6 Commits

  • protocol: separate app and exec RPC ownership (#29714)
    ## Why
    
    The app-server and exec-server expose separate JSON-RPC APIs, but
    exec-server currently sources its serialized protocol and envelope types
    through app-server-oriented code. Giving each API an explicit owner
    makes the crate boundary legible without introducing shared generic
    envelopes.
    
    ## What changed
    
    - Added `codex-exec-server-protocol` to own exec DTOs, process IDs, and
    JSON-RPC envelopes.
    - Updated exec-server clients, transports, handlers, and tests to use
    the new crate.
    - Exposed app-server's existing JSON-RPC types through a public `rpc`
    module while retaining root re-exports.
    - Preserved existing wire shapes, including exec `PathUri` behavior.
    
    ## Stack
    
    This is PR 1 of 6. Next: [PR
    #29721](https://github.com/openai/codex/pull/29721), which moves auth
    mode below the app wire boundary.
    
    ## Validation
    
    - Exec-server protocol and server coverage passed in the focused
    protocol test runs.
    - App-server protocol schema fixtures passed.
  • Add typed file URIs (#26840)
    ## Why
    
    Codex needs stable `file:` URI identifiers that can cross process and
    operating-system boundaries without eagerly interpreting them as native
    paths. Existing fields also need to keep accepting absolute path strings
    during migration.
    
    ## What changed
    
    - Add `codex-utils-path-uri` with a validated, immutable `PathUri`
    wrapper that currently accepts only `file:` URLs.
    - Expose URI-level `basename`, `parent`, and `join` operations that
    preserve authorities and percent encoding without guessing the source
    operating system.
    - Keep native conversion explicit through `AbsolutePathBuf` and the
    current host rules.
    - Serialize as canonical URI text while accepting both URI text and
    legacy absolute native paths during deserialization.
    - Add adversarial coverage for Windows-looking and POSIX paths, UNC
    authorities, encoded metadata characters, non-UTF-8 POSIX paths, URI
    hierarchy operations, and legacy serde round trips.
  • ci: sign macOS release artifacts with Azure Key Vault (#26252)
    ## Why
    
    The public Codex release workflow needs to sign and notarize macOS
    binaries and DMGs without placing the Developer ID private key in
    GitHub. This moves the private-key operation behind the protected
    `codesigning` environment and uses GitHub OIDC with Azure Key Vault
    PKCS#11, while preserving the existing external `build_unsigned` /
    `promote_signed` fallback.
    
    ## What changed
    
    - Add a reusable AKV PKCS11 setup action that authenticates to Azure
    with OIDC, downloads pinned signing tools, verifies their SHA-256
    digests, and loads the public signing certificate from Key Vault.
    - Replace the legacy macOS signing action with scripts that support
    AKV-backed `rcodesign`, notarize signed binaries and DMGs, and staple
    DMG notarization tickets.
    - Restructure `rust-release.yml` so macOS builds produce unsigned
    artifacts first, protected jobs perform signing and notarization, macOS
    runners package and verify the results, and release publishing waits for
    verified artifacts.
    - Preserve the manual external-signing handoff flow and make manual-mode
    conditions explicit.
    - Move the Codex entitlements file alongside the signing scripts and
    update CODEOWNERS for the new signing surfaces.
    
    ## Verification
    
    - [Live protected signing workflow
    run](https://github.com/openai/codex/actions/runs/26903610631) completed
    successfully for both macOS architectures, including binary
    signing/notarization, DMG signing/notarization, and final artifact
    verification.
    - Downloaded both signed DMGs and independently verified their checksums
    and strict signatures.
    - Confirmed `xcrun stapler validate` succeeds and Gatekeeper accepts
    both DMGs as `Notarized Developer ID`.
    - Mounted both DMGs and confirmed the contained `codex` and
    `codex-responses-api-proxy` binaries have valid Developer ID signatures
    for the expected architectures.
    
    ---------
    
    Co-authored-by: shijie-openai <shijie.rao@openai.com>
  • [codex] Consolidate shared prompts in codex-prompts (#25151)
    ## Why
    
    `codex_core` is consistently a bottleneck for incremental builds during
    iteration. The simplest fix is to make the crate smaller.
    
    ## Summary
    
    `codex-core` owns several reusable prompt renderers and static prompt
    assets, which makes the crate harder to split apart.
    
    Rename `codex-review-prompts` to `codex-prompts` and move shared review,
    goal, permissions, compaction, realtime, hierarchical AGENTS.md, and
    `apply_patch` prompts into it. Move prompt-only tests and update
    consumers and `CODEOWNERS`.
    
    ## Validation
    
    - `just test -p codex-prompts -p codex-apply-patch`
    - `just test -p codex-core prompt_caching`
    - Bazel builds for the affected crates
  • Add core CODEOWNERS (#18362)
    Adds @openai/codex-core-agent-team as the owner for codex-rs/core/ and
    protects .github/CODEOWNERS with the same owner.