), - cwd: Some(PathBuf::from("/tmp/project")), - details: None, - }, - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Skills, - description: "other project".to_string(), - cwd: Some(PathBuf::from("/tmp/other")), - details: None, - }, - ], - /*now_unix_seconds*/ 1_760_000_000, - ); - - assert_eq!( - visible, - vec![ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Skills, - description: "other project".to_string(), - cwd: Some(PathBuf::from("/tmp/other")), - details: None, - }] - ); - } - - #[tokio::test] - async fn visible_external_agent_config_migration_items_omits_recently_prompted_scopes() { - let codex_home = tempdir().expect("temp codex home"); - let mut config = ConfigBuilder::default() - .codex_home(codex_home.path().to_path_buf()) - .build() - .await - .expect("config"); - config - .notices - .external_config_migration_prompts - .home_last_prompted_at = Some(1_760_000_000); - config - .notices - .external_config_migration_prompts - .project_last_prompted_at - .insert("/tmp/project".to_string(), 1_760_000_000); - - let visible = visible_external_agent_config_migration_items( - &config, - vec![ - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Config, - description: "home".to_string(), - cwd: None, - details: None, - }, - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::AgentsMd, - description: "project".to_string(), - cwd: Some(PathBuf::from("/tmp/project")), - details: None, - }, - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Skills, - description: "other project".to_string(), - cwd: Some(PathBuf::from("/tmp/other")), - details: None, - }, - ], - /*now_unix_seconds*/ - 1_760_000_000 + EXTERNAL_CONFIG_MIGRATION_PROMPT_COOLDOWN_SECS - 1, - ); - - assert_eq!( - visible, - vec![ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Skills, - description: "other project".to_string(), - cwd: Some(PathBuf::from("/tmp/other")), - details: None, - }] - ); - } - - #[tokio::test] - async fn external_config_migration_scope_cooldown_expires_after_five_days() { - let codex_home = tempdir().expect("temp codex home"); - let mut config = ConfigBuilder::default() - .codex_home(codex_home.path().to_path_buf()) - .build() - .await - .expect("config"); - config - .notices - .external_config_migration_prompts - .home_last_prompted_at = Some(1_760_000_000); - - assert!(is_external_config_migration_scope_cooling_down( - &config, - /*cwd*/ None, - 1_760_000_000 + EXTERNAL_CONFIG_MIGRATION_PROMPT_COOLDOWN_SECS - 1, - )); - assert!(!is_external_config_migration_scope_cooling_down( - &config, - /*cwd*/ None, - 1_760_000_000 + EXTERNAL_CONFIG_MIGRATION_PROMPT_COOLDOWN_SECS, - )); - } - - #[test] - fn external_agent_config_migration_success_message_mentions_plugins_when_present() { - let message = external_agent_config_migration_success_message(&[ - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Config, - description: String::new(), - cwd: None, - details: None, - }, - ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::Plugins, - description: String::new(), - cwd: None, - details: None, - }, - ]); - - assert_eq!( - message, - "External config migration completed. Plugin migration is still in progress and may take a few minutes." - ); - } - - #[test] - fn external_agent_config_migration_success_message_omits_plugins_copy_when_absent() { - let message = - external_agent_config_migration_success_message(&[ExternalAgentConfigMigrationItem { - item_type: ExternalAgentConfigMigrationItemType::AgentsMd, - description: String::new(), - cwd: None, - details: None, - }]); - - assert_eq!(message, "External config migration completed successfully."); - } - - #[tokio::test] - async fn external_agent_config_migration_prompt_requires_trust_nux_entry() { - let codex_home = tempdir().expect("temp codex home"); - let mut config = ConfigBuilder::default() - .codex_home(codex_home.path().to_path_buf()) - .build() - .await - .expect("config"); - let _ = config.features.enable(Feature::ExternalMigration); - - assert!(!should_show_external_agent_config_migration_prompt( - &config, /*entered_trust_nux*/ false, - )); - assert!(should_show_external_agent_config_migration_prompt( - &config, /*entered_trust_nux*/ true, - )); - } -} diff --git a/codex-rs/tui/src/get_git_diff.rs b/codex-rs/tui/src/get_git_diff.rs index 7f554507078..ab7764b6b3f 100644 --- a/codex-rs/tui/src/get_git_diff.rs +++ b/codex-rs/tui/src/get_git_diff.rs @@ -11,9 +11,11 @@ use std::time::Duration; use crate::workspace_command::WorkspaceCommand; use crate::workspace_command::WorkspaceCommandExecutor; use crate::workspace_command::WorkspaceCommandOutput; +use codex_git_utils::FsmonitorOverride; +use codex_git_utils::FsmonitorProbeRunner; +use codex_git_utils::detect_fsmonitor_override; const DIFF_COMMAND_TIMEOUT: Duration = Duration::from_secs(/*secs*/ 30); -const DISABLE_FSMONITOR_CONFIG: &str = "core.fsmonitor=false"; const DISABLE_HOOKS_CONFIG: &str = if cfg!(windows) { "core.hooksPath=NUL" } else { @@ -21,6 +23,25 @@ const DISABLE_HOOKS_CONFIG: &str = if cfg!(windows) { }; const EXECUTABLE_FILTER_CONFIG_PATTERN: &str = r"^filter\..*\.(clean|process)$"; +// `/diff` may execute Git through a remote workspace, so git-utils owns the +// probe policy while this adapter keeps command execution in the TUI layer. +// WorkspaceCommand bounds each call; `/diff` has no aggregate command deadline. +struct WorkspaceFsmonitorProbeRunner<'a> { + runner: &'a dyn WorkspaceCommandExecutor, + cwd: &'a Path, +} + +impl FsmonitorProbeRunner for WorkspaceFsmonitorProbeRunner<'_> { + async fn run_probe(&mut self, args: &[&str]) -> Option> { + let argv = ["git"].into_iter().chain(args.iter().copied()); + let command = WorkspaceCommand::new(argv).cwd(self.cwd.to_path_buf()); + match self.runner.run(command).await { + Ok(output) if output.success() => Some(output.stdout.into_bytes()), + _ => None, + } + } +} + /// Return value of [`get_git_diff`]. /// /// * `bool` – Whether the current working directory is inside a Git repo. @@ -34,12 +55,17 @@ pub(crate) async fn get_git_diff( return Ok((false, String::new())); } + // Probe once per `/diff` and reuse the result for all subsequent Git commands. + let mut probe_runner = WorkspaceFsmonitorProbeRunner { runner, cwd }; + let fsmonitor = detect_fsmonitor_override(&mut probe_runner).await; + // Keep `/diff` informational: repository configuration must not select executable diff helpers. - let diff_config_overrides = diff_filter_config_overrides(runner, cwd).await?; + let diff_config_overrides = diff_filter_config_overrides(runner, cwd, fsmonitor).await?; let (tracked_diff_res, untracked_output_res) = tokio::join!( run_git_capture_diff( runner, cwd, + fsmonitor, &diff_config_overrides, &[ "diff", @@ -50,7 +76,12 @@ pub(crate) async fn get_git_diff( "--color", ] ), - run_git_capture_stdout(runner, cwd, &["ls-files", "--others", "--exclude-standard"]), + run_git_capture_stdout( + runner, + cwd, + fsmonitor, + &["ls-files", "--others", "--exclude-standard"] + ), ); let tracked_diff = tracked_diff_res?; let untracked_output = untracked_output_res?; @@ -80,7 +111,8 @@ pub(crate) async fn get_git_diff( null_path, file, ]; - let diff = run_git_capture_diff(runner, cwd, &diff_config_overrides, &args).await?; + let diff = + run_git_capture_diff(runner, cwd, fsmonitor, &diff_config_overrides, &args).await?; untracked_diff.push_str(&diff); } @@ -92,9 +124,10 @@ pub(crate) async fn get_git_diff( async fn run_git_capture_stdout( runner: &dyn WorkspaceCommandExecutor, cwd: &Path, + fsmonitor: FsmonitorOverride, args: &[&str], ) -> Result { - let output = run_git_command(runner, cwd, &[], args).await?; + let output = run_git_command(runner, cwd, fsmonitor, &[], args).await?; if output.success() { Ok(output.stdout) } else { @@ -110,10 +143,11 @@ async fn run_git_capture_stdout( async fn run_git_capture_diff( runner: &dyn WorkspaceCommandExecutor, cwd: &Path, + fsmonitor: FsmonitorOverride, config_overrides: &[(String, String)], args: &[&str], ) -> Result { - let output = run_git_command(runner, cwd, config_overrides, args).await?; + let output = run_git_command(runner, cwd, fsmonitor, config_overrides, args).await?; if output.success() || output.exit_code == 1 { Ok(output.stdout) } else { @@ -129,6 +163,7 @@ async fn run_git_capture_diff( async fn diff_filter_config_overrides( runner: &dyn WorkspaceCommandExecutor, cwd: &Path, + fsmonitor: FsmonitorOverride, ) -> Result, String> { let args = [ "config", @@ -137,7 +172,7 @@ async fn diff_filter_config_overrides( "--get-regexp", EXECUTABLE_FILTER_CONFIG_PATTERN, ]; - let output = run_git_command(runner, cwd, &[], &args).await?; + let output = run_git_command(runner, cwd, fsmonitor, &[], &args).await?; if output.exit_code != 0 && output.exit_code != 1 { return Err(format!( "git {:?} failed with status {}", @@ -174,25 +209,35 @@ async fn inside_git_repo( runner: &dyn WorkspaceCommandExecutor, cwd: &Path, ) -> Result { - let output = run_git_command(runner, cwd, &[], &["rev-parse", "--is-inside-work-tree"]).await?; + // `rev-parse` does not inspect the worktree, and probing before this check + // would also run extra Git commands outside repositories. + let output = run_git_command( + runner, + cwd, + FsmonitorOverride::Disabled, + &[], + &["rev-parse", "--is-inside-work-tree"], + ) + .await?; Ok(output.success()) } async fn run_git_command( runner: &dyn WorkspaceCommandExecutor, cwd: &Path, + fsmonitor: FsmonitorOverride, config_overrides: &[(String, String)], args: &[&str], ) -> Result { - let mut argv = Vec::with_capacity(args.len() + 5); - argv.push("git".to_string()); - argv.extend([ - "-c".to_string(), - DISABLE_FSMONITOR_CONFIG.to_string(), - "-c".to_string(), - DISABLE_HOOKS_CONFIG.to_string(), - ]); - argv.extend(args.iter().map(|arg| (*arg).to_string())); + let argv = [ + "git", + "-c", + fsmonitor.git_config_arg(), + "-c", + DISABLE_HOOKS_CONFIG, + ] + .into_iter() + .chain(args.iter().copied()); let mut command = WorkspaceCommand::new(argv) .cwd(cwd.to_path_buf()) .timeout(DIFF_COMMAND_TIMEOUT) @@ -230,7 +275,10 @@ mod tests { async fn get_git_diff_returns_not_git_for_non_git_cwd() { let cwd = PathBuf::from("/workspace"); let runner = FakeRunner::new(vec![response( - git_command(&["rev-parse", "--is-inside-work-tree"]), + git_command( + FsmonitorOverride::Disabled, + &["rev-parse", "--is-inside-work-tree"], + ), /*exit_code*/ 128, "", )]); @@ -238,11 +286,7 @@ mod tests { let result = get_git_diff(&runner, &cwd).await; assert_eq!(result, Ok((false, String::new()))); - assert_commands( - &runner.commands(), - &[git_command(&["rev-parse", "--is-inside-work-tree"])], - &cwd, - ); + assert_command_metadata(&runner.commands(), &cwd); } #[tokio::test] @@ -250,51 +294,84 @@ mod tests { let cwd = PathBuf::from("/workspace"); let runner = FakeRunner::new(vec![ response( - git_command(&["rev-parse", "--is-inside-work-tree"]), + git_command( + FsmonitorOverride::Disabled, + &["rev-parse", "--is-inside-work-tree"], + ), /*exit_code*/ 0, "true\n", ), response( - git_command(&[ + git_probe_command(&["config", "--null", "--get", "core.fsmonitor"]), + /*exit_code*/ 0, + "/tmp/fsmonitor-helper\0", + ), + response( + git_probe_command(&[ "config", "--null", - "--name-only", - "--get-regexp", - EXECUTABLE_FILTER_CONFIG_PATTERN, + "--type=bool", + "--fixed-value", + "--get", + "core.fsmonitor", + "/tmp/fsmonitor-helper", ]), + /*exit_code*/ 128, + "", + ), + response( + git_command( + FsmonitorOverride::Disabled, + &[ + "config", + "--null", + "--name-only", + "--get-regexp", + EXECUTABLE_FILTER_CONFIG_PATTERN, + ], + ), /*exit_code*/ 0, "filter.evil.clean\0filter.evil.process\0", ), response( - git_command(&[ - "diff", - "--no-textconv", - "--no-ext-diff", - "--submodule=short", - "--ignore-submodules=dirty", - "--color", - ]), + git_command( + FsmonitorOverride::Disabled, + &[ + "diff", + "--no-textconv", + "--no-ext-diff", + "--submodule=short", + "--ignore-submodules=dirty", + "--color", + ], + ), /*exit_code*/ 1, "tracked\n", ), response( - git_command(&["ls-files", "--others", "--exclude-standard"]), + git_command( + FsmonitorOverride::Disabled, + &["ls-files", "--others", "--exclude-standard"], + ), /*exit_code*/ 0, "new.txt\n", ), response( - git_command(&[ - "diff", - "--no-textconv", - "--no-ext-diff", - "--submodule=short", - "--ignore-submodules=dirty", - "--color", - "--no-index", - "--", - null_device(), - "new.txt", - ]), + git_command( + FsmonitorOverride::Disabled, + &[ + "diff", + "--no-textconv", + "--no-ext-diff", + "--submodule=short", + "--ignore-submodules=dirty", + "--color", + "--no-index", + "--", + null_device(), + "new.txt", + ], + ), /*exit_code*/ 1, "untracked\n", ), @@ -304,43 +381,95 @@ mod tests { assert_eq!(result, Ok((true, "tracked\nuntracked\n".to_string()))); let commands = runner.commands(); - assert_commands( - &commands, - &[ - git_command(&["rev-parse", "--is-inside-work-tree"]), - git_command(&[ - "config", - "--null", - "--name-only", - "--get-regexp", - EXECUTABLE_FILTER_CONFIG_PATTERN, - ]), - git_command(&[ - "diff", - "--no-textconv", - "--no-ext-diff", - "--submodule=short", - "--ignore-submodules=dirty", - "--color", - ]), - git_command(&["ls-files", "--others", "--exclude-standard"]), - git_command(&[ - "diff", - "--no-textconv", - "--no-ext-diff", - "--submodule=short", - "--ignore-submodules=dirty", - "--color", - "--no-index", - "--", - null_device(), - "new.txt", - ]), - ], - &cwd, - ); - assert_eq!(commands[2].env, filter_override_env("filter.evil")); + assert_command_metadata(&commands, &cwd); assert_eq!(commands[4].env, filter_override_env("filter.evil")); + assert_eq!(commands[6].env, filter_override_env("filter.evil")); + } + + #[tokio::test] + async fn get_git_diff_preserves_builtin_fsmonitor_for_diff_workflow() { + let cwd = PathBuf::from("/workspace"); + let runner = FakeRunner::new(vec![ + response( + git_command( + FsmonitorOverride::Disabled, + &["rev-parse", "--is-inside-work-tree"], + ), + /*exit_code*/ 0, + "true\n", + ), + response( + git_probe_command(&["config", "--null", "--get", "core.fsmonitor"]), + /*exit_code*/ 0, + "true\0", + ), + response( + git_probe_command(&["version", "--build-options"]), + /*exit_code*/ 0, + "feature: fsmonitor--daemon\n", + ), + response( + git_command( + FsmonitorOverride::BuiltIn, + &[ + "config", + "--null", + "--name-only", + "--get-regexp", + EXECUTABLE_FILTER_CONFIG_PATTERN, + ], + ), + /*exit_code*/ 1, + "", + ), + response( + git_command( + FsmonitorOverride::BuiltIn, + &[ + "diff", + "--no-textconv", + "--no-ext-diff", + "--submodule=short", + "--ignore-submodules=dirty", + "--color", + ], + ), + /*exit_code*/ 1, + "tracked\n", + ), + response( + git_command( + FsmonitorOverride::BuiltIn, + &["ls-files", "--others", "--exclude-standard"], + ), + /*exit_code*/ 0, + "new.txt\n", + ), + response( + git_command( + FsmonitorOverride::BuiltIn, + &[ + "diff", + "--no-textconv", + "--no-ext-diff", + "--submodule=short", + "--ignore-submodules=dirty", + "--color", + "--no-index", + "--", + null_device(), + "new.txt", + ], + ), + /*exit_code*/ 1, + "untracked\n", + ), + ]); + + let result = get_git_diff(&runner, &cwd).await; + + assert_eq!(result, Ok((true, "tracked\nuntracked\n".to_string()))); + assert_command_metadata(&runner.commands(), &cwd); } #[tokio::test] @@ -348,35 +477,52 @@ mod tests { let cwd = PathBuf::from("/workspace"); let runner = FakeRunner::new(vec![ response( - git_command(&["rev-parse", "--is-inside-work-tree"]), + git_command( + FsmonitorOverride::Disabled, + &["rev-parse", "--is-inside-work-tree"], + ), /*exit_code*/ 0, "true\n", ), response( - git_command(&[ - "config", - "--null", - "--name-only", - "--get-regexp", - EXECUTABLE_FILTER_CONFIG_PATTERN, - ]), + git_probe_command(&["config", "--null", "--get", "core.fsmonitor"]), /*exit_code*/ 1, "", ), response( - git_command(&[ - "diff", - "--no-textconv", - "--no-ext-diff", - "--submodule=short", - "--ignore-submodules=dirty", - "--color", - ]), + git_command( + FsmonitorOverride::Disabled, + &[ + "config", + "--null", + "--name-only", + "--get-regexp", + EXECUTABLE_FILTER_CONFIG_PATTERN, + ], + ), + /*exit_code*/ 1, + "", + ), + response( + git_command( + FsmonitorOverride::Disabled, + &[ + "diff", + "--no-textconv", + "--no-ext-diff", + "--submodule=short", + "--ignore-submodules=dirty", + "--color", + ], + ), /*exit_code*/ 1, "tracked\n", ), response( - git_command(&["ls-files", "--others", "--exclude-standard"]), + git_command( + FsmonitorOverride::Disabled, + &["ls-files", "--others", "--exclude-standard"], + ), /*exit_code*/ 0, "", ), @@ -385,6 +531,7 @@ mod tests { let result = get_git_diff(&runner, &cwd).await; assert_eq!(result, Ok((true, "tracked\n".to_string()))); + assert_command_metadata(&runner.commands(), &cwd); } #[tokio::test] @@ -392,35 +539,52 @@ mod tests { let cwd = PathBuf::from("/workspace"); let runner = FakeRunner::new(vec![ response( - git_command(&["rev-parse", "--is-inside-work-tree"]), + git_command( + FsmonitorOverride::Disabled, + &["rev-parse", "--is-inside-work-tree"], + ), /*exit_code*/ 0, "true\n", ), response( - git_command(&[ - "config", - "--null", - "--name-only", - "--get-regexp", - EXECUTABLE_FILTER_CONFIG_PATTERN, - ]), + git_probe_command(&["config", "--null", "--get", "core.fsmonitor"]), /*exit_code*/ 1, "", ), response( - git_command(&[ - "diff", - "--no-textconv", - "--no-ext-diff", - "--submodule=short", - "--ignore-submodules=dirty", - "--color", - ]), + git_command( + FsmonitorOverride::Disabled, + &[ + "config", + "--null", + "--name-only", + "--get-regexp", + EXECUTABLE_FILTER_CONFIG_PATTERN, + ], + ), + /*exit_code*/ 1, + "", + ), + response( + git_command( + FsmonitorOverride::Disabled, + &[ + "diff", + "--no-textconv", + "--no-ext-diff", + "--submodule=short", + "--ignore-submodules=dirty", + "--color", + ], + ), /*exit_code*/ 2, "", ), response( - git_command(&["ls-files", "--others", "--exclude-standard"]), + git_command( + FsmonitorOverride::Disabled, + &["ls-files", "--others", "--exclude-standard"], + ), /*exit_code*/ 0, "", ), @@ -430,12 +594,11 @@ mod tests { .await .expect_err("unexpected git diff status should fail"); - assert!( - error.contains( - "git [\"diff\", \"--no-textconv\", \"--no-ext-diff\", \"--submodule=short\", \"--ignore-submodules=dirty\", \"--color\"] failed with status 2" - ), - "unexpected error: {error}", + assert_eq!( + error, + "git [\"diff\", \"--no-textconv\", \"--no-ext-diff\", \"--submodule=short\", \"--ignore-submodules=dirty\", \"--color\"] failed with status 2" ); + assert_command_metadata(&runner.commands(), &cwd); } #[cfg(unix)] @@ -505,11 +668,18 @@ mod tests { .await .expect("generate diff without invoking helpers"); - assert!(result.1.contains("before")); - assert!(result.1.contains("after")); - assert!(!filter_helper.with_extension("sh.ran").exists()); - assert!(!fsmonitor_helper.with_extension("sh.ran").exists()); - assert!(!hook_helper.with_extension("sh.ran").exists()); + assert_eq!( + ( + result.1.contains("before"), + result.1.contains("after"), + filter_helper.with_extension("sh.ran").exists(), + fsmonitor_helper.with_extension("sh.ran").exists(), + hook_helper.with_extension("sh.ran").exists(), + ), + (true, true, false, false, false), + "diff:\n{}", + result.1 + ); } #[cfg(unix)] @@ -565,20 +735,32 @@ mod tests { .await .expect("generate diff without inspecting submodule worktrees"); - assert!(result.1.is_empty()); - assert!(!helper.with_extension("sh.ran").exists()); + assert_eq!( + (result.1, helper.with_extension("sh.ran").exists()), + (String::new(), false) + ); } - fn git_command(args: &[&str]) -> Vec { - let mut argv = vec![ - "git".to_string(), - "-c".to_string(), - DISABLE_FSMONITOR_CONFIG.to_string(), - "-c".to_string(), - DISABLE_HOOKS_CONFIG.to_string(), - ]; - argv.extend(args.iter().map(|arg| (*arg).to_string())); - argv + fn git_command(fsmonitor: FsmonitorOverride, args: &[&str]) -> Vec { + [ + "git", + "-c", + fsmonitor.git_config_arg(), + "-c", + DISABLE_HOOKS_CONFIG, + ] + .into_iter() + .chain(args.iter().copied()) + .map(str::to_string) + .collect() + } + + fn git_probe_command(args: &[&str]) -> Vec { + ["git"] + .into_iter() + .chain(args.iter().copied()) + .map(str::to_string) + .collect() } fn filter_override_env(driver: &str) -> HashMap> { @@ -619,12 +801,18 @@ mod tests { #[cfg(unix)] fn run_git_setup(cwd: &Path, args: &[&str]) { - let status = ProcessCommand::new("git") + let output = ProcessCommand::new("git") .args(args) .current_dir(cwd) - .status() + .output() .expect("run git setup command"); - assert!(status.success(), "git setup command failed: {args:?}"); + assert_eq!( + output.status.code(), + Some(0), + "git setup command failed: {args:?}\nstdout:\n{}\nstderr:\n{}", + String::from_utf8_lossy(&output.stdout), + String::from_utf8_lossy(&output.stderr) + ); } #[cfg(unix)] @@ -638,17 +826,21 @@ mod tests { fs::set_permissions(path, permissions).expect("make helper executable"); } - fn assert_commands(commands: &[WorkspaceCommand], expected: &[Vec], cwd: &Path) { - let actual: Vec> = commands - .iter() - .map(|command| command.argv.clone()) - .collect(); - assert_eq!(actual, expected); - + fn assert_command_metadata(commands: &[WorkspaceCommand], cwd: &Path) { for command in commands { assert_eq!(command.cwd.as_deref(), Some(cwd)); - assert_eq!(command.timeout, DIFF_COMMAND_TIMEOUT); - assert!(command.disable_output_cap); + if matches!( + command.argv.get(1).map(String::as_str), + Some("config" | "version") + ) { + assert_eq!(command.env, HashMap::new()); + assert_eq!(command.timeout, Duration::from_secs(/*secs*/ 5)); + assert_eq!(command.output_bytes_cap, 64 * 1024); + assert_eq!(command.disable_output_cap, false); + } else { + assert_eq!(command.timeout, DIFF_COMMAND_TIMEOUT); + assert_eq!(command.disable_output_cap, true); + } } } @@ -671,6 +863,11 @@ mod tests { } fn commands(&self) -> Vec { + assert_eq!( + self.responses.lock().expect("responses lock").len(), + 0, + "unused fake responses" + ); self.commands.lock().expect("commands lock").clone() } } diff --git a/codex-rs/tui/src/git_action_directives.rs b/codex-rs/tui/src/git_action_directives.rs index 4dda4d451c3..c54744c8450 100644 --- a/codex-rs/tui/src/git_action_directives.rs +++ b/codex-rs/tui/src/git_action_directives.rs @@ -1,6 +1,8 @@ -//! Codex App git action directives embedded in assistant markdown. +//! Codex App directives embedded in assistant markdown. +use std::collections::HashMap; use std::collections::HashSet; +use std::path::Path; #[derive(Clone, Debug, Eq, Hash, PartialEq)] pub(crate) enum GitActionDirective { @@ -50,12 +52,16 @@ impl ParsedAssistantMarkdown { } } -pub(crate) fn parse_assistant_markdown(markdown: &str) -> ParsedAssistantMarkdown { +pub(crate) fn parse_assistant_markdown(markdown: &str, cwd: &Path) -> ParsedAssistantMarkdown { let mut git_actions = Vec::new(); let mut seen = HashSet::new(); let mut visible_lines = Vec::new(); for line in markdown.lines() { + if let Some(rewritten) = rewrite_code_comment_line(line, cwd) { + visible_lines.push(rewritten.trim_end().to_string()); + continue; + } let (visible_line, line_actions) = strip_line_directives(line); for action in line_actions { if seen.insert(action.clone()) { @@ -78,6 +84,53 @@ pub(crate) fn parse_assistant_markdown(markdown: &str) -> ParsedAssistantMarkdow } } +fn rewrite_code_comment_line(line: &str, cwd: &Path) -> Option { + let content = line.trim_start_matches([' ', '\t']); + let indent = &line[..line.len() - content.len()]; + let marker_length = content.bytes().take_while(|byte| *byte == b':').count(); + if !(1..=3).contains(&marker_length) { + return None; + } + + let directive = content[marker_length..].strip_prefix("code-comment{")?; + let (attributes, suffix) = directive.rsplit_once('}')?; + let attributes = parse_code_comment_attributes(attributes)?; + let title = attributes.get("title")?; + let body = attributes.get("body")?; + let file = attributes.get("file")?; + let title = title.trim(); + let body = body.trim(); + let file = file.trim(); + (!title.is_empty() && !body.is_empty() && !file.is_empty()).then_some(())?; + + let start = directive_integer(&attributes, "start").unwrap_or(1).max(1); + let end = directive_integer(&attributes, "end") + .unwrap_or(start) + .max(start); + let title = if title_has_priority(title) { + title.to_string() + } else if let Some(priority @ 0..=3) = directive_integer(&attributes, "priority") { + format!("[P{priority}] {title}") + } else { + title.to_string() + }; + let file_path = Path::new(file); + let file = file_path + .strip_prefix(cwd) + .unwrap_or(file_path) + .to_string_lossy() + .replace('\\', "/"); + let location = if start == end { + format!("{file}:{start}") + } else { + format!("{file}:{start}-{end}") + }; + + Some(format!( + "{indent}- {title} — {location}\n{indent} {body}{suffix}" + )) +} + fn strip_line_directives(line: &str) -> (String, Vec) { let mut visible = String::new(); let mut actions = Vec::new(); @@ -106,6 +159,46 @@ fn strip_line_directives(line: &str) -> (String, Vec) { (visible, actions) } +fn directive_integer(attributes: &HashMap, name: &str) -> Option { + attributes + .get(name)? + .trim() + .trim_start_matches(['P', 'p']) + .parse() + .ok() +} + +fn title_has_priority(title: &str) -> bool { + let bytes = title.trim_start().as_bytes(); + bytes.len() >= 4 + && bytes[0] == b'[' + && matches!(bytes[1], b'P' | b'p') + && bytes[2].is_ascii_digit() + && bytes[3] == b']' +} + +fn parse_code_comment_attributes(input: &str) -> Option> { + let mut attributes = HashMap::new(); + let mut rest = input.trim(); + while !rest.is_empty() { + let equals = rest.find('=')?; + let name = rest[..equals].trim(); + if name.is_empty() { + return None; + } + rest = rest[equals + 1..].trim_start(); + let (value, next) = if let Some(quoted) = rest.strip_prefix('"') { + parse_quoted_value(quoted)? + } else { + let end = rest.find(char::is_whitespace).unwrap_or(rest.len()); + (rest[..end].to_string(), &rest[end..]) + }; + attributes.insert(name.to_string(), value); + rest = next.trim_start(); + } + Some(attributes) +} + fn parse_git_action(name: &str, attributes: &str) -> Option { let attrs = parse_attributes(attributes)?; let cwd = attrs.get("cwd")?.clone(); @@ -153,14 +246,36 @@ fn parse_attributes(input: &str) -> Option Option<(String, &str)> { + let mut value = String::new(); + let mut characters = input.char_indices().peekable(); + + while let Some((index, character)) = characters.next() { + if character == '"' { + return Some((value, &input[index + 1..])); + } + match character { + '\\' if characters.peek().is_some_and(|(_, next)| *next == '"') => { + value.push('"'); + characters.next(); + } + _ => value.push(character), + } + } + + None +} + #[cfg(test)] mod tests { use super::*; + use pretty_assertions::assert_eq; #[test] fn strips_and_parses_git_action_directives() { let parsed = parse_assistant_markdown( - "Done\n\n::git-stage{cwd=\"/repo\"} ::git-push{cwd=\"/repo\" branch=\"feat/x\"}", + "Done\n\n::git-stage{cwd=\"/repo\"} ::git-push{cwd=\"/repo\" branch=\"feat/x\"} ::git-stage{cwd=\"C:\\repo\\\"}", + Path::new("/repo"), ); assert_eq!(parsed.visible_markdown, "Done"); @@ -174,22 +289,50 @@ mod tests { cwd: "/repo".to_string(), branch: "feat/x".to_string(), }, + GitActionDirective::Stage { + cwd: "C:\\repo\\".to_string(), + }, ] ); } #[test] fn hides_malformed_directives_without_materializing_rows() { - let parsed = parse_assistant_markdown("Done ::git-push{cwd=\"/repo\"}"); + let parsed = parse_assistant_markdown("Done ::git-push{cwd=\"/repo\"}", Path::new("/repo")); assert_eq!(parsed.visible_markdown, "Done"); assert!(parsed.git_actions.is_empty()); } + #[test] + fn renders_code_comment_directives_as_markdown() { + let parsed = parse_assistant_markdown( + concat!( + "Found two issues.\n\n", + r#"::code-comment{title="Fix body= parsing" body="Keep role=\"tab\", ::git-stage{cwd=/tmp}, file=, and \n literal." file="/repo/src/app.ts" start=10 end=12 priority="P2"}"#, + "\n\n", + r#":::code-comment{title="[P1] Clamp the range" body="The line range should match the App." file="codex/src/range.ts" start=8 end=2 priority=3}"#, + ), + Path::new("/repo"), + ); + + insta::assert_snapshot!("code_comment_directive_fallback", parsed.visible_markdown); + assert!(parsed.git_actions.is_empty()); + } + + #[test] + fn preserves_non_directive_and_malformed_code_comment_text() { + let markdown = "Mention `::code-comment{title=\"Example\"}` inline.\n::code-comment{title=\"Missing body\" file=\"/repo/src/app.ts\"}"; + let parsed = parse_assistant_markdown(markdown, Path::new("/repo")); + + assert_eq!(parsed.visible_markdown, markdown); + } + #[test] fn last_created_branch_cwd_uses_the_last_matching_directive() { let parsed = parse_assistant_markdown( "::git-create-branch{cwd=\"/first\" branch=\"first\"}\n::git-push{cwd=\"/repo\" branch=\"first\"}\n::git-create-branch{cwd=\"/second\" branch=\"second\"}", + Path::new("/repo"), ); assert_eq!(parsed.last_created_branch_cwd(), Some("/second")); diff --git a/codex-rs/tui/src/goal_display.rs b/codex-rs/tui/src/goal_display.rs index 961b87f16eb..210bac10767 100644 --- a/codex-rs/tui/src/goal_display.rs +++ b/codex-rs/tui/src/goal_display.rs @@ -2,6 +2,8 @@ use crate::status::format_tokens_compact; use codex_app_server_protocol::ThreadGoal; use codex_app_server_protocol::ThreadGoalStatus; +pub(crate) const GOAL_USAGE: &str = "Usage: /goal [|clear|edit|pause|resume]"; + pub(crate) fn format_goal_elapsed_seconds(seconds: i64) -> String { let seconds = seconds.max(0) as u64; if seconds < 60 { diff --git a/codex-rs/tui/src/history_cell/messages.rs b/codex-rs/tui/src/history_cell/messages.rs index ed899f3b2e8..787f999cf1e 100644 --- a/codex-rs/tui/src/history_cell/messages.rs +++ b/codex-rs/tui/src/history_cell/messages.rs @@ -423,7 +423,7 @@ impl HistoryCell for StreamingAgentTailCell { fn display_hyperlink_lines(&self, _width: u16) -> Vec { // Tail lines are already rendered at the controller's current stream width. // Re-wrapping them here can split table borders and produce malformed in-flight rows. - prefix_hyperlink_lines( + let mut lines = prefix_hyperlink_lines( self.lines.clone(), if self.is_first_line { "• ".dim() @@ -431,7 +431,19 @@ impl HistoryCell for StreamingAgentTailCell { " ".into() }, " ".into(), - ) + ); + for line in &mut lines { + if line + .line + .spans + .iter() + .all(|span| span.content.chars().all(char::is_whitespace)) + { + line.line = Line::default().style(line.line.style); + line.hyperlinks.clear(); + } + } + lines } fn transcript_hyperlink_lines(&self, width: u16) -> Vec { diff --git a/codex-rs/tui/src/history_cell/session.rs b/codex-rs/tui/src/history_cell/session.rs index 23e8836454f..c63f6f746c9 100644 --- a/codex-rs/tui/src/history_cell/session.rs +++ b/codex-rs/tui/src/history_cell/session.rs @@ -149,7 +149,7 @@ pub(crate) fn new_session_info( // Header box rendered as history (so it appears at the very top) let header = SessionHeaderHistoryCell::new( session.model.clone(), - session.reasoning_effort, + session.reasoning_effort.clone(), show_fast_status, config.cwd.to_path_buf(), CODEX_CLI_VERSION, @@ -317,15 +317,10 @@ impl SessionHeaderHistoryCell { formatted } - fn reasoning_label(&self) -> Option<&'static str> { - self.reasoning_effort.map(|effort| match effort { - ReasoningEffortConfig::Minimal => "minimal", - ReasoningEffortConfig::Low => "low", - ReasoningEffortConfig::Medium => "medium", - ReasoningEffortConfig::High => "high", - ReasoningEffortConfig::XHigh => "xhigh", - ReasoningEffortConfig::None => "none", - }) + fn reasoning_label(&self) -> Option<&str> { + self.reasoning_effort + .as_ref() + .map(ReasoningEffortConfig::as_str) } } @@ -368,7 +363,7 @@ impl HistoryCell for SessionHeaderHistoryCell { ]; if let Some(reasoning) = reasoning_label { spans.push(Span::from(" ")); - spans.push(Span::from(reasoning)); + spans.push(Span::from(reasoning.to_owned())); } if self.show_fast_status { spans.push(" ".into()); diff --git a/codex-rs/tui/src/history_cell/tests.rs b/codex-rs/tui/src/history_cell/tests.rs index 63a04d19d4f..ec3ae49f215 100644 --- a/codex-rs/tui/src/history_cell/tests.rs +++ b/codex-rs/tui/src/history_cell/tests.rs @@ -45,6 +45,24 @@ fn test_cwd() -> PathBuf { std::env::temp_dir() } +#[test] +fn streaming_agent_tail_blank_line_uses_one_viewport_row() { + let cell = StreamingAgentTailCell::new( + vec![ + HyperlinkLine::from("first"), + HyperlinkLine::from(""), + HyperlinkLine::from("second"), + ], + /*is_first_line*/ false, + ); + + let lines = cell.display_lines(/*width*/ 80); + insta::assert_snapshot!(render_lines(&lines).join("\n"), @" first + + second"); + assert_eq!(cell.desired_height(/*width*/ 80), 3); +} + fn stdio_server_config( command: &str, args: Vec<&str>, diff --git a/codex-rs/tui/src/lib.rs b/codex-rs/tui/src/lib.rs index b53ec0f83da..4afa18fc675 100644 --- a/codex-rs/tui/src/lib.rs +++ b/codex-rs/tui/src/lib.rs @@ -11,8 +11,6 @@ use crate::legacy_core::config::load_config_as_toml_with_cli_and_load_options; use crate::legacy_core::config::resolve_oss_provider; use crate::legacy_core::config::resolve_profile_v2_config_path; use crate::legacy_core::format_exec_policy_error_with_source; -#[cfg(target_os = "windows")] -use crate::legacy_core::windows_sandbox::WindowsSandboxLevelExt; use crate::session_resume::ResolveCwdOutcome; use crate::session_resume::resolve_cwd_for_resume_or_fork; pub use crate::startup_error::LocalStateDbStartupError; @@ -64,6 +62,7 @@ use codex_utils_oss::ensure_oss_provider_ready; use codex_utils_oss::get_default_model_for_oss_provider; use color_eyre::eyre::WrapErr; use cwd_prompt::CwdPromptAction; +pub use session_archive_commands::DeleteConfirmation; pub use session_archive_commands::SessionArchiveAction; pub use session_archive_commands::SessionArchiveCommandOptions; pub use session_archive_commands::run_session_archive_command; @@ -71,6 +70,7 @@ use std::fs::OpenOptions; use std::path::Path; use std::path::PathBuf; use std::sync::Arc; +use std::time::Instant; pub use token_usage::TokenUsage; use tracing::Level; use tracing::error; @@ -94,9 +94,9 @@ mod app_server_approval_conversions; mod app_server_session; mod approval_events; mod ascii_animation; -#[cfg(not(target_os = "linux"))] +#[cfg(not(any(target_os = "linux", target_os = "android")))] mod audio_device; -#[cfg(target_os = "linux")] +#[cfg(any(target_os = "linux", target_os = "android"))] #[allow(dead_code)] mod audio_device { use crate::app_event::RealtimeAudioDeviceKind; @@ -130,7 +130,8 @@ mod diff_render; mod exec_cell; mod exec_command; mod external_agent_config_migration; -mod external_agent_config_migration_startup; +mod external_agent_config_migration_flow; +mod external_agent_config_migration_model; mod external_editor; mod file_search; mod frames; @@ -152,6 +153,7 @@ mod local_chatgpt_auth; mod markdown; mod markdown_render; mod markdown_stream; +mod markdown_text_merge; mod mention_codec; mod model_catalog; mod model_migration; @@ -187,8 +189,10 @@ mod terminal_hyperlinks; mod terminal_palette; mod terminal_probe; mod terminal_title; +mod terminal_visualization_instructions; mod text_formatting; mod theme_picker; +mod thread_transcript; mod token_usage; mod tooltips; mod transcript_reflow; @@ -203,11 +207,13 @@ mod update_prompt; mod update_versions; mod updates; mod version; -#[cfg(not(target_os = "linux"))] +#[cfg(not(any(target_os = "linux", target_os = "android")))] mod voice; mod width; +#[cfg(any(target_os = "windows", test))] +mod windows_sandbox; mod workspace_command; -#[cfg(target_os = "linux")] +#[cfg(any(target_os = "linux", target_os = "android"))] #[allow(dead_code)] mod voice { use crate::app_event_sender::AppEventSender; @@ -276,6 +282,7 @@ pub(crate) mod test_support; use crate::onboarding::onboarding_screen::OnboardingScreenArgs; use crate::onboarding::onboarding_screen::run_onboarding_app; use crate::startup_hooks_review::StartupHooksReviewOutcome; +use crate::startup_hooks_review::load_startup_hooks_review_entry; use crate::startup_hooks_review::maybe_run_startup_hooks_review; use crate::tui::Tui; pub use cli::Cli; @@ -347,9 +354,11 @@ async fn init_state_db_for_app_server_target( ) -> std::io::Result> { match app_server_target { AppServerTarget::Embedded => state_db::try_init(config).await.map(Some).map_err(|err| { + let database_path = codex_state::runtime_db_path_for_corruption_error(&err) + .unwrap_or_else(|| codex_state::state_db_path(config.sqlite_home.as_path())); std::io::Error::other(LocalStateDbStartupError::new( - codex_state::state_db_path(config.sqlite_home.as_path()), - err.to_string(), + database_path, + format!("{err:#}"), )) }), AppServerTarget::LocalDaemon { .. } | AppServerTarget::Remote { .. } => { @@ -744,18 +753,37 @@ async fn lookup_latest_session_target_with_app_server( cwd_filter: Option<&Path>, include_non_interactive: bool, ) -> color_eyre::Result> { - let response = app_server - .thread_list(latest_session_lookup_params( - app_server.uses_remote_workspace(), - config, - cwd_filter, - include_non_interactive, - )) - .await?; - Ok(response - .data - .into_iter() - .find_map(session_target_from_app_server_thread)) + let uses_remote_workspace = app_server.uses_remote_workspace(); + for lookup_mode in [ + LatestSessionLookupMode::StateDbOnly, + LatestSessionLookupMode::ScanAndRepair, + ] { + let response = app_server + .thread_list(latest_session_lookup_params( + uses_remote_workspace, + config, + cwd_filter, + include_non_interactive, + lookup_mode, + )) + .await?; + let target = response + .data + .into_iter() + .find_map(session_target_from_app_server_thread); + if target.as_ref().is_some_and(|target| { + uses_remote_workspace || target.path.as_deref().is_some_and(std::path::Path::exists) + }) { + return Ok(target); + } + } + Ok(None) +} + +#[derive(Clone, Copy, Debug, Eq, PartialEq)] +enum LatestSessionLookupMode { + StateDbOnly, + ScanAndRepair, } fn latest_session_lookup_params( @@ -763,6 +791,7 @@ fn latest_session_lookup_params( config: &Config, cwd_filter: Option<&Path>, include_non_interactive: bool, + lookup_mode: LatestSessionLookupMode, ) -> ThreadListParams { ThreadListParams { cursor: None, @@ -777,7 +806,10 @@ fn latest_session_lookup_params( source_kinds: Some(resume_source_kinds(include_non_interactive)), archived: Some(false), cwd: cwd_filter.map(|cwd| ThreadListCwdFilter::One(cwd.to_string_lossy().to_string())), - use_state_db_only: false, + use_state_db_only: match lookup_mode { + LatestSessionLookupMode::StateDbOnly => true, + LatestSessionLookupMode::ScanAndRepair => false, + }, search_term: None, } } @@ -1093,7 +1125,7 @@ pub async fn run_main( let otel_originator = originator().value; let otel = match std::panic::catch_unwind(std::panic::AssertUnwindSafe(|| { - crate::legacy_core::otel_init::build_provider( + codex_app_server_client::build_otel_provider( &config, env!("CARGO_PKG_VERSION"), /*service_name_override*/ None, @@ -1116,26 +1148,25 @@ pub async fn run_main( None } }; - crate::legacy_core::otel_init::record_process_start(otel.as_ref(), otel_originator.as_str()); - crate::legacy_core::otel_init::install_sqlite_telemetry( - otel.as_ref(), - otel_originator.as_str(), - ); + if let Some(metrics) = otel.as_ref().and_then(codex_otel::OtelProvider::metrics) { + let _ = codex_otel::record_process_start_once(metrics, otel_originator.as_str()); + let telemetry = + codex_rollout::sqlite_telemetry_recorder(metrics.clone(), otel_originator.as_str()); + let _ = codex_state::install_process_db_telemetry(telemetry); + } let state_db = init_state_db_for_app_server_target(&config, &app_server_target).await?; let effective_toml = config.config_layer_stack.effective_config(); match effective_toml.try_into() { Ok(config_toml) => { - match crate::legacy_core::personality_migration::maybe_migrate_personality( + match codex_app_server_client::migrate_personality_if_needed( &config.codex_home, &config_toml, state_db.clone(), ) .await { - Ok( - crate::legacy_core::personality_migration::PersonalityMigrationStatus::Applied, - ) => { + Ok(true) => { config = load_config_or_exit( cli_kv_overrides.clone(), overrides.clone(), @@ -1145,11 +1176,7 @@ pub async fn run_main( ) .await; } - Ok( - crate::legacy_core::personality_migration::PersonalityMigrationStatus::SkippedMarker - | crate::legacy_core::personality_migration::PersonalityMigrationStatus::SkippedExplicitPersonality - | crate::legacy_core::personality_migration::PersonalityMigrationStatus::SkippedNoSessions, - ) => {} + Ok(false) => {} Err(err) => { tracing::warn!(error = %err, "failed to run personality migration"); } @@ -1354,7 +1381,7 @@ async fn run_ratatui_app( return Ok(AppExitInfo { token_usage: crate::token_usage::TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: Some(action), exit_reason: ExitReason::UserRequested, }); @@ -1447,7 +1474,7 @@ async fn run_ratatui_app( return Ok(AppExitInfo { token_usage: crate::token_usage::TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::UserRequested, }); @@ -1497,7 +1524,7 @@ async fn run_ratatui_app( Ok(AppExitInfo { token_usage: crate::token_usage::TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::Fatal(format!( "No saved session found with ID {id_str}. Run `codex {action}` without an ID to choose from existing sessions." @@ -1554,7 +1581,7 @@ async fn run_ratatui_app( return Ok(AppExitInfo { token_usage: crate::token_usage::TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::UserRequested, }); @@ -1615,7 +1642,7 @@ async fn run_ratatui_app( return Ok(AppExitInfo { token_usage: crate::token_usage::TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::UserRequested, }); @@ -1660,7 +1687,7 @@ async fn run_ratatui_app( return Ok(AppExitInfo { token_usage: crate::token_usage::TokenUsage::default(), thread_id: None, - thread_name: None, + resume_hint: None, update_action: None, exit_reason: ExitReason::UserRequested, }); @@ -1714,7 +1741,7 @@ async fn run_ratatui_app( set_default_client_residency_requirement(config.enforce_residency.value()); let should_show_trust_screen = should_show_trust_screen(&config); #[cfg(target_os = "windows")] - let windows_sandbox_level = WindowsSandboxLevel::from_config(&config); + let windows_sandbox_level = crate::windows_sandbox::level_from_config(&config); #[cfg(target_os = "windows")] let required_elevated_sandbox_needs_setup = windows_sandbox_level == WindowsSandboxLevel::Elevated @@ -1724,9 +1751,7 @@ async fn run_ratatui_app( .windows_sandbox_mode .source .is_some() - && !crate::legacy_core::windows_sandbox::sandbox_setup_is_complete( - config.codex_home.as_path(), - ); + && !crate::windows_sandbox::sandbox_setup_is_complete(config.codex_home.as_path()); #[cfg(target_os = "windows")] let should_prompt_windows_sandbox_nux_at_startup = (trust_decision_was_made && windows_sandbox_level == WindowsSandboxLevel::Disabled) @@ -1781,11 +1806,21 @@ async fn run_ratatui_app( resume_picker::SessionSelection::Resume(_) ); let bypass_hook_trust_for_startup_review = config.bypass_hook_trust && !is_persistent_resume; + let hooks_request_handle = app_server.request_handle(); + let hooks_cwd = config.cwd.to_path_buf(); + let startup_prefetch_started_at = Instant::now(); + let (startup_bootstrap, startup_hooks_entry) = tokio::join!( + app_server.bootstrap(&config), + load_startup_hooks_review_entry(hooks_request_handle, hooks_cwd), + ); + let startup_bootstrap = Some(startup_bootstrap?); + let startup_elapsed_before_app = startup_prefetch_started_at.elapsed(); let startup_hooks_browser = match maybe_run_startup_hooks_review( &mut app_server, &mut tui, &config, bypass_hook_trust_for_startup_review, + startup_hooks_entry, ) .await? { @@ -1800,16 +1835,18 @@ async fn run_ratatui_app( cli_kv_overrides.clone(), overrides.clone(), loader_overrides.clone(), + cloud_config_bundle, prompt, images, session_selection, feedback, should_show_trust_screen, // Proxy to: is it a first run in this directory? - should_show_trust_screen_flag, // Preserve the startup-time trust NUX signal before onboarding should_prompt_windows_sandbox_nux_at_startup, app_server_target, state_db, environment_manager, + startup_elapsed_before_app, + startup_bootstrap, startup_hooks_browser, ) .await; @@ -2040,6 +2077,85 @@ mod tests { .await } + fn write_session_rollout( + codex_home: &Path, + filename_ts: &str, + meta_rfc3339: &str, + preview: &str, + model_provider: &str, + cwd: &Path, + ) -> color_eyre::Result { + let uuid = Uuid::new_v4(); + let uuid_str = uuid.to_string(); + let thread_id = ThreadId::from_string(&uuid_str)?; + let year = &filename_ts[0..4]; + let month = &filename_ts[5..7]; + let day = &filename_ts[8..10]; + let rollout_path = codex_home + .join("sessions") + .join(year) + .join(month) + .join(day) + .join(format!("rollout-{filename_ts}-{uuid_str}.jsonl")); + let parent = rollout_path + .parent() + .ok_or_else(|| color_eyre::eyre::eyre!("rollout path is missing a parent directory"))?; + std::fs::create_dir_all(parent)?; + + let session_meta = codex_protocol::protocol::SessionMeta { + id: thread_id, + timestamp: meta_rfc3339.to_string(), + cwd: cwd.to_path_buf(), + originator: "codex".to_string(), + cli_version: "0.0.0".to_string(), + source: codex_protocol::protocol::SessionSource::Cli, + model_provider: Some(model_provider.to_string()), + ..Default::default() + }; + let session_meta = serde_json::to_value(codex_protocol::protocol::SessionMetaLine { + meta: session_meta, + git: None, + })?; + let lines = [ + serde_json::json!({ + "timestamp": meta_rfc3339, + "type": "session_meta", + "payload": session_meta, + }) + .to_string(), + serde_json::json!({ + "timestamp": meta_rfc3339, + "type": "response_item", + "payload": { + "type": "message", + "role": "user", + "content": [{"type": "input_text", "text": preview}], + }, + }) + .to_string(), + serde_json::json!({ + "timestamp": meta_rfc3339, + "type": "event_msg", + "payload": { + "type": "user_message", + "message": preview, + "kind": "plain", + }, + }) + .to_string(), + ]; + std::fs::write(&rollout_path, lines.join("\n") + "\n")?; + let updated_at = + chrono::DateTime::parse_from_rfc3339(meta_rfc3339)?.with_timezone(&chrono::Utc); + let times = std::fs::FileTimes::new().set_modified(updated_at.into()); + std::fs::OpenOptions::new() + .append(true) + .open(rollout_path)? + .set_times(times)?; + + Ok(thread_id) + } + #[test] fn startup_removes_legacy_tui_log_file() -> std::io::Result<()> { let temp_dir = TempDir::new()?; @@ -2328,13 +2444,27 @@ mod tests { &config, Some(cwd.as_path()), /*include_non_interactive*/ false, + LatestSessionLookupMode::StateDbOnly, ); - assert_eq!(params.model_providers, Some(vec![config.model_provider_id])); + assert_eq!( + params.model_providers, + Some(vec![config.model_provider_id.clone()]) + ); assert_eq!( params.cwd, Some(ThreadListCwdFilter::One(cwd.to_string_lossy().to_string())) ); + assert!(params.use_state_db_only); + + let scan_params = latest_session_lookup_params( + /*uses_remote_workspace*/ false, + &config, + Some(cwd.as_path()), + /*include_non_interactive*/ false, + LatestSessionLookupMode::ScanAndRepair, + ); + assert!(!scan_params.use_state_db_only); Ok(()) } @@ -2355,6 +2485,7 @@ mod tests { &config, Some(cwd.as_path()), /*include_non_interactive*/ false, + LatestSessionLookupMode::StateDbOnly, ); assert_eq!(params.model_providers, Some(vec![config.model_provider_id])); @@ -2372,8 +2503,11 @@ mod tests { let config = build_config(&temp_dir).await?; let params = latest_session_lookup_params( - /*uses_remote_workspace*/ true, &config, /*cwd_filter*/ None, + /*uses_remote_workspace*/ true, + &config, + /*cwd_filter*/ None, /*include_non_interactive*/ false, + LatestSessionLookupMode::StateDbOnly, ); assert_eq!(params.model_providers, None); @@ -2388,8 +2522,11 @@ mod tests { let config = build_config(&temp_dir).await?; let params = latest_session_lookup_params( - /*uses_remote_workspace*/ true, &config, /*cwd_filter*/ None, + /*uses_remote_workspace*/ true, + &config, + /*cwd_filter*/ None, /*include_non_interactive*/ true, + LatestSessionLookupMode::StateDbOnly, ); assert_eq!( @@ -2416,6 +2553,7 @@ mod tests { &config, Some(cwd), /*include_non_interactive*/ false, + LatestSessionLookupMode::StateDbOnly, ); assert_eq!(params.model_providers, None); @@ -2455,85 +2593,6 @@ mod tests { #[tokio::test] async fn fork_last_filters_latest_session_by_cwd_unless_show_all() -> color_eyre::Result<()> { - fn write_session_rollout( - codex_home: &Path, - filename_ts: &str, - meta_rfc3339: &str, - preview: &str, - model_provider: &str, - cwd: &Path, - ) -> color_eyre::Result { - let uuid = Uuid::new_v4(); - let uuid_str = uuid.to_string(); - let thread_id = ThreadId::from_string(&uuid_str)?; - let year = &filename_ts[0..4]; - let month = &filename_ts[5..7]; - let day = &filename_ts[8..10]; - let rollout_path = codex_home - .join("sessions") - .join(year) - .join(month) - .join(day) - .join(format!("rollout-{filename_ts}-{uuid_str}.jsonl")); - let parent = rollout_path.parent().ok_or_else(|| { - color_eyre::eyre::eyre!("rollout path is missing a parent directory") - })?; - std::fs::create_dir_all(parent)?; - - let session_meta = codex_protocol::protocol::SessionMeta { - id: thread_id, - timestamp: meta_rfc3339.to_string(), - cwd: cwd.to_path_buf(), - originator: "codex".to_string(), - cli_version: "0.0.0".to_string(), - source: codex_protocol::protocol::SessionSource::Cli, - model_provider: Some(model_provider.to_string()), - ..Default::default() - }; - let session_meta = serde_json::to_value(codex_protocol::protocol::SessionMetaLine { - meta: session_meta, - git: None, - })?; - let lines = [ - serde_json::json!({ - "timestamp": meta_rfc3339, - "type": "session_meta", - "payload": session_meta, - }) - .to_string(), - serde_json::json!({ - "timestamp": meta_rfc3339, - "type": "response_item", - "payload": { - "type": "message", - "role": "user", - "content": [{"type": "input_text", "text": preview}], - }, - }) - .to_string(), - serde_json::json!({ - "timestamp": meta_rfc3339, - "type": "event_msg", - "payload": { - "type": "user_message", - "message": preview, - "kind": "plain", - }, - }) - .to_string(), - ]; - std::fs::write(&rollout_path, lines.join("\n") + "\n")?; - let updated_at = - chrono::DateTime::parse_from_rfc3339(meta_rfc3339)?.with_timezone(&chrono::Utc); - let times = std::fs::FileTimes::new().set_modified(updated_at.into()); - std::fs::OpenOptions::new() - .append(true) - .open(rollout_path)? - .set_times(times)?; - - Ok(thread_id) - } - let temp_dir = TempDir::new()?; let project_cwd = temp_dir.path().join("project"); let other_cwd = temp_dir.path().join("other-project"); @@ -2603,6 +2662,51 @@ mod tests { Ok(()) } + #[tokio::test] + async fn latest_session_lookup_falls_back_for_rollout_missing_from_state_db() + -> color_eyre::Result<()> { + let temp_dir = TempDir::new()?; + let project_cwd = temp_dir.path().join("project"); + std::fs::create_dir_all(&project_cwd)?; + let config = ConfigBuilder::default() + .codex_home(temp_dir.path().to_path_buf()) + .harness_overrides(ConfigOverrides { + cwd: Some(project_cwd.clone()), + ..Default::default() + }) + .build() + .await?; + let mut app_server = AppServerSession::new( + codex_app_server_client::AppServerClient::InProcess( + start_test_embedded_app_server(config.clone()).await?, + ), + ThreadParamsMode::Embedded, + ); + + // Simulate a legacy writer creating a rollout after the state DB backfill completed. + let thread_id = write_session_rollout( + temp_dir.path(), + "2025-01-02T10-00-00", + "2025-01-02T10:00:00Z", + "legacy writer session", + config.model_provider_id.as_str(), + &project_cwd, + )?; + + let target = lookup_latest_session_target_with_app_server( + &mut app_server, + &config, + Some(project_cwd.as_path()), + /*include_non_interactive*/ false, + ) + .await? + .expect("expected scan-and-repair fallback to find the rollout"); + app_server.shutdown().await?; + + assert_eq!(target.thread_id, thread_id); + Ok(()) + } + #[tokio::test] async fn config_cwd_for_app_server_target_omits_cwd_for_remote_sessions() -> std::io::Result<()> { @@ -2870,6 +2974,37 @@ mod tests { ); Ok(()) } + + #[tokio::test] + async fn embedded_state_db_corruption_preserves_failed_database_for_cli_recovery() + -> color_eyre::Result<()> { + let temp_dir = TempDir::new()?; + let mut config = build_config(&temp_dir).await?; + let sqlite_home = temp_dir.path().join("sqlite-home"); + std::fs::create_dir_all(&sqlite_home)?; + let logs_db_path = codex_state::logs_db_path(&sqlite_home); + std::fs::write(&logs_db_path, "not a sqlite database")?; + config.sqlite_home = sqlite_home; + + let err = + match init_state_db_for_app_server_target(&config, &AppServerTarget::Embedded).await { + Ok(_) => panic!("embedded startup should surface state db init failures"), + Err(err) => err, + }; + let startup_error = err + .get_ref() + .and_then(|err| err.downcast_ref::()) + .expect("state db startup failure should retain its typed context"); + + assert_eq!(startup_error.database_path(), logs_db_path.as_path()); + assert!( + codex_state::sqlite_error_detail_is_corruption(startup_error.detail()), + "startup error should preserve the SQLite corruption cause, got: {}", + startup_error.detail() + ); + Ok(()) + } + #[tokio::test] #[serial] async fn windows_shows_trust_prompt_with_sandbox() -> std::io::Result<()> { diff --git a/codex-rs/tui/src/local_chatgpt_auth.rs b/codex-rs/tui/src/local_chatgpt_auth.rs index 270d64f5f7f..8a9ba58fc99 100644 --- a/codex-rs/tui/src/local_chatgpt_auth.rs +++ b/codex-rs/tui/src/local_chatgpt_auth.rs @@ -109,6 +109,8 @@ mod tests { }), last_refresh: Some(Utc::now()), agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }; save_auth(codex_home, &auth, AuthCredentialsStoreMode::File) .expect("chatgpt auth should save"); @@ -156,6 +158,8 @@ mod tests { tokens: None, last_refresh: None, agent_identity: None, + personal_access_token: None, + bedrock_api_key: None, }, AuthCredentialsStoreMode::File, ) diff --git a/codex-rs/tui/src/main.rs b/codex-rs/tui/src/main.rs index 9c69c7c81af..486dbe6499d 100644 --- a/codex-rs/tui/src/main.rs +++ b/codex-rs/tui/src/main.rs @@ -7,14 +7,15 @@ use codex_tui::Cli; use codex_tui::ExitReason; use codex_tui::run_main; use codex_utils_cli::CliConfigOverrides; -use codex_utils_cli::resume_hint; +use std::io::Write; use supports_color::Stream; fn format_exit_messages(exit_info: AppExitInfo, color_enabled: bool) -> Vec { + let is_fatal = matches!(&exit_info.exit_reason, ExitReason::Fatal(_)); let AppExitInfo { token_usage, thread_id, - thread_name, + resume_hint, .. } = exit_info; @@ -23,13 +24,15 @@ fn format_exit_messages(exit_info: AppExitInfo, color_enabled: bool) -> Vec anyhow::Result<()> { /*explicit_remote_endpoint*/ None, ) .await?; - match exit_info.exit_reason { + let is_fatal = match &exit_info.exit_reason { ExitReason::Fatal(message) => { eprintln!("ERROR: {message}"); - std::process::exit(1); + true } - ExitReason::UserRequested => {} - } + ExitReason::UserRequested => false, + }; let color_enabled = supports_color::on(Stream::Stdout).is_some(); for line in format_exit_messages(exit_info, color_enabled) { println!("{line}"); } + if is_fatal { + std::io::stdout().flush()?; + std::process::exit(1); + } Ok(()) }) } diff --git a/codex-rs/tui/src/markdown_render.rs b/codex-rs/tui/src/markdown_render.rs index 9847c6dc3a8..52b603bce0b 100644 --- a/codex-rs/tui/src/markdown_render.rs +++ b/codex-rs/tui/src/markdown_render.rs @@ -39,6 +39,7 @@ //! body rows, or even 3-char-wide columns cannot fit, body rows render as //! key/value records. +use crate::markdown_text_merge::DecodedTextMerge; use crate::render::highlight::foreground_style_for_scopes; use crate::render::highlight::highlight_code_to_lines; use crate::render::line_utils::line_to_static; @@ -322,7 +323,7 @@ pub(crate) fn render_markdown_lines_with_width_and_cwd( let mut options = Options::empty(); options.insert(Options::ENABLE_STRIKETHROUGH); options.insert(Options::ENABLE_TABLES); - let parser = Parser::new_ext(input, options).into_offset_iter(); + let parser = DecodedTextMerge::new(Parser::new_ext(input, options).into_offset_iter()); let mut w = Writer::new(input, parser, width, cwd); w.run(); w.text diff --git a/codex-rs/tui/src/markdown_render_tests.rs b/codex-rs/tui/src/markdown_render_tests.rs index 206bae1b702..e0e498e69af 100644 --- a/codex-rs/tui/src/markdown_render_tests.rs +++ b/codex-rs/tui/src/markdown_render_tests.rs @@ -8,9 +8,11 @@ use std::path::Path; use crate::markdown_render::COLON_LOCATION_SUFFIX_RE; use crate::markdown_render::HASH_LOCATION_SUFFIX_RE; +use crate::markdown_render::render_markdown_lines_with_width_and_cwd; use crate::markdown_render::render_markdown_text; use crate::markdown_render::render_markdown_text_with_width; use crate::markdown_render::render_markdown_text_with_width_and_cwd; +use insta::assert_debug_snapshot; use insta::assert_snapshot; fn render_markdown_text_for_cwd(input: &str, cwd: &Path) -> Text<'static> { @@ -29,6 +31,92 @@ fn plain_lines(text: &Text<'_>) -> Vec { .collect() } +#[test] +fn bare_url_with_tilde_keeps_complete_hyperlink() { + let destination = + "https://www.cs.tufts.edu/~nr/cs257/archive/olin-shivers/dissertation.pdf"; + let lines = render_markdown_lines_with_width_and_cwd( + destination, + /*width*/ Some(80), + /*cwd*/ None, + ); + let rendered = lines + .iter() + .map(|line| { + let text = line + .line + .spans + .iter() + .map(|span| span.content.as_ref()) + .collect::(); + let hyperlinks = line + .hyperlinks + .iter() + .map(|link| (link.columns.clone(), link.destination.as_str())) + .collect::>(); + (text, hyperlinks) + }) + .collect::>(); + + assert_debug_snapshot!(rendered); +} + +#[test] +fn table_url_with_tilde_keeps_complete_hyperlink() { + let destination = + "https://www.cs.tufts.edu/~nr/cs257/archive/olin-shivers/dissertation.pdf"; + let markdown = format!("| URL |\n| --- |\n| {destination} |\n"); + let lines = render_markdown_lines_with_width_and_cwd( + &markdown, + /*width*/ Some(32), + /*cwd*/ None, + ); + let destinations = lines + .iter() + .flat_map(|line| line.hyperlinks.iter()) + .map(|link| link.destination.as_str()) + .collect::>(); + + assert!(!destinations.is_empty()); + assert_eq!(destinations, vec![destination; destinations.len()]); +} + +#[test] +fn merged_text_events_preserve_entity_decoding() { + let source = "https://example.com/a&b~c"; + let destination = "https://example.com/a&b~c"; + let lines = render_markdown_lines_with_width_and_cwd( + source, + /*width*/ Some(80), + /*cwd*/ None, + ); + let rendered = lines + .iter() + .map(|line| { + let text = line + .line + .spans + .iter() + .map(|span| span.content.as_ref()) + .collect::(); + let hyperlinks = line + .hyperlinks + .iter() + .map(|link| (link.columns.clone(), link.destination.as_str())) + .collect::>(); + (text, hyperlinks) + }) + .collect::>(); + + assert_eq!( + rendered, + vec![( + destination.to_string(), + vec![(0..destination.len(), destination)], + )], + ); +} + #[test] fn empty() { assert_eq!(render_markdown_text(""), Text::default()); diff --git a/codex-rs/tui/src/markdown_text_merge.rs b/codex-rs/tui/src/markdown_text_merge.rs new file mode 100644 index 00000000000..bad46fe5df8 --- /dev/null +++ b/codex-rs/tui/src/markdown_text_merge.rs @@ -0,0 +1,50 @@ +//! Markdown text-event merging that preserves parser-decoded contents and source offsets. + +use std::iter::Peekable; +use std::ops::Range; + +use pulldown_cmark::Event; + +/// Merges adjacent parsed text events without reconstructing them from the Markdown source. +/// +/// Markdown extensions can split visually contiguous text around delimiter characters. Keeping the +/// decoded event contents together lets downstream consumers recognize tokens that span those +/// parser boundaries while the combined source range remains available for offset-aware rendering. +pub(crate) struct DecodedTextMerge { + iter: Peekable, +} + +impl DecodedTextMerge { + pub(crate) fn new(iter: I) -> Self { + Self { + iter: iter.peekable(), + } + } +} + +impl<'a, I> Iterator for DecodedTextMerge +where + I: Iterator, Range)>, +{ + type Item = (Event<'a>, Range); + + fn next(&mut self) -> Option { + let (event, mut range) = self.iter.next()?; + let Event::Text(text) = event else { + return Some((event, range)); + }; + if !matches!(self.iter.peek(), Some((Event::Text(_), _))) { + return Some((Event::Text(text), range)); + } + + let mut merged = text.into_string(); + while matches!(self.iter.peek(), Some((Event::Text(_), _))) { + let Some((Event::Text(text), next_range)) = self.iter.next() else { + break; + }; + merged.push_str(&text); + range.end = next_range.end; + } + Some((Event::Text(merged.into()), range)) + } +} diff --git a/codex-rs/tui/src/multi_agents.rs b/codex-rs/tui/src/multi_agents.rs index 3273c610ae2..aa47d95c65d 100644 --- a/codex-rs/tui/src/multi_agents.rs +++ b/codex-rs/tui/src/multi_agents.rs @@ -11,6 +11,7 @@ use codex_app_server_protocol::CollabAgentState; use codex_app_server_protocol::CollabAgentStatus; use codex_app_server_protocol::CollabAgentTool; use codex_app_server_protocol::CollabAgentToolCallStatus; +use codex_app_server_protocol::SubAgentActivityKind; use codex_app_server_protocol::ThreadItem; use codex_protocol::ThreadId; use codex_protocol::openai_models::ReasoningEffort as ReasoningEffortConfig; @@ -35,10 +36,21 @@ pub(crate) struct AgentPickerThreadEntry { pub(crate) agent_nickname: Option, /// Agent type shown in brackets when present, for example `worker`. pub(crate) agent_role: Option, + /// Canonical v2 agent path, when the thread was observed through v2 activity. + pub(crate) agent_path: Option, + /// Whether the latest liveness refresh says the agent thread is actively working. + pub(crate) is_running: bool, /// Whether the thread has emitted a close event and should render dimmed. pub(crate) is_closed: bool, } +#[derive(Debug, Clone, PartialEq, Eq)] +pub(crate) struct SubAgentActivityDisplay { + pub(crate) thread_id: ThreadId, + pub(crate) agent_path: String, + pub(crate) is_running_hint: bool, +} + #[derive(Clone, Debug, Default, PartialEq, Eq)] pub(crate) struct AgentMetadata { /// Human-friendly nickname shown in rendered tool-call rows. @@ -182,7 +194,7 @@ pub(crate) fn spawn_request_summary(item: &ThreadItem) -> Option Some(SpawnRequestSummary { model: model.clone(), - reasoning_effort: *reasoning_effort, + reasoning_effort: reasoning_effort.clone(), }), _ => None, } @@ -266,6 +278,56 @@ pub(crate) fn tool_call_history_cell( } } +pub(crate) fn sub_agent_activity_display(item: &ThreadItem) -> Option { + let ThreadItem::SubAgentActivity { + kind, + agent_thread_id, + agent_path, + .. + } = item + else { + return None; + }; + Some(SubAgentActivityDisplay { + thread_id: parse_thread_id(agent_thread_id)?, + agent_path: agent_path.clone(), + is_running_hint: !matches!(kind, SubAgentActivityKind::Interrupted), + }) +} + +pub(crate) fn sub_agent_activity_history_cell(item: &ThreadItem) -> Option { + let ThreadItem::SubAgentActivity { + kind, agent_path, .. + } = item + else { + return None; + }; + Some(collab_event( + sub_agent_activity_title(*kind, agent_path), + Vec::new(), + )) +} + +pub(crate) fn sub_agent_activity_summary(kind: SubAgentActivityKind, agent_path: &str) -> String { + match kind { + SubAgentActivityKind::Started => format!("Started `{agent_path}`"), + SubAgentActivityKind::Interacted => format!("Interacted with `{agent_path}`"), + SubAgentActivityKind::Interrupted => format!("Interrupted `{agent_path}`"), + } +} + +fn sub_agent_activity_title(kind: SubAgentActivityKind, agent_path: &str) -> Line<'static> { + let (prefix, path) = match kind { + SubAgentActivityKind::Started => ("Started ", agent_path), + SubAgentActivityKind::Interacted => ("Interacted with ", agent_path), + SubAgentActivityKind::Interrupted => ("Interrupted ", agent_path), + }; + title_spans_line(vec![ + Span::from(prefix).bold(), + Span::from(format!("`{path}`")).cyan(), + ]) +} + fn spawn_end( new_thread_id: Option, prompt: &str, diff --git a/codex-rs/tui/src/onboarding/auth.rs b/codex-rs/tui/src/onboarding/auth.rs index 0d8a1fa7737..e10700ed823 100644 --- a/codex-rs/tui/src/onboarding/auth.rs +++ b/codex-rs/tui/src/onboarding/auth.rs @@ -10,6 +10,7 @@ use codex_app_server_client::AppServerRequestHandle; use codex_app_server_protocol::AccountLoginCompletedNotification; use codex_app_server_protocol::AccountUpdatedNotification; +#[cfg(test)] use codex_app_server_protocol::AuthMode as AppServerAuthMode; use codex_app_server_protocol::CancelLoginAccountParams; use codex_app_server_protocol::ClientRequest; @@ -845,8 +846,7 @@ impl AuthModeWidget { fn handle_existing_chatgpt_login(&mut self) -> bool { if matches!( self.login_status, - LoginStatus::AuthMode(AppServerAuthMode::Chatgpt) - | LoginStatus::AuthMode(AppServerAuthMode::ChatgptAuthTokens) + LoginStatus::AuthMode(auth_mode) if auth_mode.has_chatgpt_account() ) { *self.sign_in_state.write().unwrap() = SignInState::ChatGptSuccess; self.request_frame.schedule_frame(); @@ -1106,17 +1106,22 @@ mod tests { } #[tokio::test] - async fn existing_chatgpt_auth_tokens_login_counts_as_signed_in() { - let (mut widget, _tmp) = widget_forced_chatgpt().await; - widget.login_status = LoginStatus::AuthMode(AppServerAuthMode::ChatgptAuthTokens); - - let handled = widget.handle_existing_chatgpt_login(); - - assert_eq!(handled, true); - assert!(matches!( - &*widget.sign_in_state.read().unwrap(), - SignInState::ChatGptSuccess - )); + async fn existing_non_oauth_chatgpt_login_counts_as_signed_in() { + for auth_mode in [ + AppServerAuthMode::ChatgptAuthTokens, + AppServerAuthMode::PersonalAccessToken, + ] { + let (mut widget, _tmp) = widget_forced_chatgpt().await; + widget.login_status = LoginStatus::AuthMode(auth_mode); + + let handled = widget.handle_existing_chatgpt_login(); + + assert_eq!(handled, true); + assert!(matches!( + &*widget.sign_in_state.read().unwrap(), + SignInState::ChatGptSuccess + )); + } } #[tokio::test] diff --git a/codex-rs/tui/src/onboarding/onboarding_screen.rs b/codex-rs/tui/src/onboarding/onboarding_screen.rs index 5291934a31f..405b37743ce 100644 --- a/codex-rs/tui/src/onboarding/onboarding_screen.rs +++ b/codex-rs/tui/src/onboarding/onboarding_screen.rs @@ -32,11 +32,10 @@ use codex_protocol::config_types::ForcedLoginMethod; use crate::LoginStatus; use crate::app_server_session::AppServerSession; +use crate::config_update::format_config_error; use crate::config_update::write_trusted_project; use crate::key_hint::KeyBindingListExt; use crate::legacy_core::config::Config; -#[cfg(target_os = "windows")] -use crate::legacy_core::windows_sandbox::WindowsSandboxLevelExt; use crate::onboarding::auth::AuthModeWidget; use crate::onboarding::auth::SignInOption; use crate::onboarding::auth::SignInState; @@ -142,7 +141,7 @@ impl OnboardingScreen { } #[cfg(target_os = "windows")] let show_windows_create_sandbox_hint = - WindowsSandboxLevel::from_config(&config) == WindowsSandboxLevel::Disabled; + crate::windows_sandbox::level_from_config(&config) == WindowsSandboxLevel::Disabled; #[cfg(not(target_os = "windows"))] let show_windows_create_sandbox_hint = false; let highlighted = TrustDirectorySelection::Trust; @@ -605,8 +604,9 @@ async fn persist_selected_trust( match result { Ok(()) => true, Err(error) => { + let error = format_config_error(&error); tracing::error!( - "failed to persist trusted project state for {}: {error:?}", + "failed to persist trusted project state for {}: {error}", trust_target.display() ); if let Step::TrustDirectory(widget) = &mut onboarding_screen.steps[trust_step_index] { diff --git a/codex-rs/tui/src/onboarding/snapshots/codex_tui__onboarding__trust_directory__tests__renders_snapshot_for_trust_error.snap b/codex-rs/tui/src/onboarding/snapshots/codex_tui__onboarding__trust_directory__tests__renders_snapshot_for_trust_error.snap new file mode 100644 index 00000000000..6f7a495d1a5 --- /dev/null +++ b/codex-rs/tui/src/onboarding/snapshots/codex_tui__onboarding__trust_directory__tests__renders_snapshot_for_trust_error.snap @@ -0,0 +1,19 @@ +--- +source: tui/src/onboarding/trust_directory.rs +expression: terminal.backend() +--- +> You are in /workspace/project + + Do you trust the contents of this directory? Working with untrusted + contents comes with higher risk of prompt injection. Trusting the + directory allows project-local config, hooks, and exec policies to + load. + +› 1. Yes, continue + 2. No, quit + + Failed to set trust for /workspace/project: config/batchWrite failed + in TUI: Invalid configuration: features.fast_mode=true is not + supported; allowed set [fast_mode=false] + + Press enter to continue diff --git a/codex-rs/tui/src/onboarding/trust_directory.rs b/codex-rs/tui/src/onboarding/trust_directory.rs index 36d13e5a5a1..8a98cbca6bb 100644 --- a/codex-rs/tui/src/onboarding/trust_directory.rs +++ b/codex-rs/tui/src/onboarding/trust_directory.rs @@ -191,6 +191,18 @@ mod tests { use ratatui::Terminal; use std::path::PathBuf; + fn widget(error: Option) -> TrustDirectoryWidget { + TrustDirectoryWidget { + cwd: PathBuf::from("/workspace/project"), + trust_target: PathBuf::from("/workspace/project"), + show_windows_create_sandbox_hint: false, + should_quit: false, + selection: None, + highlighted: TrustDirectorySelection::Trust, + error, + } + } + #[test] fn release_event_does_not_change_selection() { let mut widget = TrustDirectoryWidget { @@ -217,15 +229,7 @@ mod tests { #[test] fn renders_snapshot_for_git_repo() { - let widget = TrustDirectoryWidget { - cwd: PathBuf::from("/workspace/project"), - trust_target: PathBuf::from("/workspace/project"), - show_windows_create_sandbox_hint: false, - should_quit: false, - selection: None, - highlighted: TrustDirectorySelection::Trust, - error: None, - }; + let widget = widget(/*error*/ None); let mut terminal = Terminal::new(VT100Backend::new(/*width*/ 70, /*height*/ 14)).expect("terminal"); @@ -235,4 +239,20 @@ mod tests { insta::assert_snapshot!(terminal.backend()); } + + #[test] + fn renders_snapshot_for_trust_error() { + let widget = widget(Some( + "Failed to set trust for /workspace/project: config/batchWrite failed in TUI: Invalid configuration: features.fast_mode=true is not supported; allowed set [fast_mode=false]" + .to_string(), + )); + + let mut terminal = + Terminal::new(VT100Backend::new(/*width*/ 70, /*height*/ 18)).expect("terminal"); + terminal + .draw(|f| (&widget).render_ref(f.area(), f.buffer_mut())) + .expect("draw"); + + insta::assert_snapshot!(terminal.backend()); + } } diff --git a/codex-rs/tui/src/resume_picker.rs b/codex-rs/tui/src/resume_picker.rs index c261ade7d2e..c736fe9b6ef 100644 --- a/codex-rs/tui/src/resume_picker.rs +++ b/codex-rs/tui/src/resume_picker.rs @@ -4,8 +4,6 @@ use std::path::Path; use std::path::PathBuf; use std::sync::Arc; -mod transcript; - use crate::app_server_session::AppServerSession; use crate::clipboard_paste::normalize_pasted_search_query; use crate::color::blend; @@ -25,6 +23,9 @@ use crate::status::format_directory_display; use crate::terminal_palette::best_color; use crate::terminal_palette::default_bg; use crate::text_formatting::truncate_text; +use crate::thread_transcript::RawReasoningVisibility; +use crate::thread_transcript::TranscriptCells; +use crate::thread_transcript::load_session_transcript; use crate::tui::FrameRequester; use crate::tui::Tui; use crate::tui::TuiEvent; @@ -60,9 +61,6 @@ use tokio::sync::mpsc; use tokio_stream::StreamExt; use tokio_stream::wrappers::UnboundedReceiverStream; use tracing::warn; -use transcript::RawReasoningVisibility; -use transcript::TranscriptCells; -use transcript::load_session_transcript; use unicode_width::UnicodeWidthStr; const PAGE_SIZE: usize = 25; @@ -774,6 +772,7 @@ async fn load_transcript_preview( .thread_read(thread_id, /*include_turns*/ true) .await .map_err(std::io::Error::other)?; + let cwd = thread.cwd.as_path(); let mut lines = thread .turns .iter() @@ -794,7 +793,7 @@ async fn load_transcript_preview( }), ThreadItem::AgentMessage { text, .. } => Some(TranscriptPreviewLine { speaker: TranscriptPreviewSpeaker::Assistant, - text: parse_assistant_markdown(text).visible_markdown, + text: parse_assistant_markdown(text, cwd).visible_markdown, }), _ => None, }) @@ -5750,7 +5749,7 @@ session_picker_view = "dense" #[test] fn thread_to_transcript_cells_renders_core_message_types() { - use transcript::thread_to_transcript_cells; + use crate::thread_transcript::thread_to_transcript_cells; let thread_id = ThreadId::new(); let thread = Thread { @@ -5819,7 +5818,7 @@ session_picker_view = "dense" #[test] fn thread_to_transcript_cells_hides_raw_reasoning_when_not_enabled() { - use transcript::thread_to_transcript_cells; + use crate::thread_transcript::thread_to_transcript_cells; let thread_id = ThreadId::new(); let thread = Thread { @@ -5877,7 +5876,7 @@ session_picker_view = "dense" #[test] fn thread_to_transcript_cells_shows_raw_reasoning_over_summary_when_enabled() { - use transcript::thread_to_transcript_cells; + use crate::thread_transcript::thread_to_transcript_cells; let thread_id = ThreadId::new(); let thread = Thread { diff --git a/codex-rs/tui/src/session_archive_commands.rs b/codex-rs/tui/src/session_archive_commands.rs index 4e5c420f63b..7de1e577c7b 100644 --- a/codex-rs/tui/src/session_archive_commands.rs +++ b/codex-rs/tui/src/session_archive_commands.rs @@ -1,8 +1,10 @@ -//! Shared implementation for `codex archive` and `codex unarchive`. +//! Shared implementation for `codex archive`, `codex delete`, and `codex unarchive`. //! //! The CLI commands are thin app-server clients: resolve a user-provided UUID or exact session -//! name, then call the existing `thread/archive` or `thread/unarchive` RPC. +//! name, then call the corresponding app-server RPC. +use std::io::IsTerminal; +use std::io::Write; use std::sync::Arc; use crate::Cli; @@ -26,16 +28,22 @@ use codex_protocol::ThreadId; use codex_utils_cli::CliConfigOverrides; use codex_utils_home_dir::find_codex_home; use codex_utils_oss::get_default_model_for_oss_provider; -use color_eyre::eyre::ContextCompat; use color_eyre::eyre::Result; use color_eyre::eyre::WrapErr; use color_eyre::eyre::eyre; use super::RemoteAppServerEndpoint; +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum DeleteConfirmation { + Prompt, + Skip, +} + #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum SessionArchiveAction { Archive, + Delete(DeleteConfirmation), Unarchive, } @@ -52,6 +60,7 @@ fn success_message( ) -> String { let action = match action { SessionArchiveAction::Archive => "Archived", + SessionArchiveAction::Delete(_) => "Deleted", SessionArchiveAction::Unarchive => "Unarchived", }; match session_name { @@ -80,25 +89,30 @@ async fn run_session_archive_action_with_app_server( target: &str, ) -> Result { let resolved = resolve_session_target(app_server, action, target).await?; - match action { + let session_name = match action { SessionArchiveAction::Archive => { app_server.thread_archive(resolved.session_id).await?; - Ok(success_message( - action, - resolved.session_id, - resolved.session_name.as_deref(), - )) + resolved.session_name + } + SessionArchiveAction::Delete(confirmation) => { + if matches!(confirmation, DeleteConfirmation::Prompt) + && !confirm_session_delete(&resolved)? + { + return Ok("Delete cancelled.".to_string()); + } + app_server.thread_delete(resolved.session_id).await?; + resolved.session_name } SessionArchiveAction::Unarchive => { let thread = app_server.thread_unarchive(resolved.session_id).await?; - let session_name = thread.name.or(resolved.session_name); - Ok(success_message( - action, - resolved.session_id, - session_name.as_deref(), - )) + thread.name.or(resolved.session_name) } - } + }; + Ok(success_message( + action, + resolved.session_id, + session_name.as_deref(), + )) } async fn resolve_session_target( @@ -107,61 +121,83 @@ async fn resolve_session_target( target: &str, ) -> Result { if let Ok(session_id) = ThreadId::from_string(target) { + if matches!( + action, + SessionArchiveAction::Delete(DeleteConfirmation::Prompt) + ) { + let thread = app_server + .thread_read(session_id, /*include_turns*/ false) + .await + .with_context(|| { + format!("No active or archived session found matching '{target}'.") + })?; + return Ok(ResolvedSessionTarget { + session_id, + session_name: thread.name, + }); + } return Ok(ResolvedSessionTarget { session_id, session_name: None, }); } - let search_scope = match action { - SessionArchiveAction::Archive => "active", - SessionArchiveAction::Unarchive => "archived", + let (search_scope, archived_values): (&str, &[bool]) = match action { + SessionArchiveAction::Archive => ("active", &[false]), + SessionArchiveAction::Delete(_) => ("active or archived", &[false, true]), + SessionArchiveAction::Unarchive => ("archived", &[true]), }; - let resolved = lookup_session_by_exact_name(app_server, action, target) - .await? - .map(session_target_from_app_server_thread) - .transpose()?; - - resolved.with_context(|| format!("No {search_scope} session found matching '{target}'.")) + for &archived in archived_values { + if let Some(thread) = lookup_session_by_exact_name(app_server, target, archived).await? { + return session_target_from_app_server_thread(thread); + } + } + Err(eyre!( + "No {search_scope} session found matching '{target}'." + )) } async fn lookup_session_by_exact_name( app_server: &mut AppServerSession, - action: SessionArchiveAction, name: &str, + archived: bool, ) -> Result> { - let mut cursor = None; - loop { - let response = app_server - .thread_list(ThreadListParams { - cursor: cursor.clone(), - limit: Some(100), - sort_key: Some(ThreadSortKey::UpdatedAt), - sort_direction: None, - model_providers: None, - source_kinds: Some(super::resume_source_kinds( - /*include_non_interactive*/ false, - )), - archived: Some(matches!(action, SessionArchiveAction::Unarchive)), - cwd: None, - use_state_db_only: false, - search_term: Some(name.to_string()), - }) - .await - .wrap_err("failed to list sessions while resolving session name")?; + // Search is the fast path, but some stores attach renamed titles after applying the filter. + for search_term in [Some(name), None] { + let mut cursor = None; + loop { + let response = app_server + .thread_list(ThreadListParams { + cursor: cursor.clone(), + limit: Some(100), + sort_key: Some(ThreadSortKey::UpdatedAt), + sort_direction: None, + model_providers: None, + source_kinds: Some(super::resume_source_kinds( + /*include_non_interactive*/ false, + )), + archived: Some(archived), + cwd: None, + use_state_db_only: false, + search_term: search_term.map(str::to_string), + }) + .await + .wrap_err("failed to list sessions while resolving session name")?; - if let Some(thread) = response - .data - .into_iter() - .find(|thread| thread.name.as_deref() == Some(name)) - { - return Ok(Some(thread)); - } - if response.next_cursor.is_none() { - return Ok(None); + if let Some(thread) = response + .data + .into_iter() + .find(|thread| thread.name.as_deref() == Some(name)) + { + return Ok(Some(thread)); + } + let Some(next_cursor) = response.next_cursor else { + break; + }; + cursor = Some(next_cursor); } - cursor = response.next_cursor; } + Ok(None) } fn session_target_from_app_server_thread(thread: AppServerThread) -> Result { @@ -173,6 +209,35 @@ fn session_target_from_app_server_thread(thread: AppServerThread) -> Result Result { + if !(std::io::stdin().is_terminal() && std::io::stderr().is_terminal()) { + return Err(eyre!( + "cannot confirm session deletion without an interactive terminal; rerun with --force and a session UUID" + )); + } + + let mut stderr = std::io::stderr().lock(); + match target.session_name.as_deref() { + Some(name) => writeln!( + stderr, + "Permanently delete session '{name}' ({})?", + target.session_id + ), + None => writeln!(stderr, "Permanently delete session {}?", target.session_id), + }?; + writeln!( + stderr, + "This cannot be undone. Subagent threads will also be deleted." + )?; + write!(stderr, "Continue? [y/N]: ")?; + stderr.flush()?; + + let mut input = String::new(); + std::io::stdin().read_line(&mut input)?; + let answer = input.trim(); + Ok(answer.eq_ignore_ascii_case("y") || answer.eq_ignore_ascii_case("yes")) +} + async fn start_app_server_for_archive_command( options: SessionArchiveCommandOptions, ) -> Result { diff --git a/codex-rs/tui/src/slash_command.rs b/codex-rs/tui/src/slash_command.rs index 805f266e0af..9ced21b26e3 100644 --- a/codex-rs/tui/src/slash_command.rs +++ b/codex-rs/tui/src/slash_command.rs @@ -26,11 +26,13 @@ pub enum SlashCommand { AutoReview, Memories, Skills, + Import, Hooks, Review, Rename, New, Archive, + Delete, Resume, Fork, App, @@ -89,6 +91,7 @@ impl SlashCommand { SlashCommand::Rename => "rename the current thread", SlashCommand::Resume => "resume a saved chat", SlashCommand::Archive => "archive this session and exit", + SlashCommand::Delete => "permanently delete this session and exit", SlashCommand::Clear => "clear the terminal and start a new chat", SlashCommand::Fork => "fork the current chat", SlashCommand::App => "continue this session in Codex Desktop", @@ -98,6 +101,9 @@ impl SlashCommand { SlashCommand::Diff => "show git diff (including untracked files)", SlashCommand::Mention => "mention a file", SlashCommand::Skills => "use skills to improve how Codex performs specific tasks", + SlashCommand::Import => { + "import setup, this project, and recent chats from another coding agent" + } SlashCommand::Hooks => "view and manage lifecycle hooks", SlashCommand::Status => "show current session configuration and token usage", SlashCommand::DebugConfig => "show config layers and requirement sources for debugging", @@ -185,6 +191,7 @@ impl SlashCommand { match self { SlashCommand::New | SlashCommand::Archive + | SlashCommand::Delete | SlashCommand::Resume | SlashCommand::Fork | SlashCommand::Init @@ -198,6 +205,7 @@ impl SlashCommand { | SlashCommand::SandboxReadRoot | SlashCommand::Experimental | SlashCommand::Memories + | SlashCommand::Import | SlashCommand::Review | SlashCommand::Plan | SlashCommand::Clear diff --git a/codex-rs/tui/src/snapshots/codex_tui__debug_config__tests__debug_config_effective_sandbox_modes_with_deny_read.snap b/codex-rs/tui/src/snapshots/codex_tui__debug_config__tests__debug_config_effective_sandbox_modes_with_deny_read.snap new file mode 100644 index 00000000000..b4ccc63a9a9 --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__debug_config__tests__debug_config_effective_sandbox_modes_with_deny_read.snap @@ -0,0 +1,12 @@ +--- +source: tui/src/debug_config.rs +expression: rendered.as_str() +--- +/debug-config + +Config layer stack (lowest precedence first): + + +Requirements: + - allowed_sandbox_modes: read-only, workspace-write (source: /etc/codex/requirements.toml) + - permissions.filesystem.deny_read: /home/alice/.gitconfig (source: /etc/codex/requirements.toml) diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize.snap new file mode 100644 index 00000000000..f23691b6f3a --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize.snap @@ -0,0 +1,29 @@ +--- +source: tui/src/external_agent_config_migration.rs +expression: rendered +--- + + > Choose what to import + Choose the items to import. + Codex may add files to your current project folder. + Your existing agent setup will not be changed. + Home + › [x] Settings (settings.json -> config.toml) + Import /Users/alex/.claude/settings.json into /Users/alex/.codex/conf… + [x] Recent chat sessions + Import recent chat sessions + 1 chat session: Investigate migration UX + + Current project: /workspace/project + [x] Plugins + Import enabled plugins from .claude/settings.json (4 marketplaces, 6 … + • acme-tools: deployer, formatter, +1 more + • team-marketplace: asana + • debug: sample + • +1 more marketplaces + [x] Instructions (CLAUDE.md -> AGENTS.md) + Import CLAUDE.md to AGENTS.md + + Selected 4 of 4 items. + 1. Review selection + Use ↑/↓ to move, space to toggle, b to go back diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_action.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_action.snap new file mode 100644 index 00000000000..70df423cee5 --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_action.snap @@ -0,0 +1,29 @@ +--- +source: tui/src/external_agent_config_migration.rs +expression: rendered +--- + + > Choose what to import + Choose the items to import. + Codex may add files to your current project folder. + Your existing agent setup will not be changed. + Home + [x] Settings (settings.json -> config.toml) + Import /Users/alex/.claude/settings.json into /Users/alex/.codex/conf… + [x] Recent chat sessions + Import recent chat sessions + 1 chat session: Investigate migration UX + + Current project: /workspace/project + [x] Plugins + Import enabled plugins from .claude/settings.json (4 marketplaces, 6 … + • acme-tools: deployer, formatter, +1 more + • team-marketplace: asana + • debug: sample + • +1 more marketplaces + [x] Instructions (CLAUDE.md -> AGENTS.md) + Import CLAUDE.md to AGENTS.md + + Selected 4 of 4 items. + › 1. Review selection + Press enter to continue, ↑/↓ to move, b to go back diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_action_windows.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_action_windows.snap new file mode 100644 index 00000000000..e6e35384aec --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_action_windows.snap @@ -0,0 +1,29 @@ +--- +source: tui/src/external_agent_config_migration.rs +expression: rendered +--- + + > Choose what to import + Choose the items to import. + Codex may add files to your current project folder. + Your existing agent setup will not be changed. + Home + [x] Settings (settings.json -> config.toml) + Import /Users/alex/.claude/settings.json into /Users/alex/.codex/conf… + [x] Recent chat sessions + Import recent chat sessions + 1 chat session: Investigate migration UX + + Current project: C:\workspace\project + [x] Plugins + Import enabled plugins from .claude/settings.json (4 marketplaces, 6 … + • acme-tools: deployer, formatter, +1 more + • team-marketplace: asana + • debug: sample + • +1 more marketplaces + [x] Instructions (CLAUDE.md -> AGENTS.md) + Import CLAUDE.md to AGENTS.md + + Selected 4 of 4 items. + › 1. Review selection + Press enter to continue, ↑/↓ to move, b to go back diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_windows.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_windows.snap new file mode 100644 index 00000000000..12dff7a4e57 --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_customize_windows.snap @@ -0,0 +1,29 @@ +--- +source: tui/src/external_agent_config_migration.rs +expression: rendered +--- + + > Choose what to import + Choose the items to import. + Codex may add files to your current project folder. + Your existing agent setup will not be changed. + Home + › [x] Settings (settings.json -> config.toml) + Import /Users/alex/.claude/settings.json into /Users/alex/.codex/conf… + [x] Recent chat sessions + Import recent chat sessions + 1 chat session: Investigate migration UX + + Current project: C:\workspace\project + [x] Plugins + Import enabled plugins from .claude/settings.json (4 marketplaces, 6 … + • acme-tools: deployer, formatter, +1 more + • team-marketplace: asana + • debug: sample + • +1 more marketplaces + [x] Instructions (CLAUDE.md -> AGENTS.md) + Import CLAUDE.md to AGENTS.md + + Selected 4 of 4 items. + 1. Review selection + Use ↑/↓ to move, space to toggle, b to go back diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt.snap index 5ce3c5ef09d..64a5f0b1b08 100644 --- a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt.snap +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt.snap @@ -2,22 +2,21 @@ source: tui/src/external_agent_config_migration.rs expression: rendered --- - > External agent config detected - We found settings from another agent that you can add to this project. - Select what to import - Home - [x] Migrate /Users/alex/.claude/settings.json into /Users/alex/.codex/con… - Project: /workspace/project - [x] Migrate enabled plugins from .claude/settings.json (4 marketplaces, 6… - • acme-tools: deployer, formatter, +1 more - • team-marketplace: asana - • debug: sample - • +1 more marketplaces - [x] Migrate CLAUDE.md to AGENTS.md + > Import from another coding agent + Bring over your setup, current project, and recent chats. + Codex may add files to your current project folder. + Your existing agent setup will not be changed. + Cloud-hosted chat data cannot be imported. + [x] Tools & setup + Settings, instructions, integrations, agents, commands, and skills + [x] Current project + Add Codex files alongside your existing project files + [x] Chat sessions (1) + Last 30 days of chats - Selected 3 of 3 item(s). - 1. Proceed with selected - 2. Skip for now - 3. Don't ask again - Use ↑/↓ to move, space to toggle, 1/2/3 to choose, a/n for all/none + Selected 4 of 4 items. + › 1. Import selected + 2. Customize selection + 3. Cancel + Use ↑/↓ to move, enter to select, c to customize diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt_windows.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt_windows.snap index 44f41784e6f..64a5f0b1b08 100644 --- a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt_windows.snap +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration__tests__external_agent_config_migration_prompt_windows.snap @@ -3,22 +3,20 @@ source: tui/src/external_agent_config_migration.rs expression: rendered --- - > External agent config detected - We found settings from another agent that you can add to this project. - Select what to import - Home - [x] Migrate /Users/alex/.claude/settings.json into /Users/alex/.codex/con… + > Import from another coding agent + Bring over your setup, current project, and recent chats. + Codex may add files to your current project folder. + Your existing agent setup will not be changed. + Cloud-hosted chat data cannot be imported. + [x] Tools & setup + Settings, instructions, integrations, agents, commands, and skills + [x] Current project + Add Codex files alongside your existing project files + [x] Chat sessions (1) + Last 30 days of chats - Project: C:\workspace\project - [x] Migrate enabled plugins from .claude/settings.json (4 marketplaces, 6… - • acme-tools: deployer, formatter, +1 more - • team-marketplace: asana - • debug: sample - • +1 more marketplaces - [x] Migrate CLAUDE.md to AGENTS.md - - Selected 3 of 3 item(s). - 1. Proceed with selected - 2. Skip for now - 3. Don't ask again - Use ↑/↓ to move, space to toggle, 1/2/3 to choose, a/n for all/none + Selected 4 of 4 items. + › 1. Import selected + 2. Customize selection + 3. Cancel + Use ↑/↓ to move, enter to select, c to customize diff --git a/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration_flow__tests__external_agent_config_migration_messages.snap b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration_flow__tests__external_agent_config_migration_messages.snap new file mode 100644 index 00000000000..5e80f8ac297 --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__external_agent_config_migration_flow__tests__external_agent_config_migration_messages.snap @@ -0,0 +1,12 @@ +--- +source: tui/src/external_agent_config_migration_flow_tests.rs +expression: messages +--- +Agent import started. You can keep working while it finishes. Imported setup will apply to new chats. +Agent import started. You can keep working while it finishes. Imported setup will apply to new chats. 1 additional item remains. After it finishes, run /import again to review it. +Agent import started. You can keep working while it finishes. Imported setup will apply to new chats. 2 additional items remain. After it finishes, run /import again to review them. +Agent import finished. Run /import again to check for additional items. +No supported agent setup was found to import. +Agent import is unavailable in remote sessions. Start Codex locally and run /import. +Agent import is unavailable while Codex is connected to the local app-server daemon. Stop the daemon, restart Codex, and run /import. +A previous agent import is still running. Wait for it to finish before importing again. diff --git a/codex-rs/tui/src/snapshots/codex_tui__git_action_directives__tests__code_comment_directive_fallback.snap b/codex-rs/tui/src/snapshots/codex_tui__git_action_directives__tests__code_comment_directive_fallback.snap new file mode 100644 index 00000000000..630a3a542b8 --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__git_action_directives__tests__code_comment_directive_fallback.snap @@ -0,0 +1,11 @@ +--- +source: tui/src/git_action_directives.rs +expression: parsed.visible_markdown +--- +Found two issues. + +- [P2] Fix body= parsing — src/app.ts:10-12 + Keep role="tab", ::git-stage{cwd=/tmp}, file=, and \n literal. + +- [P1] Clamp the range — codex/src/range.ts:8 + The line range should match the App. diff --git a/codex-rs/tui/src/snapshots/codex_tui__markdown_render__markdown_render_tests__bare_url_with_tilde_keeps_complete_hyperlink.snap b/codex-rs/tui/src/snapshots/codex_tui__markdown_render__markdown_render_tests__bare_url_with_tilde_keeps_complete_hyperlink.snap new file mode 100644 index 00000000000..c10dccd9ca8 --- /dev/null +++ b/codex-rs/tui/src/snapshots/codex_tui__markdown_render__markdown_render_tests__bare_url_with_tilde_keeps_complete_hyperlink.snap @@ -0,0 +1,15 @@ +--- +source: tui/src/markdown_render_tests.rs +expression: rendered +--- +[ + ( + "https://www.cs.tufts.edu/~nr/cs257/archive/olin-shivers/dissertation.pdf", + [ + ( + 0..72, + "https://www.cs.tufts.edu/~nr/cs257/archive/olin-shivers/dissertation.pdf", + ), + ], + ), +] diff --git a/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt.snap b/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt.snap index 038534e98a4..49106a3f5b0 100644 --- a/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt.snap +++ b/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt.snap @@ -2,13 +2,13 @@ source: tui/src/startup_hooks_review.rs expression: "render_lines(&view, 80)" --- - - Hooks need review - 2 hooks are new or changed. - Hooks can run outside the sandbox after you trust them. - -› 1. Review hooks - 2. Trust all and continue - 3. Continue without trusting (hooks won't run) - + + Hooks need review + 2 hooks are new or changed. + Hooks can run outside the sandbox after you trust them. + +› 1. Review hooks + 2. Trust all and continue + 3. Continue without trusting (hooks won't run) + Press enter to confirm or esc to go back diff --git a/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt_with_trust_error.snap b/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt_with_trust_error.snap index 340c0d233c5..574c31b497d 100644 --- a/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt_with_trust_error.snap +++ b/codex-rs/tui/src/snapshots/codex_tui__startup_hooks_review__tests__startup_hooks_review_prompt_with_trust_error.snap @@ -1,15 +1,17 @@ --- source: tui/src/startup_hooks_review.rs -expression: "render_lines(&view, 80)" +expression: "render_lines(&view, 62)" --- - - Hooks need review - 2 hooks are new or changed. - Hooks can run outside the sandbox after you trust them. - Failed to trust hooks: disk full - -› 1. Review hooks - 2. Trust all and continue - 3. Continue without trusting (hooks won't run) - + + Hooks need review + 2 hooks are new or changed. + Hooks can run outside the sandbox after you trust them. + Failed to trust hooks: config/batchWrite failed in TUI: + Invalid configuration: features.fast_mode=true is not + supported; allowed set [fast_mode=false] + +› 1. Review hooks + 2. Trust all and continue + 3. Continue without trusting (hooks won't run) + Press enter to confirm or esc to go back diff --git a/codex-rs/tui/src/startup_error.rs b/codex-rs/tui/src/startup_error.rs index 55b691d836b..585cec4b239 100644 --- a/codex-rs/tui/src/startup_error.rs +++ b/codex-rs/tui/src/startup_error.rs @@ -3,24 +3,28 @@ use std::path::PathBuf; #[derive(Debug, thiserror::Error)] #[error( - "failed to initialize sqlite state db at {}: {detail}", - state_db_path.display() + "failed to initialize sqlite local db at {}: {detail}", + database_path.display() )] pub struct LocalStateDbStartupError { - state_db_path: PathBuf, + database_path: PathBuf, detail: String, } impl LocalStateDbStartupError { - pub fn new(state_db_path: PathBuf, detail: String) -> Self { + pub fn new(database_path: PathBuf, detail: String) -> Self { Self { - state_db_path, + database_path, detail, } } + pub fn database_path(&self) -> &Path { + self.database_path.as_path() + } + pub fn state_db_path(&self) -> &Path { - self.state_db_path.as_path() + self.database_path() } pub fn detail(&self) -> &str { diff --git a/codex-rs/tui/src/startup_hooks_review.rs b/codex-rs/tui/src/startup_hooks_review.rs index 559c796aa0d..97c53f71444 100644 --- a/codex-rs/tui/src/startup_hooks_review.rs +++ b/codex-rs/tui/src/startup_hooks_review.rs @@ -5,7 +5,9 @@ use ratatui::layout::Rect; use ratatui::style::Stylize; use ratatui::text::Line; use ratatui::widgets::Clear; +use ratatui::widgets::Paragraph; use ratatui::widgets::WidgetRef; +use ratatui::widgets::Wrap; use tokio::sync::mpsc::unbounded_channel; use tokio_stream::StreamExt; @@ -17,6 +19,7 @@ use crate::bottom_pane::ListSelectionView; use crate::bottom_pane::SelectionItem; use crate::bottom_pane::SelectionViewParams; use crate::bottom_pane::popup_consts::standard_popup_hint_line_for_keymap; +use crate::config_update::format_config_error; use crate::hooks_rpc::HookTrustUpdate; use crate::hooks_rpc::fetch_hooks_list; use crate::hooks_rpc::hook_needs_review; @@ -28,7 +31,9 @@ use crate::render::renderable::ColumnRenderable; use crate::render::renderable::Renderable; use crate::tui::Tui; use crate::tui::TuiEvent; +use codex_app_server_client::AppServerRequestHandle; use codex_app_server_protocol::HooksListEntry; +use std::path::PathBuf; pub(crate) enum StartupHooksReviewOutcome { Continue, @@ -42,21 +47,32 @@ enum StartupHooksReviewSelection { ContinueWithoutTrusting, } +pub(crate) async fn load_startup_hooks_review_entry( + request_handle: AppServerRequestHandle, + cwd: PathBuf, +) -> HooksListEntry { + let response = match fetch_hooks_list(request_handle, cwd.clone()).await { + Ok(response) => response, + Err(err) => { + tracing::warn!("failed to load startup hook review state: {err:#}"); + return HooksListEntry { + cwd, + hooks: Vec::new(), + warnings: Vec::new(), + errors: Vec::new(), + }; + } + }; + hooks_list_entry_for_cwd(response, &cwd) +} + pub(crate) async fn maybe_run_startup_hooks_review( app_server: &mut AppServerSession, tui: &mut Tui, config: &Config, bypass_hook_trust: bool, + entry: HooksListEntry, ) -> Result { - let cwd = config.cwd.to_path_buf(); - let response = match fetch_hooks_list(app_server.request_handle(), cwd.clone()).await { - Ok(response) => response, - Err(err) => { - tracing::warn!("failed to load startup hook review state: {err:#}"); - return Ok(StartupHooksReviewOutcome::Continue); - } - }; - let entry = hooks_list_entry_for_cwd(response, &cwd); if !review_is_needed(bypass_hook_trust, &entry) { return Ok(StartupHooksReviewOutcome::Continue); } @@ -130,7 +146,9 @@ async fn run_startup_hooks_review_app( ) .await .map(|_| ()) - .map_err(|err| format!("Failed to trust hooks: {err}")); + .map_err(|err| { + format!("Failed to trust hooks: {}", format_config_error(&err)) + }); match result { Ok(()) => return Ok(StartupHooksReviewOutcome::Continue), Err(err) => { @@ -199,7 +217,7 @@ fn selection_view_params( "Hooks can run outside the sandbox after you trust them.".dim(), )); if let Some(error) = trust_all_error { - header.push(Line::from(error.to_string()).red()); + header.push(Paragraph::new(Line::from(error.to_string()).red()).wrap(Wrap { trim: false })); } else if trusting_all { header.push(Line::from("Trusting hooks...".dim())); } @@ -333,7 +351,7 @@ mod tests { } }) .collect::(); - format!("{rendered:width$}", width = area.width as usize) + rendered.trim_end().to_string() }) .collect::>() .join("\n") @@ -373,7 +391,9 @@ mod tests { let keymap = RuntimeKeymap::defaults(); let view = selection_view( &entry(), - Some("Failed to trust hooks: disk full"), + Some( + "Failed to trust hooks: config/batchWrite failed in TUI: Invalid configuration: features.fast_mode=true is not supported; allowed set [fast_mode=false]", + ), /*trusting_all*/ false, AppEventSender::new(tx_raw), &keymap, @@ -381,7 +401,7 @@ mod tests { assert_snapshot!( "startup_hooks_review_prompt_with_trust_error", - render_lines(&view, /*width*/ 80) + render_lines(&view, /*width*/ 62) ); } } diff --git a/codex-rs/tui/src/status/card.rs b/codex-rs/tui/src/status/card.rs index b8c9c165306..61ffd3da7d2 100644 --- a/codex-rs/tui/src/status/card.rs +++ b/codex-rs/tui/src/status/card.rs @@ -287,7 +287,7 @@ impl StatusHistoryCell { ]; if config.model_provider.wire_api == WireApi::Responses { let effort_value = reasoning_effort_override - .unwrap_or(config.model_reasoning_effort) + .unwrap_or_else(|| config.model_reasoning_effort.clone()) .map(|effort| effort.to_string()) .unwrap_or_else(|| "none".to_string()); config_entries.push(("reasoning effort", effort_value)); diff --git a/codex-rs/tui/src/status/helpers.rs b/codex-rs/tui/src/status/helpers.rs index 27292e13640..f3ceeb435f1 100644 --- a/codex-rs/tui/src/status/helpers.rs +++ b/codex-rs/tui/src/status/helpers.rs @@ -185,8 +185,6 @@ fn title_case(s: &str) -> String { #[cfg(test)] mod tests { use super::*; - use crate::legacy_core::DEFAULT_AGENTS_MD_FILENAME; - use crate::legacy_core::LOCAL_AGENTS_MD_FILENAME; use crate::legacy_core::config::ConfigBuilder; use codex_utils_absolute_path::test_support::PathBufExt; use pretty_assertions::assert_eq; @@ -227,7 +225,7 @@ mod tests { async fn compose_agents_summary_includes_global_agents_path() { let codex_home = TempDir::new().expect("temp codex home"); let cwd = TempDir::new().expect("temp cwd"); - let global_agents_path = codex_home.path().join(DEFAULT_AGENTS_MD_FILENAME); + let global_agents_path = codex_home.path().join("global.md"); let config = test_config(&codex_home, &cwd).await; assert_eq!( @@ -240,7 +238,7 @@ mod tests { async fn compose_agents_summary_names_global_agents_override() { let codex_home = TempDir::new().expect("temp codex home"); let cwd = TempDir::new().expect("temp cwd"); - let override_path = codex_home.path().join(LOCAL_AGENTS_MD_FILENAME); + let override_path = codex_home.path().join("override.md"); let config = test_config(&codex_home, &cwd).await; assert_eq!( @@ -253,8 +251,8 @@ mod tests { async fn compose_agents_summary_orders_global_before_project_agents() { let codex_home = TempDir::new().expect("temp codex home"); let cwd = TempDir::new().expect("temp cwd"); - let global_agents_path = codex_home.path().join(DEFAULT_AGENTS_MD_FILENAME); - let project_agents_path = cwd.path().join(DEFAULT_AGENTS_MD_FILENAME); + let global_agents_path = codex_home.path().join("global.md"); + let project_agents_path = cwd.path().join("project.md"); let config = test_config(&codex_home, &cwd).await; let summary = compose_agents_summary( @@ -270,7 +268,7 @@ mod tests { Some(format_directory_display(&global_agents_path, /*max_width*/ None).as_str()) ); let project_path = paths.next().expect("project agents path"); - assert!(project_path.ends_with(DEFAULT_AGENTS_MD_FILENAME)); + assert!(project_path.ends_with("project.md")); assert_eq!(paths.next(), None); } } diff --git a/codex-rs/tui/src/status/tests.rs b/codex-rs/tui/src/status/tests.rs index 1fc4c4feba3..4ab7a2cfa22 100644 --- a/codex-rs/tui/src/status/tests.rs +++ b/codex-rs/tui/src/status/tests.rs @@ -29,6 +29,8 @@ use codex_app_server_protocol::SpendControlLimitSnapshot; use codex_config::LoaderOverrides; use codex_model_provider_info::ModelProviderAwsAuthInfo; use codex_model_provider_info::ModelProviderInfo; +use codex_models_manager::test_support::construct_model_info_offline_for_tests; +use codex_models_manager::test_support::get_model_offline_for_tests; use codex_protocol::ThreadId; use codex_protocol::config_types::ApprovalsReviewer; use codex_protocol::config_types::ReasoningSummary; @@ -147,7 +149,7 @@ fn test_status_account_display() -> Option { fn token_info_for(model_slug: &str, config: &Config, usage: &TokenUsage) -> TokenUsageInfo { let context_window = - crate::legacy_core::test_support::construct_model_info_offline(model_slug, config) + construct_model_info_offline_for_tests(model_slug, &config.to_models_manager_config()) .context_window; TokenUsageInfo { total_token_usage: usage.clone(), @@ -212,7 +214,7 @@ fn permissions_text_for(config: &Config) -> Option { .with_ymd_and_hms(2024, 1, 2, 3, 4, 5) .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let composite = new_status_output( config, test_status_account_display().as_ref(), @@ -287,7 +289,7 @@ async fn status_snapshot_includes_reasoning_details() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let reasoning_effort_override = Some(Some(ReasoningEffort::High)); @@ -603,7 +605,7 @@ async fn status_snapshot_shows_active_user_defined_profile() { .with_ymd_and_hms(2024, 1, 2, 3, 4, 5) .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( @@ -648,7 +650,7 @@ async fn status_model_provider_uses_bedrock_runtime_base_url_and_gates_usage_lin .with_ymd_and_hms(2024, 1, 2, 3, 4, 5) .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let runtime_base_url = "https://bedrock-mantle.eu-west-1.api.aws/openai/v1"; let (composite, _handle) = new_status_output_with_rate_limits_handle( @@ -758,7 +760,7 @@ async fn status_snapshot_shows_auto_review_permissions() { .with_ymd_and_hms(2024, 1, 2, 3, 4, 5) .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( @@ -854,7 +856,7 @@ async fn status_snapshot_includes_forked_from() { .single() .expect("valid time"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let session_id = ThreadId::from_string("0f0f3c13-6cf9-4aa4-8b80-7d49c2f1be2e").expect("session id"); @@ -923,7 +925,7 @@ async fn status_snapshot_includes_monthly_limit() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -987,7 +989,7 @@ async fn status_snapshot_includes_enterprise_monthly_credit_limit() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1067,7 +1069,7 @@ async fn status_snapshot_uses_generic_limit_labels_for_unsupported_windows() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1119,7 +1121,7 @@ async fn status_snapshot_shows_unlimited_credits() { rate_limit_reached_type: None, }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1170,7 +1172,7 @@ async fn status_snapshot_shows_positive_credits() { rate_limit_reached_type: None, }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1221,7 +1223,7 @@ async fn status_snapshot_hides_zero_credits() { rate_limit_reached_type: None, }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1270,7 +1272,7 @@ async fn status_snapshot_hides_when_has_no_credits_flag() { rate_limit_reached_type: None, }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1315,7 +1317,7 @@ async fn status_card_token_usage_excludes_cached_tokens() { .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1378,7 +1380,7 @@ async fn status_snapshot_truncates_in_narrow_terminal() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let reasoning_effort_override = Some(Some(ReasoningEffort::High)); let composite = new_status_output( @@ -1428,7 +1430,7 @@ async fn status_snapshot_shows_missing_limits_message() { .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1480,7 +1482,7 @@ async fn status_snapshot_uses_default_reasoning_when_config_empty() { version: "v0.133.0".to_string(), }; - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let (composite, _) = new_status_output_with_rate_limits_handle( &config, @@ -1549,7 +1551,7 @@ async fn status_snapshot_shows_refreshing_limits_notice() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output_with_rate_limits( &config, @@ -1621,7 +1623,7 @@ async fn status_snapshot_includes_credits_and_limits() { }; let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1680,7 +1682,7 @@ async fn status_snapshot_shows_unavailable_limits_message() { .expect("timestamp"); let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1738,7 +1740,7 @@ async fn status_snapshot_treats_refreshing_empty_limits_as_unavailable() { .expect("timestamp"); let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output_with_rate_limits( &config, @@ -1807,7 +1809,7 @@ async fn status_snapshot_shows_stale_limits_message() { let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); let now = captured_at + ChronoDuration::minutes(20); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1879,7 +1881,7 @@ async fn status_snapshot_cached_limits_hide_credits_without_flag() { let rate_display = rate_limit_snapshot_display(&snapshot, captured_at); let now = captured_at + ChronoDuration::minutes(20); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = token_info_for(&model_slug, &config, &usage); let composite = new_status_output( &config, @@ -1933,7 +1935,7 @@ async fn status_context_window_uses_last_usage() { .single() .expect("timestamp"); - let model_slug = crate::legacy_core::test_support::get_model_offline(config.model.as_deref()); + let model_slug = get_model_offline_for_tests(config.model.as_deref()); let token_info = TokenUsageInfo { total_token_usage: total_usage.clone(), last_token_usage: last_usage, diff --git a/codex-rs/tui/src/terminal_palette.rs b/codex-rs/tui/src/terminal_palette.rs index 53c68d96e77..1b539f94cb7 100644 --- a/codex-rs/tui/src/terminal_palette.rs +++ b/codex-rs/tui/src/terminal_palette.rs @@ -1,4 +1,6 @@ use crate::color::perceptual_distance; +use codex_terminal_detection::TerminalName; +use codex_terminal_detection::terminal_info; use ratatui::style::Color; #[derive(Clone, Copy, Debug, Eq, PartialEq)] @@ -30,19 +32,49 @@ pub fn indexed_color(index: u8) -> Color { /// Returns the closest color to the target color that the terminal can display. pub fn best_color(target: (u8, u8, u8)) -> Color { - let color_level = stdout_color_level(); - if color_level == StdoutColorLevel::TrueColor { - rgb_color(target) - } else if color_level == StdoutColorLevel::Ansi256 - && let Some((i, _)) = xterm_fixed_colors().min_by(|(_, a), (_, b)| { - perceptual_distance(*a, target) - .partial_cmp(&perceptual_distance(*b, target)) - .unwrap_or(std::cmp::Ordering::Equal) - }) + best_color_for_color_level(target, effective_stdout_color_level()) +} + +fn effective_stdout_color_level() -> StdoutColorLevel { + stdout_color_level_for_terminal( + stdout_color_level(), + terminal_info().name, + std::env::var_os("WT_SESSION").is_some(), + std::env::var_os("FORCE_COLOR").is_some(), + ) +} + +fn stdout_color_level_for_terminal( + stdout_level: StdoutColorLevel, + terminal_name: TerminalName, + has_wt_session: bool, + has_force_color_override: bool, +) -> StdoutColorLevel { + if has_wt_session && !has_force_color_override { + return StdoutColorLevel::TrueColor; + } + + if stdout_level == StdoutColorLevel::Ansi16 + && terminal_name == TerminalName::WindowsTerminal + && !has_force_color_override { - indexed_color(i as u8) + StdoutColorLevel::TrueColor } else { - Color::default() + stdout_level + } +} + +fn best_color_for_color_level(target: (u8, u8, u8), color_level: StdoutColorLevel) -> Color { + match color_level { + StdoutColorLevel::TrueColor => rgb_color(target), + StdoutColorLevel::Ansi256 => xterm_fixed_colors() + .min_by(|(_, a), (_, b)| { + perceptual_distance(*a, target) + .partial_cmp(&perceptual_distance(*b, target)) + .unwrap_or(std::cmp::Ordering::Equal) + }) + .map_or_else(Color::default, |(i, _)| indexed_color(i as u8)), + StdoutColorLevel::Ansi16 | StdoutColorLevel::Unknown => Color::default(), } } @@ -68,7 +100,7 @@ pub fn default_bg() -> Option<(u8, u8, u8)> { default_colors().map(|c| c.bg) } -#[cfg(unix)] +#[cfg(any(unix, windows))] pub(crate) fn set_default_colors_from_startup_probe( colors: Option, ) { @@ -177,7 +209,73 @@ mod imp { } } -#[cfg(not(all(unix, not(test))))] +#[cfg(windows)] +mod imp { + use super::DefaultColors; + use std::sync::Mutex; + use std::sync::OnceLock; + + struct Cache { + attempted: bool, + value: Option, + } + + impl Default for Cache { + fn default() -> Self { + Self { + attempted: false, + value: None, + } + } + } + + impl Cache { + fn get_or_init_with(&mut self, mut init: impl FnMut() -> Option) -> Option { + if !self.attempted { + self.value = init(); + self.attempted = true; + } + self.value + } + } + + fn default_colors_cache() -> &'static Mutex> { + static CACHE: OnceLock>> = OnceLock::new(); + CACHE.get_or_init(|| Mutex::new(Cache::default())) + } + + pub(super) fn default_colors() -> Option { + let cache = default_colors_cache(); + let mut cache = cache.lock().ok()?; + cache.get_or_init_with(query_default_colors) + } + + pub(super) fn set_default_colors_from_startup_probe( + colors: Option, + ) { + if let Ok(mut cache) = default_colors_cache().lock() { + cache.value = colors.map(|colors| DefaultColors { + fg: colors.fg, + bg: colors.bg, + }); + cache.attempted = true; + } + } + + pub(super) fn requery_default_colors() {} + + fn query_default_colors() -> Option { + crate::terminal_probe::default_colors(crate::terminal_probe::DEFAULT_TIMEOUT) + .ok() + .flatten() + .map(|colors| DefaultColors { + fg: colors.fg, + bg: colors.bg, + }) + } +} + +#[cfg(not(any(all(unix, not(test)), windows)))] mod imp { use super::DefaultColors; @@ -185,7 +283,7 @@ mod imp { None } - #[cfg(unix)] + #[cfg(any(unix, windows))] pub(super) fn set_default_colors_from_startup_probe( _colors: Option, ) { @@ -461,3 +559,64 @@ pub const XTERM_COLORS: [(u8, u8, u8); 256] = [ (228, 228, 228), // 254 Grey89 (238, 238, 238), // 255 Grey93 ]; + +#[cfg(test)] +mod tests { + use super::*; + use pretty_assertions::assert_eq; + + #[test] + fn best_color_uses_truecolor_without_quantization() { + assert_eq!( + best_color_for_color_level((12, 34, 56), StdoutColorLevel::TrueColor), + rgb_color((12, 34, 56)) + ); + } + + #[test] + fn best_color_resets_for_ansi16() { + assert_eq!( + best_color_for_color_level((12, 34, 56), StdoutColorLevel::Ansi16), + Color::Reset + ); + } + + #[test] + fn windows_terminal_wt_session_promotes_to_truecolor() { + assert_eq!( + stdout_color_level_for_terminal( + StdoutColorLevel::Ansi16, + TerminalName::Unknown, + /*has_wt_session*/ true, + /*has_force_color_override*/ false, + ), + StdoutColorLevel::TrueColor + ); + } + + #[test] + fn windows_terminal_name_promotes_ansi16_to_truecolor() { + assert_eq!( + stdout_color_level_for_terminal( + StdoutColorLevel::Ansi16, + TerminalName::WindowsTerminal, + /*has_wt_session*/ false, + /*has_force_color_override*/ false, + ), + StdoutColorLevel::TrueColor + ); + } + + #[test] + fn force_color_keeps_reported_stdout_level() { + assert_eq!( + stdout_color_level_for_terminal( + StdoutColorLevel::Ansi16, + TerminalName::WindowsTerminal, + /*has_wt_session*/ true, + /*has_force_color_override*/ true, + ), + StdoutColorLevel::Ansi16 + ); + } +} diff --git a/codex-rs/tui/src/terminal_probe.rs b/codex-rs/tui/src/terminal_probe.rs index d9927ffa208..bea195083b3 100644 --- a/codex-rs/tui/src/terminal_probe.rs +++ b/codex-rs/tui/src/terminal_probe.rs @@ -12,9 +12,25 @@ //! startup. A future input-preservation layer would need to replay unrelated bytes through the same //! parser that normal TUI input uses. +use std::time::Duration; + +/// Default wall-clock budget for each startup probe group. +pub(crate) const DEFAULT_TIMEOUT: Duration = Duration::from_millis(100); + +/// Default terminal foreground and background colors reported by OSC 10 and OSC 11. +#[derive(Debug, Clone, Copy, Eq, PartialEq)] +pub(crate) struct DefaultColors { + /// Default foreground color as an 8-bit RGB tuple. + pub(crate) fg: (u8, u8, u8), + /// Default background color as an 8-bit RGB tuple. + pub(crate) bg: (u8, u8, u8), +} + #[cfg(unix)] #[cfg_attr(test, allow(dead_code))] mod imp { + use super::DefaultColors; + use super::parse_default_colors; use std::fs::File; use std::fs::OpenOptions; use std::io; @@ -27,18 +43,6 @@ mod imp { use crossterm::event::KeyboardEnhancementFlags; use ratatui::layout::Position; - /// Default wall-clock budget for each startup probe group. - pub(crate) const DEFAULT_TIMEOUT: Duration = Duration::from_millis(100); - - /// Default terminal foreground and background colors reported by OSC 10 and OSC 11. - #[derive(Debug, Clone, Copy, Eq, PartialEq)] - pub(crate) struct DefaultColors { - /// Default foreground color as an 8-bit RGB tuple. - pub(crate) fg: (u8, u8, u8), - /// Default background color as an 8-bit RGB tuple. - pub(crate) bg: (u8, u8, u8), - } - /// Results from the TUI's one-shot startup terminal probe. #[derive(Debug, Clone, Copy, Eq, PartialEq)] pub(crate) struct StartupProbe { @@ -389,60 +393,6 @@ mod imp { None } - fn parse_osc_color(buffer: &[u8], slot: u8) -> Option<(u8, u8, u8)> { - let prefix = format!("\x1B]{slot};"); - let start = find_subslice(buffer, prefix.as_bytes())?; - let payload_start = start + prefix.len(); - let rest = &buffer[payload_start..]; - let (payload_end, _terminator_len) = osc_payload_end(rest)?; - let payload = std::str::from_utf8(&rest[..payload_end]).ok()?; - parse_osc_rgb(payload) - } - - fn parse_default_colors(buffer: &[u8]) -> Option { - let fg = parse_osc_color(buffer, /*slot*/ 10)?; - let bg = parse_osc_color(buffer, /*slot*/ 11)?; - Some(DefaultColors { fg, bg }) - } - - fn osc_payload_end(buffer: &[u8]) -> Option<(usize, usize)> { - let mut idx = 0; - while idx < buffer.len() { - match buffer[idx] { - 0x07 => return Some((idx, 1)), - 0x1B if buffer.get(idx + 1) == Some(&b'\\') => return Some((idx, 2)), - _ => idx += 1, - } - } - None - } - - fn parse_osc_rgb(payload: &str) -> Option<(u8, u8, u8)> { - let (prefix, values) = payload.trim().split_once(':')?; - if !prefix.eq_ignore_ascii_case("rgb") && !prefix.eq_ignore_ascii_case("rgba") { - return None; - } - - let mut parts = values.split('/'); - let r = parse_osc_component(parts.next()?)?; - let g = parse_osc_component(parts.next()?)?; - let b = parse_osc_component(parts.next()?)?; - if prefix.eq_ignore_ascii_case("rgba") { - parse_osc_component(parts.next()?)?; - } - parts.next().is_none().then_some((r, g, b)) - } - - fn parse_osc_component(component: &str) -> Option { - match component.len() { - 2 => u8::from_str_radix(component, 16).ok(), - 4 => u16::from_str_radix(component, 16) - .ok() - .map(|value| (value / 257) as u8), - _ => None, - } - } - /// Parser state for the keyboard enhancement probe. /// /// `UnsupportedFallback` records that a primary-device-attributes response arrived without @@ -517,12 +467,6 @@ mod imp { None } - fn find_subslice(haystack: &[u8], needle: &[u8]) -> Option { - haystack - .windows(needle.len()) - .position(|window| window == needle) - } - fn find_all_subslices<'a>( haystack: &'a [u8], needle: &'a [u8], @@ -550,53 +494,6 @@ mod imp { ); } - #[test] - fn parses_osc_colors_with_bel_and_st() { - assert_eq!( - parse_osc_color(b"\x1B]10;rgb:ffff/8000/0000\x07", /*slot*/ 10), - Some((255, 127, 0)) - ); - assert_eq!( - parse_osc_color(b"\x1B]11;rgba:00/80/ff/ff\x1B\\", /*slot*/ 11), - Some((0, 128, 255)) - ); - } - - #[test] - fn parses_two_and_four_digit_color_components() { - assert_eq!(parse_osc_rgb("rgb:00/80/ff"), Some((0, 128, 255))); - assert_eq!( - parse_osc_rgb("rgba:ffff/8000/0000/ffff"), - Some((255, 127, 0)) - ); - } - - #[test] - fn parses_default_colors_from_one_buffer() { - assert_eq!( - parse_default_colors( - b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\\x1B]11;rgb:1111/1111/1111\x07" - ), - Some(DefaultColors { - fg: (238, 238, 238), - bg: (17, 17, 17) - }) - ); - assert_eq!( - parse_default_colors( - b"\x1B]11;rgb:1111/1111/1111\x07\x1B]10;rgb:eeee/eeee/eeee\x1B\\" - ), - Some(DefaultColors { - fg: (238, 238, 238), - bg: (17, 17, 17) - }) - ); - assert_eq!( - parse_default_colors(b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\"), - None - ); - } - #[test] fn parses_keyboard_enhancement_flags_and_pda_fallback() { assert_eq!( @@ -655,5 +552,404 @@ mod imp { } } -#[cfg(unix)] +#[cfg(windows)] +mod imp { + use super::DefaultColors; + use super::parse_default_colors; + use std::io; + use std::io::ErrorKind; + use std::time::Duration; + use std::time::Instant; + use windows_sys::Win32::Foundation::HANDLE; + use windows_sys::Win32::Foundation::INVALID_HANDLE_VALUE; + use windows_sys::Win32::Foundation::WAIT_OBJECT_0; + use windows_sys::Win32::Foundation::WAIT_TIMEOUT; + use windows_sys::Win32::Storage::FileSystem::ReadFile; + use windows_sys::Win32::Storage::FileSystem::WriteFile; + use windows_sys::Win32::System::Console::CONSOLE_SCREEN_BUFFER_INFOEX; + use windows_sys::Win32::System::Console::ENABLE_VIRTUAL_TERMINAL_INPUT; + use windows_sys::Win32::System::Console::GetConsoleMode; + use windows_sys::Win32::System::Console::GetConsoleScreenBufferInfoEx; + use windows_sys::Win32::System::Console::GetStdHandle; + use windows_sys::Win32::System::Console::STD_INPUT_HANDLE; + use windows_sys::Win32::System::Console::STD_OUTPUT_HANDLE; + use windows_sys::Win32::System::Console::SetConsoleMode; + use windows_sys::Win32::System::Threading::WaitForSingleObject; + + /// Queries OSC 10 and OSC 11 default colors under one shared deadline. + /// + /// The Windows path uses raw console handles because crossterm's public color query helper is + /// currently Unix-only. Failures and missing responses are reported as `Ok(None)` by callers so + /// terminals without OSC 10/11 support keep the existing conservative palette fallback. + pub(crate) fn default_colors(timeout: Duration) -> io::Result> { + let Ok(output) = std_handle(STD_OUTPUT_HANDLE) else { + return Ok(None); + }; + + if let Ok(input) = std_handle(STD_INPUT_HANDLE) + && let Ok(Some(colors)) = query_osc_default_colors(input, output, timeout) + { + return Ok(Some(colors)); + } + + Ok(query_console_default_colors(output).ok().flatten()) + } + + fn query_osc_default_colors( + input: HANDLE, + output: HANDLE, + timeout: Duration, + ) -> io::Result> { + let _vt_input = VirtualTerminalInputMode::enable(input)?; + write_all(output, b"\x1B]10;?\x1B\\\x1B]11;?\x1B\\")?; + read_until(input, timeout, parse_default_colors) + } + + fn query_console_default_colors(output: HANDLE) -> io::Result> { + let mut info = unsafe { std::mem::zeroed::() }; + info.cbSize = std::mem::size_of::() as u32; + if unsafe { GetConsoleScreenBufferInfoEx(output, &mut info) } == 0 { + return Err(io::Error::last_os_error()); + } + Ok(Some(decode_console_default_colors( + info.wAttributes, + &info.ColorTable, + ))) + } + + fn decode_console_default_colors(attributes: u16, color_table: &[u32; 16]) -> DefaultColors { + let fg_index = (attributes & 0x0f) as usize; + let bg_index = ((attributes >> 4) & 0x0f) as usize; + // COMMON_LVB_REVERSE_VIDEO changes how cells render, but this probe is discovering the + // configured default colors for palette blending. Keep the attribute fg/bg indices as-is. + DefaultColors { + fg: decode_color_ref(color_table[fg_index]), + bg: decode_color_ref(color_table[bg_index]), + } + } + + fn decode_color_ref(color_ref: u32) -> (u8, u8, u8) { + ( + (color_ref & 0xff) as u8, + ((color_ref >> 8) & 0xff) as u8, + ((color_ref >> 16) & 0xff) as u8, + ) + } + + fn std_handle(kind: u32) -> io::Result { + let handle = unsafe { GetStdHandle(kind) }; + if handle == 0 || handle == INVALID_HANDLE_VALUE { + return Err(io::Error::last_os_error()); + } + Ok(handle) + } + + struct VirtualTerminalInputMode { + handle: HANDLE, + original_mode: u32, + } + + impl VirtualTerminalInputMode { + fn enable(handle: HANDLE) -> io::Result { + let mut original_mode = 0; + if unsafe { GetConsoleMode(handle, &mut original_mode) } == 0 { + return Err(io::Error::last_os_error()); + } + + let requested_mode = original_mode | ENABLE_VIRTUAL_TERMINAL_INPUT; + if unsafe { SetConsoleMode(handle, requested_mode) } == 0 { + return Err(io::Error::last_os_error()); + } + + Ok(Self { + handle, + original_mode, + }) + } + } + + impl Drop for VirtualTerminalInputMode { + fn drop(&mut self) { + unsafe { + SetConsoleMode(self.handle, self.original_mode); + } + } + } + + fn write_all(handle: HANDLE, mut bytes: &[u8]) -> io::Result<()> { + while !bytes.is_empty() { + let mut written = 0; + let ok = unsafe { + WriteFile( + handle, + bytes.as_ptr().cast(), + bytes.len().min(u32::MAX as usize) as u32, + &mut written, + std::ptr::null_mut(), + ) + }; + if ok == 0 { + return Err(io::Error::last_os_error()); + } + if written == 0 { + return Err(io::Error::from(ErrorKind::WriteZero)); + } + bytes = &bytes[written as usize..]; + } + Ok(()) + } + + fn read_until( + handle: HANDLE, + timeout: Duration, + mut parse: impl FnMut(&[u8]) -> Option, + ) -> io::Result> { + let deadline = Instant::now() + timeout; + let mut buffer = Vec::new(); + loop { + if let Some(value) = parse(&buffer) { + return Ok(Some(value)); + } + + let now = Instant::now(); + if now >= deadline { + return Ok(None); + } + let timeout_ms = deadline + .saturating_duration_since(now) + .as_millis() + .min(u32::MAX as u128) as u32; + match unsafe { WaitForSingleObject(handle, timeout_ms) } { + WAIT_OBJECT_0 => read_once(handle, &mut buffer)?, + WAIT_TIMEOUT => return Ok(None), + _ => return Err(io::Error::last_os_error()), + } + } + } + + fn read_once(handle: HANDLE, buffer: &mut Vec) -> io::Result<()> { + let mut chunk = [0_u8; 256]; + let mut read = 0; + let ok = unsafe { + ReadFile( + handle, + chunk.as_mut_ptr().cast(), + chunk.len() as u32, + &mut read, + std::ptr::null_mut(), + ) + }; + if ok == 0 { + return Err(io::Error::last_os_error()); + } + buffer.extend_from_slice(&chunk[..read as usize]); + Ok(()) + } + + #[cfg(test)] + mod tests { + use super::*; + use pretty_assertions::assert_eq; + use windows_sys::Win32::System::Console::COMMON_LVB_REVERSE_VIDEO; + + fn color_table() -> [u32; 16] { + [ + 0x00000000, 0x00000080, 0x00008000, 0x00008080, 0x00800000, 0x00800080, 0x00808000, + 0x00c0c0c0, 0x00808080, 0x000000ff, 0x0000ff00, 0x0000ffff, 0x00ff0000, 0x00ff00ff, + 0x00ffff00, 0x00ffffff, + ] + } + + #[test] + fn decodes_console_color_attribute_indices() { + assert_eq!( + decode_console_default_colors(/*attributes*/ 0x21, &color_table()), + DefaultColors { + fg: (128, 0, 0), + bg: (0, 128, 0), + } + ); + } + + #[test] + fn decodes_console_color_intensity_indices() { + assert_eq!( + decode_console_default_colors(/*attributes*/ 0xe9, &color_table()), + DefaultColors { + fg: (255, 0, 0), + bg: (0, 255, 255), + } + ); + } + + #[test] + fn decodes_console_color_ref_byte_order() { + let mut colors = color_table(); + colors[3] = 0x00112233; + colors[4] = 0x00aabbcc; + + assert_eq!( + decode_console_default_colors(/*attributes*/ 0x43, &colors), + DefaultColors { + fg: (0x33, 0x22, 0x11), + bg: (0xcc, 0xbb, 0xaa), + } + ); + } + + #[test] + fn ignores_reverse_video_when_decoding_default_colors() { + assert_eq!( + decode_console_default_colors( + /*attributes*/ COMMON_LVB_REVERSE_VIDEO | 0x21, + &color_table(), + ), + DefaultColors { + fg: (128, 0, 0), + bg: (0, 128, 0), + } + ); + } + } +} + +fn parse_osc_color(buffer: &[u8], slot: u8) -> Option<(u8, u8, u8)> { + let prefix = format!("\x1B]{slot};"); + let start = find_subslice(buffer, prefix.as_bytes())?; + let payload_start = start + prefix.len(); + let rest = &buffer[payload_start..]; + let (payload_end, _terminator_len) = osc_payload_end(rest)?; + let payload = std::str::from_utf8(&rest[..payload_end]).ok()?; + parse_osc_rgb(payload) +} + +fn parse_default_colors(buffer: &[u8]) -> Option { + let fg = parse_osc_color(buffer, /*slot*/ 10)?; + let bg = parse_osc_color(buffer, /*slot*/ 11)?; + Some(DefaultColors { fg, bg }) +} + +fn osc_payload_end(buffer: &[u8]) -> Option<(usize, usize)> { + let mut idx = 0; + while idx < buffer.len() { + match buffer[idx] { + 0x07 => return Some((idx, 1)), + 0x1B if buffer.get(idx + 1) == Some(&b'\\') => return Some((idx, 2)), + _ => idx += 1, + } + } + None +} + +fn parse_osc_rgb(payload: &str) -> Option<(u8, u8, u8)> { + let (prefix, values) = payload.trim().split_once(':')?; + if !prefix.eq_ignore_ascii_case("rgb") && !prefix.eq_ignore_ascii_case("rgba") { + return None; + } + + let mut parts = values.split('/'); + let r = parse_osc_component(parts.next()?)?; + let g = parse_osc_component(parts.next()?)?; + let b = parse_osc_component(parts.next()?)?; + if prefix.eq_ignore_ascii_case("rgba") { + parse_osc_component(parts.next()?)?; + } + parts.next().is_none().then_some((r, g, b)) +} + +fn parse_osc_component(component: &str) -> Option { + match component.len() { + 2 => u8::from_str_radix(component, 16).ok(), + 4 => u16::from_str_radix(component, 16) + .ok() + .map(|value| (value / 257) as u8), + _ => None, + } +} + +fn find_subslice(haystack: &[u8], needle: &[u8]) -> Option { + haystack + .windows(needle.len()) + .position(|window| window == needle) +} + +#[cfg(any(unix, windows))] pub(crate) use imp::*; + +#[cfg(test)] +mod tests { + use super::*; + use pretty_assertions::assert_eq; + + #[test] + fn parses_osc_colors_with_bel_and_st() { + assert_eq!( + parse_osc_color(b"\x1B]10;rgb:ffff/8000/0000\x07", /*slot*/ 10), + Some((255, 127, 0)) + ); + assert_eq!( + parse_osc_color(b"\x1B]11;rgba:00/80/ff/ff\x1B\\", /*slot*/ 11), + Some((0, 128, 255)) + ); + } + + #[test] + fn parses_two_and_four_digit_color_components() { + assert_eq!(parse_osc_rgb("rgb:00/80/ff"), Some((0, 128, 255))); + assert_eq!( + parse_osc_rgb("rgba:ffff/8000/0000/ffff"), + Some((255, 127, 0)) + ); + } + + #[test] + fn parses_default_colors_from_one_buffer() { + assert_eq!( + parse_default_colors(b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\\x1B]11;rgb:1111/1111/1111\x07"), + Some(DefaultColors { + fg: (238, 238, 238), + bg: (17, 17, 17) + }) + ); + assert_eq!( + parse_default_colors(b"\x1B]11;rgb:1111/1111/1111\x07\x1B]10;rgb:eeee/eeee/eeee\x1B\\"), + Some(DefaultColors { + fg: (238, 238, 238), + bg: (17, 17, 17) + }) + ); + assert_eq!( + parse_default_colors(b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\"), + None + ); + } + + #[test] + fn ignores_malformed_or_partial_default_color_responses() { + assert_eq!( + parse_default_colors(b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\\x1B]11;rgb:nope\x07"), + None + ); + assert_eq!( + parse_default_colors(b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\\x1B]11;rgb:11/11/11/11\x07"), + None + ); + assert_eq!( + parse_default_colors(b"\x1B]10;rgb:eeee/eeee/eeee\x1B\\\x1B]11;rgb:1111/1111/1111"), + None + ); + } + + #[test] + fn parses_default_colors_with_unrelated_bytes() { + assert_eq!( + parse_default_colors( + b"typed\x1B]10;rgb:eeee/eeee/eeee\x1B\\noise\x1B]11;rgb:1111/1111/1111\x07" + ), + Some(DefaultColors { + fg: (238, 238, 238), + bg: (17, 17, 17), + }) + ); + } +} diff --git a/codex-rs/tui/src/terminal_visualization_instructions.rs b/codex-rs/tui/src/terminal_visualization_instructions.rs new file mode 100644 index 00000000000..eb59f2d1571 --- /dev/null +++ b/codex-rs/tui/src/terminal_visualization_instructions.rs @@ -0,0 +1,29 @@ +use crate::legacy_core::config::Config; +use codex_features::Feature; + +pub(crate) const TERMINAL_VISUALIZATION_INSTRUCTIONS: &str = "\ +- This surface is a terminal. When the formatting rules require a visual, include one in the final answer using compact ASCII diagrams, trees, timelines, or tables. +- Use tables for exact mappings or comparisons rather than collapsing known mappings into prose. +- Use trees for hierarchy or one-to-many relationships, and diagrams or timelines for sequence, change, or state transferred between records across event order. +- Use only ASCII characters in visuals."; + +pub(crate) fn with_terminal_visualization_instructions( + config: &Config, + control_instructions: Option, +) -> Option { + if !config + .features + .enabled(Feature::TerminalVisualizationInstructions) + { + return control_instructions; + } + + let existing_instructions = + control_instructions.or_else(|| config.developer_instructions.clone()); + Some(match existing_instructions.as_deref() { + Some(existing) if !existing.trim().is_empty() => { + format!("{existing}\n\n{TERMINAL_VISUALIZATION_INSTRUCTIONS}") + } + _ => TERMINAL_VISUALIZATION_INSTRUCTIONS.to_string(), + }) +} diff --git a/codex-rs/tui/src/test_support.rs b/codex-rs/tui/src/test_support.rs index 53fd8adf628..44e98993797 100644 --- a/codex-rs/tui/src/test_support.rs +++ b/codex-rs/tui/src/test_support.rs @@ -1,8 +1,23 @@ +//! Test-only helpers shared across the TUI crate. + +use std::sync::LazyLock; + +use codex_models_manager::bundled_models_response; +use codex_protocol::openai_models::ModelPreset; pub(crate) use codex_utils_absolute_path::test_support::PathBufExt; pub(crate) use codex_utils_absolute_path::test_support::test_path_buf; use serde::Serialize; use serde::de::DeserializeOwned; +pub(crate) static TEST_MODEL_PRESETS: LazyLock> = LazyLock::new(|| { + let mut response = bundled_models_response() + .unwrap_or_else(|err| panic!("bundled models.json should parse: {err}")); + response.models.sort_by_key(|model| model.priority); + let mut presets: Vec = response.models.into_iter().map(Into::into).collect(); + ModelPreset::mark_default_by_picker_visibility(&mut presets); + presets +}); + pub(crate) fn test_path_display(path: &str) -> String { test_path_buf(path).display().to_string() } diff --git a/codex-rs/tui/src/resume_picker/transcript.rs b/codex-rs/tui/src/thread_transcript.rs similarity index 95% rename from codex-rs/tui/src/resume_picker/transcript.rs rename to codex-rs/tui/src/thread_transcript.rs index abf13bd144c..b530dfacf4d 100644 --- a/codex-rs/tui/src/resume_picker/transcript.rs +++ b/codex-rs/tui/src/thread_transcript.rs @@ -1,3 +1,5 @@ +//! Render persisted thread turns into history-cell building blocks. + use std::sync::Arc; use crate::app_server_session::AppServerSession; @@ -7,6 +9,7 @@ use crate::history_cell::HistoryCell; use crate::history_cell::PlainHistoryCell; use crate::history_cell::ReasoningSummaryCell; use crate::history_cell::UserHistoryCell; +use crate::multi_agents::sub_agent_activity_summary; use codex_app_server_protocol::Thread; use codex_app_server_protocol::ThreadItem; use codex_protocol::ThreadId; @@ -67,7 +70,7 @@ pub(crate) fn thread_to_transcript_cells( })); } ThreadItem::AgentMessage { text, .. } => { - let parsed = parse_assistant_markdown(text); + let parsed = parse_assistant_markdown(text, cwd); if !parsed.visible_markdown.trim().is_empty() { cells.push(Arc::new(AgentMarkdownCell::new( parsed.visible_markdown, @@ -191,6 +194,11 @@ fn fallback_transcript_cell(item: &ThreadItem) -> Option { ThreadItem::CollabAgentToolCall { tool, status, .. } => { vec![format!("agent tool: {tool:?} · {status:?}").dim().into()] } + ThreadItem::SubAgentActivity { + kind, agent_path, .. + } => { + vec![sub_agent_activity_summary(*kind, agent_path).dim().into()] + } ThreadItem::WebSearch { query, .. } => { vec![vec!["web search: ".dim(), query.clone().into()].into()] } diff --git a/codex-rs/tui/src/tui.rs b/codex-rs/tui/src/tui.rs index b9055f5d6b5..681e0cb3977 100644 --- a/codex-rs/tui/src/tui.rs +++ b/codex-rs/tui/src/tui.rs @@ -438,6 +438,9 @@ pub(crate) fn init() -> Result { let enhanced_keys_supported = !keyboard_modes::keyboard_enhancement_disabled() && detect_keyboard_enhancement_supported(); + #[cfg(windows)] + probe_windows_default_colors(); + let tui = CustomTerminal::with_options_and_cursor_position(backend, cursor_pos)?; let stderr_guard = terminal_stderr::TerminalStderrGuard::install()?; Ok(InitializedTerminal { @@ -457,11 +460,33 @@ fn cursor_position_with_crossterm(backend: &mut CrosstermBackend) -> Pos #[cfg(not(unix))] fn detect_keyboard_enhancement_supported() -> bool { - // Non-Unix startup keeps the existing crossterm path because the bounded probe implementation - // relies on Unix file descriptors and `/dev/tty` semantics. + // Non-Unix startup keeps the existing crossterm keyboard probe path because it already knows + // how to interpret platform-specific event sources. supports_keyboard_enhancement().unwrap_or(/*default*/ false) } +#[cfg(windows)] +fn probe_windows_default_colors() { + let started_at = std::time::Instant::now(); + match crate::terminal_probe::default_colors(crate::terminal_probe::DEFAULT_TIMEOUT) { + Ok(colors) => { + tracing::info!( + duration_ms = %started_at.elapsed().as_millis(), + default_colors = colors.is_some(), + "terminal default color probe completed" + ); + crate::terminal_palette::set_default_colors_from_startup_probe(colors); + } + Err(err) => { + tracing::warn!( + duration_ms = %started_at.elapsed().as_millis(), + "terminal default color probe failed: {err}" + ); + crate::terminal_palette::set_default_colors_from_startup_probe(/*colors*/ None); + } + } +} + fn set_panic_hook() { let hook = panic::take_hook(); panic::set_hook(Box::new(move |panic_info| { diff --git a/codex-rs/tui/src/windows_sandbox.rs b/codex-rs/tui/src/windows_sandbox.rs new file mode 100644 index 00000000000..ec586e7b1b0 --- /dev/null +++ b/codex-rs/tui/src/windows_sandbox.rs @@ -0,0 +1,122 @@ +//! TUI-owned Windows sandbox helpers retained while setup still runs in the local client process. +//! +//! TODO: These helpers inspect and modify the TUI host, so they do not support +//! cross-platform remote app servers. Move readiness and setup to the existing +//! `windowsSandbox/*` RPCs while preserving the pending permission profile, +//! use the server platform reported during initialization, and add a remote +//! equivalent for read-root grants. + +use crate::legacy_core::config::Config; +use codex_config::types::WindowsSandboxModeToml; +use codex_features::Feature; +use codex_protocol::config_types::WindowsSandboxLevel; +#[cfg(target_os = "windows")] +use codex_protocol::models::PermissionProfile; +#[cfg(target_os = "windows")] +use codex_utils_absolute_path::AbsolutePathBuf; +#[cfg(target_os = "windows")] +use std::collections::HashMap; +use std::path::Path; +#[cfg(target_os = "windows")] +use std::path::PathBuf; + +pub(crate) fn level_from_config(config: &Config) -> WindowsSandboxLevel { + match config.permissions.windows_sandbox_mode { + Some(WindowsSandboxModeToml::Elevated) => WindowsSandboxLevel::Elevated, + Some(WindowsSandboxModeToml::Unelevated) => WindowsSandboxLevel::RestrictedToken, + None if config.features.enabled(Feature::WindowsSandboxElevated) => { + WindowsSandboxLevel::Elevated + } + None if config.features.enabled(Feature::WindowsSandbox) => { + WindowsSandboxLevel::RestrictedToken + } + None => WindowsSandboxLevel::Disabled, + } +} + +#[cfg(target_os = "windows")] +pub(crate) use codex_windows_sandbox::sandbox_setup_is_complete; + +#[cfg(not(target_os = "windows"))] +pub(crate) fn sandbox_setup_is_complete(_codex_home: &Path) -> bool { + false +} + +#[cfg(target_os = "windows")] +pub(crate) fn run_elevated_setup( + permission_profile: &PermissionProfile, + workspace_roots: &[AbsolutePathBuf], + command_cwd: &Path, + env_map: &HashMap, + codex_home: &Path, +) -> anyhow::Result<()> { + let permissions = codex_windows_sandbox::ResolvedWindowsSandboxPermissions::try_from_permission_profile_for_workspace_roots( + permission_profile, + workspace_roots, + )?; + codex_windows_sandbox::run_elevated_setup( + codex_windows_sandbox::SandboxSetupRequest { + permissions: &permissions, + command_cwd, + env_map, + codex_home, + proxy_enforced: false, + }, + codex_windows_sandbox::SetupRootOverrides::default(), + ) +} + +#[cfg(target_os = "windows")] +pub(crate) fn elevated_setup_failure_details(err: &anyhow::Error) -> Option<(String, String)> { + let failure = codex_windows_sandbox::extract_setup_failure(err)?; + Some(( + failure.code.as_str().to_string(), + codex_windows_sandbox::sanitize_setup_metric_tag_value(&failure.message), + )) +} + +#[cfg(target_os = "windows")] +pub(crate) fn elevated_setup_failure_metric_name(err: &anyhow::Error) -> &'static str { + if codex_windows_sandbox::extract_setup_failure(err).is_some_and(|failure| { + matches!( + failure.code, + codex_windows_sandbox::SetupErrorCode::OrchestratorHelperLaunchCanceled + ) + }) { + "codex.windows_sandbox.elevated_setup_canceled" + } else { + "codex.windows_sandbox.elevated_setup_failure" + } +} + +#[cfg(target_os = "windows")] +pub(crate) fn grant_read_root_non_elevated( + permission_profile: &PermissionProfile, + workspace_roots: &[AbsolutePathBuf], + command_cwd: &Path, + env_map: &HashMap, + codex_home: &Path, + read_root: &Path, +) -> anyhow::Result { + if !read_root.is_absolute() { + anyhow::bail!("path must be absolute: {}", read_root.display()); + } + if !read_root.exists() { + anyhow::bail!("path does not exist: {}", read_root.display()); + } + if !read_root.is_dir() { + anyhow::bail!("path must be a directory: {}", read_root.display()); + } + + let canonical_root = dunce::canonicalize(read_root)?; + codex_windows_sandbox::run_setup_refresh_with_extra_read_roots( + permission_profile, + workspace_roots, + command_cwd, + env_map, + codex_home, + vec![canonical_root.clone()], + /*proxy_enforced*/ false, + )?; + Ok(canonical_root) +} diff --git a/codex-rs/tui/src/workspace_command.rs b/codex-rs/tui/src/workspace_command.rs index c6b2e770e61..02495d66ddb 100644 --- a/codex-rs/tui/src/workspace_command.rs +++ b/codex-rs/tui/src/workspace_command.rs @@ -138,9 +138,8 @@ pub(crate) trait WorkspaceCommandExecutor: Send + Sync { /// Runs a workspace command and returns captured output or an app-server request error. /// /// Callers should treat errors as infrastructure failures and should treat successful output - /// with a non-zero exit code as ordinary command failure. Returning a future instead of using - /// `async_trait` keeps the trait object-safe while matching the repo's native async trait - /// conventions. + /// with a non-zero exit code as ordinary command failure. Returning a boxed future keeps the + /// trait object-safe. fn run( &self, command: WorkspaceCommand, diff --git a/codex-rs/utils/file-lock/BUILD.bazel b/codex-rs/utils/file-lock/BUILD.bazel new file mode 100644 index 00000000000..face70c5351 --- /dev/null +++ b/codex-rs/utils/file-lock/BUILD.bazel @@ -0,0 +1,6 @@ +load("//:defs.bzl", "codex_rust_crate") + +codex_rust_crate( + name = "file-lock", + crate_name = "codex_utils_file_lock", +) diff --git a/codex-rs/utils/file-lock/Cargo.toml b/codex-rs/utils/file-lock/Cargo.toml new file mode 100644 index 00000000000..5e3877fc163 --- /dev/null +++ b/codex-rs/utils/file-lock/Cargo.toml @@ -0,0 +1,10 @@ +[package] +name = "codex-utils-file-lock" +version.workspace = true +edition.workspace = true +license.workspace = true + +[lints] +workspace = true + +[dependencies] diff --git a/codex-rs/utils/file-lock/src/lib.rs b/codex-rs/utils/file-lock/src/lib.rs new file mode 100644 index 00000000000..fdcfbdb81e7 --- /dev/null +++ b/codex-rs/utils/file-lock/src/lib.rs @@ -0,0 +1,168 @@ +use std::fs::File; +use std::fs::create_dir; +use std::fs::remove_dir; +use std::io; +use std::path::Path; +use std::path::PathBuf; +use std::thread; +use std::time::Duration; + +const LOCK_DIR_RETRY_SLEEP: Duration = Duration::from_millis(100); + +/// Result of acquiring a blocking advisory file lock. +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum FileLockOutcome { + Acquired, + Unsupported, +} + +/// Result of attempting to acquire a non-blocking advisory file lock. +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum TryFileLockOutcome { + Acquired, + WouldBlock, + Unsupported, +} + +/// Result of attempting to acquire a non-blocking lock directory. +#[derive(Debug, PartialEq, Eq)] +pub enum TryLockDirOutcome { + Acquired(LockDirGuard), + WouldBlock, +} + +/// Guard for a sibling lock directory created with an atomic `mkdir`. +#[derive(Debug, PartialEq, Eq)] +pub struct LockDirGuard { + path: PathBuf, +} + +impl Drop for LockDirGuard { + fn drop(&mut self) { + let _ = remove_dir(&self.path); + } +} + +/// Acquires an exclusive advisory file lock, treating unsupported file locking +/// as a distinct outcome for platforms such as Termux. +pub fn lock_exclusive_optional(file: &File) -> io::Result { + match file.lock() { + Ok(()) => Ok(FileLockOutcome::Acquired), + Err(err) if err.kind() == io::ErrorKind::Unsupported => Ok(FileLockOutcome::Unsupported), + Err(err) => Err(err), + } +} + +/// Attempts to acquire an exclusive advisory file lock without blocking, +/// preserving `WouldBlock` and unsupported file locking as distinct outcomes. +pub fn try_lock_exclusive_optional(file: &File) -> io::Result { + match file.try_lock() { + Ok(()) => Ok(TryFileLockOutcome::Acquired), + Err(std::fs::TryLockError::WouldBlock) => Ok(TryFileLockOutcome::WouldBlock), + Err(std::fs::TryLockError::Error(err)) if err.kind() == io::ErrorKind::Unsupported => { + Ok(TryFileLockOutcome::Unsupported) + } + Err(std::fs::TryLockError::Error(err)) => Err(err), + } +} + +/// Returns the sibling directory path used as a fallback lock for `path`. +pub fn sibling_lock_dir(path: &Path) -> PathBuf { + let Some(file_name) = path.file_name() else { + return path.with_file_name(".lock"); + }; + + let mut lock_name = file_name.to_os_string(); + lock_name.push(".lock"); + path.with_file_name(lock_name) +} + +/// Acquires a sibling lock directory, blocking until it is available. +pub fn acquire_sibling_lock_dir(path: &Path) -> io::Result { + loop { + match try_acquire_sibling_lock_dir(path)? { + TryLockDirOutcome::Acquired(guard) => return Ok(guard), + TryLockDirOutcome::WouldBlock => thread::sleep(LOCK_DIR_RETRY_SLEEP), + } + } +} + +/// Attempts to acquire a sibling lock directory without blocking. +pub fn try_acquire_sibling_lock_dir(path: &Path) -> io::Result { + let lock_dir = sibling_lock_dir(path); + match create_dir(&lock_dir) { + Ok(()) => Ok(TryLockDirOutcome::Acquired(LockDirGuard { path: lock_dir })), + Err(err) if err.kind() == io::ErrorKind::AlreadyExists => Ok(TryLockDirOutcome::WouldBlock), + Err(err) => Err(err), + } +} + +/// Attempts to acquire a shared advisory file lock without blocking, +/// preserving `WouldBlock` and unsupported file locking as distinct outcomes. +pub fn try_lock_shared_optional(file: &File) -> io::Result { + match file.try_lock_shared() { + Ok(()) => Ok(TryFileLockOutcome::Acquired), + Err(std::fs::TryLockError::WouldBlock) => Ok(TryFileLockOutcome::WouldBlock), + Err(std::fs::TryLockError::Error(err)) if err.kind() == io::ErrorKind::Unsupported => { + Ok(TryFileLockOutcome::Unsupported) + } + Err(std::fs::TryLockError::Error(err)) => Err(err), + } +} + +#[cfg(test)] +mod tests { + use super::TryLockDirOutcome; + use super::sibling_lock_dir; + use super::try_acquire_sibling_lock_dir; + use std::fs; + use std::path::PathBuf; + use std::time::SystemTime; + + fn unique_temp_file_path(name: &str) -> PathBuf { + let nanos = SystemTime::now() + .duration_since(SystemTime::UNIX_EPOCH) + .expect("system clock should be after Unix epoch") + .as_nanos(); + std::env::temp_dir().join(format!( + "codex-file-lock-{name}-{}-{nanos}", + std::process::id() + )) + } + + #[test] + fn sibling_lock_dir_appends_lock_suffix() { + let path = PathBuf::from("/tmp/history.jsonl"); + + assert_eq!( + sibling_lock_dir(&path), + PathBuf::from("/tmp/history.jsonl.lock") + ); + } + + #[test] + fn try_acquire_sibling_lock_dir_is_exclusive_until_drop() { + let path = unique_temp_file_path("exclusive"); + let lock_dir = sibling_lock_dir(&path); + let _ = fs::remove_dir_all(&lock_dir); + + let guard = match try_acquire_sibling_lock_dir(&path).expect("acquire lock dir") { + TryLockDirOutcome::Acquired(guard) => guard, + TryLockDirOutcome::WouldBlock => panic!("first lock attempt should acquire"), + }; + assert!(lock_dir.is_dir()); + + assert!(matches!( + try_acquire_sibling_lock_dir(&path).expect("try acquire held lock dir"), + TryLockDirOutcome::WouldBlock + )); + + drop(guard); + assert!(!lock_dir.exists()); + + let reacquired = try_acquire_sibling_lock_dir(&path).expect("reacquire lock dir"); + assert!(matches!(reacquired, TryLockDirOutcome::Acquired(_))); + + let _ = fs::remove_dir_all(lock_dir); + } +} diff --git a/codex-rs/utils/image/src/error.rs b/codex-rs/utils/image/src/error.rs index 28b73f4a7ca..aaa3d4f2f3b 100644 --- a/codex-rs/utils/image/src/error.rs +++ b/codex-rs/utils/image/src/error.rs @@ -25,6 +25,14 @@ pub enum ImageProcessingError { }, #[error("unsupported image `{mime}`")] UnsupportedImageFormat { mime: String }, + #[error("invalid image data URL: {reason}")] + InvalidDataUrl { reason: String }, + #[error("image {representation} is too large ({size} bytes; max {max} bytes)")] + ImageTooLarge { + representation: &'static str, + size: usize, + max: usize, + }, } impl ImageProcessingError { diff --git a/codex-rs/utils/image/src/image_tests.rs b/codex-rs/utils/image/src/image_tests.rs new file mode 100644 index 00000000000..e60c8c6be03 --- /dev/null +++ b/codex-rs/utils/image/src/image_tests.rs @@ -0,0 +1,341 @@ +use std::io::Cursor; + +use super::*; +use image::GenericImageView; +use image::ImageBuffer; +use image::ImageDecoder; +use image::Rgba; +use image::metadata::Orientation; + +const TEST_RGB_ICC_PROFILE: &[u8] = b"0123456789abcdefRGB "; +const TEST_CMYK_ICC_PROFILE: &[u8] = b"0123456789abcdefCMYK"; +const ROTATE_90_EXIF: &[u8] = &[ + 0x49, 0x49, 0x2a, 0x00, 0x08, 0x00, 0x00, 0x00, 0x01, 0x00, 0x12, 0x01, 0x03, 0x00, 0x01, 0x00, + 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +]; + +fn image_bytes(image: &ImageBuffer, Vec>, format: ImageFormat) -> Vec { + let mut encoded = Cursor::new(Vec::new()); + DynamicImage::ImageRgba8(image.clone()) + .write_to(&mut encoded, format) + .expect("encode image to bytes"); + encoded.into_inner() +} + +fn image_bytes_with_metadata( + image: &ImageBuffer, Vec>, + format: ImageFormat, + icc_profile: &[u8], +) -> Vec { + let mut encoded = Vec::new(); + match format { + ImageFormat::Png => { + let mut encoder = PngEncoder::new(&mut encoded); + encoder + .set_icc_profile(icc_profile.to_vec()) + .expect("set PNG ICC profile"); + encoder + .set_exif_metadata(ROTATE_90_EXIF.to_vec()) + .expect("set PNG EXIF metadata"); + encoder + .write_image( + image.as_raw(), + image.width(), + image.height(), + ColorType::Rgba8.into(), + ) + .expect("encode PNG with metadata"); + } + ImageFormat::Jpeg => { + let mut encoder = JpegEncoder::new_with_quality(&mut encoded, 90); + encoder + .set_icc_profile(icc_profile.to_vec()) + .expect("set JPEG ICC profile"); + encoder + .set_exif_metadata(ROTATE_90_EXIF.to_vec()) + .expect("set JPEG EXIF metadata"); + encoder + .encode_image(&DynamicImage::ImageRgba8(image.clone())) + .expect("encode JPEG with metadata"); + } + ImageFormat::WebP => { + let mut encoder = WebPEncoder::new_lossless(&mut encoded); + encoder + .set_icc_profile(icc_profile.to_vec()) + .expect("set WebP ICC profile"); + encoder + .set_exif_metadata(ROTATE_90_EXIF.to_vec()) + .expect("set WebP EXIF metadata"); + encoder + .write_image( + image.as_raw(), + image.width(), + image.height(), + ColorType::Rgba8.into(), + ) + .expect("encode WebP with metadata"); + } + _ => panic!("unsupported test format"), + } + encoded +} + +#[tokio::test(flavor = "multi_thread")] +async fn returns_original_image_when_within_bounds() { + for (format, mime) in [ + (ImageFormat::Png, "image/png"), + (ImageFormat::WebP, "image/webp"), + ] { + let image = ImageBuffer::from_pixel(64, 32, Rgba([10u8, 20, 30, 255])); + let original_bytes = image_bytes(&image, format); + + let encoded = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes.clone(), + PromptImageMode::ResizeToFit, + ) + .expect("process image"); + + assert_eq!(encoded.width, 64); + assert_eq!(encoded.height, 32); + assert_eq!(encoded.mime, mime); + assert_eq!(encoded.bytes, original_bytes); + } +} + +#[tokio::test(flavor = "multi_thread")] +async fn downscales_large_image() { + for (format, mime) in [ + (ImageFormat::Png, "image/png"), + (ImageFormat::WebP, "image/webp"), + ] { + let image = ImageBuffer::from_pixel(4096, 2048, Rgba([200u8, 10, 10, 255])); + let original_bytes = image_bytes(&image, format); + + let processed = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes, + PromptImageMode::ResizeToFit, + ) + .expect("process image"); + + assert!(processed.width <= MAX_DIMENSION); + assert!(processed.height <= MAX_DIMENSION); + assert_eq!(processed.mime, mime); + + let detected_format = + image::guess_format(&processed.bytes).expect("detect resized output format"); + assert_eq!(detected_format, format); + + let loaded = + image::load_from_memory(&processed.bytes).expect("read resized bytes back into image"); + assert_eq!(loaded.dimensions(), (processed.width, processed.height)); + } +} + +#[tokio::test(flavor = "multi_thread")] +async fn downscales_tall_image_to_fit_square_bounds() { + let image = ImageBuffer::from_pixel(1024, 4096, Rgba([200u8, 10, 10, 255])); + let original_bytes = image_bytes(&image, ImageFormat::Png); + + let processed = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes, + PromptImageMode::ResizeToFit, + ) + .expect("process image"); + + assert_eq!(processed.width, 512); + assert_eq!(processed.height, MAX_DIMENSION); + assert_eq!(processed.mime, "image/png"); +} + +#[tokio::test(flavor = "multi_thread")] +async fn resizing_preserves_supported_metadata() { + for format in [ImageFormat::Png, ImageFormat::Jpeg, ImageFormat::WebP] { + let image = ImageBuffer::from_pixel(2050, 2, Rgba([200u8, 10, 10, 255])); + let original_bytes = image_bytes_with_metadata(&image, format, TEST_RGB_ICC_PROFILE); + + let processed = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes, + PromptImageMode::ResizeToFit, + ) + .expect("process image"); + + assert_eq!((processed.width, processed.height), (2048, 2)); + + let mut decoder = ImageReader::with_format(Cursor::new(&processed.bytes), format) + .into_decoder() + .expect("create decoder"); + assert_eq!( + ( + decoder.dimensions(), + decoder.orientation().expect("read orientation"), + decoder.icc_profile().expect("read ICC profile"), + decoder.exif_metadata().expect("read EXIF metadata"), + ), + ( + (2048, 2), + Orientation::Rotate90, + Some(TEST_RGB_ICC_PROFILE.to_vec()), + Some(ROTATE_90_EXIF.to_vec()), + ) + ); + } +} + +#[tokio::test(flavor = "multi_thread")] +async fn resizing_drops_non_rgb_icc_profile() { + let image = ImageBuffer::from_pixel(2050, 2, Rgba([200u8, 10, 10, 255])); + let original_bytes = + image_bytes_with_metadata(&image, ImageFormat::Jpeg, TEST_CMYK_ICC_PROFILE); + + let processed = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes, + PromptImageMode::ResizeToFit, + ) + .expect("process image"); + + let mut decoder = ImageReader::with_format(Cursor::new(&processed.bytes), ImageFormat::Jpeg) + .into_decoder() + .expect("create decoder"); + assert_eq!( + ( + decoder.icc_profile().expect("read ICC profile"), + decoder.exif_metadata().expect("read EXIF metadata"), + ), + (None, Some(ROTATE_90_EXIF.to_vec())) + ); +} + +#[tokio::test(flavor = "multi_thread")] +async fn preserves_large_image_in_original_mode() { + let image = ImageBuffer::from_pixel(4096, 2048, Rgba([180u8, 30, 30, 255])); + let original_bytes = image_bytes(&image, ImageFormat::Png); + + let processed = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes.clone(), + PromptImageMode::Original, + ) + .expect("process image"); + + assert_eq!(processed.width, 4096); + assert_eq!(processed.height, 2048); + assert_eq!(processed.mime, "image/png"); + assert_eq!(processed.bytes, original_bytes); +} + +#[tokio::test(flavor = "multi_thread")] +async fn data_url_processing_preserves_supported_source_bytes() { + let image = ImageBuffer::from_pixel(64, 32, Rgba([10u8, 20, 30, 255])); + let original_bytes = image_bytes(&image, ImageFormat::Png); + let image_url = data_url_from_bytes("image/png", &original_bytes) + .replacen("data:", "DATA:", 1) + .replacen(";base64,", ";BASE64,", 1); + + let processed = load_data_url_for_prompt(&image_url, PromptImageMode::ResizeToFit) + .expect("process data URL image"); + + assert_eq!(processed.width, 64); + assert_eq!(processed.height, 32); + assert_eq!(processed.mime, "image/png"); + assert_eq!(processed.bytes, original_bytes); +} + +#[tokio::test(flavor = "multi_thread")] +async fn data_url_processing_converts_gif_to_png() { + let image = ImageBuffer::from_pixel(64, 32, Rgba([10u8, 20, 30, 255])); + let gif_bytes = image_bytes(&image, ImageFormat::Gif); + let image_url = data_url_from_bytes("image/gif", &gif_bytes); + + let processed = load_data_url_for_prompt(&image_url, PromptImageMode::ResizeToFit) + .expect("process GIF data URL"); + + assert_eq!(processed.mime, "image/png"); + assert_eq!( + image::guess_format(&processed.bytes).expect("detect processed format"), + ImageFormat::Png + ); +} + +#[test] +fn data_url_processing_rejects_malformed_input() { + for image_url in [ + "image/png;base64,AAAA", + "data:image/png;base64", + "data:image/png,AAAA", + "data:image/png;base64,not base64", + ] { + assert!(matches!( + load_data_url_for_prompt(image_url, PromptImageMode::ResizeToFit), + Err(ImageProcessingError::InvalidDataUrl { .. }) + )); + } +} + +#[tokio::test(flavor = "multi_thread")] +async fn resize_with_limits_respects_dimension_and_patch_budgets() { + let image = ImageBuffer::from_pixel(2048, 2048, Rgba([200u8, 10, 10, 255])); + let original_bytes = image_bytes(&image, ImageFormat::Png); + let limits = PromptImageResizeLimits { + max_dimension: 2048, + max_patches: 2_500, + }; + + let processed = load_for_prompt_bytes( + Path::new("in-memory-image"), + original_bytes, + PromptImageMode::ResizeWithLimits(limits), + ) + .expect("process image with explicit limits"); + + assert_eq!((processed.width, processed.height), (1600, 1600)); +} + +#[tokio::test(flavor = "multi_thread")] +async fn fails_cleanly_for_invalid_images() { + let err = load_for_prompt_bytes( + Path::new("in-memory-image"), + b"not an image".to_vec(), + PromptImageMode::ResizeToFit, + ) + .expect_err("invalid image should fail"); + assert!(matches!( + err, + ImageProcessingError::Decode { .. } | ImageProcessingError::UnsupportedImageFormat { .. } + )); +} + +#[tokio::test(flavor = "multi_thread")] +async fn reprocesses_updated_file_contents() { + IMAGE_CACHE.clear(); + + let first_image = ImageBuffer::from_pixel(32, 16, Rgba([20u8, 120, 220, 255])); + let first_bytes = image_bytes(&first_image, ImageFormat::Png); + + let first = load_for_prompt_bytes( + Path::new("in-memory-image"), + first_bytes, + PromptImageMode::ResizeToFit, + ) + .expect("process first image"); + + let second_image = ImageBuffer::from_pixel(96, 48, Rgba([50u8, 60, 70, 255])); + let second_bytes = image_bytes(&second_image, ImageFormat::Png); + + let second = load_for_prompt_bytes( + Path::new("in-memory-image"), + second_bytes, + PromptImageMode::ResizeToFit, + ) + .expect("process updated image"); + + assert_eq!(first.width, 32); + assert_eq!(first.height, 16); + assert_eq!(second.width, 96); + assert_eq!(second.height, 48); + assert_ne!(second.bytes, first.bytes); +} diff --git a/codex-rs/utils/image/src/lib.rs b/codex-rs/utils/image/src/lib.rs index a3f595a183b..93ae427ea52 100644 --- a/codex-rs/utils/image/src/lib.rs +++ b/codex-rs/utils/image/src/lib.rs @@ -1,3 +1,4 @@ +use std::io::Cursor; use std::num::NonZeroUsize; use std::path::Path; use std::sync::LazyLock; @@ -9,14 +10,24 @@ use codex_utils_cache::sha1_digest; use image::ColorType; use image::DynamicImage; use image::GenericImageView; +use image::ImageDecoder; use image::ImageEncoder; use image::ImageFormat; +use image::ImageReader; use image::codecs::jpeg::JpegEncoder; use image::codecs::png::PngEncoder; use image::codecs::webp::WebPEncoder; use image::imageops::FilterType; + +const DATA_URL_PREFIX: &str = "data:"; +pub const PROMPT_IMAGE_PATCH_SIZE: u32 = 32; /// Maximum width or height used when resizing images before uploading. pub const MAX_DIMENSION: u32 = 2048; +/// Maximum accepted byte length for prompt image input representations. +/// +/// This is a high sanity guard against pathological inputs, not a protocol +/// requirement or target upload size. +pub const MAX_PROMPT_IMAGE_INPUT_BYTES: usize = 1024 * 1024 * 1024; pub mod error; @@ -32,15 +43,32 @@ pub struct EncodedImage { impl EncodedImage { pub fn into_data_url(self) -> String { - let encoded = BASE64_STANDARD.encode(&self.bytes); - format!("data:{};base64,{encoded}", self.mime) + data_url_from_bytes(&self.mime, &self.bytes) } } +/// Wraps image bytes in a data URL without decoding or validating them. +pub fn data_url_from_bytes(mime: &str, bytes: &[u8]) -> String { + let encoded = BASE64_STANDARD.encode(bytes); + format!("data:{mime};base64,{encoded}") +} + #[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] pub enum PromptImageMode { ResizeToFit, Original, + ResizeWithLimits(PromptImageResizeLimits), +} + +#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] +pub struct PromptImageResizeLimits { + pub max_dimension: u32, + pub max_patches: usize, +} + +struct ImageMetadata { + icc_profile: Option>, + exif: Option>, } #[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] @@ -65,22 +93,70 @@ pub fn load_for_prompt_bytes( }; IMAGE_CACHE.get_or_try_insert_with(key, move || { - let format = match image::guess_format(&file_bytes) { - Ok(ImageFormat::Png) => Some(ImageFormat::Png), - Ok(ImageFormat::Jpeg) => Some(ImageFormat::Jpeg), - Ok(ImageFormat::Gif) => Some(ImageFormat::Gif), - Ok(ImageFormat::WebP) => Some(ImageFormat::WebP), + let guessed_format = image::guess_format(&file_bytes) + .map_err(|source| ImageProcessingError::decode_error(&path_buf, source))?; + let format = match guessed_format { + ImageFormat::Png => Some(ImageFormat::Png), + ImageFormat::Jpeg => Some(ImageFormat::Jpeg), + ImageFormat::Gif => Some(ImageFormat::Gif), + ImageFormat::WebP => Some(ImageFormat::WebP), _ => None, }; - let dynamic = image::load_from_memory(&file_bytes) + let mut decoder = ImageReader::with_format(Cursor::new(&file_bytes), guessed_format) + .into_decoder() + .map_err(|source| ImageProcessingError::decode_error(&path_buf, source))?; + // Preserve the metadata most important for rendering prompt images faithfully: the color + // profile and EXIF data, including orientation. Other format-specific metadata is + // intentionally not copied. + let metadata = ImageMetadata { + // Only RGB profiles are safe across every re-encoding path. For example, JPEG decoding + // can convert CMYK/YCCK pixels to RGB while retaining the source profile; copying it + // would mislabel the output. Bytes 16..20 are the ICC data color space signature. + icc_profile: decoder + .icc_profile() + .ok() + .flatten() + .filter(|profile| profile.get(16..20) == Some(b"RGB ")), + exif: decoder.exif_metadata().ok().flatten(), + }; + let dynamic = DynamicImage::from_decoder(decoder) .map_err(|source| ImageProcessingError::decode_error(&path_buf, source))?; let (width, height) = dynamic.dimensions(); - let encoded = if mode == PromptImageMode::Original - || (width <= MAX_DIMENSION && height <= MAX_DIMENSION) - { + let target_dimensions = match mode { + PromptImageMode::ResizeToFit if width > MAX_DIMENSION || height > MAX_DIMENSION => { + let resized = dynamic.resize(MAX_DIMENSION, MAX_DIMENSION, FilterType::Triangle); + Some((resized.width(), resized.height(), resized)) + } + PromptImageMode::ResizeWithLimits(limits) => { + let (target_width, target_height) = + prompt_image_output_dimensions_for_limits(width, height, limits); + if (target_width, target_height) == (width, height) { + None + } else { + let resized = + dynamic.resize_exact(target_width, target_height, FilterType::Triangle); + Some((target_width, target_height, resized)) + } + } + PromptImageMode::ResizeToFit | PromptImageMode::Original => None, + }; + + let encoded = if let Some((width, height, resized)) = target_dimensions { + let target_format = format + .filter(|format| can_preserve_source_bytes(*format)) + .unwrap_or(ImageFormat::Png); + let (bytes, output_format) = encode_image(&resized, target_format, metadata)?; + let mime = format_to_mime(output_format); + EncodedImage { + bytes, + mime, + width, + height, + } + } else { if let Some(format) = format.filter(|format| can_preserve_source_bytes(*format)) { let mime = format_to_mime(format); EncodedImage { @@ -90,7 +166,7 @@ pub fn load_for_prompt_bytes( height, } } else { - let (bytes, output_format) = encode_image(&dynamic, ImageFormat::Png)?; + let (bytes, output_format) = encode_image(&dynamic, ImageFormat::Png, metadata)?; let mime = format_to_mime(output_format); EncodedImage { bytes, @@ -99,25 +175,107 @@ pub fn load_for_prompt_bytes( height, } } - } else { - let resized = dynamic.resize(MAX_DIMENSION, MAX_DIMENSION, FilterType::Triangle); - let target_format = format - .filter(|format| can_preserve_source_bytes(*format)) - .unwrap_or(ImageFormat::Png); - let (bytes, output_format) = encode_image(&resized, target_format)?; - let mime = format_to_mime(output_format); - EncodedImage { - bytes, - mime, - width: resized.width(), - height: resized.height(), - } }; Ok(encoded) }) } +pub fn load_data_url_for_prompt( + image_url: &str, + mode: PromptImageMode, +) -> Result { + let rest = image_url + .get(..DATA_URL_PREFIX.len()) + .filter(|prefix| prefix.eq_ignore_ascii_case(DATA_URL_PREFIX)) + .and_then(|_| image_url.get(DATA_URL_PREFIX.len()..)) + .ok_or_else(|| ImageProcessingError::InvalidDataUrl { + reason: "missing data: prefix".to_string(), + })?; + let (metadata, encoded) = + rest.split_once(',') + .ok_or_else(|| ImageProcessingError::InvalidDataUrl { + reason: "missing comma separator".to_string(), + })?; + if !metadata + .split(';') + .any(|part| part.eq_ignore_ascii_case("base64")) + { + return Err(ImageProcessingError::InvalidDataUrl { + reason: "only base64 data URLs are supported".to_string(), + }); + } + + if encoded.len() > MAX_PROMPT_IMAGE_INPUT_BYTES { + return Err(ImageProcessingError::ImageTooLarge { + representation: "base64 payload", + size: encoded.len(), + max: MAX_PROMPT_IMAGE_INPUT_BYTES, + }); + } + let file_bytes = + BASE64_STANDARD + .decode(encoded) + .map_err(|source| ImageProcessingError::InvalidDataUrl { + reason: format!("invalid base64 payload: {source}"), + })?; + if file_bytes.len() > MAX_PROMPT_IMAGE_INPUT_BYTES { + return Err(ImageProcessingError::ImageTooLarge { + representation: "decoded input", + size: file_bytes.len(), + max: MAX_PROMPT_IMAGE_INPUT_BYTES, + }); + } + + load_for_prompt_bytes(Path::new(""), file_bytes, mode) +} + +fn prompt_image_output_dimensions_for_limits( + width: u32, + height: u32, + limits: PromptImageResizeLimits, +) -> (u32, u32) { + let width = width.max(1); + let height = height.max(1); + if prompt_image_dimensions_fit(width, height, limits) { + return (width, height); + } + + let max_dimension_scale = + (f64::from(limits.max_dimension) / f64::from(width.max(height))).min(1.0); + let width = ((f64::from(width) * max_dimension_scale).round() as u32).max(1); + let height = ((f64::from(height) * max_dimension_scale).round() as u32).max(1); + if prompt_image_dimensions_fit(width, height, limits) { + return (width, height); + } + + let width_f64 = f64::from(width); + let height_f64 = f64::from(height); + let patch_size = f64::from(PROMPT_IMAGE_PATCH_SIZE); + let mut scale = + (patch_size * patch_size * limits.max_patches as f64 / width_f64 / height_f64).sqrt(); + // Match Responses patch-budget math: shrink by area, then round the scaled + // patch grid down so integer output dimensions remain within the budget. + let scaled_patches_wide = width_f64 * scale / patch_size; + let scaled_patches_high = height_f64 * scale / patch_size; + scale *= (scaled_patches_wide.floor() / scaled_patches_wide) + .min(scaled_patches_high.floor() / scaled_patches_high); + + ( + ((width_f64 * scale).floor() as u32).max(1), + ((height_f64 * scale).floor() as u32).max(1), + ) +} + +fn prompt_image_dimensions_fit(width: u32, height: u32, limits: PromptImageResizeLimits) -> bool { + let patches_wide = width.div_ceil(PROMPT_IMAGE_PATCH_SIZE); + let patches_high = height.div_ceil(PROMPT_IMAGE_PATCH_SIZE); + let patch_count = u64::from(patches_wide) * u64::from(patches_high); + width <= limits.max_dimension + && height <= limits.max_dimension + && patch_count <= limits.max_patches as u64 +} + fn can_preserve_source_bytes(format: ImageFormat) -> bool { // Public API docs explicitly call out non-animated GIF support only. // Preserve byte-for-byte only for formats we can safely pass through. @@ -130,6 +288,7 @@ fn can_preserve_source_bytes(format: ImageFormat) -> bool { fn encode_image( image: &DynamicImage, preferred_format: ImageFormat, + metadata: ImageMetadata, ) -> Result<(Vec, ImageFormat), ImageProcessingError> { let target_format = match preferred_format { ImageFormat::Jpeg => ImageFormat::Jpeg, @@ -138,11 +297,13 @@ fn encode_image( }; let mut buffer = Vec::new(); + let ImageMetadata { icc_profile, exif } = metadata; match target_format { ImageFormat::Png => { let rgba = image.to_rgba8(); - let encoder = PngEncoder::new(&mut buffer); + let mut encoder = PngEncoder::new(&mut buffer); + apply_image_metadata(&mut encoder, icc_profile, exif, target_format)?; encoder .write_image( rgba.as_raw(), @@ -157,6 +318,7 @@ fn encode_image( } ImageFormat::Jpeg => { let mut encoder = JpegEncoder::new_with_quality(&mut buffer, 85); + apply_image_metadata(&mut encoder, icc_profile, exif, target_format)?; encoder .encode_image(image) .map_err(|source| ImageProcessingError::Encode { @@ -166,7 +328,8 @@ fn encode_image( } ImageFormat::WebP => { let rgba = image.to_rgba8(); - let encoder = WebPEncoder::new_lossless(&mut buffer); + let mut encoder = WebPEncoder::new_lossless(&mut buffer); + apply_image_metadata(&mut encoder, icc_profile, exif, target_format)?; encoder .write_image( rgba.as_raw(), @@ -185,6 +348,31 @@ fn encode_image( Ok((buffer, target_format)) } +fn apply_image_metadata( + encoder: &mut impl ImageEncoder, + icc_profile: Option>, + exif: Option>, + format: ImageFormat, +) -> Result<(), ImageProcessingError> { + if let Some(icc_profile) = icc_profile { + encoder + .set_icc_profile(icc_profile) + .map_err(|source| ImageProcessingError::Encode { + format, + source: image::ImageError::Unsupported(source), + })?; + } + if let Some(exif) = exif { + encoder + .set_exif_metadata(exif) + .map_err(|source| ImageProcessingError::Encode { + format, + source: image::ImageError::Unsupported(source), + })?; + } + Ok(()) +} + fn format_to_mime(format: ImageFormat) -> String { match format { ImageFormat::Jpeg => "image/jpeg".to_string(), @@ -195,155 +383,5 @@ fn format_to_mime(format: ImageFormat) -> String { } #[cfg(test)] -mod tests { - use std::io::Cursor; - - use super::*; - use image::GenericImageView; - use image::ImageBuffer; - use image::Rgba; - - fn image_bytes(image: &ImageBuffer, Vec>, format: ImageFormat) -> Vec { - let mut encoded = Cursor::new(Vec::new()); - DynamicImage::ImageRgba8(image.clone()) - .write_to(&mut encoded, format) - .expect("encode image to bytes"); - encoded.into_inner() - } - - #[tokio::test(flavor = "multi_thread")] - async fn returns_original_image_when_within_bounds() { - for (format, mime) in [ - (ImageFormat::Png, "image/png"), - (ImageFormat::WebP, "image/webp"), - ] { - let image = ImageBuffer::from_pixel(64, 32, Rgba([10u8, 20, 30, 255])); - let original_bytes = image_bytes(&image, format); - - let encoded = load_for_prompt_bytes( - Path::new("in-memory-image"), - original_bytes.clone(), - PromptImageMode::ResizeToFit, - ) - .expect("process image"); - - assert_eq!(encoded.width, 64); - assert_eq!(encoded.height, 32); - assert_eq!(encoded.mime, mime); - assert_eq!(encoded.bytes, original_bytes); - } - } - - #[tokio::test(flavor = "multi_thread")] - async fn downscales_large_image() { - for (format, mime) in [ - (ImageFormat::Png, "image/png"), - (ImageFormat::WebP, "image/webp"), - ] { - let image = ImageBuffer::from_pixel(4096, 2048, Rgba([200u8, 10, 10, 255])); - let original_bytes = image_bytes(&image, format); - - let processed = load_for_prompt_bytes( - Path::new("in-memory-image"), - original_bytes, - PromptImageMode::ResizeToFit, - ) - .expect("process image"); - - assert!(processed.width <= MAX_DIMENSION); - assert!(processed.height <= MAX_DIMENSION); - assert_eq!(processed.mime, mime); - - let detected_format = - image::guess_format(&processed.bytes).expect("detect resized output format"); - assert_eq!(detected_format, format); - - let loaded = image::load_from_memory(&processed.bytes) - .expect("read resized bytes back into image"); - assert_eq!(loaded.dimensions(), (processed.width, processed.height)); - } - } - - #[tokio::test(flavor = "multi_thread")] - async fn downscales_tall_image_to_fit_square_bounds() { - let image = ImageBuffer::from_pixel(1024, 4096, Rgba([200u8, 10, 10, 255])); - let original_bytes = image_bytes(&image, ImageFormat::Png); - - let processed = load_for_prompt_bytes( - Path::new("in-memory-image"), - original_bytes, - PromptImageMode::ResizeToFit, - ) - .expect("process image"); - - assert_eq!(processed.width, 512); - assert_eq!(processed.height, MAX_DIMENSION); - assert_eq!(processed.mime, "image/png"); - } - - #[tokio::test(flavor = "multi_thread")] - async fn preserves_large_image_in_original_mode() { - let image = ImageBuffer::from_pixel(4096, 2048, Rgba([180u8, 30, 30, 255])); - let original_bytes = image_bytes(&image, ImageFormat::Png); - - let processed = load_for_prompt_bytes( - Path::new("in-memory-image"), - original_bytes.clone(), - PromptImageMode::Original, - ) - .expect("process image"); - - assert_eq!(processed.width, 4096); - assert_eq!(processed.height, 2048); - assert_eq!(processed.mime, "image/png"); - assert_eq!(processed.bytes, original_bytes); - } - - #[tokio::test(flavor = "multi_thread")] - async fn fails_cleanly_for_invalid_images() { - let err = load_for_prompt_bytes( - Path::new("in-memory-image"), - b"not an image".to_vec(), - PromptImageMode::ResizeToFit, - ) - .expect_err("invalid image should fail"); - assert!(matches!( - err, - ImageProcessingError::Decode { .. } - | ImageProcessingError::UnsupportedImageFormat { .. } - )); - } - - #[tokio::test(flavor = "multi_thread")] - async fn reprocesses_updated_file_contents() { - { - IMAGE_CACHE.clear(); - } - - let first_image = ImageBuffer::from_pixel(32, 16, Rgba([20u8, 120, 220, 255])); - let first_bytes = image_bytes(&first_image, ImageFormat::Png); - - let first = load_for_prompt_bytes( - Path::new("in-memory-image"), - first_bytes, - PromptImageMode::ResizeToFit, - ) - .expect("process first image"); - - let second_image = ImageBuffer::from_pixel(96, 48, Rgba([50u8, 60, 70, 255])); - let second_bytes = image_bytes(&second_image, ImageFormat::Png); - - let second = load_for_prompt_bytes( - Path::new("in-memory-image"), - second_bytes, - PromptImageMode::ResizeToFit, - ) - .expect("process updated image"); - - assert_eq!(first.width, 32); - assert_eq!(first.height, 16); - assert_eq!(second.width, 96); - assert_eq!(second.height, 48); - assert_ne!(second.bytes, first.bytes); - } -} +#[path = "image_tests.rs"] +mod tests; diff --git a/codex-rs/utils/path-uri/BUILD.bazel b/codex-rs/utils/path-uri/BUILD.bazel new file mode 100644 index 00000000000..7bfd2c4542c --- /dev/null +++ b/codex-rs/utils/path-uri/BUILD.bazel @@ -0,0 +1,6 @@ +load("//:defs.bzl", "codex_rust_crate") + +codex_rust_crate( + name = "path-uri", + crate_name = "codex_utils_path_uri", +) diff --git a/codex-rs/utils/path-uri/Cargo.toml b/codex-rs/utils/path-uri/Cargo.toml new file mode 100644 index 00000000000..1cf70708e74 --- /dev/null +++ b/codex-rs/utils/path-uri/Cargo.toml @@ -0,0 +1,24 @@ +[package] +name = "codex-utils-path-uri" +version.workspace = true +edition.workspace = true +license.workspace = true + +[lints] +workspace = true + +[dependencies] +codex-utils-absolute-path = { workspace = true } +schemars = { workspace = true } +serde = { workspace = true, features = ["derive"] } +thiserror = { workspace = true } +ts-rs = { workspace = true, features = ["no-serde-warnings"] } +url = { workspace = true } +urlencoding = { workspace = true } + +[dev-dependencies] +pretty_assertions = { workspace = true } +serde_json = { workspace = true } + +[lib] +doctest = false diff --git a/codex-rs/utils/path-uri/src/lib.rs b/codex-rs/utils/path-uri/src/lib.rs new file mode 100644 index 00000000000..444af1ea28c --- /dev/null +++ b/codex-rs/utils/path-uri/src/lib.rs @@ -0,0 +1,343 @@ +//! Typed, immutable `file:` URIs with cross-platform path inspection. +//! +//! See [`PathUri`] for scheme, normalization, and serialization behavior. + +use codex_utils_absolute_path::AbsolutePathBuf; +use schemars::JsonSchema; +use serde::Deserialize; +use serde::Deserializer; +use serde::Serialize; +use serde::Serializer; +use std::fmt; +use std::io; +use std::path::Path; +use std::str::FromStr; +use thiserror::Error; +use ts_rs::TS; +use url::Url; + +pub const FILE_SCHEME: &str = "file"; + +/// An immutable, cross-platform representation of a `file:` URI. +/// +/// Only the `file:` scheme is currently accepted. Construction validates the +/// URL, and the URI cannot be mutated after construction. [`Self::basename`], +/// [`Self::parent`], and [`Self::join`] operate on URI path segments without +/// interpreting them using the operating system running Codex. +/// +/// `file:` paths retain their URI spelling so they can be parsed independently +/// of the current host. In particular, `/C:/src` remains ambiguous between a +/// Windows drive path and a valid POSIX path until [`Self::to_abs_path`] +/// applies the current host's rules. A local POSIX `file:` URI can also retain +/// percent-encoded non-UTF-8 bytes for lossless native round trips. +/// +/// Like [VS Code resources], path operations use `/` URI separators on every +/// host. They preserve a URL authority but do not infer Windows drive or UNC +/// roots from path text. Native path normalization, filesystem aliases, +/// symlinks, case sensitivity, and Unicode normalization are not resolved. +/// +/// Serde represents a `PathUri` as its canonical URI string. Deserialization +/// also accepts an absolute native path for compatibility with fields that +/// previously used [`AbsolutePathBuf`]; relative paths are rejected. Valid +/// `file:` strings round-trip through their canonical URL form, including +/// encoded non-UTF-8 path bytes, but conversion to a native path remains +/// host-dependent as described by [RFC 8089]. +/// +/// [RFC 8089]: https://www.rfc-editor.org/rfc/rfc8089.html +/// [VS Code resources]: https://github.com/microsoft/vscode/blob/main/src/vs/base/common/resources.ts +#[derive(Clone, Debug, PartialEq, Eq, Hash, TS)] +#[ts(type = "string")] +pub struct PathUri(Url); + +impl PathUri { + /// Parses and validates a `file:` URI. + pub fn parse(uri: &str) -> Result { + Url::parse(uri)?.try_into() + } + + /// Converts an absolute path on the current host to a `file:` URI. + /// + /// On Windows, paths without a URI representation, including `\\.\` device + /// paths and generic `\\?\` verbatim namespaces, are reported as invalid + /// input. + pub fn from_abs_path(path: &AbsolutePathBuf) -> io::Result { + let url = Url::from_file_path(path.as_path()).map_err(|()| { + io::Error::new( + io::ErrorKind::InvalidInput, + PathUriParseError::InvalidFileUriPath, + ) + })?; + Self::try_from(url).map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err)) + } + + /// Converts a path on the current host to a `file:` URI. + /// + /// Relative paths and paths without a URI representation are reported as + /// invalid input. + pub fn from_path(path: impl AsRef) -> io::Result { + let path = AbsolutePathBuf::from_absolute_path_checked(path) + .map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err))?; + Self::from_abs_path(&path) + } + + /// Returns the percent-encoded URI path. + /// + /// The URL authority is not included. For example, + /// `file://server/share/file.rs` has the path `/share/file.rs`. + pub fn encoded_path(&self) -> &str { + self.0.path() + } + + /// Returns the decoded final URI path segment, or `None` for the URI root. + /// + /// If the segment contains non-UTF-8 encoded bytes, its percent-encoded + /// spelling is returned instead. + pub fn basename(&self) -> Option { + self.0 + .path_segments()? + .rfind(|segment| !segment.is_empty()) + .map(decode_uri_path) + } + + /// Returns the parent URI, or `None` for the URI root. + pub fn parent(&self) -> Option { + if self.encoded_path() == "/" { + return None; + } + + let mut url = self.0.clone(); + { + let mut segments = match url.path_segments_mut() { + Ok(segments) => segments, + Err(()) => unreachable!("validated file URLs support hierarchical path segments"), + }; + segments.pop_if_empty().pop(); + } + Some(Self(url)) + } + + /// Lexically joins a relative URI path onto this URI. + /// + /// Empty and `.` segments are ignored, while `..` removes one segment + /// without escaping the URI root. Literal `%`, `?`, and `#` characters are + /// percent-encoded as filename text. Paths containing a null character are + /// rejected because they cannot be safely converted to native paths. + pub fn join(&self, path: &str) -> Result { + if path.starts_with('/') { + return Err(PathUriParseError::JoinPathMustBeRelative(path.to_string())); + } + if path.contains('\0') { + return Err(PathUriParseError::InvalidFileUriPath); + } + if path.is_empty() { + return Ok(self.clone()); + } + + let mut url = self.0.clone(); + { + let Ok(mut segments) = url.path_segments_mut() else { + unreachable!("validated file URLs support hierarchical path segments"); + }; + segments.pop_if_empty(); + for component in path.split('/') { + match component { + "" | "." => {} + ".." => { + segments.pop(); + } + component => { + segments.push(component); + } + } + } + } + Self::try_from(url) + } + + /// Converts this file URI to a path using the current host's path rules. + /// + /// Conversion should succeed when the URI was created from an + /// [`AbsolutePathBuf`] on the current host. It may fail when the URI came + /// from a different operating system and its `file:` URI form cannot be + /// represented using the current host's path rules, such as a UNC authority + /// on POSIX or a POSIX root on Windows. Because a `file:` URI does not record + /// its source operating system, callers should only use this method when the + /// URI is known to identify a path on the current host. + pub fn to_abs_path(&self) -> io::Result { + let path = self.0.to_file_path().map_err(|()| { + io::Error::new( + io::ErrorKind::InvalidInput, + PathUriParseError::InvalidFileUriPath, + ) + })?; + AbsolutePathBuf::from_absolute_path_checked(path) + .map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err)) + } + + /// Returns a clone of the canonical URL. + pub fn to_url(&self) -> Url { + self.0.clone() + } +} + +impl TryFrom for PathUri { + type Error = PathUriParseError; + + fn try_from(url: Url) -> Result { + if url.scheme() != FILE_SCHEME { + return Err(PathUriParseError::UnsupportedScheme( + url.scheme().to_string(), + )); + } + validate_file_url(&url)?; + let url = without_localhost_authority(url); + Ok(Self(url)) + } +} + +impl TryFrom for PathUri { + type Error = PathUriParseError; + + fn try_from(uri: String) -> Result { + Self::parse(&uri) + } +} + +impl<'de> Deserialize<'de> for PathUri { + fn deserialize(deserializer: D) -> Result + where + D: Deserializer<'de>, + { + let value = String::deserialize(deserializer)?; + let unsupported_scheme = match Url::parse(&value) { + Ok(url) => match Self::try_from(url) { + Ok(uri) => return Ok(uri), + // `Url` parses a Windows drive prefix such as `C:\` as the + // scheme `c`. Give any unsupported URI one chance to satisfy + // the native absolute-path invariant before reporting it. + Err(error @ PathUriParseError::UnsupportedScheme(_)) => Some(error), + Err(error) => return Err(serde::de::Error::custom(error)), + }, + Err(url::ParseError::RelativeUrlWithoutBase) => None, + Err(error) => { + return Err(serde::de::Error::custom(PathUriParseError::InvalidUri( + error, + ))); + } + }; + + let path = AbsolutePathBuf::from_absolute_path_checked(value).map_err(|path_error| { + serde::de::Error::custom( + unsupported_scheme + .map_or_else(|| path_error.to_string(), |error| error.to_string()), + ) + })?; + Self::from_abs_path(&path).map_err(serde::de::Error::custom) + } +} + +impl FromStr for PathUri { + type Err = PathUriParseError; + + fn from_str(uri: &str) -> Result { + Self::parse(uri) + } +} + +impl fmt::Display for PathUri { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + self.0.fmt(f) + } +} + +impl Serialize for PathUri { + fn serialize(&self, serializer: S) -> Result + where + S: Serializer, + { + serializer.serialize_str(self.0.as_str()) + } +} + +impl JsonSchema for PathUri { + fn schema_name() -> String { + "PathUri".to_string() + } + + fn json_schema(generator: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + String::json_schema(generator) + } +} + +/// Removes the local `localhost` alias while retaining non-local UNC authority. +fn without_localhost_authority(mut url: Url) -> Url { + if url.host_str() == Some("localhost") { + let Ok(()) = url.set_host(None) else { + unreachable!("validated file URLs can remove a localhost authority"); + }; + } + url +} + +/// Percent-decodes a URI path when it is valid UTF-8. +/// +/// `file:` URLs may contain encoded non-UTF-8 bytes. In that case the encoded +/// spelling remains available for lexical inspection while the original `Url` +/// is retained for lossless native conversion. +fn decode_uri_path(path: &str) -> String { + urlencoding::decode(path) + .map(std::borrow::Cow::into_owned) + .unwrap_or_else(|_| path.to_string()) +} + +/// Rejects URI metadata that has no defined meaning for `file:` URIs. +fn validate_common_known_uri(url: &Url) -> Result<(), PathUriParseError> { + if !url.username().is_empty() || url.password().is_some() { + return Err(PathUriParseError::CredentialsNotAllowed); + } + if url.port().is_some() { + return Err(PathUriParseError::PortNotAllowed); + } + if url.query().is_some() { + return Err(PathUriParseError::QueryNotAllowed); + } + if url.fragment().is_some() { + return Err(PathUriParseError::FragmentNotAllowed); + } + Ok(()) +} + +/// Applies the common URI checks plus `file:` path-byte restrictions. +fn validate_file_url(url: &Url) -> Result<(), PathUriParseError> { + validate_common_known_uri(url)?; + // `Url` accepts `%00`, but native path APIs use null as a terminator and + // `Url::to_file_path` cannot represent a decoded null byte. + if urlencoding::decode_binary(url.path().as_bytes()).contains(&0) { + return Err(PathUriParseError::InvalidFileUriPath); + } + Ok(()) +} + +#[derive(Debug, Error, PartialEq, Eq)] +pub enum PathUriParseError { + #[error("invalid URI: {0}")] + InvalidUri(#[from] url::ParseError), + #[error("unsupported path URI scheme `{0}`")] + UnsupportedScheme(String), + #[error("file URI contains an invalid absolute path")] + InvalidFileUriPath, + #[error("credentials are not allowed in path URIs")] + CredentialsNotAllowed, + #[error("ports are not allowed in path URIs")] + PortNotAllowed, + #[error("query parameters are not allowed in path URIs")] + QueryNotAllowed, + #[error("fragments are not allowed in path URIs")] + FragmentNotAllowed, + #[error("path `{0}` must be relative when joining a path URI")] + JoinPathMustBeRelative(String), +} + +#[cfg(test)] +#[path = "tests.rs"] +mod tests; diff --git a/codex-rs/utils/path-uri/src/tests.rs b/codex-rs/utils/path-uri/src/tests.rs new file mode 100644 index 00000000000..4fb2ba5b452 --- /dev/null +++ b/codex-rs/utils/path-uri/src/tests.rs @@ -0,0 +1,366 @@ +use super::*; +use codex_utils_absolute_path::AbsolutePathBufGuard; +use pretty_assertions::assert_eq; +#[cfg(unix)] +use std::os::unix::ffi::OsStringExt; +#[cfg(unix)] +use std::path::PathBuf; + +#[test] +fn file_uri_round_trips_an_absolute_path() { + let path = AbsolutePathBuf::current_dir() + .expect("current directory") + .join("a path/file.rs"); + + let uri = PathUri::from_abs_path(&path).expect("path should convert to a file URI"); + + let uri_string = uri.to_string(); + assert!(uri_string.starts_with("file:")); + assert!(uri_string.ends_with("/a%20path/file.rs")); + assert_eq!( + PathUri::parse(&uri_string).expect("serialized URI should parse"), + uri + ); + assert_eq!( + uri.to_abs_path() + .expect("local file URI should convert to a native path"), + path + ); +} + +#[test] +fn non_native_uri_io_conversion_is_invalid_input() { + #[cfg(unix)] + let uri = PathUri::parse("file://server/share/file.txt").expect("valid file URI"); + #[cfg(windows)] + let uri = PathUri::parse("file:///usr/local/file.txt").expect("valid file URI"); + + let error = uri + .to_abs_path() + .expect_err("URI should not be host-native"); + + assert_eq!(error.kind(), io::ErrorKind::InvalidInput); +} + +#[test] +fn file_uri_parses_a_windows_path_on_any_host() { + let uri = PathUri::parse("file:///C:/Users/Alice%20Smith/src/main.rs") + .expect("Windows file URI should parse on every host"); + + assert_eq!(uri.encoded_path(), "/C:/Users/Alice%20Smith/src/main.rs"); + assert_eq!(uri.basename(), Some("main.rs".to_string())); + assert_eq!( + uri.to_string(), + "file:///C:/Users/Alice%20Smith/src/main.rs" + ); +} + +#[cfg(windows)] +#[test] +fn file_uri_rejects_windows_prefixes_without_a_uri_representation() { + for native_path in [ + r"\\.\COM1", + r"\\?\Volume{00000000-0000-0000-0000-000000000000}\file.rs", + ] { + let path = AbsolutePathBuf::from_absolute_path_checked(native_path) + .expect("Windows namespace path should be absolute"); + + assert_eq!( + PathUri::from_abs_path(&path) + .expect_err("Windows namespace path should not convert") + .kind(), + io::ErrorKind::InvalidInput, + "converting {native_path}" + ); + } +} + +#[test] +fn file_uri_parses_a_posix_path_on_any_host() { + let uri = PathUri::parse("file:///home/alice/src/main.rs") + .expect("POSIX file URI should parse on every host"); + + assert_eq!(uri.encoded_path(), "/home/alice/src/main.rs"); + assert_eq!(uri.basename(), Some("main.rs".to_string())); + assert_eq!(uri.to_string(), "file:///home/alice/src/main.rs"); +} + +#[test] +fn file_uri_preserves_paths_that_resemble_windows_paths() { + for (input, expected_path) in [("file:///C:/Project", "/C:/Project"), ("file:///C:", "/C:")] { + let uri = PathUri::parse(input).expect("file URI should parse"); + let reparsed = PathUri::parse(&uri.to_string()).expect("file URI should reparse"); + assert_eq!(uri.encoded_path(), expected_path); + assert_eq!(reparsed, uri); + } +} + +#[test] +#[cfg(unix)] +fn file_uri_accepts_non_utf8_posix_paths() { + let path = PathBuf::from(std::ffi::OsString::from_vec(b"/tmp/non-utf8-\xff".to_vec())); + let path = AbsolutePathBuf::from_absolute_path_checked(path).expect("absolute POSIX path"); + + let uri = PathUri::from_abs_path(&path).expect("non-UTF-8 path should convert to a file URI"); + assert_eq!( + uri.to_abs_path() + .expect("URI should convert to native path"), + path + ); + assert_eq!( + PathUri::parse(&uri.to_string()).expect("non-UTF-8 URI should reparse"), + uri + ); +} + +#[test] +fn file_uri_round_trips_literal_percent_characters() { + let uri = PathUri::parse("file:///tmp/100%25/file").expect("file URI should parse"); + + assert_eq!(uri.to_string(), "file:///tmp/100%25/file"); + assert_eq!(uri.encoded_path(), "/tmp/100%25/file"); + assert_eq!(uri.basename(), Some("file".to_string())); +} + +#[test] +#[cfg(windows)] +fn file_uri_round_trips_windows_unc_paths() { + let path = AbsolutePathBuf::from_absolute_path_checked(r"\\server\share\src\main.rs") + .expect("absolute UNC path"); + let uri = PathUri::from_abs_path(&path).expect("UNC path should convert to a file URI"); + + assert_eq!(uri.encoded_path(), "/share/src/main.rs"); + assert_eq!(uri.to_abs_path().expect("UNC URI should convert"), path); +} + +#[test] +fn file_uri_retains_unc_authority() { + let uri = PathUri::parse("file://server/share/src/main.rs").expect("valid file URI"); + + assert_eq!(uri.encoded_path(), "/share/src/main.rs"); + assert_eq!(uri.to_string(), "file://server/share/src/main.rs"); +} + +#[test] +fn file_uri_spelling_aliases_have_one_canonical_form() { + for input in [ + "FILE:///workspace/src", + "file:/workspace/src", + "file://localhost/workspace/src", + "file://LOCALHOST/workspace/src", + ] { + let uri = PathUri::parse(input).expect("file URI alias should parse"); + assert_eq!(uri.to_string(), "file:///workspace/src", "parsing {input}"); + } +} + +#[test] +fn unsupported_schemes_are_rejected_at_construction() { + for (input, expected_scheme) in [ + ("codex-env:///devbox/workspace", "codex-env"), + ("artifact://store/object-1", "artifact"), + ("http://example.com/file", "http"), + ("https://example.com/file", "https"), + ("ssh://host/workspace", "ssh"), + ("vscode-remote://ssh-remote+host/workspace", "vscode-remote"), + ("untitled:Untitled-1", "untitled"), + ] { + let error = PathUri::parse(input).expect_err("unsupported schemes should be rejected"); + + assert!( + matches!( + error, + PathUriParseError::UnsupportedScheme(scheme) if scheme == expected_scheme + ), + "parsing {input}" + ); + } +} + +#[test] +fn path_uri_serializes_as_a_string() { + let uri: PathUri = "file:///workspace/src/lib.rs" + .parse() + .expect("valid file URI"); + + let json = serde_json::to_string(&uri).expect("URI should serialize"); + let deserialized: PathUri = serde_json::from_str(&json).expect("URI should deserialize"); + + assert_eq!(json, r#""file:///workspace/src/lib.rs""#); + assert_eq!(deserialized, uri); +} + +#[test] +fn path_uri_deserializes_legacy_absolute_paths() { + let path = AbsolutePathBuf::current_dir() + .expect("current directory") + .join("workspace/src"); + let json = serde_json::to_string(&path).expect("absolute path should serialize"); + let uri: PathUri = serde_json::from_str(&json).expect("legacy absolute path should parse"); + + assert_eq!( + uri, + PathUri::from_abs_path(&path).expect("expected file URI") + ); +} + +#[test] +fn path_uri_rejects_relative_native_paths() { + let error = PathUri::from_path("src/lib.rs").expect_err("relative path should be rejected"); + + assert_eq!(error.kind(), io::ErrorKind::InvalidInput); +} + +#[test] +fn path_uri_rejects_legacy_relative_paths_with_absolute_path_guard() { + let base = AbsolutePathBuf::current_dir().expect("current directory"); + let _guard = AbsolutePathBufGuard::new(base.as_path()); + let error = serde_json::from_str::(r#""src/lib.rs""#) + .expect_err("legacy relative path should be rejected"); + + assert!(error.to_string().contains("path is not absolute")); +} + +#[test] +fn unsupported_scheme_is_rejected_during_deserialization() { + let error = serde_json::from_str::(r#""artifact://store/object-1""#) + .expect_err("unsupported scheme should fail deserialization"); + + assert!( + error + .to_string() + .contains("unsupported path URI scheme `artifact`") + ); +} + +#[test] +fn known_path_uris_reject_queries_and_fragments() { + let query_error = + PathUri::parse("file:///tmp/file.rs?version=1").expect_err("query should be rejected"); + let fragment_error = + PathUri::parse("file:///tmp/file.rs#L1").expect_err("fragment should be rejected"); + + assert!(matches!(query_error, PathUriParseError::QueryNotAllowed)); + assert!(matches!( + fragment_error, + PathUriParseError::FragmentNotAllowed + )); +} + +#[test] +fn path_uris_reject_encoded_null_bytes() { + assert!(PathUri::parse("file:///tmp/%00").is_err()); +} + +#[test] +fn encoded_filename_characters_round_trip_without_becoming_uri_metadata() { + let uri = PathUri::parse("file:///tmp/a%3Fb%23c%25d") + .expect("encoded filename characters should parse"); + + assert_eq!(uri.to_string(), "file:///tmp/a%3Fb%23c%25d"); + assert_eq!(uri.encoded_path(), "/tmp/a%3Fb%23c%25d"); + assert_eq!(uri.basename(), Some("a?b#c%d".to_string())); +} + +#[test] +fn double_encoded_separator_remains_filename_text() { + let uri = PathUri::parse("file:///tmp/a%252Fb") + .expect("double-encoded separator should parse as filename text"); + + assert_eq!(uri.to_string(), "file:///tmp/a%252Fb"); + assert_eq!(uri.encoded_path(), "/tmp/a%252Fb"); + assert_eq!(uri.basename(), Some("a%2Fb".to_string())); +} + +#[test] +fn basename_uses_decoded_uri_segments() { + for (input, expected) in [ + ("file:///", None), + ("file:///workspace/src/lib.rs", Some("lib.rs")), + ("file:///workspace/a%20file.rs", Some("a file.rs")), + ("file:///C:/", Some("C:")), + ("file://server/share", Some("share")), + ] { + let uri = PathUri::parse(input).expect("valid file URI"); + assert_eq!( + uri.basename(), + expected.map(str::to_string), + "basename for {input}" + ); + } +} + +#[test] +fn parent_uses_uri_hierarchy_and_preserves_authority() { + for (input, expected) in [ + ( + "file:///workspace/src/lib.rs", + Some("file:///workspace/src"), + ), + ("file:///workspace", Some("file:///")), + ("file:///", None), + ("file:///C:/Users", Some("file:///C:")), + ("file:///C:/", Some("file:///")), + ( + "file://server/share/src/main.rs", + Some("file://server/share/src"), + ), + ("file://server/share", Some("file://server/")), + ] { + let uri = PathUri::parse(input).expect("valid file URI"); + let expected = expected.map(|value| PathUri::parse(value).expect("valid expected URI")); + assert_eq!(uri.parent(), expected, "parent for {input}"); + } +} + +#[test] +fn join_normalizes_relative_uri_segments() { + for (base, relative, expected) in [ + ( + "file:///workspace/src", + "../tests/test.rs", + "file:///workspace/tests/test.rs", + ), + ("file:///", "../../etc", "file:///etc"), + ("file:///C:/Users", "../Windows", "file:///C:/Windows"), + ( + "file://server/share/src", + "../tests", + "file://server/share/tests", + ), + ( + "file:///workspace", + "a?b#c%d", + "file:///workspace/a%3Fb%23c%25d", + ), + ("file:///workspace/", "", "file:///workspace/"), + ] { + let base = PathUri::parse(base).expect("valid base URI"); + let expected = PathUri::parse(expected).expect("valid expected URI"); + assert_eq!(base.join(relative), Ok(expected), "joining {relative}"); + } +} + +#[test] +fn join_rejects_absolute_and_null_paths() { + let base = PathUri::parse("file:///workspace").expect("valid base URI"); + + assert!(matches!( + base.join("/src"), + Err(PathUriParseError::JoinPathMustBeRelative(path)) if path == "/src" + )); + assert!(matches!( + base.join("src\0file"), + Err(PathUriParseError::InvalidFileUriPath) + )); +} + +#[test] +fn to_url_returns_the_validated_url() { + let uri = PathUri::parse("file://localhost/workspace/a%20file.rs").expect("valid file URI"); + + assert_eq!( + uri.to_url(), + Url::parse("file:///workspace/a%20file.rs").expect("valid URL") + ); +} diff --git a/codex-rs/utils/plugins/Cargo.toml b/codex-rs/utils/plugins/Cargo.toml index 983f4526ea8..2c56ab37738 100644 --- a/codex-rs/utils/plugins/Cargo.toml +++ b/codex-rs/utils/plugins/Cargo.toml @@ -17,6 +17,7 @@ workspace = true codex-exec-server = { workspace = true } codex-login = { workspace = true } codex-utils-absolute-path = { workspace = true } +codex-utils-path-uri = { workspace = true } serde = { workspace = true, features = ["derive"] } serde_json = { workspace = true } diff --git a/codex-rs/utils/plugins/src/plugin_namespace.rs b/codex-rs/utils/plugins/src/plugin_namespace.rs index ea5caab52fb..d0d8bf685ed 100644 --- a/codex-rs/utils/plugins/src/plugin_namespace.rs +++ b/codex-rs/utils/plugins/src/plugin_namespace.rs @@ -2,6 +2,7 @@ use codex_exec_server::ExecutorFileSystem; use codex_utils_absolute_path::AbsolutePathBuf; +use codex_utils_path_uri::PathUri; use std::path::Path; use std::path::PathBuf; @@ -29,7 +30,8 @@ async fn plugin_manifest_name( let mut manifest_path = None; for relative_path in DISCOVERABLE_PLUGIN_MANIFEST_PATHS { let candidate = plugin_root.join(relative_path); - match fs.get_metadata(&candidate, /*sandbox*/ None).await { + let candidate_uri = PathUri::from_abs_path(&candidate).ok()?; + match fs.get_metadata(&candidate_uri, /*sandbox*/ None).await { Ok(metadata) if metadata.is_file => { manifest_path = Some(candidate); break; @@ -38,8 +40,9 @@ async fn plugin_manifest_name( } } let manifest_path = manifest_path?; + let manifest_path_uri = PathUri::from_abs_path(&manifest_path).ok()?; let contents = fs - .read_file_text(&manifest_path, /*sandbox*/ None) + .read_file_text(&manifest_path_uri, /*sandbox*/ None) .await .ok()?; let RawPluginManifestName { name: raw_name } = serde_json::from_str(&contents).ok()?; diff --git a/codex-rs/utils/pty/src/lib.rs b/codex-rs/utils/pty/src/lib.rs index 39fc9b5522e..9f0cb442a24 100644 --- a/codex-rs/utils/pty/src/lib.rs +++ b/codex-rs/utils/pty/src/lib.rs @@ -17,6 +17,8 @@ pub use pipe::spawn_process_no_stdin as spawn_pipe_process_no_stdin; pub use process::ProcessDriver; /// Handle for interacting with a spawned process (PTY or pipe). pub use process::ProcessHandle; +/// Process signal supported by spawned-process handles. +pub use process::ProcessSignal; /// Bundle of process handles plus split output and exit receivers returned by spawn helpers. pub use process::SpawnedProcess; /// Terminal size in character cells used for PTY spawn and resize operations. diff --git a/codex-rs/utils/pty/src/pipe.rs b/codex-rs/utils/pty/src/pipe.rs index 541a2ecf2f4..3a9b62d9b7b 100644 --- a/codex-rs/utils/pty/src/pipe.rs +++ b/codex-rs/utils/pty/src/pipe.rs @@ -19,7 +19,9 @@ use tokio::task::JoinHandle; use crate::process::ChildTerminator; use crate::process::ProcessHandle; +use crate::process::ProcessSignal; use crate::process::SpawnedProcess; +use crate::process::exit_code_from_status; #[cfg(target_os = "linux")] use libc; @@ -32,6 +34,22 @@ struct PipeChildTerminator { } impl ChildTerminator for PipeChildTerminator { + fn signal(&mut self, signal: ProcessSignal) -> io::Result<()> { + match signal { + ProcessSignal::Interrupt => { + #[cfg(unix)] + { + crate::process_group::interrupt_process_group(self.process_group_id) + } + + #[cfg(not(unix))] + { + Err(crate::process::unsupported_signal(signal)) + } + } + } + } + fn kill(&mut self) -> io::Result<()> { #[cfg(unix)] { @@ -209,7 +227,7 @@ async fn spawn_process_with_stdin_mode( let wait_exit_code = Arc::clone(&exit_code); let wait_handle: JoinHandle<()> = tokio::spawn(async move { let code = match child.wait().await { - Ok(status) => status.code().unwrap_or(-1), + Ok(status) => exit_code_from_status(status), Err(_) => -1, }; wait_exit_status.store(true, std::sync::atomic::Ordering::SeqCst); diff --git a/codex-rs/utils/pty/src/process.rs b/codex-rs/utils/pty/src/process.rs index 898a3d90ffa..fdd693f43d6 100644 --- a/codex-rs/utils/pty/src/process.rs +++ b/codex-rs/utils/pty/src/process.rs @@ -2,6 +2,7 @@ use core::fmt; use std::io; #[cfg(unix)] use std::os::fd::RawFd; +use std::process::ExitStatus; use std::sync::Arc; use std::sync::Mutex as StdMutex; use std::sync::atomic::AtomicBool; @@ -17,7 +18,39 @@ use tokio::sync::watch; use tokio::task::AbortHandle; use tokio::task::JoinHandle; +#[derive(Clone, Copy, Debug, PartialEq, Eq)] +pub enum ProcessSignal { + Interrupt, +} + +pub(crate) fn unsupported_signal(signal: ProcessSignal) -> io::Error { + match signal { + ProcessSignal::Interrupt => io::Error::new( + io::ErrorKind::Unsupported, + "process interrupt is not supported by this process backend", + ), + } +} + +pub(crate) fn exit_code_from_status(status: ExitStatus) -> i32 { + if let Some(code) = status.code() { + return code; + } + + #[cfg(unix)] + { + use std::os::unix::process::ExitStatusExt; + if let Some(signal) = status.signal() { + return 128 + signal; + } + } + + -1 +} + pub(crate) trait ChildTerminator: Send + Sync { + fn signal(&mut self, signal: ProcessSignal) -> io::Result<()>; + fn kill(&mut self) -> io::Result<()>; } @@ -193,6 +226,17 @@ impl ProcessHandle { } } + pub fn signal(&self, signal: ProcessSignal) -> io::Result<()> { + let Ok(mut killer_opt) = self.killer.lock() else { + return Ok(()); + }; + let Some(killer) = killer_opt.as_mut() else { + return Ok(()); + }; + + killer.signal(signal) + } + /// Attempts to kill the child and abort helper tasks. pub fn terminate(&self) { self.request_terminate(); @@ -232,6 +276,10 @@ struct ClosureTerminator { } impl ChildTerminator for ClosureTerminator { + fn signal(&mut self, signal: ProcessSignal) -> io::Result<()> { + Err(unsupported_signal(signal)) + } + fn kill(&mut self) -> io::Result<()> { if let Some(inner) = self.inner.as_mut() { (inner)(); diff --git a/codex-rs/utils/pty/src/process_group.rs b/codex-rs/utils/pty/src/process_group.rs index 22a934fab7e..9d10d7c368c 100644 --- a/codex-rs/utils/pty/src/process_group.rs +++ b/codex-rs/utils/pty/src/process_group.rs @@ -118,15 +118,10 @@ pub fn kill_process_group_by_pid(_pid: u32) -> io::Result<()> { } #[cfg(unix)] -/// Send SIGTERM to a specific process group ID (best-effort). -/// -/// Returns `Ok(true)` when SIGTERM was delivered to an existing group and -/// `Ok(false)` when the group no longer exists. -pub fn terminate_process_group(process_group_id: u32) -> io::Result { +fn signal_process_group_id(pgid: libc::pid_t, signal: libc::c_int) -> io::Result { use std::io::ErrorKind; - let pgid = process_group_id as libc::pid_t; - let result = unsafe { libc::killpg(pgid, libc::SIGTERM) }; + let result = unsafe { libc::killpg(pgid, signal) }; if result == -1 { let err = io::Error::last_os_error(); if err.kind() == ErrorKind::NotFound || err.raw_os_error() == Some(libc::ESRCH) { @@ -138,6 +133,15 @@ pub fn terminate_process_group(process_group_id: u32) -> io::Result { Ok(true) } +#[cfg(unix)] +/// Send SIGTERM to a specific process group ID (best-effort). +/// +/// Returns `Ok(true)` when SIGTERM was delivered to an existing group and +/// `Ok(false)` when the group no longer exists. +pub fn terminate_process_group(process_group_id: u32) -> io::Result { + signal_process_group_id(process_group_id as libc::pid_t, libc::SIGTERM) +} + #[cfg(not(unix))] /// No-op on non-Unix platforms. pub fn terminate_process_group(_process_group_id: u32) -> io::Result { @@ -145,22 +149,23 @@ pub fn terminate_process_group(_process_group_id: u32) -> io::Result { } #[cfg(unix)] -/// Kill a specific process group ID (best-effort). -pub fn kill_process_group(process_group_id: u32) -> io::Result<()> { - use std::io::ErrorKind; - - let pgid = process_group_id as libc::pid_t; - let result = unsafe { libc::killpg(pgid, libc::SIGKILL) }; - if result == -1 { - let err = io::Error::last_os_error(); - if err.kind() != ErrorKind::NotFound && err.raw_os_error() != Some(libc::ESRCH) { - return Err(err); - } - } +/// Send SIGINT to a specific process group ID (best-effort). +pub fn interrupt_process_group(process_group_id: u32) -> io::Result<()> { + signal_process_group_id(process_group_id as libc::pid_t, libc::SIGINT).map(|_| ()) +} +#[cfg(not(unix))] +/// No-op on non-Unix platforms. +pub fn interrupt_process_group(_process_group_id: u32) -> io::Result<()> { Ok(()) } +#[cfg(unix)] +/// Kill a specific process group ID (best-effort). +pub fn kill_process_group(process_group_id: u32) -> io::Result<()> { + signal_process_group_id(process_group_id as libc::pid_t, libc::SIGKILL).map(|_| ()) +} + #[cfg(not(unix))] /// No-op on non-Unix platforms. pub fn kill_process_group(_process_group_id: u32) -> io::Result<()> { diff --git a/codex-rs/utils/pty/src/pty.rs b/codex-rs/utils/pty/src/pty.rs index 45c587b3287..951818a80d3 100644 --- a/codex-rs/utils/pty/src/pty.rs +++ b/codex-rs/utils/pty/src/pty.rs @@ -30,10 +30,13 @@ use tokio::task::JoinHandle; use crate::process::ChildTerminator; use crate::process::ProcessHandle; +use crate::process::ProcessSignal; use crate::process::PtyHandles; use crate::process::PtyMasterHandle; use crate::process::SpawnedProcess; use crate::process::TerminalSize; +#[cfg(unix)] +use crate::process::exit_code_from_status; /// Returns true when ConPTY support is available (Windows only). #[cfg(windows)] @@ -54,6 +57,19 @@ struct PtyChildTerminator { } impl ChildTerminator for PtyChildTerminator { + fn signal(&mut self, signal: ProcessSignal) -> std::io::Result<()> { + match signal { + ProcessSignal::Interrupt => { + #[cfg(unix)] + if let Some(process_group_id) = self.process_group_id { + return crate::process_group::interrupt_process_group(process_group_id); + } + + Err(crate::process::unsupported_signal(signal)) + } + } + } + fn kill(&mut self) -> std::io::Result<()> { #[cfg(unix)] if let Some(process_group_id) = self.process_group_id { @@ -81,6 +97,14 @@ struct RawPidTerminator { #[cfg(unix)] impl ChildTerminator for RawPidTerminator { + fn signal(&mut self, signal: ProcessSignal) -> std::io::Result<()> { + match signal { + ProcessSignal::Interrupt => { + crate::process_group::interrupt_process_group(self.process_group_id) + } + } + } + fn kill(&mut self) -> std::io::Result<()> { crate::process_group::kill_process_group(self.process_group_id) } @@ -368,7 +392,7 @@ async fn spawn_process_preserving_fds( let wait_exit_code = Arc::clone(&exit_code); let wait_handle: JoinHandle<()> = tokio::task::spawn_blocking(move || { let code = match child.wait() { - Ok(status) => status.code().unwrap_or(-1), + Ok(status) => exit_code_from_status(status), Err(_) => -1, }; wait_exit_status.store(true, std::sync::atomic::Ordering::SeqCst); diff --git a/codex-rs/utils/readiness/Cargo.toml b/codex-rs/utils/readiness/Cargo.toml index 2a6dfaeb542..076651d5227 100644 --- a/codex-rs/utils/readiness/Cargo.toml +++ b/codex-rs/utils/readiness/Cargo.toml @@ -5,7 +5,6 @@ edition.workspace = true license.workspace = true [dependencies] -async-trait = { workspace = true } thiserror = { workspace = true } time = { workspace = true } tokio = { workspace = true, features = ["sync", "time"] } diff --git a/codex-rs/utils/readiness/src/lib.rs b/codex-rs/utils/readiness/src/lib.rs index 365bfe61ebd..a2ee8f96671 100644 --- a/codex-rs/utils/readiness/src/lib.rs +++ b/codex-rs/utils/readiness/src/lib.rs @@ -17,7 +17,6 @@ pub struct Token(i32); const LOCK_TIMEOUT: Duration = Duration::from_millis(1000); -#[async_trait::async_trait] pub trait Readiness: Send + Sync + 'static { /// Returns true if the flag is currently marked ready. At least one token needs to be marked /// as ready before. @@ -27,17 +26,22 @@ pub trait Readiness: Send + Sync + 'static { /// Subscribe to readiness and receive an authorization token. /// /// If the flag is already ready, returns `FlagAlreadyReady`. - async fn subscribe(&self) -> Result; + fn subscribe( + &self, + ) -> impl std::future::Future> + Send; /// Attempt to mark the flag ready, validated by the provided token. /// /// Returns `true` iff: /// - `token` is currently subscribed, and /// - the flag was not already ready. - async fn mark_ready(&self, token: Token) -> Result; + fn mark_ready( + &self, + token: Token, + ) -> impl std::future::Future> + Send; /// Asynchronously wait until the flag becomes ready. - async fn wait_ready(&self); + fn wait_ready(&self) -> impl std::future::Future + Send; } pub struct ReadinessFlag { @@ -92,7 +96,6 @@ impl fmt::Debug for ReadinessFlag { } } -#[async_trait::async_trait] impl Readiness for ReadinessFlag { fn is_ready(&self) -> bool { if self.load_ready() { diff --git a/codex-rs/utils/sandbox-summary/src/config_summary.rs b/codex-rs/utils/sandbox-summary/src/config_summary.rs index b3de5b63828..7e0f7dc4e9e 100644 --- a/codex-rs/utils/sandbox-summary/src/config_summary.rs +++ b/codex-rs/utils/sandbox-summary/src/config_summary.rs @@ -25,7 +25,8 @@ pub fn create_config_summary_entries(config: &Config, model: &str) -> Vec<(&'sta if config.model_provider.wire_api == WireApi::Responses { let reasoning_effort = config .model_reasoning_effort - .map(|effort| effort.to_string()); + .as_ref() + .map(std::string::ToString::to_string); entries.push(( "reasoning effort", reasoning_effort.unwrap_or_else(|| "none".to_string()), diff --git a/codex-rs/windows-sandbox-rs/build.rs b/codex-rs/windows-sandbox-rs/build.rs index af5aec78c6f..6ba79e6c75d 100644 --- a/codex-rs/windows-sandbox-rs/build.rs +++ b/codex-rs/windows-sandbox-rs/build.rs @@ -4,18 +4,16 @@ use std::path::PathBuf; const SETUP_BIN: &str = "codex-windows-sandbox-setup"; const SETUP_MANIFEST: &str = "codex-windows-sandbox-setup.manifest"; -fn main() { +fn main() -> Result<(), String> { println!("cargo:rerun-if-changed={SETUP_MANIFEST}"); if env::var("CARGO_CFG_TARGET_OS").as_deref() != Ok("windows") { - return; + return Ok(()); } - let manifest_path = PathBuf::from( - env::var_os("CARGO_MANIFEST_DIR") - .expect("CARGO_MANIFEST_DIR should be set for build scripts"), - ) - .join(SETUP_MANIFEST); + let manifest_dir = env::var_os("CARGO_MANIFEST_DIR") + .ok_or_else(|| "CARGO_MANIFEST_DIR should be set for build scripts".to_string())?; + let manifest_path = PathBuf::from(manifest_dir).join(SETUP_MANIFEST); let manifest_path = manifest_path.display(); // Keep this scoped to the setup helper so Codex binaries that link the @@ -36,4 +34,6 @@ fn main() { } _ => {} } + + Ok(()) } diff --git a/codex-rs/windows-sandbox-rs/src/setup.rs b/codex-rs/windows-sandbox-rs/src/setup.rs index c1881b55c86..428b5ff6a13 100644 --- a/codex-rs/windows-sandbox-rs/src/setup.rs +++ b/codex-rs/windows-sandbox-rs/src/setup.rs @@ -15,6 +15,7 @@ use crate::allow::compute_allow_paths_for_permissions; use crate::helper_materialization::bundled_executable_path_for_exe; use crate::helper_materialization::helper_bin_dir; use crate::identity::sandbox_setup_is_complete; +use crate::logging::current_log_file_path; use crate::logging::log_note; use crate::path_normalization::canonical_path_key; use crate::path_normalization::canonicalize_path; @@ -25,7 +26,6 @@ use crate::setup_error::clear_setup_error_report; use crate::setup_error::failure; use crate::setup_error::read_setup_error_report; use crate::ssh_config_dependencies::ssh_config_dependency_paths; -use anyhow::Context; use anyhow::Result; use anyhow::anyhow; use base64::Engine; @@ -210,6 +210,18 @@ fn run_setup_refresh_inner( let json = serde_json::to_vec(&payload)?; let b64 = BASE64_STANDARD.encode(json); let exe = find_setup_exe(); + let sbx_dir = sandbox_dir(request.codex_home); + let log_path = current_log_file_path(&sbx_dir); + let cleared_report = match clear_setup_error_report(request.codex_home) { + Ok(()) => true, + Err(err) => { + log_note( + &format!("setup refresh: failed to clear setup_error.json before launch: {err}"), + Some(&sbx_dir), + ); + false + } + }; // Refresh should never request elevation; ensure verb isn't set and we don't trigger UAC. let mut cmd = Command::new(&exe); cmd.arg(&b64).stdout(Stdio::null()).stderr(Stdio::null()); @@ -221,24 +233,34 @@ fn run_setup_refresh_inner( cwd.display(), b64.len() ), - Some(&sandbox_dir(request.codex_home)), + Some(&sbx_dir), ); - let status = cmd - .status() - .map_err(|e| { - log_note( - &format!("setup refresh: failed to spawn {}: {e}", exe.display()), - Some(&sandbox_dir(request.codex_home)), - ); - e - }) - .context("spawn setup refresh")?; + let status = cmd.status().map_err(|err| { + let message = format!( + "setup refresh failed to launch helper: helper={}, cwd={}, log={}, error={err}", + exe.display(), + cwd.display(), + log_path.display() + ); + log_note(&format!("setup refresh: {message}"), Some(&sbx_dir)); + failure(SetupErrorCode::OrchestratorHelperLaunchFailed, message) + })?; if !status.success() { log_note( &format!("setup refresh: exited with status {status:?}"), - Some(&sandbox_dir(request.codex_home)), + Some(&sbx_dir), + ); + return Err(report_helper_failure( + request.codex_home, + cleared_report, + status.code(), + )); + } + if let Err(err) = clear_setup_error_report(request.codex_home) { + log_note( + &format!("setup refresh: failed to clear setup_error.json after success: {err}"), + Some(&sbx_dir), ); - return Err(anyhow!("setup refresh failed with status {status}")); } Ok(()) } @@ -1087,7 +1109,9 @@ mod tests { use crate::helper_materialization::helper_bin_dir; use crate::resolved_permissions::ResolvedWindowsSandboxPermissions; use crate::setup_error::SetupErrorCode; + use crate::setup_error::SetupErrorReport; use crate::setup_error::extract_failure; + use crate::setup_error::write_setup_error_report; use codex_protocol::models::PermissionProfile; use codex_protocol::permissions::NetworkSandboxPolicy; use codex_utils_absolute_path::AbsolutePathBuf; @@ -1146,6 +1170,64 @@ mod tests { ) } + #[test] + fn report_helper_failure_uses_setup_error_report_when_clear_succeeded() { + let tmp = TempDir::new().expect("tempdir"); + let codex_home = tmp.path().join("codex-home"); + write_setup_error_report( + codex_home.as_path(), + &SetupErrorReport { + code: super::SetupErrorCode::HelperFirewallPolicyAccessFailed, + message: "firewall policy unavailable".to_string(), + }, + ) + .expect("write setup error report"); + + let err = super::report_helper_failure( + codex_home.as_path(), + /*cleared_report*/ true, + /*exit_code*/ Some(1), + ); + + let failure = extract_failure(&err).expect("structured setup failure"); + assert_eq!( + &super::SetupFailure::new( + super::SetupErrorCode::HelperFirewallPolicyAccessFailed, + "firewall policy unavailable", + ), + failure + ); + } + + #[test] + fn report_helper_failure_ignores_setup_error_report_when_clear_failed() { + let tmp = TempDir::new().expect("tempdir"); + let codex_home = tmp.path().join("codex-home"); + write_setup_error_report( + codex_home.as_path(), + &SetupErrorReport { + code: super::SetupErrorCode::HelperFirewallPolicyAccessFailed, + message: "stale report".to_string(), + }, + ) + .expect("write setup error report"); + + let err = super::report_helper_failure( + codex_home.as_path(), + /*cleared_report*/ false, + /*exit_code*/ Some(1), + ); + + let failure = extract_failure(&err).expect("structured setup failure"); + assert_eq!( + &super::SetupFailure::new( + super::SetupErrorCode::OrchestratorHelperExitNonzero, + "setup helper exited with status Some(1)", + ), + failure + ); + } + #[test] fn setup_refresh_skips_profiles_without_managed_filesystem_permissions() { let tmp = TempDir::new().expect("tempdir"); diff --git a/codex-rs/windows-sandbox-rs/src/setup_error.rs b/codex-rs/windows-sandbox-rs/src/setup_error.rs index 0f759ef879b..d9104602bc1 100644 --- a/codex-rs/windows-sandbox-rs/src/setup_error.rs +++ b/codex-rs/windows-sandbox-rs/src/setup_error.rs @@ -117,7 +117,7 @@ pub struct SetupErrorReport { pub message: String, } -#[derive(Debug)] +#[derive(Debug, PartialEq, Eq)] pub struct SetupFailure { pub code: SetupErrorCode, pub message: String, diff --git a/defs.bzl b/defs.bzl index 4af81ecef18..b255160b095 100644 --- a/defs.bzl +++ b/defs.bzl @@ -1,18 +1,8 @@ load("@crates//:data.bzl", "DEP_DATA") load("@crates//:defs.bzl", "all_crate_deps") -load("@rules_platform//platform_data:defs.bzl", "platform_data") load("@rules_rust//cargo/private:cargo_build_script_wrapper.bzl", "cargo_build_script") load("@rules_rust//rust:defs.bzl", "rust_binary", "rust_library", "rust_proc_macro", "rust_test") -PLATFORMS = [ - "linux_arm64_musl", - "linux_amd64_musl", - "macos_amd64", - "macos_arm64", - "windows_amd64", - "windows_arm64", -] - # Match Cargo's Windows linker behavior so Bazel-built binaries and tests use # the same stack reserve on both Windows ABIs and resolve UCRT imports on MSVC. WINDOWS_RUSTC_LINK_FLAGS = select({ @@ -53,21 +43,6 @@ MACOS_WEBRTC_RUSTC_LINK_FLAGS = select({ "//conditions:default": [], }) -def multiplatform_binaries(name, platforms = PLATFORMS): - for platform in platforms: - platform_data( - name = name + "_" + platform, - platform = "@llvm//platforms:" + platform, - target = name, - tags = ["manual"], - ) - - native.filegroup( - name = "release_binaries", - srcs = [name + "_" + platform for platform in platforms], - tags = ["manual"], - ) - def _workspace_root_test_impl(ctx): is_windows = ctx.target_platform_has_constraint(ctx.attr._windows_constraint[platform_common.ConstraintValueInfo]) launcher = ctx.actions.declare_file(ctx.label.name + ".bat" if is_windows else ctx.label.name) diff --git a/justfile b/justfile index fe7e7349b31..ae55a359466 100644 --- a/justfile +++ b/justfile @@ -75,13 +75,11 @@ install: # there should be no need to add `--all-features`. [unix] test *args: - RUST_MIN_STACK={{ rust_min_stack }} cargo nextest run --no-fail-fast "$@" - just bench-smoke + RUST_MIN_STACK={{ rust_min_stack }} NEXTEST_PROFILE=local cargo nextest run --no-fail-fast "$@" [windows] test *args: - $env:RUST_MIN_STACK = "{{ rust_min_stack }}"; cargo nextest run --no-fail-fast @($args | Select-Object -Skip 1) - just bench-smoke + $env:RUST_MIN_STACK = "{{ rust_min_stack }}"; $env:NEXTEST_PROFILE = "local"; cargo nextest run --no-fail-fast @($args | Select-Object -Skip 1) # Run from the repository root so scripts that resolve paths from `cwd` see # the same layout they use in GitHub Actions. @@ -168,6 +166,11 @@ argument-comment-lint *args: argument-comment-lint-from-source *args: {{ python }} {{ justfile_directory() }}/tools/argument-comment-lint/run.py {args} +# Audit advisory file locks that may need Termux Unsupported handling. +[no-cd] +termux-lock-audit *args: + {{ justfile_directory() }}/scripts/termux-lock-audit.sh "$@" + # Tail logs from the state SQLite database [unix] log *args: diff --git a/patches/BUILD.bazel b/patches/BUILD.bazel index 72d69907908..a431c3f3a61 100644 --- a/patches/BUILD.bazel +++ b/patches/BUILD.bazel @@ -5,6 +5,7 @@ exports_files([ "aws-lc-sys_windows_msvc_memcmp_probe.patch", "bzip2_windows_stack_args.patch", "llvm_rusty_v8_custom_libcxx.patch", + "llvm_windows_arm64_powl.patch", "llvm_windows_symlink_extract.patch", "rules_rust_windows_bootstrap_process_wrapper_linker.patch", "rules_rust_windows_build_script_runner_paths.patch", @@ -14,6 +15,7 @@ exports_files([ "rules_rust_windows_msvc_direct_link_args.patch", "rules_rust_windows_gnullvm_build_script.patch", "rules_cc_rusty_v8_custom_libcxx.patch", + "rules_rs_build_script_deps_annotation.patch", "rules_rs_windows_gnullvm_exec.patch", "rules_rs_windows_exec_linker.patch", "rusty_v8_prebuilt_out_dir.patch", diff --git a/patches/llvm_windows_arm64_powl.patch b/patches/llvm_windows_arm64_powl.patch new file mode 100644 index 00000000000..5e12bd7d3ba --- /dev/null +++ b/patches/llvm_windows_arm64_powl.patch @@ -0,0 +1,24 @@ +# What: provide and link MinGW's ARM64 long-double `powl` compatibility shim. +# Why: Windows ARM64 uses 64-bit long doubles, but LLVM's Bazel source list +# omits the upstream `powl -> pow` implementation and its default link flags +# omit the MinGW extension archive that owns the shim. + +diff --git a/runtimes/mingw/crt_sources.bzl b/runtimes/mingw/crt_sources.bzl +--- a/runtimes/mingw/crt_sources.bzl ++++ b/runtimes/mingw/crt_sources.bzl +@@ -420,4 +420,5 @@ + MINGWEX_ARM64_SRCS = [ ++ "math/arm-common/powl.c", + "math/sincos.c", + "math/sincosf.c", + "math/arm-common/sincosl.c", +diff --git a/toolchain/args/windows/BUILD.bazel b/toolchain/args/windows/BUILD.bazel +--- a/toolchain/args/windows/BUILD.bazel ++++ b/toolchain/args/windows/BUILD.bazel +@@ -49,5 +49,6 @@ cc_args( ++ "-lmingwex", + # For now, we force on ucrt. + # TODO(cerisier): make this either a constraint or a build setting + "-lucrt", + ], + data = [ diff --git a/patches/rules_rs_build_script_deps_annotation.patch b/patches/rules_rs_build_script_deps_annotation.patch new file mode 100644 index 00000000000..ef1c442bc42 --- /dev/null +++ b/patches/rules_rs_build_script_deps_annotation.patch @@ -0,0 +1,60 @@ +# What: expose the existing unconditional build-script dependency input through +# the `rules_rs` crate annotation API. +# Scope: annotation plumbing only; generated dependency resolution is unchanged. + +diff --git a/rs/extensions.bzl b/rs/extensions.bzl +--- a/rs/extensions.bzl ++++ b/rs/extensions.bzl +@@ -737,7 +737,7 @@ def _generate_hub_and_spokes( + additive_build_file = annotation.additive_build_file, + additive_build_file_content = annotation.additive_build_file_content, + gen_build_script = annotation.gen_build_script, +- build_script_deps = [], ++ build_script_deps = annotation.build_script_deps, + build_script_deps_select = _select(feature_resolutions.build_deps), + build_script_data = annotation.build_script_data, + build_script_data_select = annotation.build_script_data_select, +@@ -1417,9 +1417,9 @@ _annotation = tag_class( + "build_script_data_select": attr.string_list_dict( + doc = "A list of labels to add to a crate's `cargo_build_script::data` attribute. Keys should be the platform triplet. Value should be a list of labels.", + ), +- # "build_script_deps": _relative_label_list( +- # doc = "A list of labels to add to a crate's `cargo_build_script::deps` attribute.", +- # ), ++ "build_script_deps": _relative_label_list( ++ doc = "A list of labels to add to a crate's `cargo_build_script::deps` attribute.", ++ ), + "build_script_env": attr.string_dict( + doc = "Additional environment variables to set on a crate's `cargo_build_script::env` attribute.", + ), +diff --git a/rs/private/annotations.bzl b/rs/private/annotations.bzl +--- a/rs/private/annotations.bzl ++++ b/rs/private/annotations.bzl +@@ -5,6 +5,7 @@ def _crate_annotation( + gen_build_script = "auto", + build_script_data = [], + build_script_data_select = {}, ++ build_script_deps = [], + build_script_env = {}, + build_script_env_select = {}, + build_script_tools = [], +@@ -28,6 +29,7 @@ def _crate_annotation( + gen_build_script = gen_build_script, + build_script_data = build_script_data, + build_script_data_select = build_script_data_select, ++ build_script_deps = build_script_deps, + build_script_env = build_script_env, + build_script_env_select = build_script_env_select, + build_script_tools = build_script_tools, +diff --git a/rs/private/repository_utils.bzl b/rs/private/repository_utils.bzl +--- a/rs/private/repository_utils.bzl ++++ b/rs/private/repository_utils.bzl +@@ -216,7 +216,7 @@ common_attrs = { + "additive_build_file": attr.label(), + "additive_build_file_content": attr.string(), + "gen_build_script": attr.string(), +- "build_script_deps": attr.label_list(default = []), ++ "build_script_deps": attr.string_list(default = []), + "build_script_deps_select": attr.string_list_dict(), + "build_script_data": attr.label_list(default = []), + "build_script_data_select": attr.string_list_dict(), diff --git a/patches/v8_bazel_rules.patch b/patches/v8_bazel_rules.patch index 1c49d06b093..fce2be28949 100644 --- a/patches/v8_bazel_rules.patch +++ b/patches/v8_bazel_rules.patch @@ -3,11 +3,11 @@ # Scope: Bazel BUILD/defs/BUILD.icu integration only, including dependency # wiring, generated sources, and visibility; no standalone V8 source patching. -diff --git a/orig/v8-14.6.202.11/bazel/defs.bzl b/mod/v8-14.6.202.11/bazel/defs.bzl -index 9648e4a..88efd41 100644 ---- a/orig/v8-14.6.202.11/bazel/defs.bzl -+++ b/mod/v8-14.6.202.11/bazel/defs.bzl -@@ -33,9 +33,21 @@ +diff --git a/orig/v8-14.9.207.2/bazel/defs.bzl b/mod/v8-14.9.207.2/bazel/defs.bzl +index bbe1495..6673518 100644 +--- a/orig/v8-14.9.207.2/bazel/defs.bzl ++++ b/mod/v8-14.9.207.2/bazel/defs.bzl +@@ -33,9 +33,21 @@ _create_option_int = rule( ) def v8_flag(name, default = False): @@ -32,7 +32,7 @@ index 9648e4a..88efd41 100644 def v8_string(name, default = ""): _create_option_string(name = name, build_setting_default = default) -@@ -97,7 +109,13 @@ +@@ -97,7 +109,13 @@ v8_config = rule( def _default_args(): return struct( @@ -47,7 +47,7 @@ index 9648e4a..88efd41 100644 defines = select({ "@v8//bazel/config:is_windows": [ "UNICODE", -@@ -127,12 +145,15 @@ +@@ -127,12 +145,15 @@ def _default_args(): ], "//conditions:default": [], }) + select({ @@ -56,20 +56,19 @@ index 9648e4a..88efd41 100644 - "-Wno-deprecated-this-capture", - "-Wno-deprecated-declarations", - "-std=c++20", -- ], + "@v8//:is_v8_use_rusty_v8_custom_libcxx": [ + "-nostdinc++", + "-D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS", + "-D_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_EXTENSIVE", + "-D_LIBCPP_INSTRUMENTED_WITH_ASAN=0", + "-D_LIBCXXABI_DISABLE_VISIBILITY_ANNOTATIONS", -+ ], + ], + "//conditions:default": [], + }) + select({ "@v8//bazel/config:is_gcc": [ "-Wno-extra", "-Wno-array-bounds", -@@ -152,9 +173,17 @@ +@@ -152,9 +173,17 @@ def _default_args(): "-std=gnu++2a", ], "@v8//bazel/config:is_windows": [ @@ -78,18 +77,18 @@ index 9648e4a..88efd41 100644 + "-Wno-deprecated-this-capture", + "-Wno-deprecated-declarations", + "-std=c++20", - ], -- "//conditions:default": [], ++ ], + "//conditions:default": [ + "-Wno-invalid-offsetof", + "-Wno-deprecated-this-capture", + "-Wno-deprecated-declarations", + "-std=c++20", -+ ], + ], +- "//conditions:default": [], }) + select({ "@v8//bazel/config:is_gcc_fastbuild": [ # Non-debug builds without optimizations fail because -@@ -178,12 +207,12 @@ +@@ -178,12 +207,12 @@ def _default_args(): includes = ["include"], linkopts = select({ "@v8//bazel/config:is_windows": [ @@ -106,10 +105,59 @@ index 9648e4a..88efd41 100644 }) + select({ ":should_add_rdynamic": ["-rdynamic"], "//conditions:default": [], -diff --git a/orig/v8-14.6.202.11/BUILD.bazel b/mod/v8-14.6.202.11/BUILD.bazel -index 421ebcd..52283ea 100644 ---- a/orig/v8-14.6.202.11/BUILD.bazel -+++ b/mod/v8-14.6.202.11/BUILD.bazel +@@ -459,6 +488,11 @@ + def _mksnapshot(ctx): + prefix = ctx.attr.prefix + suffix = ctx.attr.suffix ++ # Windows cross-builds use Linux for the exec configuration, but the ++ # snapshot generator must match the target ABI and run on the Windows ++ # runner. Action strategies only choose where an action runs; they cannot ++ # change this executable from the exec to the target configuration. ++ tool = ctx.executable.target_tool if ctx.attr.target_os == "win" else ctx.executable.tool + outs = [ + ctx.actions.declare_file(prefix + "/snapshot" + suffix + ".cc"), + ctx.actions.declare_file(prefix + "/embedded" + suffix + ".S"), +@@ -477,6 +511,6 @@ + outs[1].path, + ] + ctx.attr.args, +- executable = ctx.executable.tool, ++ executable = tool, + progress_message = "Running mksnapshot", + ) + return [DefaultInfo(files = depset(outs))] +@@ -491,6 +525,12 @@ + executable = True, + cfg = "exec", + ), ++ "target_tool": attr.label( ++ mandatory = True, ++ allow_files = True, ++ executable = True, ++ cfg = "target", ++ ), + "target_os": attr.string(mandatory = True), + "prefix": attr.string(mandatory = True), + "suffix": attr.string(mandatory = True), +@@ -504,6 +544,7 @@ + args = args, + prefix = "noicu", + tool = ":noicu/mksnapshot" + suffix, ++ target_tool = ":noicu/mksnapshot" + suffix, + suffix = suffix, + target_os = select({ + "@v8//bazel/config:is_macos": "mac", +@@ -516,6 +557,7 @@ + args = args, + prefix = "icu", + tool = ":icu/mksnapshot" + suffix, ++ target_tool = ":icu/mksnapshot" + suffix, + suffix = suffix, + target_os = select({ + "@v8//bazel/config:is_macos": "mac", +diff --git a/orig/v8-14.9.207.2/BUILD.bazel b/mod/v8-14.9.207.2/BUILD.bazel +index b432f86..28c567b 100644 +--- a/orig/v8-14.9.207.2/BUILD.bazel ++++ b/mod/v8-14.9.207.2/BUILD.bazel @@ -148,6 +148,10 @@ v8_flag(name = "v8_enable_trace_maps") v8_flag(name = "v8_enable_v8_checks") @@ -138,7 +186,7 @@ index 421ebcd..52283ea 100644 "v8_enable_trace_maps": "V8_TRACE_MAPS", "v8_enable_turbofan": "V8_ENABLE_TURBOFAN", "v8_enable_v8_checks": "V8_ENABLE_CHECKS", -@@ -4098,28 +4103,14 @@ filegroup( +@@ -4125,28 +4130,14 @@ filegroup( }), ) @@ -173,7 +221,7 @@ index 421ebcd..52283ea 100644 ) filegroup( -@@ -4422,6 +4413,20 @@ genrule( +@@ -4441,6 +4432,20 @@ genrule( srcs = [ "include/js_protocol.pdl", "src/inspector/inspector_protocol_config.json", @@ -194,7 +242,7 @@ index 421ebcd..52283ea 100644 ], outs = [ "include/inspector/Debugger.h", -@@ -4443,15 +4448,19 @@ genrule( +@@ -4462,15 +4467,19 @@ genrule( "src/inspector/protocol/Schema.cpp", "src/inspector/protocol/Schema.h", ], @@ -218,7 +266,7 @@ index 421ebcd..52283ea 100644 ], ) -@@ -4465,6 +4474,35 @@ filegroup( +@@ -4484,6 +4493,35 @@ filegroup( ], ) @@ -254,7 +302,7 @@ index 421ebcd..52283ea 100644 filegroup( name = "d8_files", srcs = [ -@@ -4584,16 +4602,9 @@ cc_library( +@@ -4603,16 +4641,9 @@ cc_library( ], ) @@ -274,7 +322,7 @@ index 421ebcd..52283ea 100644 ) v8_library( -@@ -4610,7 +4621,7 @@ v8_library( +@@ -4629,7 +4660,7 @@ v8_library( copts = ["-Wno-implicit-fallthrough"], icu_deps = [ ":icu/generated_torque_definitions_headers", @@ -283,7 +331,7 @@ index 421ebcd..52283ea 100644 ], icu_srcs = [ ":generated_regexp_special_case", -@@ -4625,7 +4636,7 @@ v8_library( +@@ -4644,7 +4675,7 @@ v8_library( ], deps = [ ":lib_dragonbox", @@ -292,7 +340,7 @@ index 421ebcd..52283ea 100644 ":lib_fp16", ":simdutf", ":v8_libbase", -@@ -4681,6 +4692,7 @@ alias( +@@ -4700,6 +4731,7 @@ alias( alias( name = "core_lib_icu", actual = "icu/v8", @@ -300,7 +348,7 @@ index 421ebcd..52283ea 100644 ) v8_library( -@@ -4732,7 +4744,7 @@ v8_binary( +@@ -4751,7 +4783,7 @@ v8_binary( ], deps = [ ":v8_libbase", @@ -309,7 +357,7 @@ index 421ebcd..52283ea 100644 ], ) -@@ -4772,9 +4784,15 @@ v8_binary( +@@ -4791,9 +4823,20 @@ v8_binary( ":icu/generated_torque_initializers", ":icu/v8_initializers_files", ], @@ -317,19 +365,24 @@ index 421ebcd..52283ea 100644 + # external-reference helpers together while producing the snapshot, the + # final embedder binary may not fold the same pair and startup + # deserialization will reject the snapshot. ++ # GN also increases the x64 Windows stack reserve because constructing the ++ # snapshot overflows the linker's 1 MiB default. linkopts = select({ "@v8//bazel/config:is_android": ["-llog"], - "//conditions:default": [], + "@v8//bazel/config:is_macos": ["-Wl,-no_deduplicate"], -+ "@v8//bazel/config:is_windows": ["/OPT:NOICF"], ++ "@v8//bazel/config:is_windows": [ ++ "-Wl,/OPT:NOICF", ++ "-Wl,/STACK:2097152", ++ ], + "//conditions:default": ["-Wl,--icf=none"], }), noicu_deps = [":v8_libshared_noicu"], noicu_srcs = [ -diff --git a/orig/v8-14.6.202.11/bazel/BUILD.icu b/mod/v8-14.6.202.11/bazel/BUILD.icu -index 5fda2f4..9729451 100644 ---- a/orig/v8-14.6.202.11/bazel/BUILD.icu -+++ b/mod/v8-14.6.202.11/bazel/BUILD.icu +diff --git a/orig/v8-14.9.207.2/bazel/BUILD.icu b/mod/v8-14.9.207.2/bazel/BUILD.icu +index 5fda2f4..8c3c372 100644 +--- a/orig/v8-14.9.207.2/bazel/BUILD.icu ++++ b/mod/v8-14.9.207.2/bazel/BUILD.icu @@ -1,3 +1,24 @@ +load("@rules_cc//cc:defs.bzl", "cc_library") + @@ -355,7 +408,7 @@ index 5fda2f4..9729451 100644 # Copyright 2021 the V8 project authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. -@@ -16,15 +37,12 @@ +@@ -16,15 +37,12 @@ cc_library( ]), copts = select({ "@platforms//os:windows": [ @@ -373,7 +426,7 @@ index 5fda2f4..9729451 100644 data = [":icudata"], defines = [ "HAVE_DLOPEN=0", -@@ -54,6 +72,7 @@ +@@ -54,6 +72,7 @@ cc_library( "U_ICUDATAENTRY_IN_COMMON", ], tags = ["requires-rtti"], @@ -381,7 +434,7 @@ index 5fda2f4..9729451 100644 alwayslink = 1, ) -@@ -65,19 +84,16 @@ +@@ -65,19 +84,16 @@ cc_library( ]), copts = select({ "@platforms//os:windows": [ @@ -404,7 +457,7 @@ index 5fda2f4..9729451 100644 alwayslink = 1, ) -@@ -93,13 +109,10 @@ +@@ -93,13 +109,10 @@ cc_library( ]), copts = select({ "@platforms//os:windows": [ @@ -420,7 +473,7 @@ index 5fda2f4..9729451 100644 include_prefix = "third_party/icu", local_defines = [ "U_COMMON_IMPLEMENTATION", -@@ -108,6 +121,6 @@ +@@ -108,6 +121,6 @@ cc_library( deps = [ ":icui18n", ":icuuc", diff --git a/patches/v8_module_deps.patch b/patches/v8_module_deps.patch index 8f0fed9cf46..4df93f00f0f 100644 --- a/patches/v8_module_deps.patch +++ b/patches/v8_module_deps.patch @@ -3,14 +3,25 @@ # Scope: upstream MODULE.bazel only; affects external repo resolution and Bazel # module wiring, not V8 source files. -diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel ---- a/orig/v8-14.6.202.11/MODULE.bazel -+++ b/mod/v8-14.6.202.11/MODULE.bazel -@@ -8,7 +8,65 @@ +diff --git a/orig/v8-14.9.207.2/MODULE.bazel b/mod/v8-14.9.207.2/MODULE.bazel +index b8bf8bd..573f463 100644 +--- a/orig/v8-14.9.207.2/MODULE.bazel ++++ b/mod/v8-14.9.207.2/MODULE.bazel +@@ -8,193 +8,67 @@ bazel_dep(name = "rules_cc", version = "0.2.0") bazel_dep(name = "rules_python", version = "1.0.0") bazel_dep(name = "platforms", version = "1.0.0") bazel_dep(name = "abseil-cpp", version = "20250814.0") -bazel_dep(name = "highway", version = "1.2.0") +- +-pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip") +-pip.parse( +- hub_name = "v8_python_deps", +- python_version = "3.11", +- requirements_lock = "//:bazel/requirements.txt", +- extra_pip_args = [ +- "--require-hashes", +- "--index-url=https://pypi.org/simple", +- ], +bazel_dep(name = "rules_license", version = "0.0.4") + +git_repository = use_repo_rule("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository") @@ -23,53 +34,9 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel + sha256 = "7e0be78b8318e8bdbf6fa545d2ecb4c90f947df03f7aadc42c1967f019e63343", + strip_prefix = "highway-1.2.0", + urls = ["https://github.com/google/highway/archive/refs/tags/1.2.0.tar.gz"], -+) -+ -+git_repository( -+ name = "icu", -+ build_file = "@v8//:bazel/BUILD.icu", -+ commit = "a86a32e67b8d1384b33f8fa48c83a6079b86f8cd", -+ patch_cmds = ["find source -name BUILD.bazel | xargs rm"], -+ patch_cmds_win = ["Get-ChildItem -Path source -File -Include BUILD.bazel -Recurse | Remove-Item"], -+ remote = "https://chromium.googlesource.com/chromium/deps/icu.git", -+) -+ -+http_archive( -+ name = "fast_float", -+ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "fast_float",\n hdrs = glob(["include/fast_float/*.h"]),\n include_prefix = "third_party/fast_float/src/include",\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', -+ sha256 = "e14a33089712b681d74d94e2a11362643bd7d769ae8f7e7caefe955f57f7eacd", -+ strip_prefix = "fast_float-8.0.2", -+ urls = ["https://github.com/fastfloat/fast_float/archive/refs/tags/v8.0.2.tar.gz"], -+) -+ -+http_archive( -+ name = "simdutf", -+ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "simdutf",\n srcs = ["src/simdutf.cpp"],\n hdrs = glob(["include/**/*.h"]),\n textual_hdrs = glob(["src/**/*.h", "src/**/*.cpp"], exclude = ["src/simdutf.cpp"]),\n copts = ["-std=c++20"],\n include_prefix = "third_party/simdutf",\n includes = ["include", "src"],\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', -+ sha256 = "0180de81a1dd48a87b8c0442ffa81734f3db91a7350914107a449935124e3c6f", -+ strip_prefix = "simdutf-7.7.0", -+ urls = ["https://github.com/simdutf/simdutf/archive/refs/tags/v7.7.0.tar.gz"], -+) -+ -+git_repository( -+ name = "dragonbox", -+ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "dragonbox",\n hdrs = ["include/dragonbox/dragonbox.h"],\n include_prefix = "third_party/dragonbox/src/include",\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', -+ commit = "beeeef91cf6fef89a4d4ba5e95d47ca64ccb3a44", -+ remote = "https://chromium.googlesource.com/external/github.com/jk-jeon/dragonbox.git", -+) -+ -+git_repository( -+ name = "fp16", -+ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "fp16",\n hdrs = glob(["include/**/*.h"]),\n include_prefix = "third_party/fp16/src/include",\n includes = ["include"],\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', -+ commit = "3d2de1816307bac63c16a297e8c4dc501b4076df", -+ remote = "https://chromium.googlesource.com/external/github.com/Maratyszcza/FP16.git", -+) - - pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip") - pip.parse( -@@ -22,171 +80,3 @@ ) - use_repo(pip, "v8_python_deps") - +-use_repo(pip, "v8_python_deps") +- -# Define the local LLVM toolchain repository -llvm_toolchain_repository = use_repo_rule("//bazel/toolchain:llvm_repository.bzl", "llvm_toolchain_repository") - @@ -77,8 +44,9 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - name = "llvm_toolchain", - path = "third_party/llvm-build/Release+Asserts", - config_file_content = """ +-load("@rules_cc//cc:defs.bzl", "CcToolchainConfigInfo", "cc_common") -load("@bazel_tools//tools/cpp:cc_toolchain_config_lib.bzl", "feature", "flag_group", "flag_set", "tool_path") -- + -def _impl(ctx): - tool_paths = [ - tool_path(name = "gcc", path = "bin/clang"), @@ -157,6 +125,7 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - - return cc_common.create_cc_toolchain_config_info( - ctx = ctx, +- toolchain_identifier = "local_clang", - features = features, - cxx_builtin_include_directories = [ - "{WORKSPACE_ROOT}/buildtools/third_party/libc++", @@ -169,7 +138,6 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - "{WORKSPACE_ROOT}/build/linux/debian_bullseye_amd64-sysroot/usr/include", - "{WORKSPACE_ROOT}/build/linux/debian_bullseye_amd64-sysroot/usr/local/include", - ], -- toolchain_identifier = "local_clang", - host_system_name = "local", - target_system_name = "local", - target_cpu = "k8", @@ -184,18 +152,32 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - implementation = _impl, - attrs = {}, - provides = [CcToolchainConfigInfo], --) ++git_repository( ++ name = "icu", ++ build_file = "@v8//:bazel/BUILD.icu", ++ commit = "a86a32e67b8d1384b33f8fa48c83a6079b86f8cd", ++ patch_cmds = ["find source -name BUILD.bazel | xargs rm"], ++ patch_cmds_win = ["Get-ChildItem -Path source -File -Include BUILD.bazel -Recurse | Remove-Item"], ++ remote = "https://chromium.googlesource.com/chromium/deps/icu.git", + ) -""", - build_file_content = """ +-load("@rules_cc//cc:defs.bzl", "cc_toolchain") -load(":cc_toolchain_config.bzl", "cc_toolchain_config") - -package(default_visibility = ["//visibility:public"]) -- + -filegroup( - name = "all_files", - srcs = glob(["**/*"]), --) -- ++http_archive( ++ name = "fast_float", ++ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "fast_float",\n hdrs = glob(["include/fast_float/*.h"]),\n include_prefix = "third_party/fast_float/src/include",\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', ++ sha256 = "e14a33089712b681d74d94e2a11362643bd7d769ae8f7e7caefe955f57f7eacd", ++ strip_prefix = "fast_float-8.0.2", ++ urls = ["https://github.com/fastfloat/fast_float/archive/refs/tags/v8.0.2.tar.gz"], + ) + -filegroup(name = "empty") - -cc_toolchain_config(name = "k8_toolchain_config") @@ -212,8 +194,14 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - supports_param_files = 0, - toolchain_config = ":k8_toolchain_config", - toolchain_identifier = "local_clang", --) -- ++http_archive( ++ name = "simdutf", ++ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "simdutf",\n srcs = ["src/simdutf.cpp"],\n hdrs = glob(["include/**/*.h"]),\n textual_hdrs = glob(["src/**/*.h", "src/**/*.cpp"], exclude = ["src/simdutf.cpp"]),\n copts = ["-std=c++20"],\n include_prefix = "third_party/simdutf",\n includes = ["include", "src"],\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', ++ sha256 = "0180de81a1dd48a87b8c0442ffa81734f3db91a7350914107a449935124e3c6f", ++ strip_prefix = "simdutf-7.7.0", ++ urls = ["https://github.com/simdutf/simdutf/archive/refs/tags/v7.7.0.tar.gz"], + ) + -toolchain( - name = "cc_toolchain_k8", - exec_compatible_with = [ @@ -228,8 +216,13 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - toolchain_type = "@bazel_tools//tools/cpp:toolchain_type", -) -""", --) -- ++git_repository( ++ name = "dragonbox", ++ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "dragonbox",\n hdrs = ["include/dragonbox/dragonbox.h"],\n include_prefix = "third_party/dragonbox/src/include",\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', ++ commit = "beeeef91cf6fef89a4d4ba5e95d47ca64ccb3a44", ++ remote = "https://chromium.googlesource.com/external/github.com/jk-jeon/dragonbox.git", + ) + -register_toolchains("@llvm_toolchain//:cc_toolchain_k8") - -# Define local repository for libc++ from third_party sources @@ -237,11 +230,33 @@ diff --git a/orig/v8-14.6.202.11/MODULE.bazel b/mod/v8-14.6.202.11/MODULE.bazel - -libcxx_repository( - name = "libcxx", --) -diff --git a/orig/v8-14.6.202.11/bazel/highway.patch b/mod/v8-14.6.202.11/bazel/highway.patch ++git_repository( ++ name = "fp16", ++ build_file_content = 'load("@rules_cc//cc:defs.bzl", "cc_library")\n\ncc_library(\n name = "fp16",\n hdrs = glob(["include/**/*.h"]),\n include_prefix = "third_party/fp16/src/include",\n includes = ["include"],\n strip_include_prefix = "include",\n visibility = ["//visibility:public"],\n)\n', ++ commit = "3d2de1816307bac63c16a297e8c4dc501b4076df", ++ remote = "https://chromium.googlesource.com/external/github.com/Maratyszcza/FP16.git", + ) + +-single_version_override( +- module_name = "highway", +- patches = ["//bazel/patches:highway_rules_cc.patch"], +- patch_strip = 1, ++pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip") ++pip.parse( ++ hub_name = "v8_python_deps", ++ python_version = "3.11", ++ requirements_lock = "//:bazel/requirements.txt", ++ extra_pip_args = [ ++ "--require-hashes", ++ "--index-url=https://pypi.org/simple", ++ ], + ) ++use_repo(pip, "v8_python_deps") +diff --git a/mod/v8-14.9.207.2/bazel/highway.patch b/mod/v8-14.9.207.2/bazel/highway.patch new file mode 100644 +index 0000000..5a13dd0 --- /dev/null -+++ b/mod/v8-14.6.202.11/bazel/highway.patch ++++ b/mod/v8-14.9.207.2/bazel/highway.patch @@ -0,0 +1,25 @@ +diff --git a/BUILD b/BUILD +--- a/BUILD @@ -249,22 +264,22 @@ new file mode 100644 +@@ -2,7 +2,7 @@ + load("@bazel_skylib//lib:selects.bzl", "selects") + load("@rules_license//rules:license.bzl", "license") -+ ++ +-load("@rules_cc//cc:defs.bzl", "cc_test") ++load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_test") + # Placeholder#2 for Guitar, do not remove -+ ++ + package( +@@ -134,11 +134,7 @@ COPTS = select({ + ], + }) -+ ++ +-DEFINES = select({ +- ":compiler_msvc": ["HWY_SHARED_DEFINE"], +- ":compiler_clangcl": ["HWY_SHARED_DEFINE"], +- "//conditions:default": [], +-}) ++DEFINES = [] -+ ++ + # Unused on Bazel builds, where this is not defined/known; Copybara replaces + # usages with an empty list. diff --git a/patches/v8_source_portability.patch b/patches/v8_source_portability.patch index d480e11c1af..0e042c76d9d 100644 --- a/patches/v8_source_portability.patch +++ b/patches/v8_source_portability.patch @@ -2,10 +2,10 @@ # Scope: minimal source-level portability fixes only, such as libexecinfo guards, # weak glibc symbol handling, and warning annotations; no dependency # include-path rewrites or intentional V8 feature changes. -diff --git a/orig/v8-14.6.202.11/src/base/bits.h b/mod/v8-14.6.202.11/src/base/bits.h +diff --git a/orig/v8-14.9.207.2/src/base/bits.h b/mod/v8-14.9.207.2/src/base/bits.h index 179a10f..4791e96 100644 ---- a/orig/v8-14.6.202.11/src/base/bits.h -+++ b/mod/v8-14.6.202.11/src/base/bits.h +--- a/orig/v8-14.9.207.2/src/base/bits.h ++++ b/mod/v8-14.9.207.2/src/base/bits.h @@ -270,11 +270,17 @@ inline constexpr uint32_t RoundDownToPowerOfTwo32(uint32_t value) { } @@ -24,10 +24,10 @@ index 179a10f..4791e96 100644 inline constexpr uint32_t RotateLeft32(uint32_t value, uint32_t shift) { return (value << shift) | (value >> ((32 - shift) & 31)); } -diff --git a/orig/v8-14.6.202.11/src/base/debug/stack_trace_posix.cc b/mod/v8-14.6.202.11/src/base/debug/stack_trace_posix.cc +diff --git a/orig/v8-14.9.207.2/src/base/debug/stack_trace_posix.cc b/mod/v8-14.9.207.2/src/base/debug/stack_trace_posix.cc index 6176ed4..a02043d 100644 ---- a/orig/v8-14.6.202.11/src/base/debug/stack_trace_posix.cc -+++ b/mod/v8-14.6.202.11/src/base/debug/stack_trace_posix.cc +--- a/orig/v8-14.9.207.2/src/base/debug/stack_trace_posix.cc ++++ b/mod/v8-14.9.207.2/src/base/debug/stack_trace_posix.cc @@ -64,6 +64,7 @@ namespace { volatile sig_atomic_t in_signal_handler = 0; bool dump_stack_in_signal_handler = true; @@ -44,10 +44,10 @@ index 6176ed4..a02043d 100644 // Demangles C++ symbols in the given text. Example: // // "out/Debug/base_unittests(_ZN10StackTraceC1Ev+0x20) [0x817778c]" -diff --git a/orig/v8-14.6.202.11/src/base/export-template.h b/mod/v8-14.6.202.11/src/base/export-template.h +diff --git a/orig/v8-14.9.207.2/src/base/export-template.h b/mod/v8-14.9.207.2/src/base/export-template.h index 861cfe4..1e73954 100644 ---- a/orig/v8-14.6.202.11/src/base/export-template.h -+++ b/mod/v8-14.6.202.11/src/base/export-template.h +--- a/orig/v8-14.9.207.2/src/base/export-template.h ++++ b/mod/v8-14.9.207.2/src/base/export-template.h @@ -153,8 +153,10 @@ EXPORT_TEMPLATE_TEST(DEFAULT, ); @@ -59,10 +59,10 @@ index 861cfe4..1e73954 100644 #undef EXPORT_TEMPLATE_TEST #undef EXPORT_TEMPLATE_TEST_DEFAULT_DEFAULT -diff --git a/orig/v8-14.6.202.11/src/base/platform/platform-posix.cc b/mod/v8-14.6.202.11/src/base/platform/platform-posix.cc -index 420df0b..6f47969 100644 ---- a/orig/v8-14.6.202.11/src/base/platform/platform-posix.cc -+++ b/mod/v8-14.6.202.11/src/base/platform/platform-posix.cc +diff --git a/orig/v8-14.9.207.2/src/base/platform/platform-posix.cc b/mod/v8-14.9.207.2/src/base/platform/platform-posix.cc +index dfb30b6..6ce12a5 100644 +--- a/orig/v8-14.9.207.2/src/base/platform/platform-posix.cc ++++ b/mod/v8-14.9.207.2/src/base/platform/platform-posix.cc @@ -95,7 +95,7 @@ extern int madvise(caddr_t, size_t, int); #endif @@ -82,10 +82,10 @@ index 420df0b..6f47969 100644 DCHECK(MainThreadIsCurrentThread()); return __libc_stack_end; } -diff --git a/orig/v8-14.6.202.11/src/base/platform/platform-win32.cc b/mod/v8-14.6.202.11/src/base/platform/platform-win32.cc -index f5d9ddc..1c08b0f 100644 ---- a/orig/v8-14.6.202.11/src/base/platform/platform-win32.cc -+++ b/mod/v8-14.6.202.11/src/base/platform/platform-win32.cc +diff --git a/orig/v8-14.9.207.2/src/base/platform/platform-win32.cc b/mod/v8-14.9.207.2/src/base/platform/platform-win32.cc +index 11f9772..854a682 100644 +--- a/orig/v8-14.9.207.2/src/base/platform/platform-win32.cc ++++ b/mod/v8-14.9.207.2/src/base/platform/platform-win32.cc @@ -20,7 +20,11 @@ #include @@ -98,7 +98,7 @@ index f5d9ddc..1c08b0f 100644 #include // For SymLoadModule64 and al. #include // For _msize() #include // For timeGetTime(). -@@ -69,9 +69,7 @@ static_assert(offsetof(V8_CRITICAL_SECTION, SpinCount) == +@@ -69,9 +73,7 @@ static_assert(offsetof(V8_CRITICAL_SECTION, SpinCount) == // Extra functions for MinGW. Most of these are the _s functions which are in // the Microsoft Visual Studio C++ CRT. #ifdef __MINGW32__ @@ -109,7 +109,7 @@ index f5d9ddc..1c08b0f 100644 #define _TRUNCATE 0 #define STRUNCATE 80 -@@ -81,9 +79,6 @@ inline void MemoryFence() { +@@ -81,9 +83,6 @@ inline void MemoryFence() { __asm__ __volatile__("xchgl %%eax,%0 ":"=r" (barrier)); } @@ -119,7 +119,7 @@ index f5d9ddc..1c08b0f 100644 int localtime_s(tm* out_tm, const time_t* time) { tm* posix_local_time_struct = localtime_r(time, out_tm); if (posix_local_time_struct == nullptr) return 1; -@@ -134,6 +129,8 @@ int strncpy_s(char* dest, size_t dest_size, const char* source, size_t count) { +@@ -134,6 +133,8 @@ int strncpy_s(char* dest, size_t dest_size, const char* source, size_t count) { return 0; } @@ -128,7 +128,7 @@ index f5d9ddc..1c08b0f 100644 #endif // __MINGW32__ namespace v8 { -@@ -743,8 +740,10 @@ void OS::StrNCpy(char* dest, int length, const char* src, size_t n) { +@@ -743,8 +744,10 @@ void OS::StrNCpy(char* dest, int length, const char* src, size_t n) { } @@ -139,15 +139,15 @@ index f5d9ddc..1c08b0f 100644 DEFINE_LAZY_LEAKY_OBJECT_GETTER(RandomNumberGenerator, GetPlatformRandomNumberGenerator) -@@ -1894,3 +1893,4 @@ Stack::StackSlot Stack::GetCurrentStackPosition() { +@@ -1943,3 +1946,4 @@ Stack::StackSlot Stack::GetCurrentStackPosition() { } // namespace base } // namespace v8 + -diff --git a/orig/v8-14.6.202.11/src/base/platform/time.cc b/mod/v8-14.6.202.11/src/base/platform/time.cc -index 8390288..cba6cd5 100644 ---- a/orig/v8-14.6.202.11/src/base/platform/time.cc -+++ b/mod/v8-14.6.202.11/src/base/platform/time.cc +diff --git a/orig/v8-14.9.207.2/src/base/platform/time.cc b/mod/v8-14.9.207.2/src/base/platform/time.cc +index 8c824e3..f8144d0 100644 +--- a/orig/v8-14.9.207.2/src/base/platform/time.cc ++++ b/mod/v8-14.9.207.2/src/base/platform/time.cc @@ -782,12 +782,12 @@ bool ThreadTicks::IsSupported() { #elif defined(__PASE__) // Thread CPU time accounting is unavailable in PASE @@ -179,10 +179,10 @@ index 8390288..cba6cd5 100644 #else UNREACHABLE(); #endif -diff --git a/orig/v8-14.6.202.11/src/heap/base/asm/x64/push_registers_masm.asm b/mod/v8-14.6.202.11/src/heap/base/asm/x64/push_registers_masm.asm -index d0d0563..72e230b 100644 ---- a/orig/v8-14.6.202.11/src/heap/base/asm/x64/push_registers_masm.asm -+++ b/mod/v8-14.6.202.11/src/heap/base/asm/x64/push_registers_masm.asm +diff --git a/orig/v8-14.9.207.2/src/heap/base/asm/x64/push_registers_masm.asm b/mod/v8-14.9.207.2/src/heap/base/asm/x64/push_registers_masm.asm +index d0d0563..f3f5952 100644 +--- a/orig/v8-14.9.207.2/src/heap/base/asm/x64/push_registers_masm.asm ++++ b/mod/v8-14.9.207.2/src/heap/base/asm/x64/push_registers_masm.asm @@ -1,70 +1,47 @@ -;; Copyright 2020 the V8 project authors. All rights reserved. -;; Use of this source code is governed by a BSD-style license that can be @@ -301,10 +301,10 @@ index d0d0563..72e230b 100644 + pop %rbp + ret +.seh_endproc -diff --git a/orig/v8-14.6.202.11/src/libplatform/default-thread-isolated-allocator.cc b/mod/v8-14.6.202.11/src/libplatform/default-thread-isolated-allocator.cc +diff --git a/orig/v8-14.9.207.2/src/libplatform/default-thread-isolated-allocator.cc b/mod/v8-14.9.207.2/src/libplatform/default-thread-isolated-allocator.cc index bda0e43..b44f1d9 100644 ---- a/orig/v8-14.6.202.11/src/libplatform/default-thread-isolated-allocator.cc -+++ b/mod/v8-14.6.202.11/src/libplatform/default-thread-isolated-allocator.cc +--- a/orig/v8-14.9.207.2/src/libplatform/default-thread-isolated-allocator.cc ++++ b/mod/v8-14.9.207.2/src/libplatform/default-thread-isolated-allocator.cc @@ -23,7 +23,7 @@ extern int pkey_free(int pkey) V8_WEAK; namespace { @@ -314,11 +314,11 @@ index bda0e43..b44f1d9 100644 // PKU was broken on Linux kernels before 5.13 (see // https://lore.kernel.org/all/20210623121456.399107624@linutronix.de/). // A fix is also included in the 5.4.182 and 5.10.103 versions ("x86/fpu: -diff --git a/orig/v8-14.6.202.11/src/profiler/heap-snapshot-generator.cc b/mod/v8-14.6.202.11/src/profiler/heap-snapshot-generator.cc -index 27e748f..cbf886c 100644 ---- a/orig/v8-14.6.202.11/src/profiler/heap-snapshot-generator.cc -+++ b/mod/v8-14.6.202.11/src/profiler/heap-snapshot-generator.cc -@@ -429,11 +429,11 @@ HeapSnapshot::HeapSnapshot(HeapProfiler* profiler, +diff --git a/orig/v8-14.9.207.2/src/profiler/heap-snapshot-generator.cc b/mod/v8-14.9.207.2/src/profiler/heap-snapshot-generator.cc +index 8edad48..d4b2721 100644 +--- a/orig/v8-14.9.207.2/src/profiler/heap-snapshot-generator.cc ++++ b/mod/v8-14.9.207.2/src/profiler/heap-snapshot-generator.cc +@@ -478,11 +478,11 @@ HeapSnapshot::HeapSnapshot(HeapProfiler* profiler, static_assert(kSystemPointerSize != 4 || sizeof(HeapGraphEdge) == 12); static_assert(kSystemPointerSize != 8 || sizeof(HeapGraphEdge) == 24); static_assert(kSystemPointerSize != 4 || sizeof(HeapEntry) == 32); @@ -332,7 +332,7 @@ index 27e748f..cbf886c 100644 memset(&gc_subroot_entries_, 0, sizeof(gc_subroot_entries_)); } -@@ -3878,3 +3878,4 @@ void HeapSnapshotJSONSerializer::SerializeLocations() { +@@ -4015,3 +4015,4 @@ void HeapSnapshotJSONSerializer::SerializeLocations() { } } // namespace v8::internal diff --git a/scripts/check-module-bazel-lock.sh b/scripts/check-module-bazel-lock.sh index 1a148896437..49ddaaef2bf 100755 --- a/scripts/check-module-bazel-lock.sh +++ b/scripts/check-module-bazel-lock.sh @@ -1,7 +1,8 @@ #!/usr/bin/env bash set -euo pipefail -if ! bazel mod deps --lockfile_mode=error; then +repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +if ! "${repo_root}/.github/scripts/run_bazel_with_buildbuddy.py" mod deps --lockfile_mode=error; then echo "MODULE.bazel.lock is out of date." echo "Run 'just bazel-lock-update' and commit the updated lockfile." exit 1 diff --git a/scripts/stage_npm_packages.py b/scripts/stage_npm_packages.py index 2329d2ba626..38374f523df 100755 --- a/scripts/stage_npm_packages.py +++ b/scripts/stage_npm_packages.py @@ -101,6 +101,11 @@ def parse_args() -> argparse.Namespace: "--workflow-url", help="Optional workflow URL to reuse for native artifacts.", ) + parser.add_argument( + "--artifacts-dir", + type=Path, + help="Directory containing previously downloaded workflow artifacts.", + ) parser.add_argument( "--output-dir", type=Path, @@ -496,6 +501,7 @@ def main() -> int: vendor_temp_roots: list[Path] = [] vendor_src_by_components: dict[tuple[str, ...], Path] = {} artifacts_temp_root: Path | None = None + remove_artifacts_temp_root = False resolved_head_sha: str | None = None final_messages = [] @@ -506,10 +512,15 @@ def main() -> int: args.release_version, args.workflow_url ) print(f"Using native artifacts from {workflow_url}", flush=True) - artifacts_temp_root = Path( - tempfile.mkdtemp(prefix="npm-native-artifacts-", dir=runner_temp) - ) - print(f"Caching downloaded artifacts in {artifacts_temp_root}", flush=True) + if args.artifacts_dir is not None: + artifacts_temp_root = args.artifacts_dir.resolve() + artifacts_temp_root.mkdir(parents=True, exist_ok=True) + else: + artifacts_temp_root = Path( + tempfile.mkdtemp(prefix="npm-native-artifacts-", dir=runner_temp) + ) + remove_artifacts_temp_root = True + print(f"Using artifact cache at {artifacts_temp_root}", flush=True) for components in native_component_sets: vendor_temp_root = Path( tempfile.mkdtemp(prefix="npm-native-", dir=runner_temp) @@ -570,7 +581,7 @@ def main() -> int: if not args.keep_staging_dirs: for vendor_temp_root in vendor_temp_roots: shutil.rmtree(vendor_temp_root, ignore_errors=True) - if artifacts_temp_root is not None: + if remove_artifacts_temp_root and artifacts_temp_root is not None: shutil.rmtree(artifacts_temp_root, ignore_errors=True) for msg in final_messages: diff --git a/scripts/termux-lock-audit.sh b/scripts/termux-lock-audit.sh new file mode 100755 index 00000000000..ac40f8e5724 --- /dev/null +++ b/scripts/termux-lock-audit.sh @@ -0,0 +1,126 @@ +#!/usr/bin/env bash +set -euo pipefail + +usage() { + cat <<'USAGE' +Usage: scripts/termux-lock-audit.sh [--strict] + +Audits Rust advisory file-lock usage that may need Termux compatibility handling. + +By default this script prints findings and exits successfully. With --strict, it +exits non-zero when candidate file-lock calls are found in files that do not also +mention Unsupported/TryLockError handling. +USAGE +} + +strict=false +for arg in "$@"; do + case "$arg" in + --strict) + strict=true + ;; + -h | --help) + usage + exit 0 + ;; + *) + echo "unknown argument: $arg" >&2 + usage >&2 + exit 2 + ;; + esac +done + +if ! command -v rg >/dev/null 2>&1; then + echo "error: rg is required for this audit" >&2 + exit 1 +fi + +repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$repo_root" + +unsupported_pattern='std::fs::TryLockError|fs::TryLockError|TryLockError::|ErrorKind::Unsupported|std::io::ErrorKind::Unsupported' +lock_context_pattern='(\.lock\(\)|\.try_lock\(|\.try_lock_shared\(|TryLockError|ErrorKind::Unsupported)' +candidate_file_lock_pattern='\b([A-Za-z_][A-Za-z0-9_]*_file|file)\.(lock|try_lock|try_lock_shared)\(' +candidate_false_positive_pattern='poisoned' +helper_pattern='codex_utils_file_lock|FileLockOutcome|TryFileLockOutcome|lock_exclusive_optional|try_lock_exclusive_optional|try_lock_shared_optional' + +print_section() { + printf '\n== %s ==\n' "$1" +} + +print_section "Unsupported-aware lock handling" +echo "These files already mention Unsupported/TryLockError and are likely patched or intentionally reviewed:" + +unsupported_count=0 +while IFS= read -r file; do + if rg -q "$lock_context_pattern" "$file"; then + rg -n -H "$lock_context_pattern" "$file" + unsupported_count=$((unsupported_count + 1)) + fi +done < <(rg -l "$unsupported_pattern" codex-rs -g '*.rs' || true) + +if [ "$unsupported_count" -eq 0 ]; then + echo "No unsupported-aware lock handling found." +fi + +print_section "Optional file-lock helper usage" +echo "These files use the shared optional advisory file-lock helper:" + +helper_count=0 +while IFS= read -r file; do + rg -n -H "$helper_pattern" "$file" + helper_count=$((helper_count + 1)) +done < <(rg -l "$helper_pattern" codex-rs -g '*.rs' || true) + +if [ "$helper_count" -eq 0 ]; then + echo "No optional file-lock helper usage found." +fi + +print_section "Candidate file-lock calls for manual review" +echo "These receiver names may be std::fs::File advisory locks, but the file does not mention Unsupported/TryLockError handling." +echo "This section can include false positives, such as mutexes wrapping a file." + +review_count=0 +while IFS= read -r file; do + if ! rg -q "$unsupported_pattern" "$file"; then + matches="$(rg -n -H "$candidate_file_lock_pattern" "$file" | rg -v "$candidate_false_positive_pattern" || true)" + if [ -n "$matches" ]; then + echo "$matches" + review_count=$((review_count + 1)) + fi + fi +done < <(rg -l "$candidate_file_lock_pattern" codex-rs -g '*.rs' || true) + +if [ "$review_count" -eq 0 ]; then + echo "No unpatched candidate file-lock calls found." +fi + +print_section "Candidate file-lock calls already in unsupported-aware files" +echo "These are candidate file-lock calls in files that already mention Unsupported/TryLockError handling:" + +aware_candidate_count=0 +while IFS= read -r file; do + if rg -q "$unsupported_pattern" "$file"; then + matches="$(rg -n -H "$candidate_file_lock_pattern" "$file" | rg -v "$candidate_false_positive_pattern" || true)" + if [ -n "$matches" ]; then + echo "$matches" + aware_candidate_count=$((aware_candidate_count + 1)) + fi + fi +done < <(rg -l "$candidate_file_lock_pattern" codex-rs -g '*.rs' || true) + +if [ "$aware_candidate_count" -eq 0 ]; then + echo "No unsupported-aware candidate file-lock calls found." +fi + +print_section "Summary" +echo "unsupported-aware files: $unsupported_count" +echo "optional helper files: $helper_count" +echo "review candidate files: $review_count" +echo "unsupported-aware candidate files: $aware_candidate_count" + +if [ "$strict" = true ] && [ "$review_count" -gt 0 ]; then + echo "strict mode: manual-review candidate files were found" >&2 + exit 1 +fi diff --git a/sdk/python/src/openai_codex/_goal.py b/sdk/python/src/openai_codex/_goal.py new file mode 100644 index 00000000000..37a63fc28f4 --- /dev/null +++ b/sdk/python/src/openai_codex/_goal.py @@ -0,0 +1,448 @@ +import asyncio +import queue +import threading +import time +from collections import deque +from dataclasses import dataclass, field +from typing import AsyncIterator, Awaitable, Callable, Iterator + +from .generated.notification_registry import notification_turn_id +from .generated.v2_all import ( + ThreadGoalClearedNotification, + ThreadGoalStatus, + ThreadGoalUpdatedNotification, + Turn, + TurnCompletedNotification, + TurnStartedNotification, + TurnStatus, +) +from .models import Notification, UnknownNotification + + +class _GoalStreamClosed(Exception): + """Wake a notification reader after its logical stream closes.""" + + +def _terminal_goal_status(status: ThreadGoalStatus | None) -> bool: + return status in { + ThreadGoalStatus.paused, + ThreadGoalStatus.blocked, + ThreadGoalStatus.usage_limited, + ThreadGoalStatus.budget_limited, + ThreadGoalStatus.complete, + } + + +@dataclass(slots=True) +class _GoalOperationState: + """Private state for one goal operation exposed as a logical turn.""" + + thread_id: str + logical_turn_id: str | None = None + current_turn_id: str | None = None + status: ThreadGoalStatus | None = None + started_turn: Turn | None = None + completed_turn: Turn | None = None + interrupted: bool = False + interrupt_requested: bool = False + cleared: bool = False + _condition: threading.Condition = field(default_factory=threading.Condition) + _notifications: queue.Queue[Notification | BaseException] = field(default_factory=queue.Queue) + _failure: BaseException | None = None + _finished: bool = False + _turn_routing_active: bool = False + + def observe(self, notification: Notification) -> bool: + payload = notification.payload + with self._condition: + if not self._turn_routing_active and not isinstance( + payload, + ThreadGoalClearedNotification | ThreadGoalUpdatedNotification, + ): + return False + if isinstance(payload, TurnStartedNotification): + if self.logical_turn_id is None: + self.logical_turn_id = payload.turn.id + self.current_turn_id = payload.turn.id + if self.started_turn is None: + self.started_turn = payload.turn + elif isinstance(payload, TurnCompletedNotification): + self.completed_turn = payload.turn + if self.current_turn_id == payload.turn.id: + self.current_turn_id = None + elif isinstance(payload, ThreadGoalUpdatedNotification): + self.status = payload.goal.status + if self.status == ThreadGoalStatus.active: + self.cleared = False + elif isinstance(payload, ThreadGoalClearedNotification): + self.cleared = True + if ( + self.current_turn_id is None + and self.completed_turn is not None + and (self.cleared or _terminal_goal_status(self.status)) + ): + self._finished = True + self._condition.notify_all() + self._notifications.put(notification) + return True + + def activate_turn_routing(self) -> None: + """Accept physical turns after the previous stored goal is cleared.""" + with self._condition: + self._turn_routing_active = True + + def wait_for_start(self, timeout: float) -> str | None: + """Wait for the runtime-generated first turn without consuming its event.""" + deadline = time.monotonic() + timeout + with self._condition: + while self.started_turn is None or self.logical_turn_id is None: + if self._failure is not None: + raise self._failure + remaining = deadline - time.monotonic() + if remaining <= 0: + return None + self._condition.wait(remaining) + return self.logical_turn_id + + def fail(self, exc: BaseException) -> None: + with self._condition: + self._failure = exc + self._condition.notify_all() + self._notifications.put(exc) + + def next_notification(self) -> Notification: + item = self._notifications.get() + if isinstance(item, BaseException): + raise item + return item + + def finish(self) -> None: + """Mark the logical operation inactive and wake waiting controls.""" + with self._condition: + self._finished = True + self.current_turn_id = None + self._condition.notify_all() + + def is_finished(self) -> bool: + with self._condition: + return self._finished + + def begin_interrupt(self) -> bool: + with self._condition: + if self._finished: + return False + self.interrupt_requested = True + return True + + def confirm_interrupt(self) -> None: + with self._condition: + self.interrupted = True + self.interrupt_requested = False + self._condition.notify_all() + + def cancel_interrupt(self) -> None: + with self._condition: + self.interrupt_requested = False + self._condition.notify_all() + + def explicit_interrupt(self) -> bool: + with self._condition: + while self.interrupt_requested: + self._condition.wait() + return self.interrupted + + def active_turn(self, *, after: str | None = None) -> str | None: + """Wait for the current turn, or return None once the goal has ended.""" + with self._condition: + while True: + if self._failure is not None: + raise self._failure + if self._finished: + return None + if self.current_turn_id is not None and self.current_turn_id != after: + return self.current_turn_id + if self.cleared or _terminal_goal_status(self.status): + return None + self._condition.wait() + + def current_turn(self) -> str | None: + """Return the current physical turn without waiting for rollover.""" + with self._condition: + return self.current_turn_id + + def resolve_active_turn(self, expected: str, active: str) -> None: + """Adopt a server-reported active id when routed state is still stale.""" + with self._condition: + if self.current_turn_id in {None, expected}: + self.current_turn_id = active + self._condition.notify_all() + + def turn_for_interrupt(self) -> str | None: + """Return an active or stale turn id that can resolve rollover races.""" + with self._condition: + if self.current_turn_id is not None: + return self.current_turn_id + if self.completed_turn is not None: + return self.completed_turn.id + if self.started_turn is not None: + return self.started_turn.id + return None + + def wake_notification_reader(self) -> None: + """Release a reader blocked after its stream has been closed.""" + self._notifications.put(_GoalStreamClosed()) + + +def _logical_notification(notification: Notification, logical_turn_id: str) -> Notification: + """Return a copy whose turn metadata uses the logical operation id.""" + payload = notification.payload + if isinstance(payload, UnknownNotification): + params = dict(payload.params) + if isinstance(params.get("turnId"), str): + params["turnId"] = logical_turn_id + turn = params.get("turn") + if isinstance(turn, dict) and isinstance(turn.get("id"), str): + params["turn"] = {**turn, "id": logical_turn_id} + return Notification(notification.method, UnknownNotification(params)) + + turn_id = notification_turn_id(payload) + if turn_id is None: + return notification + if hasattr(payload, "turn_id"): + return Notification( + notification.method, + payload.model_copy(update={"turn_id": logical_turn_id}), + ) + if hasattr(payload, "turn"): + logical_turn = payload.turn.model_copy(update={"id": logical_turn_id}) + return Notification( + notification.method, + payload.model_copy(update={"turn": logical_turn}), + ) + return notification + + +def _logical_completion( + completed: TurnCompletedNotification, + *, + logical_turn_id: str, + started: Turn | None, + interrupted: bool, +) -> TurnCompletedNotification: + """Coalesce the final physical completion into one logical completion.""" + final_turn = completed.turn + started_at = started.started_at if started is not None else final_turn.started_at + duration_ms = final_turn.duration_ms + if started_at is not None and final_turn.completed_at is not None: + duration_ms = max(0, final_turn.completed_at - started_at) * 1000 + updates: dict[str, object] = { + "id": logical_turn_id, + "started_at": started_at, + "duration_ms": duration_ms, + } + if interrupted: + updates["status"] = TurnStatus.interrupted + return completed.model_copy(update={"turn": final_turn.model_copy(update=updates)}) + + +@dataclass(slots=True) +class _GoalStreamCursor: + """Consume physical goal events as one ordered logical turn stream.""" + + state: _GoalOperationState + started: Turn | None = None + last_completed: TurnCompletedNotification | None = None + failed_completion: TurnCompletedNotification | None = None + status: ThreadGoalStatus | None = None + active: bool = False + cleared: bool = False + + def process(self, notification: Notification) -> tuple[list[Notification], bool]: + logical_turn_id = self.state.logical_turn_id + if logical_turn_id is None: + raise RuntimeError("goal operation has not been bound to a logical turn id") + + payload = notification.payload + if isinstance(payload, TurnStartedNotification): + self.active = True + if self.started is not None: + return [], False + self.started = payload.turn + return [_logical_notification(notification, logical_turn_id)], False + + if isinstance(payload, TurnCompletedNotification): + self.active = False + self.last_completed = payload + if payload.turn.status == TurnStatus.interrupted: + return [ + self._completion( + notification.method, + self.failed_completion or payload, + ) + ], True + if payload.turn.status == TurnStatus.failed: + self.failed_completion = payload + if self.cleared or _terminal_goal_status(self.status): + self.state.finish() + return [self._completion(notification.method, payload)], True + return [], False + if self.status is None and not self.cleared: + raise RuntimeError( + "the connected Codex runtime did not activate goal mode for this turn" + ) + if self.cleared or _terminal_goal_status(self.status): + self.state.finish() + return [ + self._completion( + notification.method, + self.failed_completion or payload, + ) + ], True + return [], False + + events = [_logical_notification(notification, logical_turn_id)] + if isinstance(payload, ThreadGoalUpdatedNotification): + self.status = payload.goal.status + if self.status == ThreadGoalStatus.active: + self.cleared = False + events = [] + elif isinstance(payload, ThreadGoalClearedNotification): + self.cleared = True + events = [] + + if ( + not self.active + and self.last_completed is not None + and (self.cleared or _terminal_goal_status(self.status)) + ): + self.state.finish() + events.append( + self._completion( + "turn/completed", + self.failed_completion or self.last_completed, + ) + ) + return events, True + return events, False + + def _completion( + self, + method: str, + payload: TurnCompletedNotification, + ) -> Notification: + logical_turn_id = self.state.logical_turn_id + if logical_turn_id is None: + raise RuntimeError("goal operation has not been bound to a logical turn id") + return Notification( + method, + _logical_completion( + payload, + logical_turn_id=logical_turn_id, + started=self.started, + interrupted=self.state.explicit_interrupt(), + ), + ) + + +@dataclass(slots=True) +class _GoalNotificationStream(Iterator[Notification]): + """Closeable synchronous view of one logical goal operation.""" + + state: _GoalOperationState + next_notification: Callable[[], Notification] + unregister: Callable[[], None] + cancel_goal: Callable[[], None] + _cursor: _GoalStreamCursor = field(init=False) + _pending: deque[Notification] = field(default_factory=deque) + _closed: bool = False + + def __post_init__(self) -> None: + self._cursor = _GoalStreamCursor(self.state) + + def __iter__(self) -> "_GoalNotificationStream": + return self + + def __next__(self) -> Notification: + if self._closed: + raise StopIteration + try: + while not self._pending: + notification = self.next_notification() + events, completed = self._cursor.process(notification) + self._pending.extend(events) + if completed: + self._finish() + return self._pending.popleft() + except _GoalStreamClosed: + self.close() + raise StopIteration from None + except KeyboardInterrupt: + self.cancel_goal() + self.close() + raise + except BaseException: + self.close() + raise + + def _finish(self) -> None: + if self._closed: + return + self.state.finish() + self.state.wake_notification_reader() + self.unregister() + self._closed = True + + def close(self) -> None: + self._finish() + + +@dataclass(slots=True) +class _AsyncGoalNotificationStream(AsyncIterator[Notification]): + """Closeable asynchronous view of one logical goal operation.""" + + state: _GoalOperationState + next_notification: Callable[[], Awaitable[Notification]] + unregister: Callable[[], None] + cancel_goal: Callable[[], Awaitable[None]] + _cursor: _GoalStreamCursor = field(init=False) + _pending: deque[Notification] = field(default_factory=deque) + _closed: bool = False + + def __post_init__(self) -> None: + self._cursor = _GoalStreamCursor(self.state) + + def __aiter__(self) -> "_AsyncGoalNotificationStream": + return self + + async def __anext__(self) -> Notification: + if self._closed: + raise StopAsyncIteration + try: + while not self._pending: + notification = await self.next_notification() + events, completed = self._cursor.process(notification) + self._pending.extend(events) + if completed: + self._finish() + return self._pending.popleft() + except _GoalStreamClosed: + await self.aclose() + raise StopAsyncIteration from None + except asyncio.CancelledError: + await self.cancel_goal() + await self.aclose() + raise + except BaseException: + await self.aclose() + raise + + def _finish(self) -> None: + if self._closed: + return + self.state.finish() + self.state.wake_notification_reader() + self.unregister() + self._closed = True + + async def aclose(self) -> None: + self._finish() diff --git a/sdk/python/src/openai_codex/_message_router.py b/sdk/python/src/openai_codex/_message_router.py index b500f16c56e..c979c8c8ddb 100644 --- a/sdk/python/src/openai_codex/_message_router.py +++ b/sdk/python/src/openai_codex/_message_router.py @@ -4,6 +4,7 @@ import threading from collections import deque +from ._goal import _GoalOperationState from .errors import CodexError, map_jsonrpc_error from .generated.notification_registry import notification_turn_id from .generated.v2_all import AccountLoginCompletedNotification @@ -30,6 +31,7 @@ def __init__(self) -> None: self._pending_login_notifications: dict[str, deque[Notification]] = {} self._turn_notifications: dict[str, queue.Queue[NotificationQueueItem]] = {} self._pending_turn_notifications: dict[str, deque[Notification]] = {} + self._goal_operations: dict[str, _GoalOperationState] = {} self._global_notifications: queue.Queue[NotificationQueueItem] = queue.Queue() def create_response_waiter(self, request_id: str) -> queue.Queue[ResponseQueueItem]: @@ -116,6 +118,36 @@ def next_turn_notification(self, turn_id: str) -> Notification: raise item return item + def register_goal(self, thread_id: str) -> _GoalOperationState: + """Register one thread-scoped logical goal operation before it starts.""" + state = _GoalOperationState(thread_id=thread_id) + state.activate_turn_routing() + return self._register_goal(state) + + def reserve_goal(self, thread_id: str) -> _GoalOperationState: + """Reserve a thread route without accepting physical turns yet.""" + return self._register_goal(_GoalOperationState(thread_id=thread_id)) + + def _register_goal(self, state: _GoalOperationState) -> _GoalOperationState: + with self._lock: + if state.thread_id in self._goal_operations: + raise RuntimeError( + f"thread {state.thread_id!r} already has an active goal operation" + ) + self._goal_operations[state.thread_id] = state + return state + + def unregister_goal(self, state: _GoalOperationState) -> None: + """Stop routing notifications to a completed logical goal operation.""" + with self._lock: + if self._goal_operations.get(state.thread_id) is state: + self._goal_operations.pop(state.thread_id) + + def has_goal(self, thread_id: str) -> bool: + """Return whether a logical goal operation owns this thread route.""" + with self._lock: + return thread_id in self._goal_operations + def route_response(self, msg: dict[str, JsonValue]) -> None: """Deliver a JSON-RPC response or error to its request waiter.""" @@ -157,6 +189,17 @@ def route_notification(self, notification: Notification) -> None: return turn_id = self._notification_turn_id(notification) + thread_id = self._notification_thread_id(notification) + if thread_id is not None: + with self._lock: + goal_state = self._goal_operations.get(thread_id) + if goal_state is not None and ( + turn_id is not None or notification.method.startswith("thread/goal/") + ): + if goal_state.observe(notification): + if goal_state.is_finished(): + self.unregister_goal(goal_state) + return if turn_id is None: self._global_notifications.put(notification) return @@ -182,6 +225,8 @@ def fail_all(self, exc: BaseException) -> None: self._pending_login_notifications.clear() turn_queues = list(self._turn_notifications.values()) self._pending_turn_notifications.clear() + goal_operations = list(self._goal_operations.values()) + self._goal_operations.clear() # Put the same transport failure into every queue so no SDK call blocks # forever waiting for a response that cannot arrive. for waiter in response_waiters: @@ -190,24 +235,12 @@ def fail_all(self, exc: BaseException) -> None: login_queue.put(exc) for turn_queue in turn_queues: turn_queue.put(exc) + for goal_operation in goal_operations: + goal_operation.fail(exc) self._global_notifications.put(exc) - def _notification_login_id(self, notification: Notification) -> str | None: - """Extract the login attempt id from completion notifications.""" - if notification.method != "account/login/completed": - return None - - payload = notification.payload - if isinstance(payload, AccountLoginCompletedNotification): - return payload.login_id - if isinstance(payload, UnknownNotification): - raw_login_id = payload.params.get("loginId") - if isinstance(raw_login_id, str): - return raw_login_id - return None - def _notification_turn_id(self, notification: Notification) -> str | None: - """Extract routing ids from known generated payloads or raw unknown payloads.""" + """Extract routing ids from generated metadata or raw unknown payloads.""" payload = notification.payload if isinstance(payload, UnknownNotification): raw_turn_id = payload.params.get("turnId") @@ -220,3 +253,26 @@ def _notification_turn_id(self, notification: Notification) -> str | None: return raw_nested_turn_id return None return notification_turn_id(payload) + + def _notification_thread_id(self, notification: Notification) -> str | None: + """Extract thread ids from typed payloads or raw unknown payloads.""" + payload = notification.payload + if isinstance(payload, UnknownNotification): + raw_thread_id = payload.params.get("threadId") + return raw_thread_id if isinstance(raw_thread_id, str) else None + thread_id = getattr(payload, "thread_id", None) + return thread_id if isinstance(thread_id, str) else None + + def _notification_login_id(self, notification: Notification) -> str | None: + """Extract the login attempt id from completion notifications.""" + if notification.method != "account/login/completed": + return None + + payload = notification.payload + if isinstance(payload, AccountLoginCompletedNotification): + return payload.login_id + if isinstance(payload, UnknownNotification): + raw_login_id = payload.params.get("loginId") + if isinstance(raw_login_id, str): + return raw_login_id + return None diff --git a/sdk/python/src/openai_codex/async_client.py b/sdk/python/src/openai_codex/async_client.py index f0b12b99ed4..07e7d0d4053 100644 --- a/sdk/python/src/openai_codex/async_client.py +++ b/sdk/python/src/openai_codex/async_client.py @@ -1,11 +1,14 @@ from __future__ import annotations import asyncio +import threading from collections.abc import Iterator +from concurrent.futures import Future from typing import AsyncIterator, Callable, ParamSpec, TypeVar from pydantic import BaseModel +from ._goal import _GoalOperationState from .client import CodexClient, CodexConfig from .generated.v2_all import ( AccountLoginCompletedNotification, @@ -21,6 +24,9 @@ ThreadCompactStartResponse, ThreadForkParams as V2ThreadForkParams, ThreadForkResponse, + ThreadGoalClearResponse, + ThreadGoalSetResponse, + ThreadGoalStatus, ThreadListParams as V2ThreadListParams, ThreadListResponse, ThreadReadResponse, @@ -107,6 +113,14 @@ def unregister_turn_notifications(self, turn_id: str) -> None: """Unregister a turn notification queue on the wrapped sync client.""" self._sync.unregister_turn_notifications(turn_id) + def register_goal_operation(self, thread_id: str) -> _GoalOperationState: + """Register a logical goal route on the wrapped sync client.""" + return self._sync.register_goal_operation(thread_id) + + def unregister_goal_operation(self, state: _GoalOperationState) -> None: + """Release one logical goal route.""" + self._sync.unregister_goal_operation(state) + async def request( self, method: str, @@ -192,6 +206,81 @@ async def thread_compact(self, thread_id: str) -> ThreadCompactStartResponse: """Start thread compaction using the wrapped sync client.""" return await self._call_sync(self._sync.thread_compact, thread_id) + async def thread_goal_clear(self, thread_id: str) -> ThreadGoalClearResponse: + """Clear the persisted goal through the wrapped sync client.""" + return await self._call_sync(self._sync.thread_goal_clear, thread_id) + + async def thread_goal_set( + self, + thread_id: str, + *, + objective: str | None = None, + status: ThreadGoalStatus | None = None, + ) -> ThreadGoalSetResponse: + """Create or update a persisted goal through the wrapped sync client.""" + return await self._call_sync( + self._sync.thread_goal_set, + thread_id, + objective=objective, + status=status, + ) + + async def pause_goal(self, thread_id: str) -> ThreadGoalSetResponse: + """Pause the active goal through the wrapped sync client.""" + return await self._call_sync(self._sync.pause_goal, thread_id) + + async def cancel_goal_operation(self, state: _GoalOperationState) -> None: + """Stop continuation work after a logical goal operation is cancelled.""" + await self._call_sync(self._sync.cancel_goal_operation, state) + + async def start_goal_operation( + self, + thread_id: str, + objective: str, + ) -> tuple[_GoalOperationState, str]: + """Start a logical goal through the wrapped sync client.""" + operation: Future[tuple[_GoalOperationState, str]] = Future() + + def start_operation() -> None: + try: + operation.set_result(self._sync.start_goal_operation(thread_id, objective)) + except BaseException as exc: + operation.set_exception(exc) + + worker = threading.Thread( + target=start_operation, + name="codex-goal-start", + daemon=True, + ) + worker.start() + try: + return await asyncio.shield(asyncio.wrap_future(operation)) + except asyncio.CancelledError: + + def cleanup_cancelled_start( + completed: Future[tuple[_GoalOperationState, str]], + ) -> None: + try: + state, _ = completed.result() + except BaseException: + return + + def stop_cancelled_goal() -> None: + try: + self._sync.cancel_goal_operation(state) + finally: + state.finish() + self._sync.unregister_goal_operation(state) + + threading.Thread( + target=stop_cancelled_goal, + name="codex-goal-start-cleanup", + daemon=True, + ).start() + + operation.add_done_callback(cleanup_cancelled_start) + raise + async def turn_start( self, thread_id: str, @@ -256,6 +345,10 @@ async def next_turn_notification(self, turn_id: str) -> Notification: """Wait for the next notification routed to one turn.""" return await self._call_sync(self._sync.next_turn_notification, turn_id) + async def next_goal_notification(self, state: _GoalOperationState) -> Notification: + """Wait for the next notification in a logical goal turn.""" + return await self._call_sync(self._sync.next_goal_notification, state) + async def wait_for_login_completed( self, login_id: str, diff --git a/sdk/python/src/openai_codex/client.py b/sdk/python/src/openai_codex/client.py index 9951d6d1f3f..ab5390ae52b 100644 --- a/sdk/python/src/openai_codex/client.py +++ b/sdk/python/src/openai_codex/client.py @@ -1,18 +1,22 @@ import json import os +import re import subprocess import threading import uuid +from _thread import LockType from collections import deque -from dataclasses import dataclass +from contextlib import contextmanager +from dataclasses import dataclass, field from pathlib import Path from typing import Callable, Iterator, TypeVar from pydantic import BaseModel +from ._goal import _GoalOperationState from ._message_router import MessageRouter from ._version import __version__ as SDK_VERSION -from .errors import CodexError, TransportClosedError +from .errors import CodexError, InvalidRequestError, TransportClosedError from .generated.notification_registry import NOTIFICATION_MODELS from .generated.v2_all import ( AccountLoginCompletedNotification, @@ -22,6 +26,7 @@ ChatgptLoginAccountResponse, GetAccountParams as V2GetAccountParams, GetAccountResponse, + IdleThreadStatus, LoginAccountParams as V2LoginAccountParams, LoginAccountResponse, LogoutAccountResponse, @@ -30,6 +35,9 @@ ThreadCompactStartResponse, ThreadForkParams as V2ThreadForkParams, ThreadForkResponse, + ThreadGoalClearResponse, + ThreadGoalSetResponse, + ThreadGoalStatus, ThreadListParams as V2ThreadListParams, ThreadListResponse, ThreadReadResponse, @@ -57,6 +65,18 @@ ModelT = TypeVar("ModelT", bound=BaseModel) ApprovalHandler = Callable[[str, JsonObject | None], JsonObject] RUNTIME_PKG_NAME = "openai-codex-cli-bin" +_GOAL_START_TIMEOUT_S = 30.0 + + +@dataclass(slots=True) +class _ThreadStartLock: + lock: LockType = field(default_factory=threading.Lock) + users: int = 0 + + +def _active_turn_id_from_error(exc: InvalidRequestError) -> str | None: + match = re.search(r" but found `?([^`]+)`?$", exc.message) + return match.group(1) if match is not None else None def _params_dict( @@ -201,6 +221,8 @@ def __init__( self._approval_handler = approval_handler or self._default_approval_handler self._proc: subprocess.Popen[str] | None = None self._lock = threading.Lock() + self._thread_start_locks_guard = threading.Lock() + self._thread_start_locks: dict[str, _ThreadStartLock] = {} self._router = MessageRouter() self._stderr_lines: deque[str] = deque(maxlen=400) self._stderr_thread: threading.Thread | None = None @@ -352,6 +374,22 @@ def next_turn_notification(self, turn_id: str) -> Notification: """Return the next routed notification for the requested turn id.""" return self._router.next_turn_notification(turn_id) + def register_goal_operation(self, thread_id: str) -> _GoalOperationState: + """Register a private thread-scoped route for a logical goal turn.""" + return self._router.register_goal(thread_id) + + def reserve_goal_operation(self, thread_id: str) -> _GoalOperationState: + """Reserve a private thread route before replacing its stored goal.""" + return self._router.reserve_goal(thread_id) + + def unregister_goal_operation(self, state: _GoalOperationState) -> None: + """Release routing state for one logical goal turn.""" + self._router.unregister_goal(state) + + def next_goal_notification(self, state: _GoalOperationState) -> Notification: + """Wait for the next notification in a logical goal turn.""" + return state.next_notification() + def account_login_start( self, params: V2LoginAccountParams | JsonObject, @@ -452,6 +490,115 @@ def thread_compact(self, thread_id: str) -> ThreadCompactStartResponse: response_model=ThreadCompactStartResponse, ) + def thread_goal_clear(self, thread_id: str) -> ThreadGoalClearResponse: + """Clear the persisted goal for a thread before replacing it.""" + return self.request( + "thread/goal/clear", + {"threadId": thread_id}, + response_model=ThreadGoalClearResponse, + ) + + def thread_goal_set( + self, + thread_id: str, + *, + objective: str | None = None, + status: ThreadGoalStatus | None = None, + ) -> ThreadGoalSetResponse: + """Create or update the persisted goal for a thread.""" + payload: JsonObject = {"threadId": thread_id} + if objective is not None: + payload["objective"] = objective + if status is not None: + payload["status"] = status.value + return self.request( + "thread/goal/set", + payload, + response_model=ThreadGoalSetResponse, + ) + + def pause_goal(self, thread_id: str) -> ThreadGoalSetResponse: + """Pause the active goal used by a logical goal turn.""" + return self.thread_goal_set(thread_id, status=ThreadGoalStatus.paused) + + def cancel_goal_operation(self, state: _GoalOperationState) -> None: + """Best-effort cleanup after a logical goal operation is cancelled.""" + try: + self.pause_goal(state.thread_id) + except Exception: + pass + self._interrupt_goal_operation(state) + + def _interrupt_goal_operation(self, state: _GoalOperationState) -> None: + turn_id = state.turn_for_interrupt() + if turn_id is None: + return + try: + self.turn_interrupt(state.thread_id, turn_id) + except InvalidRequestError as exc: + if not exc.message.startswith("expected active turn id"): + return + next_turn_id = _active_turn_id_from_error(exc) or state.current_turn() + if next_turn_id is None or next_turn_id == turn_id: + return + try: + self.turn_interrupt(state.thread_id, next_turn_id) + except Exception: + pass + except Exception: + pass + + def start_goal_operation( + self, + thread_id: str, + objective: str, + ) -> tuple[_GoalOperationState, str]: + """Start a logical goal and wait for its runtime-generated first turn.""" + with self._thread_start_lock(thread_id): + return self._start_goal_operation(thread_id, objective) + + def _start_goal_operation( + self, + thread_id: str, + objective: str, + ) -> tuple[_GoalOperationState, str]: + thread = self.thread_read(thread_id).thread + if not isinstance(thread.status.root, IdleThreadStatus): + raise InvalidRequestError( + -32600, + f"thread must be idle before starting a goal: {thread_id}", + ) + if thread.ephemeral or thread.path is None: + raise InvalidRequestError( + -32600, + f"thread must be persisted before starting a goal: {thread_id}", + ) + + state = self.reserve_goal_operation(thread_id) + activated = False + try: + self.thread_goal_clear(thread_id) + state.activate_turn_routing() + self.thread_goal_set( + thread_id, + objective=objective, + status=ThreadGoalStatus.active, + ) + activated = True + turn_id = state.wait_for_start(_GOAL_START_TIMEOUT_S) + if turn_id is None: + raise CodexError( + "timed out waiting for goal turn to start after " + f"{int(_GOAL_START_TIMEOUT_S)} seconds" + ) + return state, turn_id + except BaseException as exc: + if activated or not isinstance(exc, InvalidRequestError): + self.cancel_goal_operation(state) + state.finish() + self.unregister_goal_operation(state) + raise + def turn_start( self, thread_id: str, @@ -459,14 +606,37 @@ def turn_start( params: V2TurnStartParams | JsonObject | None = None, ) -> TurnStartResponse: """Start a turn and register its notification queue as early as possible.""" - payload = { - **_params_dict(params), - "threadId": thread_id, - "input": self._normalize_input_items(input_items), - } - started = self.request("turn/start", payload, response_model=TurnStartResponse) - self.register_turn_notifications(started.turn.id) - return started + with self._thread_start_lock(thread_id): + if self._router.has_goal(thread_id): + raise InvalidRequestError( + -32600, + f"thread has an active goal operation: {thread_id}", + ) + payload = { + **_params_dict(params), + "threadId": thread_id, + "input": self._normalize_input_items(input_items), + } + started = self.request("turn/start", payload, response_model=TurnStartResponse) + self.register_turn_notifications(started.turn.id) + return started + + @contextmanager + def _thread_start_lock(self, thread_id: str) -> Iterator[None]: + with self._thread_start_locks_guard: + entry = self._thread_start_locks.get(thread_id) + if entry is None: + entry = _ThreadStartLock() + self._thread_start_locks[thread_id] = entry + entry.users += 1 + try: + with entry.lock: + yield + finally: + with self._thread_start_locks_guard: + entry.users -= 1 + if entry.users == 0: + self._thread_start_locks.pop(thread_id, None) def turn_interrupt(self, thread_id: str, turn_id: str) -> TurnInterruptResponse: return self.request( diff --git a/sdk/python/src/openai_codex/models.py b/sdk/python/src/openai_codex/models.py index 70c61d44cdc..d9d15dc684e 100644 --- a/sdk/python/src/openai_codex/models.py +++ b/sdk/python/src/openai_codex/models.py @@ -27,6 +27,8 @@ ReasoningSummaryTextDeltaNotification, ReasoningTextDeltaNotification, TerminalInteractionNotification, + ThreadGoalClearedNotification, + ThreadGoalUpdatedNotification, ThreadNameUpdatedNotification, ThreadStartedNotification, ThreadTokenUsageUpdatedNotification, @@ -70,6 +72,8 @@ class UnknownNotification: | ReasoningTextDeltaNotification | TerminalInteractionNotification | ThreadNameUpdatedNotification + | ThreadGoalClearedNotification + | ThreadGoalUpdatedNotification | ThreadStartedNotification | ThreadTokenUsageUpdatedNotification | TurnCompletedNotification diff --git a/sdk/python/tests/test_app_server_goal_operations.py b/sdk/python/tests/test_app_server_goal_operations.py new file mode 100644 index 00000000000..c280c7522c3 --- /dev/null +++ b/sdk/python/tests/test_app_server_goal_operations.py @@ -0,0 +1,90 @@ +from app_server_harness import ( + AppServerHarness, + ev_assistant_message, + ev_completed, + ev_function_call, + ev_response_created, + sse, +) +from app_server_helpers import agent_message_texts + +from openai_codex import Codex +from openai_codex._goal import _GoalNotificationStream +from openai_codex._run import _collect_turn_result +from openai_codex.generated.notification_registry import notification_turn_id +from openai_codex.generated.v2_all import TurnStatus + + +def test_private_goal_operation_coalesces_runtime_continuations(tmp_path) -> None: + """The private engine should expose automatic continuations as one turn.""" + with AppServerHarness(tmp_path) as harness: + harness.responses.enqueue_assistant_message( + "Initial pass complete.", + response_id="goal-initial", + ) + harness.responses.enqueue_sse( + sse( + [ + ev_response_created("goal-complete-tool"), + ev_function_call( + "call-goal-complete", + "update_goal", + '{"status":"complete"}', + ), + ev_completed("goal-complete-tool"), + ] + ) + ) + harness.responses.enqueue_sse( + sse( + [ + ev_response_created("goal-final"), + ev_assistant_message("msg-goal-final", "Goal complete."), + ev_completed("goal-final"), + ] + ) + ) + + with Codex(config=harness.app_server_config()) as codex: + thread = codex.thread_start() + state, turn_id = codex._client.start_goal_operation( # noqa: SLF001 + thread.id, + "Improve benchmark coverage", + ) + stream = _GoalNotificationStream( + state, + state.next_notification, + lambda: codex._client.unregister_goal_operation(state), # noqa: SLF001 + lambda: codex._client.cancel_goal_operation(state), # noqa: SLF001 + ) + events = list(stream) + result = _collect_turn_result(iter(events), turn_id=turn_id) + routes = codex._client._router._goal_operations.copy() # noqa: SLF001 + requests = harness.responses.wait_for_requests(3) + + lifecycle = [event.method for event in events if event.method.startswith("turn/")] + routed_ids = [ + routed_id + for event in events + if (routed_id := notification_turn_id(event.payload)) is not None + ] + assert { + "lifecycle": lifecycle, + "routed_ids": routed_ids, + "result": (result.id, result.status, result.final_response), + "messages": agent_message_texts(events), + "request_count": len(requests), + "objective_reached_model": ( + "\nImprove benchmark coverage\n" + in "\n".join(requests[0].message_input_texts("user")) + ), + "routes_after_completion": routes, + } == { + "lifecycle": ["turn/started", "turn/completed"], + "routed_ids": [turn_id] * len(routed_ids), + "result": (turn_id, TurnStatus.completed, "Goal complete."), + "messages": ["Initial pass complete.", "Goal complete."], + "request_count": 3, + "objective_reached_model": True, + "routes_after_completion": {}, + } diff --git a/sdk/python/tests/test_client_rpc_methods.py b/sdk/python/tests/test_client_rpc_methods.py index 73fdd452ffa..15be24f3b49 100644 --- a/sdk/python/tests/test_client_rpc_methods.py +++ b/sdk/python/tests/test_client_rpc_methods.py @@ -185,6 +185,32 @@ def test_turn_notification_router_demuxes_registered_turns() -> None: ] +def test_goal_notification_router_routes_by_thread_id() -> None: + """A goal operation should receive turn notifications across physical turn ids.""" + client = CodexClient() + state = client.register_goal_operation("thread-1") + + client._router.route_notification( + client._coerce_notification( + "item/agentMessage/delta", + { + "delta": "continued", + "itemId": "item-1", + "threadId": "thread-1", + "turnId": "turn-2", + }, + ) + ) + + event = client.next_goal_notification(state) + + assert isinstance(event.payload, AgentMessageDeltaNotification) + assert (event.method, event.payload.delta) == ( + "item/agentMessage/delta", + "continued", + ) + + def test_client_reader_routes_interleaved_turn_notifications_by_turn_id() -> None: """Reader-loop routing should preserve order within each interleaved turn stream.""" client = CodexClient() diff --git a/third_party/v8/BUILD.bazel b/third_party/v8/BUILD.bazel index 459d935854f..425d81ea85f 100644 --- a/third_party/v8/BUILD.bazel +++ b/third_party/v8/BUILD.bazel @@ -30,26 +30,26 @@ config_setting( ) alias( - name = "v8_147_4_0_x86_64_pc_windows_msvc", - actual = "@rusty_v8_147_4_0_x86_64_pc_windows_msvc_archive//file", + name = "v8_149_2_0_x86_64_pc_windows_msvc", + actual = "@rusty_v8_149_2_0_x86_64_pc_windows_msvc_archive//file", ) alias( - name = "v8_147_4_0_aarch64_pc_windows_msvc", - actual = "@rusty_v8_147_4_0_aarch64_pc_windows_msvc_archive//file", + name = "v8_149_2_0_aarch64_pc_windows_msvc", + actual = "@rusty_v8_149_2_0_aarch64_pc_windows_msvc_archive//file", ) alias( - name = "v8_147_4_0_aarch64_pc_windows_gnullvm", + name = "v8_149_2_0_aarch64_pc_windows_gnullvm", # `rusty_v8` only ships prebuilt Windows archives for MSVC. Build the # GNU-flavored archive in-tree so windows-gnullvm consumers can link # against a matching ABI instead of trying to reuse the MSVC release. - actual = ":v8_147_4_0_aarch64_pc_windows_gnullvm_bazel", + actual = ":v8_149_2_0_aarch64_pc_windows_gnullvm_bazel", ) alias( - name = "v8_147_4_0_x86_64_pc_windows_gnullvm", - actual = ":v8_147_4_0_x86_64_pc_windows_gnullvm_bazel", + name = "v8_149_2_0_x86_64_pc_windows_gnullvm", + actual = ":v8_149_2_0_x86_64_pc_windows_gnullvm_bazel", ) filegroup( @@ -73,50 +73,50 @@ filegroup( ) alias( - name = "src_binding_release_x86_64_pc_windows_gnullvm_147_4_0_release", + name = "src_binding_release_x86_64_pc_windows_gnullvm_149_2_0_release", # `rusty_v8` does not publish a Windows GNU binding file. The generated # binding only describes this V8 release's C++ API surface, so reuse the # Linux release binding while the windows-gnullvm archive build is still # experimental. - actual = ":src_binding_release_x86_64_unknown_linux_gnu_147_4_0_release", + actual = ":src_binding_release_x86_64_unknown_linux_gnu_149_2_0_release", ) alias( - name = "src_binding_release_aarch64_pc_windows_gnullvm_147_4_0_release", - actual = ":src_binding_release_aarch64_unknown_linux_gnu_147_4_0_release", + name = "src_binding_release_aarch64_pc_windows_gnullvm_149_2_0_release", + actual = ":src_binding_release_aarch64_unknown_linux_gnu_149_2_0_release", ) alias( name = "rusty_v8_archive_for_target", actual = select({ - "@rules_rs//rs/experimental/platforms/config:aarch64-apple-darwin": ":v8_147_4_0_aarch64_apple_darwin_bazel", - "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-gnullvm": ":v8_147_4_0_aarch64_pc_windows_gnullvm", - "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-msvc": ":v8_147_4_0_aarch64_pc_windows_msvc", - "@rules_rs//rs/experimental/platforms/config:aarch64-unknown-linux-gnu": ":v8_147_4_0_aarch64_unknown_linux_gnu_bazel", - ":platform_aarch64_unknown_linux_musl": ":v8_147_4_0_aarch64_unknown_linux_musl_release_base", - "@rules_rs//rs/experimental/platforms/config:x86_64-apple-darwin": ":v8_147_4_0_x86_64_apple_darwin_bazel", - "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-gnullvm": ":v8_147_4_0_x86_64_pc_windows_gnullvm", - "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-msvc": ":v8_147_4_0_x86_64_pc_windows_msvc", - "@rules_rs//rs/experimental/platforms/config:x86_64-unknown-linux-gnu": ":v8_147_4_0_x86_64_unknown_linux_gnu_bazel", - ":platform_x86_64_unknown_linux_musl": ":v8_147_4_0_x86_64_unknown_linux_musl_release", - "//conditions:default": ":v8_147_4_0_x86_64_unknown_linux_gnu_bazel", + "@rules_rs//rs/experimental/platforms/config:aarch64-apple-darwin": ":v8_149_2_0_aarch64_apple_darwin_bazel", + "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-gnullvm": ":v8_149_2_0_aarch64_pc_windows_gnullvm", + "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-msvc": ":v8_149_2_0_aarch64_pc_windows_msvc", + "@rules_rs//rs/experimental/platforms/config:aarch64-unknown-linux-gnu": ":v8_149_2_0_aarch64_unknown_linux_gnu_bazel", + ":platform_aarch64_unknown_linux_musl": ":v8_149_2_0_aarch64_unknown_linux_musl_release_base", + "@rules_rs//rs/experimental/platforms/config:x86_64-apple-darwin": ":v8_149_2_0_x86_64_apple_darwin_bazel", + "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-gnullvm": ":v8_149_2_0_x86_64_pc_windows_gnullvm", + "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-msvc": ":v8_149_2_0_x86_64_pc_windows_msvc", + "@rules_rs//rs/experimental/platforms/config:x86_64-unknown-linux-gnu": ":v8_149_2_0_x86_64_unknown_linux_gnu_bazel", + ":platform_x86_64_unknown_linux_musl": ":v8_149_2_0_x86_64_unknown_linux_musl_release", + "//conditions:default": ":v8_149_2_0_x86_64_unknown_linux_gnu_bazel", }), ) alias( name = "rusty_v8_binding_for_target", actual = select({ - "@rules_rs//rs/experimental/platforms/config:aarch64-apple-darwin": ":src_binding_release_aarch64_apple_darwin_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-gnullvm": ":src_binding_release_aarch64_pc_windows_gnullvm_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-msvc": ":src_binding_release_aarch64_pc_windows_msvc_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:aarch64-unknown-linux-gnu": ":src_binding_release_aarch64_unknown_linux_gnu_147_4_0_release", - ":platform_aarch64_unknown_linux_musl": ":src_binding_release_aarch64_unknown_linux_musl_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:x86_64-apple-darwin": ":src_binding_release_x86_64_apple_darwin_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-gnullvm": ":src_binding_release_x86_64_pc_windows_gnullvm_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-msvc": ":src_binding_release_x86_64_pc_windows_msvc_147_4_0_release", - "@rules_rs//rs/experimental/platforms/config:x86_64-unknown-linux-gnu": ":src_binding_release_x86_64_unknown_linux_gnu_147_4_0_release", - ":platform_x86_64_unknown_linux_musl": ":src_binding_release_x86_64_unknown_linux_musl_147_4_0_release", - "//conditions:default": ":src_binding_release_x86_64_unknown_linux_gnu_147_4_0_release", + "@rules_rs//rs/experimental/platforms/config:aarch64-apple-darwin": ":src_binding_release_aarch64_apple_darwin_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-gnullvm": ":src_binding_release_aarch64_pc_windows_gnullvm_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:aarch64-pc-windows-msvc": ":src_binding_release_aarch64_pc_windows_msvc_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:aarch64-unknown-linux-gnu": ":src_binding_release_aarch64_unknown_linux_gnu_149_2_0_release", + ":platform_aarch64_unknown_linux_musl": ":src_binding_release_aarch64_unknown_linux_musl_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:x86_64-apple-darwin": ":src_binding_release_x86_64_apple_darwin_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-gnullvm": ":src_binding_release_x86_64_pc_windows_gnullvm_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:x86_64-pc-windows-msvc": ":src_binding_release_x86_64_pc_windows_msvc_149_2_0_release", + "@rules_rs//rs/experimental/platforms/config:x86_64-unknown-linux-gnu": ":src_binding_release_x86_64_unknown_linux_gnu_149_2_0_release", + ":platform_x86_64_unknown_linux_musl": ":src_binding_release_x86_64_unknown_linux_musl_149_2_0_release", + "//conditions:default": ":src_binding_release_x86_64_unknown_linux_gnu_149_2_0_release", }), ) @@ -202,51 +202,51 @@ cc_library( ) genrule( - name = "binding_cc_147_4_0", - srcs = ["@v8_crate_147_4_0//:binding_cc"], - outs = ["binding_147_4_0.cc"], + name = "binding_cc_149_2_0", + srcs = ["@v8_crate_149_2_0//:binding_cc"], + outs = ["binding_149_2_0.cc"], cmd = " ".join([ "sed", "-e '/#include \"v8\\/src\\/flags\\/flags.h\"/d'", "-e 's|\"v8/src/libplatform/default-platform.h\"|\"src/libplatform/default-platform.h\"|'", - "-e 's|#include \"support.h\"|#include \"support_147_4_0.h\"|'", + "-e 's|#include \"support.h\"|#include \"support_149_2_0.h\"|'", "-e 's| namespace i = v8::internal;| (void)usage;|'", "-e '/using HelpOptions = i::FlagList::HelpOptions;/d'", "-e '/HelpOptions help_options = HelpOptions(HelpOptions::kExit, usage);/d'", "-e 's| i::FlagList::SetFlagsFromCommandLine(argc, argv, true, help_options);| v8::V8::SetFlagsFromCommandLine(argc, argv, true);|'", - "$(location @v8_crate_147_4_0//:binding_cc)", + "$(location @v8_crate_149_2_0//:binding_cc)", ">", '"$@"', ]), ) genrule( - name = "crdtp_binding_cc_147_4_0", - srcs = ["@v8_crate_147_4_0//:crdtp_binding_cc"], - outs = ["crdtp_binding_147_4_0.cc"], + name = "crdtp_binding_cc_149_2_0", + srcs = ["@v8_crate_149_2_0//:crdtp_binding_cc"], + outs = ["crdtp_binding_149_2_0.cc"], cmd = " ".join([ "sed", - "-e 's|#include \"support.h\"|#include \"support_147_4_0.h\"|'", + "-e 's|#include \"support.h\"|#include \"support_149_2_0.h\"|'", "-e 's|\"v8/third_party/inspector_protocol/|\"third_party/inspector_protocol/|g'", - "$(location @v8_crate_147_4_0//:crdtp_binding_cc)", + "$(location @v8_crate_149_2_0//:crdtp_binding_cc)", ">", '"$@"', ]), ) copy_file( - name = "support_h_147_4_0", - src = "@v8_crate_147_4_0//:support_h", - out = "support_147_4_0.h", + name = "support_h_149_2_0", + src = "@v8_crate_149_2_0//:support_h", + out = "support_149_2_0.h", ) cc_library( - name = "v8_147_4_0_binding", + name = "v8_149_2_0_binding", srcs = [ - ":binding_cc_147_4_0", - ":crdtp_binding_cc_147_4_0", + ":binding_cc_149_2_0", + ":crdtp_binding_cc_149_2_0", ], - hdrs = [":support_h_147_4_0"], + hdrs = [":support_h_149_2_0"], copts = V8_COPTS + V8_CUSTOM_LIBCXX_COPTS, deps = [ "@v8//:core_lib_icu", @@ -343,53 +343,53 @@ filegroup( ) cc_static_library( - name = "v8_147_4_0_aarch64_apple_darwin_bazel", + name = "v8_149_2_0_aarch64_apple_darwin_bazel", deps = [ ":rusty_v8_custom_libcxx_runtime", - ":v8_147_4_0_binding", + ":v8_149_2_0_binding", ], features = V8_STATIC_LIBRARY_FEATURES, ) cc_static_library( - name = "v8_147_4_0_aarch64_unknown_linux_gnu_bazel", + name = "v8_149_2_0_aarch64_unknown_linux_gnu_bazel", deps = [ ":rusty_v8_custom_libcxx_runtime", - ":v8_147_4_0_binding", + ":v8_149_2_0_binding", ], features = V8_STATIC_LIBRARY_FEATURES, ) cc_static_library( - name = "v8_147_4_0_aarch64_pc_windows_gnullvm_bazel", - deps = [":v8_147_4_0_binding"], + name = "v8_149_2_0_aarch64_pc_windows_gnullvm_bazel", + deps = [":v8_149_2_0_binding"], features = V8_STATIC_LIBRARY_FEATURES, ) cc_static_library( - name = "v8_147_4_0_aarch64_unknown_linux_musl_release_base", + name = "v8_149_2_0_aarch64_unknown_linux_musl_release_base", deps = [ ":rusty_v8_custom_libcxx_runtime", - ":v8_147_4_0_binding", + ":v8_149_2_0_binding", ], features = V8_STATIC_LIBRARY_FEATURES, ) genrule( - name = "v8_147_4_0_aarch64_unknown_linux_musl_release", + name = "v8_149_2_0_aarch64_unknown_linux_musl_release", srcs = [ - ":v8_147_4_0_aarch64_unknown_linux_musl_release_base", + ":v8_149_2_0_aarch64_unknown_linux_musl_release_base", "@llvm//runtimes/compiler-rt:clang_rt.builtins.static", ], tools = [ "@llvm//tools:llvm-ar", "@llvm//tools:llvm-ranlib", ], - outs = ["libv8_147_4_0_aarch64_unknown_linux_musl.a"], + outs = ["libv8_149_2_0_aarch64_unknown_linux_musl.a"], cmd = """ cat > "$(@D)/merge.mri" <<'EOF' create $@ -addlib $(location :v8_147_4_0_aarch64_unknown_linux_musl_release_base) +addlib $(location :v8_149_2_0_aarch64_unknown_linux_musl_release_base) addlib $(location @llvm//runtimes/compiler-rt:clang_rt.builtins.static) save end @@ -400,186 +400,186 @@ EOF ) cc_static_library( - name = "v8_147_4_0_x86_64_apple_darwin_bazel", + name = "v8_149_2_0_x86_64_apple_darwin_bazel", deps = [ ":rusty_v8_custom_libcxx_runtime", - ":v8_147_4_0_binding", + ":v8_149_2_0_binding", ], features = V8_STATIC_LIBRARY_FEATURES, ) cc_static_library( - name = "v8_147_4_0_x86_64_unknown_linux_gnu_bazel", + name = "v8_149_2_0_x86_64_unknown_linux_gnu_bazel", deps = [ ":rusty_v8_custom_libcxx_runtime", - ":v8_147_4_0_binding", + ":v8_149_2_0_binding", ], features = V8_STATIC_LIBRARY_FEATURES, ) cc_static_library( - name = "v8_147_4_0_x86_64_pc_windows_gnullvm_bazel", - deps = [":v8_147_4_0_binding"], + name = "v8_149_2_0_x86_64_pc_windows_gnullvm_bazel", + deps = [":v8_149_2_0_binding"], features = V8_STATIC_LIBRARY_FEATURES, ) cc_static_library( - name = "v8_147_4_0_x86_64_unknown_linux_musl_release", + name = "v8_149_2_0_x86_64_unknown_linux_musl_release", deps = [ ":rusty_v8_custom_libcxx_runtime", - ":v8_147_4_0_binding", + ":v8_149_2_0_binding", ], features = V8_STATIC_LIBRARY_FEATURES, ) filegroup( - name = "src_binding_release_aarch64_apple_darwin_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_aarch64_apple_darwin"], + name = "src_binding_release_aarch64_apple_darwin_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_aarch64_apple_darwin"], ) filegroup( - name = "src_binding_release_x86_64_apple_darwin_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_x86_64_apple_darwin"], + name = "src_binding_release_x86_64_apple_darwin_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_x86_64_apple_darwin"], ) filegroup( - name = "src_binding_release_aarch64_unknown_linux_gnu_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_aarch64_unknown_linux_gnu"], + name = "src_binding_release_aarch64_unknown_linux_gnu_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_aarch64_unknown_linux_gnu"], ) filegroup( - name = "src_binding_release_x86_64_unknown_linux_gnu_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_x86_64_unknown_linux_gnu"], + name = "src_binding_release_x86_64_unknown_linux_gnu_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_x86_64_unknown_linux_gnu"], ) filegroup( - name = "src_binding_release_aarch64_unknown_linux_musl_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_aarch64_unknown_linux_gnu"], + name = "src_binding_release_aarch64_unknown_linux_musl_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_aarch64_unknown_linux_gnu"], ) filegroup( - name = "src_binding_release_x86_64_unknown_linux_musl_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_x86_64_unknown_linux_gnu"], + name = "src_binding_release_x86_64_unknown_linux_musl_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_x86_64_unknown_linux_gnu"], ) filegroup( - name = "src_binding_release_aarch64_pc_windows_msvc_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_aarch64_pc_windows_msvc"], + name = "src_binding_release_aarch64_pc_windows_msvc_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_aarch64_pc_windows_msvc"], ) filegroup( - name = "src_binding_release_x86_64_pc_windows_msvc_147_4_0_release", - srcs = ["@v8_crate_147_4_0//:src_binding_release_x86_64_pc_windows_msvc"], + name = "src_binding_release_x86_64_pc_windows_msvc_149_2_0_release", + srcs = ["@v8_crate_149_2_0//:src_binding_release_x86_64_pc_windows_msvc"], ) filegroup( name = "rusty_v8_release_pair_x86_64_apple_darwin", srcs = [ - ":v8_147_4_0_x86_64_apple_darwin_bazel", - ":src_binding_release_x86_64_apple_darwin_147_4_0_release", + ":v8_149_2_0_x86_64_apple_darwin_bazel", + ":src_binding_release_x86_64_apple_darwin_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_aarch64_apple_darwin", srcs = [ - ":v8_147_4_0_aarch64_apple_darwin_bazel", - ":src_binding_release_aarch64_apple_darwin_147_4_0_release", + ":v8_149_2_0_aarch64_apple_darwin_bazel", + ":src_binding_release_aarch64_apple_darwin_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_x86_64_unknown_linux_gnu", srcs = [ - ":v8_147_4_0_x86_64_unknown_linux_gnu_bazel", - ":src_binding_release_x86_64_unknown_linux_gnu_147_4_0_release", + ":v8_149_2_0_x86_64_unknown_linux_gnu_bazel", + ":src_binding_release_x86_64_unknown_linux_gnu_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_aarch64_unknown_linux_gnu", srcs = [ - ":v8_147_4_0_aarch64_unknown_linux_gnu_bazel", - ":src_binding_release_aarch64_unknown_linux_gnu_147_4_0_release", + ":v8_149_2_0_aarch64_unknown_linux_gnu_bazel", + ":src_binding_release_aarch64_unknown_linux_gnu_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_x86_64_unknown_linux_musl", srcs = [ - ":v8_147_4_0_x86_64_unknown_linux_musl_release", - ":src_binding_release_x86_64_unknown_linux_musl_147_4_0_release", + ":v8_149_2_0_x86_64_unknown_linux_musl_release", + ":src_binding_release_x86_64_unknown_linux_musl_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_aarch64_unknown_linux_musl", srcs = [ - ":v8_147_4_0_aarch64_unknown_linux_musl_release", - ":src_binding_release_aarch64_unknown_linux_musl_147_4_0_release", + ":v8_149_2_0_aarch64_unknown_linux_musl_release", + ":src_binding_release_aarch64_unknown_linux_musl_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_x86_64_pc_windows_msvc", srcs = [ - ":v8_147_4_0_x86_64_pc_windows_msvc", - ":src_binding_release_x86_64_pc_windows_msvc_147_4_0_release", + ":v8_149_2_0_x86_64_pc_windows_msvc", + ":src_binding_release_x86_64_pc_windows_msvc_149_2_0_release", ], ) filegroup( name = "rusty_v8_release_pair_aarch64_pc_windows_msvc", srcs = [ - ":v8_147_4_0_aarch64_pc_windows_msvc", - ":src_binding_release_aarch64_pc_windows_msvc_147_4_0_release", + ":v8_149_2_0_aarch64_pc_windows_msvc", + ":src_binding_release_aarch64_pc_windows_msvc_149_2_0_release", ], ) filegroup( name = "rusty_v8_sandbox_release_pair_x86_64_apple_darwin", srcs = [ - ":v8_147_4_0_x86_64_apple_darwin_bazel", - ":src_binding_release_x86_64_apple_darwin_147_4_0_release", + ":v8_149_2_0_x86_64_apple_darwin_bazel", + ":src_binding_release_x86_64_apple_darwin_149_2_0_release", ], ) filegroup( name = "rusty_v8_sandbox_release_pair_aarch64_apple_darwin", srcs = [ - ":v8_147_4_0_aarch64_apple_darwin_bazel", - ":src_binding_release_aarch64_apple_darwin_147_4_0_release", + ":v8_149_2_0_aarch64_apple_darwin_bazel", + ":src_binding_release_aarch64_apple_darwin_149_2_0_release", ], ) filegroup( name = "rusty_v8_sandbox_release_pair_x86_64_unknown_linux_gnu", srcs = [ - ":v8_147_4_0_x86_64_unknown_linux_gnu_bazel", - ":src_binding_release_x86_64_unknown_linux_gnu_147_4_0_release", + ":v8_149_2_0_x86_64_unknown_linux_gnu_bazel", + ":src_binding_release_x86_64_unknown_linux_gnu_149_2_0_release", ], ) filegroup( name = "rusty_v8_sandbox_release_pair_aarch64_unknown_linux_gnu", srcs = [ - ":v8_147_4_0_aarch64_unknown_linux_gnu_bazel", - ":src_binding_release_aarch64_unknown_linux_gnu_147_4_0_release", + ":v8_149_2_0_aarch64_unknown_linux_gnu_bazel", + ":src_binding_release_aarch64_unknown_linux_gnu_149_2_0_release", ], ) filegroup( name = "rusty_v8_sandbox_release_pair_x86_64_unknown_linux_musl", srcs = [ - ":v8_147_4_0_x86_64_unknown_linux_musl_release", - ":src_binding_release_x86_64_unknown_linux_musl_147_4_0_release", + ":v8_149_2_0_x86_64_unknown_linux_musl_release", + ":src_binding_release_x86_64_unknown_linux_musl_149_2_0_release", ], ) filegroup( name = "rusty_v8_sandbox_release_pair_aarch64_unknown_linux_musl", srcs = [ - ":v8_147_4_0_aarch64_unknown_linux_musl_release", - ":src_binding_release_aarch64_unknown_linux_musl_147_4_0_release", + ":v8_149_2_0_aarch64_unknown_linux_musl_release", + ":src_binding_release_aarch64_unknown_linux_musl_149_2_0_release", ], ) diff --git a/third_party/v8/README.md b/third_party/v8/README.md index 8b512ecb19d..4e1c022b98c 100644 --- a/third_party/v8/README.md +++ b/third_party/v8/README.md @@ -5,23 +5,21 @@ Bazel consumer builds use: - upstream `denoland/rusty_v8` release archives on Windows MSVC - source-built V8 archives on Darwin, GNU Linux, musl Linux, and Windows GNU -- `openai/codex` release assets for published musl release pairs -Cargo builds still use prebuilt `rusty_v8` archives by default. Only Bazel -overrides `RUSTY_V8_ARCHIVE`/`RUSTY_V8_SRC_BINDING_PATH` in `MODULE.bazel` to -select source-built local archives for its consumer builds. +Local Cargo builds still use upstream prebuilt `rusty_v8` archives by default. +Selected Cargo CI, release, and package builds override +`RUSTY_V8_ARCHIVE`/`RUSTY_V8_SRC_BINDING_PATH` with Codex release assets. Bazel +sets those variables independently in `MODULE.bazel` to select source-built +local archives and bindings for its consumer builds. -Source-built Bazel V8 artifacts enable V8's in-process sandbox by default, and -the Bazel `v8` crate feature selection tracks those targets. A full consumer -rollout still needs matching sandbox-enabled archives for every non-source-built -target. Until that artifact migration lands, the rusty_v8 publishing workflows -use `--config=v8-release-compat` to preserve the current non-sandboxed release -artifact contract. +The Bazel `v8` crate feature selection enables V8's in-process sandbox for +Darwin, Linux, and Windows GNU. Windows MSVC remains on upstream non-sandboxed +prebuilts. Current pinned versions: -- Rust crate: `v8 = =147.4.0` -- Embedded upstream V8 source for Bazel-produced release builds: `14.7.173.20` +- Rust crate: `v8 = =149.2.0` +- Embedded upstream V8 source for Bazel-produced release builds: `14.9.207.2` ## Updating to a new `v8` release @@ -66,6 +64,7 @@ current assets on the same tag, with the Rust crate's sandbox feature suffix in their raw names: - `librusty_v8_ptrcomp_sandbox_release_.a.gz` +- `rusty_v8_ptrcomp_sandbox_release_.lib.gz` on Windows MSVC - `src_binding_ptrcomp_sandbox_release_.rs` The dedicated publishing workflow is `.github/workflows/rusty-v8-release.yml`. @@ -87,13 +86,20 @@ The same run also builds the matching sandbox pair targets: - `//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_unknown_linux_musl` - `//third_party/v8:rusty_v8_sandbox_release_pair_aarch64_unknown_linux_musl` +The workflow also builds sandbox-enabled +`x86_64-pc-windows-msvc` and `aarch64-pc-windows-msvc` archive/binding pairs +from upstream `rusty_v8` source. Those ABI-specific outputs cannot be produced +by Codex's Bazel Windows GNU toolchain. + The Bazel graph pins the same libc++, libc++abi, and llvm-libc source revisions -used by `rusty_v8 v147.4.0`, compiles published artifact targets with +used by `rusty_v8 v149.2.0`, compiles published artifact targets with `--config=rusty-v8-upstream-libcxx`, and folds the matching runtime objects into -the final static archive so Cargo consumers can link it with the `v8` crate's -default `use_custom_libcxx` feature. The config keeps the object files and the -bundled runtime on Chromium's `std::__Cr` ABI namespace instead of mixing those -objects with the toolchain libc++ default namespace. +the final static archive so consumers can link it with the `v8` crate's default +`use_custom_libcxx` feature. The config keeps the object files and the bundled +runtime on Chromium's `std::__Cr` ABI namespace instead of mixing those objects +with the toolchain libc++ default namespace. Bazel consumers use these +source-built targets directly; Cargo release and package builds use the +published copies. MSVC is not part of the Bazel-produced matrix yet. The repository's current hermetic Windows C++ platform is `windows-gnullvm`/`x86_64-w64-windows-gnu`, so diff --git a/third_party/v8/libcxx.BUILD.bazel b/third_party/v8/libcxx.BUILD.bazel index 71a8f8ddcec..dd3f167dfcd 100644 --- a/third_party/v8/libcxx.BUILD.bazel +++ b/third_party/v8/libcxx.BUILD.bazel @@ -111,10 +111,11 @@ cc_runtime_stage0_library( "//conditions:default": ["-fPIC"], }), defines = [ - "CR_LIBCXX_REVISION=7ab65651aed6802d2599dcb7a73b1f82d5179d05", + "CR_LIBCXX_REVISION=99457fa555797f8c5ac3c076ca288d8481d3b23a", "LIBCXX_BUILDING_LIBCXXABI", "LIBC_NAMESPACE=__llvm_libc_cr", "_LIBCPP_BUILDING_LIBRARY", + "_LIBCPP_CONSTINIT=constinit", "_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS", "_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_EXTENSIVE", "_LIBCPP_INSTRUMENTED_WITH_ASAN=0", diff --git a/third_party/v8/libcxxabi.BUILD.bazel b/third_party/v8/libcxxabi.BUILD.bazel index 0645511db73..2afd6b76d10 100644 --- a/third_party/v8/libcxxabi.BUILD.bazel +++ b/third_party/v8/libcxxabi.BUILD.bazel @@ -65,6 +65,7 @@ cc_runtime_stage0_library( defines = [ "LIBCXXABI_SILENT_TERMINATE", "_LIBCPP_BUILDING_LIBRARY", + "_LIBCPP_CONSTINIT=constinit", "_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS", "_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_EXTENSIVE", "_LIBCPP_INSTRUMENTED_WITH_ASAN=0", diff --git a/third_party/v8/rusty_v8_147_4_0.sha256 b/third_party/v8/rusty_v8_147_4_0.sha256 deleted file mode 100644 index a287e5fd5b5..00000000000 --- a/third_party/v8/rusty_v8_147_4_0.sha256 +++ /dev/null @@ -1,2 +0,0 @@ -1fa3f94d9e09cff1f6bcce94c478e5cb072c0755f6a0357abadb9dd3b48d8127 rusty_v8_release_aarch64-pc-windows-msvc.lib.gz -e2827ff98b1a9d4c0343000fc5124ac30dfab3007bc0129c168c9355fc2fcd7c rusty_v8_release_x86_64-pc-windows-msvc.lib.gz diff --git a/third_party/v8/rusty_v8_149_2_0.sha256 b/third_party/v8/rusty_v8_149_2_0.sha256 new file mode 100644 index 00000000000..4c977547449 --- /dev/null +++ b/third_party/v8/rusty_v8_149_2_0.sha256 @@ -0,0 +1,2 @@ +923f2b6ccdc14526b814e171e34c9aafd7969f12304948857c6696d022f0fb3c rusty_v8_release_aarch64-pc-windows-msvc.lib.gz +12b5a791b54e92f748738ad8d0d12dad8d281a2d836638ad1aa6678e3b855d9a rusty_v8_release_x86_64-pc-windows-msvc.lib.gz diff --git a/tools/argument-comment-lint/README.md b/tools/argument-comment-lint/README.md index 7270c488671..889bae1df23 100644 --- a/tools/argument-comment-lint/README.md +++ b/tools/argument-comment-lint/README.md @@ -20,6 +20,11 @@ It provides two lints: String and char literals are exempt because they are often already self-descriptive at the callsite. +The sole non-self method argument is also exempt when the method name matches +the resolved parameter name. For example, `.enabled(false)` is already +self-descriptive when it resolves to `fn enabled(self, enabled: bool)`. An +explicit argument comment is still checked for a mismatch. + ## Behavior Given: diff --git a/tools/argument-comment-lint/src/lib.rs b/tools/argument-comment-lint/src/lib.rs index 5586509f24e..76b9e17732d 100644 --- a/tools/argument-comment-lint/src/lib.rs +++ b/tools/argument-comment-lint/src/lib.rs @@ -88,6 +88,8 @@ rustc_session::declare_lint! { /// /// Requires a `/*param*/` comment before anonymous literal-like /// arguments such as `None`, booleans, and numeric literals. + /// A method's sole non-self argument is exempt when its name matches the + /// method name. /// /// ### Why is this bad? /// @@ -125,6 +127,11 @@ rustc_session::declare_lint! { #[derive(Default)] pub struct ArgumentCommentLint; +enum CallKind { + Function, + Method { name: String }, +} + rustc_session::impl_lint_pass!( ArgumentCommentLint => [ARGUMENT_COMMENT_MISMATCH, UNCOMMENTED_ANONYMOUS_LITERAL_ARGUMENT] ); @@ -137,10 +144,18 @@ impl<'tcx> LateLintPass<'tcx> for ArgumentCommentLint { match expr.kind { ExprKind::Call(callee, args) => { - self.check_call(cx, expr, callee.span, args, 0); + self.check_call(cx, expr, callee.span, args, CallKind::Function); } - ExprKind::MethodCall(_, receiver, args, _) => { - self.check_call(cx, expr, receiver.span, args, 1); + ExprKind::MethodCall(method, receiver, args, _) => { + self.check_call( + cx, + expr, + receiver.span, + args, + CallKind::Method { + name: method.ident.name.to_string(), + }, + ); } _ => {} } @@ -154,7 +169,7 @@ impl ArgumentCommentLint { call: &'tcx Expr<'tcx>, first_gap_anchor: Span, args: &'tcx [Expr<'tcx>], - parameter_offset: usize, + call_kind: CallKind, ) { let Some(def_id) = fn_def_id(cx, call) else { return; @@ -167,6 +182,11 @@ impl ArgumentCommentLint { return; } + // Method parameter lists include `self`, which is not present in `args`. + let (parameter_offset, method_name) = match &call_kind { + CallKind::Function => (0, None), + CallKind::Method { name } => (1, Some(name.as_str())), + }; let parameter_names: Vec<_> = cx.tcx.fn_arg_idents(def_id).iter().copied().collect(); for (index, arg) in args.iter().enumerate() { if arg.span.from_expansion() { @@ -215,6 +235,12 @@ impl ArgumentCommentLint { continue; } + // Don't require a clarifying comment for self-documenting arguments whose names + // match the method. + if args.len() == 1 && method_name == Some(expected_name.as_str()) { + continue; + } + if !is_anonymous_literal_like(cx, arg) { continue; } diff --git a/tools/argument-comment-lint/ui/allow_self_documenting_methods.rs b/tools/argument-comment-lint/ui/allow_self_documenting_methods.rs new file mode 100644 index 00000000000..d57f7c521da --- /dev/null +++ b/tools/argument-comment-lint/ui/allow_self_documenting_methods.rs @@ -0,0 +1,25 @@ +#![warn(argument_comment_mismatch)] +#![warn(uncommented_anonymous_literal_argument)] + +struct Builder; + +impl Builder { + fn enabled(self, enabled: bool) -> Self { + let _ = enabled; + self + } + + fn retry_count(self, retry_count: usize) -> Self { + let _ = retry_count; + self + } + + fn base_url(self, base_url: Option) -> Self { + let _ = base_url; + self + } +} + +fn main() { + let _ = Builder.enabled(false).retry_count(3).base_url(None); +} diff --git a/tools/argument-comment-lint/ui/comment_mismatch.rs b/tools/argument-comment-lint/ui/comment_mismatch.rs index 3eebdd9dc25..f3ad4db7547 100644 --- a/tools/argument-comment-lint/ui/comment_mismatch.rs +++ b/tools/argument-comment-lint/ui/comment_mismatch.rs @@ -5,6 +5,16 @@ fn create_openai_url(base_url: Option) -> String { String::new() } +struct Options; + +impl Options { + fn enabled(self, enabled: bool) -> Self { + let _ = enabled; + self + } +} + fn main() { let _ = create_openai_url(/*api_base*/ None); + let _ = Options.enabled(/*value*/ false); } diff --git a/tools/argument-comment-lint/ui/comment_mismatch.stderr b/tools/argument-comment-lint/ui/comment_mismatch.stderr index 6ede656029b..058871395a3 100644 --- a/tools/argument-comment-lint/ui/comment_mismatch.stderr +++ b/tools/argument-comment-lint/ui/comment_mismatch.stderr @@ -1,5 +1,5 @@ warning: argument comment `/*api_base*/` does not match parameter `base_url` - --> $DIR/comment_mismatch.rs:9:44 + --> $DIR/comment_mismatch.rs:18:44 | LL | let _ = create_openai_url(/*api_base*/ None); | ^^^^ @@ -11,5 +11,13 @@ note: the lint level is defined here LL | #![warn(argument_comment_mismatch)] | ^^^^^^^^^^^^^^^^^^^^^^^^^ -warning: 1 warning emitted +warning: argument comment `/*value*/` does not match parameter `enabled` + --> $DIR/comment_mismatch.rs:19:39 + | +LL | let _ = Options.enabled(/*value*/ false); + | ^^^^^ + | + = help: use `/*enabled*/` + +warning: 2 warnings emitted diff --git a/tools/argument-comment-lint/ui/multiple_method_arguments.rs b/tools/argument-comment-lint/ui/multiple_method_arguments.rs new file mode 100644 index 00000000000..e15f1562430 --- /dev/null +++ b/tools/argument-comment-lint/ui/multiple_method_arguments.rs @@ -0,0 +1,14 @@ +#![warn(uncommented_anonymous_literal_argument)] + +struct Options; + +impl Options { + fn enabled(self, enabled: bool, retry_count: usize) -> Self { + let _ = (enabled, retry_count); + self + } +} + +fn main() { + let _ = Options.enabled(false, /*retry_count*/ 3); +} diff --git a/tools/argument-comment-lint/ui/multiple_method_arguments.stderr b/tools/argument-comment-lint/ui/multiple_method_arguments.stderr new file mode 100644 index 00000000000..f9b452e4fce --- /dev/null +++ b/tools/argument-comment-lint/ui/multiple_method_arguments.stderr @@ -0,0 +1,14 @@ +warning: anonymous literal-like argument for parameter `enabled` + --> $DIR/multiple_method_arguments.rs:13:29 + | +LL | let _ = Options.enabled(false, /*retry_count*/ 3); + | ^^^^^ help: prepend the parameter name comment: `/*enabled*/ false` + | +note: the lint level is defined here + --> $DIR/multiple_method_arguments.rs:1:9 + | +LL | #![warn(uncommented_anonymous_literal_argument)] + | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +warning: 1 warning emitted +