26 Commits

  • cli: add package path from install context (#26189)
    ## Why
    
    Codex package installs include helper binaries in `codex-path`, such as
    the bundled `rg`. Package-layout launches should add that directory
    before user commands run, but standalone launches were missing it while
    npm launches only worked because `codex.js` had its own legacy `PATH`
    rewrite. That made npm and standalone package behavior diverge.
    
    Shell snapshot restoration can also reset `PATH` after runtime setup.
    Any package-owned `PATH` prepend has to be recorded as an explicit
    runtime override so shells, unified exec, and user-shell commands keep
    access to `codex-path` after a snapshot is sourced.
    
    ## Repro
    
    Before this change, a curl-installed package could contain `rg` under
    `codex-path` but still fail to put it on `PATH`:
    
    ```shell
    mkdir /tmp/test-codex-curl
    curl -fsSL https://chatgpt.com/codex/install.sh \
      | CODEX_HOME=/tmp/test-codex-curl CODEX_NON_INTERACTIVE=1 sh
    /tmp/test-codex-curl/packages/standalone/current/bin/codex exec \
      --skip-git-repo-check 'print `which -a rg`'
    find /tmp/test-codex-curl -name rg
    ```
    
    The `which -a rg` output omitted the packaged helper even though `find`
    showed it under
    `/tmp/test-codex-curl/packages/standalone/releases/.../codex-path/rg`.
    
    The npm install path behaved differently only because
    `codex-cli/bin/codex.js` had legacy `PATH` rewriting:
    
    ```shell
    mkdir /tmp/test-codex-npm
    cd /tmp/test-codex-npm
    npm install @openai/codex
    ./node_modules/.bin/codex exec --skip-git-repo-check 'print `which -a rg`'
    ```
    
    That printed the npm package's `vendor/<target>/codex-path/rg` first.
    This PR moves that behavior into Rust-side package launch setup so
    curl/standalone and npm/bun launches agree without JS rewriting `PATH`.
    
    ## What Changed
    
    - `codex-rs/arg0` now uses
    `InstallContext::current().package_layout.path_dir` to prepend the
    package helper directory before any threads are created.
    - Package helper `PATH` setup is independent from the temporary arg0
    alias setup, so `codex-path` is still added even if CODEX_HOME tempdir,
    lock, or symlink setup fails.
    - `codex-rs/install-context` detects the canonical package layout we
    ship: `bin/`, `codex-resources/`, and `codex-path/` next to
    `codex-package.json`.
    - Shell, local unified exec, and user-shell runtimes now record package
    `codex-path` prepends in `explicit_env_overrides`, matching the existing
    zsh-fork behavior so shell snapshots cannot restore over the package
    helper path.
    - Remote unified exec requests do not receive the local app-server
    package path overlay.
    - `codex-cli/bin/codex.js` no longer computes or overrides `PATH`; it
    only locates the native binary in the canonical package layout and
    passes npm/bun management metadata.
    - Added regression tests for `PATH` ordering, package layout detection,
    and shell snapshot preservation of package path prepends.
    
    ## Verification
    
    - `node --check codex-cli/bin/codex.js`
    - `just test -p codex-install-context -p codex-arg0`
    - `just test -p codex-core
    user_shell_snapshot_preserves_package_path_prepend`
    - `just test -p codex-core tools::runtimes::tests`
    - `just bazel-lock-update`
    - `just bazel-lock-check`
    - `just fix -p codex-install-context -p codex-arg0 -p codex-core`
  • packaging: move rg manifest out of npm bin (#23833)
    ## Why
    
    Installing `@openai/codex` currently places a Dotslash `rg` manifest at
    `node_modules/@openai/codex/bin/rg`, even though the native optional
    dependency already ships the actual helper under
    `vendor/<target>/codex-path/rg`. The launcher prepends that `codex-path`
    directory, so the top-level `bin/rg` file is redundant in the npm
    install.
    
    The remaining direct consumers of the manifest are package-building
    paths: `scripts/codex_package/ripgrep.py` and
    `codex-cli/scripts/install_native_deps.py`. Keeping the manifest under
    `codex-cli/bin` makes it look like a shipped npm binary, so this moves
    it next to the package-builder code that owns it. The checked-in
    `@openai/codex` package metadata should likewise describe only the meta
    package payload; generated platform packages continue to publish
    `vendor`.
    
    ## What Changed
    
    - Moved the Dotslash ripgrep manifest from `codex-cli/bin/rg` to
    `scripts/codex_package/rg`.
    - Updated the package builder, npm native-artifact hydrator, README, and
    CLI help text to reference the new manifest location.
    - Stopped `codex-cli/scripts/build_npm_package.py` from copying `rg`
    into the `@openai/codex` meta package.
    - Narrowed the checked-in meta package `files` whitelist to
    `bin/codex.js`.
    
    ## Verification
    
    - `python3 -m unittest discover -s scripts/codex_package -p "test_*.py"`
    - `python3 -m unittest discover -s codex-cli/scripts -p "test_*.py"`
    - `python3 -m py_compile codex-cli/scripts/build_npm_package.py
    codex-cli/scripts/install_native_deps.py
    scripts/codex_package/ripgrep.py scripts/codex_package/cli.py
    scripts/stage_npm_packages.py`
    - `codex-cli/scripts/build_npm_package.py --package codex --version
    0.0.0-test --pack-output <tmp>/codex-meta-no-vendor.tgz`
    - `tar -tf <tmp>/codex-meta-no-vendor.tgz` showed only
    `package/bin/codex.js`, `package/package.json`, and `package/README.md`.
    - Direct staging check showed `codex` uses `files: ["bin/codex.js"]`
    while `codex-darwin-arm64` still uses `files: ["vendor"]`.
    
    ---
    [//]: # (BEGIN SAPLING FOOTER)
    Stack created with [Sapling](https://sapling-scm.com). Best reviewed
    with [ReviewStack](https://reviewstack.dev/openai/codex/pull/23833).
    * #23836
    * __->__ #23833
  • npm: ship platform packages in Codex package layout (#23637)
    ## Summary
    
    The npm platform packages should stop carrying a bespoke native layout
    now that the release workflow builds canonical Codex package archives.
    Keeping npm on the same `bin/`, `codex-resources/`, and `codex-path/`
    structure lets the Rust package-layout detection behave consistently
    across standalone, npm, and future DotSlash installs.
    
    This changes platform npm packages to stage the `codex-package` artifact
    for each target under `vendor/<target>`. The Node launcher now resolves
    `bin/codex` and prepends `codex-path`, while retaining legacy
    `vendor/<target>/codex` and `vendor/<target>/path` fallback support for
    local development and migration. The npm staging helper downloads
    `codex-package` archives instead of rebuilding the CLI payload from
    individual `codex`, `rg`, `bwrap`, and sandbox helper artifacts.
    
    CI still needs to stage npm packages from historical rust-release
    workflow artifacts that predate package archives, so the staging scripts
    expose an explicit `--allow-legacy-codex-package` fallback. That
    fallback synthesizes the canonical package layout from legacy per-binary
    artifacts and is wired only into the CI smoke path; release staging
    remains strict and continues to require real package archives.
    
    For direct local use, `install_native_deps.py` now points its built-in
    default workflow at the same recent artifact run used by CI and
    automatically enables legacy package synthesis only when
    `--workflow-url` is omitted. Explicit workflow URLs remain strict unless
    callers opt in with `--allow-legacy-codex-package`.
    
    ## Test plan
    
    - `python3 -m py_compile codex-cli/scripts/build_npm_package.py
    codex-cli/scripts/install_native_deps.py scripts/stage_npm_packages.py
    scripts/codex_package/cli.py`
    - `node --check codex-cli/bin/codex.js`
    - `ruby -e 'require "yaml";
    YAML.load_file(".github/workflows/rust-release.yml");
    YAML.load_file(".github/workflows/ci.yml"); puts "ok"'`
    - Staged a synthetic `codex-linux-x64` platform package from a canonical
    vendor tree and verified it copied only `bin/`, `codex-path/`,
    `codex-resources/`, and `codex-package.json`.
    - Imported `install_native_deps.py` and extracted a synthetic
    `codex-package-x86_64-unknown-linux-musl.tar.gz` into `vendor/<target>`.
    - Ran legacy-layout conversion smokes for Linux, Windows, and unsigned
    macOS artifact naming.
    - Ran a synthetic `install_native_deps.py` default-workflow smoke that
    verifies legacy package synthesis is automatic only when
    `--workflow-url` is omitted.
    - `NPM_CONFIG_CACHE="$tmp_dir/npm-cache" python3
    ./scripts/stage_npm_packages.py --release-version 0.125.0 --workflow-url
    https://github.com/openai/codex/actions/runs/26131514935 --package codex
    --allow-legacy-codex-package --output-dir "$tmp_dir"`
    - `node codex-cli/bin/codex.js --version`
    
    
    ---
    [//]: # (BEGIN SAPLING FOOTER)
    Stack created with [Sapling](https://sapling-scm.com). Best reviewed
    with [ReviewStack](https://reviewstack.dev/openai/codex/pull/23637).
    * #23638
    * __->__ #23637
  • feat(cli): add codex doctor diagnostics (#22336)
    ## Why
    
    Users and support need a single command that captures the local Codex
    runtime, configuration, auth, terminal, network, and state shape without
    asking the user to know which diagnostic depth to choose first. `codex
    doctor` now runs the useful checks by default and makes the detailed
    human output the default because the command is usually run when someone
    already needs context.
    
    The command also targets concrete support failure modes we have seen
    while iterating on the design:
    
    - update-target mismatches like #21956, where the installed package
    manager target can differ from the running executable
    - terminal and multiplexer issues that depend on `TERM`, tmux/zellij
    state, color handling, and TTY metadata
    - provider-specific HTTP/WebSocket connectivity, including ChatGPT
    WebSocket handshakes and API-key/provider endpoint reachability
    - local state/log SQLite integrity problems and large rollout
    directories
    - feedback reports that need an attached, redacted diagnostic snapshot
    without asking the user to run a second command
    
    ## What Changed
    
    - Adds `codex doctor` as a grouped CLI diagnostic report with default
    detailed output and `--summary` for the compact view.
    - Adds stable report sections for Environment, Configuration, Updates,
    Connectivity, and Background Server, plus a top Notes block that
    promotes anomalies such as available updates, large rollout directories,
    optional MCP issues, and mixed auth signals.
    - Adds runtime provenance, install consistency, bundled/system search
    readiness, terminal/multiplexer metadata, `config.toml` parse status,
    auth mode details, sandbox details, feature flag summaries, update
    cache/latest-version state, app-server daemon state, SQLite integrity
    checks, rollout statistics, and provider-aware network diagnostics.
    - Adds ChatGPT WebSocket diagnostics that report the negotiated HTTP
    upgrade as `HTTP 101 Switching Protocols` and include timeout, DNS,
    auth, and provider context in detailed output.
    - Makes reachability provider-aware: API-key OpenAI setups check the API
    endpoint, ChatGPT auth checks the ChatGPT path, and custom/AWS/local
    providers check configured HTTP endpoints when available.
    - Adds structured, redacted JSON output where `checks` is keyed by check
    id and `details` is a key/value object for support tooling.
    - Integrates doctor with feedback uploads by attaching a best-effort
    `codex-doctor-report.json` report and adding derived Sentry tags for
    overall status and failing/warning checks.
    - Updates the TUI feedback consent copy so users can see that the doctor
    report is included when logs/diagnostics are uploaded.
    - Updates the CLI bug issue template to ask reporters for `codex doctor
    --json` and render pasted reports as JSON.
    
    ## Example Output
    
    The examples below are sanitized from local smoke runs with `--no-color`
    so the structure is reviewable in plain text.
    
    ### `codex doctor`
    
    ```text
    Codex Doctor v0.0.0 · macos-aarch64
    
    Notes
       ↑ updates      0.130.0 available (current 0.0.0, dismissed 0.128.0)
       ⚠ rollouts     1,526 active files · 2.53 GB on disk
       ⚠ mcp          MCP configuration has optional issues
       ⚠ auth         mixed auth signals: ChatGPT login plus API key env var; HTTP reachability uses API-key mode
    ─────────────────────────────────────────────────────────────
    
    Environment
      ✓ runtime      local debug build
          version                  0.0.0
          install method           other
          commit                   unknown
          executable               ~/code/codex.fcoury-doct…x-rs/target/debug/codex
      ✓ install      consistent
          context                  other
          managed by               npm: no · bun: no · package root —
          PATH entries (2)         ~/.local/share/mise/installs/node/24/bin/codex
                                   ~/.local/share/mise/shims/codex
      ✓ search       ripgrep 15.1.0 (system, `rg`)
      ✓ terminal     Ghostty 1.3.2-main-+b0f827665 · tmux 3.6a · TERM=xterm-256color
          terminal                 Ghostty
          TERM_PROGRAM             ghostty
          terminal version         1.3.2-main-+b0f827665
          TERM                     xterm-256color
          multiplexer              tmux 3.6a
          tmux extended-keys       on
          tmux allow-passthrough   on
          tmux set-clipboard       on
      ✓ state        databases healthy
          CODEX_HOME               ~/.codex (dir)
          state DB                 ~/.codex/state_5.sqlite (file) · integrity ok
          log DB                   ~/.codex/logs_2.sqlite (file) · integrity ok
          active rollouts          1,526 files · 2.53 GB (avg 1.70 MB)
          archived rollouts        8 files · 3.84 MB (avg 491.11 KB)
    
    Configuration
      ✓ config       loaded
          model                    gpt-5.5 · openai
          cwd                      ~/code/codex.fcoury-doctor/codex-rs
          config.toml              ~/.codex/config.toml
          config.toml parse        ok
          MCP servers              1
          feature flags            36 enabled · 7 overridden (full list with --all)
          overrides                code_mode, code_mode_only, memories, chronicle, goals, remote_control, prevent_idle_sleep
      ✓ auth         auth is configured
          auth storage mode        File
          auth file                ~/.codex/auth.json
          auth env vars present    OPENAI_API_KEY
          stored auth mode         chatgpt
          stored API key           false
          stored ChatGPT tokens    true
          stored agent identity    false
      ⚠ mcp          MCP configuration has optional issues — Set the missing MCP env vars or disable the affected server.
          configured servers       1
          disabled servers         0
          streamable_http servers  1
          optional reachability    openaiDeveloperDocs: https://developers.openai.com/mcp (HEAD connect failed; GET connect failed)
      ✓ sandbox      restricted fs + restricted network · approval OnRequest
          approval policy          OnRequest
          filesystem sandbox       restricted
          network sandbox          restricted
    
    Connectivity
      ✓ network      network-related environment looks readable
      ✓ websocket    connected (HTTP 101 Switching Protocols) · 15s timeout
          model provider           openai
          provider name            OpenAI
          wire API                 responses
          supports websockets      true
          connect timeout          15000 ms
          auth mode                chatgpt
          endpoint                 wss://chatgpt.com/backend-api/<redacted>
          DNS                      2 IPv4, 2 IPv6, first IPv6
          handshake result         HTTP 101 Switching Protocols
      ✗ reachability one or more required provider endpoints are unreachable over HTTP — Check proxy, VPN, firewall, DNS, and custom CA configuration.
          reachability mode        API key auth
          openai API               https://api.openai.com/v1 connect failed (required)
    
    Background Server
      ○ app-server   not running (ephemeral mode)
    
    ─────────────────────────────────────────────────────────────
    11 ok · 1 idle · 4 notes · 1 warn · 1 fail failed
    
    --summary compact output           --all expand truncated lists
    --json redacted report
    ```
    
    ### `codex doctor --summary`
    
    ```text
    Codex Doctor v0.0.0 · macos-aarch64
    
    Notes
       ↑ updates      0.130.0 available (current 0.0.0, dismissed 0.128.0)
       ⚠ rollouts     1,526 active files · 2.53 GB on disk
       ⚠ mcp          MCP configuration has optional issues
       ⚠ auth         mixed auth signals: ChatGPT login plus API key env var; HTTP reachability uses API-key mode
    ─────────────────────────────────────────────────────────────
    
    Environment
      ✓ runtime      local debug build
      ✓ install      consistent
      ✓ search       ripgrep 15.1.0 (system, `rg`)
      ✓ terminal     Ghostty 1.3.2-main-+b0f827665 · tmux 3.6a · TERM=xterm-256color
      ✓ state        databases healthy
    
    Configuration
      ✓ config       loaded
      ✓ auth         auth is configured
      ⚠ mcp          MCP configuration has optional issues — Set the missing MCP env vars or disable the affected server.
      ✓ sandbox      restricted fs + restricted network · approval OnRequest
    
    Updates
      ✓ updates      update configuration is locally consistent
    
    Connectivity
      ✓ network      network-related environment looks readable
      ✓ websocket    connected (HTTP 101 Switching Protocols) · 15s timeout
      ✗ reachability one or more required provider endpoints are unreachable over HTTP — Check proxy, VPN, firewall, DNS, and custom CA configuration.
    
    Background Server
      ○ app-server   not running (ephemeral mode)
    
    ─────────────────────────────────────────────────────────────
    11 ok · 1 idle · 4 notes · 1 warn · 1 fail failed
    
    Run codex doctor without --summary for detailed diagnostics.
    --all expand truncated lists       --json redacted report
    ```
    
    ### `codex doctor --json` shape
    
    ```json
    {
      "schema_version": 1,
      "overall_status": "fail",
      "checks": {
        "runtime.provenance": {
          "id": "runtime.provenance",
          "category": "Environment",
          "status": "ok",
          "summary": "local debug build",
          "details": {
            "version": "0.0.0",
            "install method": "other",
            "commit": "unknown"
          }
        },
        "sandbox.helpers": {
          "id": "sandbox.helpers",
          "category": "Configuration",
          "status": "ok",
          "summary": "restricted fs + restricted network · approval OnRequest",
          "details": {
            "approval policy": "OnRequest",
            "filesystem sandbox": "restricted",
            "network sandbox": "restricted"
          }
        }
      }
    }
    ```
    
    ### `/feedback` new sentry attachment
    
    <img width="938" height="798" alt="CleanShot 2026-05-13 at 15 36 14"
    src="https://github.com/user-attachments/assets/715e62e0-d7b4-4fea-a35a-fd5d5d33c4c0"
    />
    
    ### New section in CLI issue template
    
    <img width="1164" height="435" alt="CleanShot 2026-05-13 at 15 47 24"
    src="https://github.com/user-attachments/assets/9081dc25-a28c-4afa-8ba1-e299c2b4031d"
    />
    
    ## How to Test
    
    1. Run `cargo run --bin codex -- doctor --no-color`.
    2. Confirm the detailed report is the default and includes promoted
    Notes, grouped sections, terminal details, state DB integrity, rollout
    stats, provider reachability, WebSocket diagnostics, and app-server
    status.
    3. Run `cargo run --bin codex -- doctor --summary --no-color`.
    4. Confirm the compact view keeps the same sections and summary counts
    but omits detailed key/value rows.
    5. Run `cargo run --bin codex -- doctor --json`.
    6. Confirm the output is redacted JSON, `checks` is an object keyed by
    check id, and each check's `details` is a key/value object.
    7. Preview the CLI bug issue template and confirm the `Codex doctor
    report` field appears after the terminal field, asks for `codex doctor
    --json`, and renders pasted output as JSON.
    8. Start a feedback flow that includes logs.
    9. Confirm the upload consent copy lists `codex-doctor-report.json`
    alongside the log attachments.
    
    Targeted tests:
    
    - `cargo test -p codex-cli doctor`
    - `cargo test -p codex-app-server
    doctor_report_tags_summarize_status_counts`
    - `cargo test -p codex-feedback`
    - `cargo test -p codex-tui feedback_view`
    - `just argument-comment-lint`
    - `git diff --check`
  • fix(cli): add execute permission to bin/codex.js (#9532)
    ## Summary
    Fixes #9520
    
    The `bin/codex.js` file was missing execute permissions (`644` instead
    of `755`), causing the `codex` command to fail after npm global
    installation.
    
    ## Changes
    - Added execute permission (`+x`) to `codex-cli/bin/codex.js`
    
    ## Verification
    After this fix, npm tarballs will include the correct file permissions:
    ```bash
    # Before: -rw-r--r-- (644)
    # After:  -rwxr-xr-x (755)
    ```
    
    ---
    🤖 Generated with Claude Code
    
    Co-authored-by: Claude <noreply@anthropic.com>
  • fix: add tui.alternate_screen config and --no-alt-screen CLI flag for Zellij scrollback (#8555)
    Fixes #2558
    
    Codex uses alternate screen mode (CSI 1049) which, per xterm spec,
    doesn't support scrollback. Zellij follows this strictly, so users can't
    scroll back through output.
    
    **Changes:**
    - Add `tui.alternate_screen` config: `auto` (default), `always`, `never`
    - Add `--no-alt-screen` CLI flag
    - Auto-detect Zellij and skip alt screen (uses existing `ZELLIJ` env var
    detection)
    
    **Usage:**
    ```bash
    # CLI flag
    codex --no-alt-screen
    
    # Or in config.toml
    [tui]
    alternate_screen = "never"
    ```
    
    With default `auto` mode, Zellij users get working scrollback without
    any config changes.
    
    ---------
    
    Co-authored-by: Josh McKinney <joshka@openai.com>
  • Fix: Detect Bun global install via path check (#8004)
    ## Summary
    Restores ability to detect when Codex is installed globally via **Bun**,
    which was broken by c3e4f920b4. Fixes
    #8003.
    
    Instead of relying on `npm_config_user_agent` (which is only set when
    running via `bunx` or `bun run`), this adds a path-based check to see if
    the CLI wrapper is located in Bun's global installation directory.
    
    ## Regression Context
    Commit `c3e4f920b4e965085164d6ee0249a873ef96da77` removed the
    `BUN_INSTALL` environment variable checks to prevent false positives.
    However, this caused false negatives for genuine Bun global installs
    because `detectPackageManager()` defaults to NPM when no signal is
    found.
    
    ## Changes
    - Updated `codex-cli/bin/codex.js` to check if `__dirname` contains
    `.bun/install/global` (handles both POSIX and Windows paths).
    
    ## Verification
    Verified by performing a global install of the patched CLI (v0.69.0 to
    trigger the update prompt):
    
    1. Packed the CLI using `npm pack` in `codex-cli/` to create a release
    tarball.
    2. Installed globally via Bun: `bun install -g
    $(pwd)/openai-codex-0.0.0-dev.tgz`.
    3. Ran `codex`, confirmed it detected Bun (banner showed `bun install -g
    @openai/codex`), selected "Update now", and verified it correctly
    spawned `bun install -g` instead of `npm`.
    4. Confirmed the upgrade completed successfully using Bun.
    <img width="1038" height="813" alt="verifying installation via bun"
    src="https://github.com/user-attachments/assets/00c9301a-18f1-4440-aa95-82ccffba896c"
    />
    5. Verified installations via npm are unaffected.
    <img width="2090" height="842" alt="verifying installation via npm"
    src="https://github.com/user-attachments/assets/ccb3e031-b85c-4bbe-bac7-23b087c5b844"
    />
  • chore: remove bun env var detect (#7534)
    ### Summary
    
    
    [Thread](https://openai.slack.com/archives/C08JZTV654K/p1764780129457519)
    
    We were a bit aggressive on assuming package installer based on env
    variables for BUN. Here we are removing those checks.
  • detect Bun installs in CLI update banner (#5074)
    ## Summary
    - detect Bun-managed installs in the JavaScript launcher and set a
    dedicated environment flag
    - show a Bun-specific upgrade command in the update banner when that
    flag is present
    
    Fixes #5012
    
    ------
    https://chatgpt.com/codex/tasks/task_i_68e95c439494832c835bdf34b3b1774e
    
    ---------
    
    Co-authored-by: Michael Bolin <mbolin@openai.com>
  • feat: introduce npm module for codex-responses-api-proxy (#4417)
    This PR expands `.github/workflows/rust-release.yml` so that it also
    builds and publishes the `npm` module for
    `@openai/codex-responses-api-proxy` in addition to `@openai/codex`. Note
    both `npm` modules are similar, in that they each contain a single `.js`
    file that is a thin launcher around the appropriate native executable.
    (Since we have a minimal dependency on Node.js, I also lowered the
    minimum version from 20 to 16 and verified that works on my machine.)
    
    As part of this change, we tighten up some of the docs around
    `codex-responses-api-proxy` and ensure the details regarding protecting
    the `OPENAI_API_KEY` in memory match the implementation.
    
    To test the `npm` build process, I ran:
    
    ```
    ./codex-cli/scripts/build_npm_package.py --package codex-responses-api-proxy --version 0.43.0-alpha.3
    ```
    
    which stages the `npm` module for `@openai/codex-responses-api-proxy` in
    a temp directory, using the binary artifacts from
    https://github.com/openai/codex/releases/tag/rust-v0.43.0-alpha.3.
  • fix: vendor ripgrep in the npm module (#3660)
    We try to ensure ripgrep (`rg`) is provided with Codex.
    
    - For `brew`, we declare it as a dependency of our formula:
    
    https://github.com/Homebrew/homebrew-core/blob/08d82d8b006a19efbe234477bc8b18d35b5fef50/Formula/c/codex.rb#L24
    - For `npm`, we declare `@vscode/ripgrep` as a dependency, which
    installs the platform-specific binary as part of a `postinstall` script:
    
    https://github.com/openai/codex/blob/fdb8dadcae9f8eec91bc3eb5a17b3f9b19e28505/codex-cli/package.json#L22
    - Users who download the CLI directly from GitHub Releases are on their
    own.
    
    In practice, I have seen `@vscode/ripgrep` fail on occasion. Here is a
    trace from a GitHub workflow:
    
    ```
    npm error code 1
    npm error path /Users/runner/hostedtoolcache/node/20.19.5/arm64/lib/node_modules/@openai/codex/node_modules/@vscode/ripgrep
    npm error command failed
    npm error command sh -c node ./lib/postinstall.js
    npm error Finding release for v13.0.0-13
    npm error GET https://api.github.com/repos/microsoft/ripgrep-prebuilt/releases/tags/v13.0.0-13
    npm error Deleting invalid download cache
    npm error Download attempt 1 failed, retrying in 2 seconds...
    npm error Finding release for v13.0.0-13
    npm error GET https://api.github.com/repos/microsoft/ripgrep-prebuilt/releases/tags/v13.0.0-13
    npm error Deleting invalid download cache
    npm error Download attempt 2 failed, retrying in 4 seconds...
    npm error Finding release for v13.0.0-13
    npm error GET https://api.github.com/repos/microsoft/ripgrep-prebuilt/releases/tags/v13.0.0-13
    npm error Deleting invalid download cache
    npm error Download attempt 3 failed, retrying in 8 seconds...
    npm error Finding release for v13.0.0-13
    npm error GET https://api.github.com/repos/microsoft/ripgrep-prebuilt/releases/tags/v13.0.0-13
    npm error Deleting invalid download cache
    npm error Download attempt 4 failed, retrying in 16 seconds...
    npm error Finding release for v13.0.0-13
    npm error GET https://api.github.com/repos/microsoft/ripgrep-prebuilt/releases/tags/v13.0.0-13
    npm error Deleting invalid download cache
    npm error Error: Request failed: 403
    ```
    
    To eliminate this error, this PR changes things so that we vendor the
    `rg` binary into https://www.npmjs.com/package/@openai/codex so it is
    guaranteed to be included when a user runs `npm i -g @openai/codex`.
    
    The downside of this approach is the increase in package size: we
    include the `rg` executable for six architectures (in addition to the
    six copies of `codex` we already include). In a follow-up, I plan to add
    support for "slices" of our npm module, so that soon users will be able
    to do:
    
    ```
    npm install -g @openai/codex@aarch64-apple-darwin
    ```
    
    Admittedly, this is a sizable change and I tried to clean some things up
    in the process:
    
    - `install_native_deps.sh` has been replaced by `install_native_deps.py`
    - `stage_release.sh` and `stage_rust_release.py` has been replaced by
    `build_npm_package.py`
    
    We now vendor in a DotSlash file for ripgrep (as a modest attempt to
    facilitate local testing) and then build up the extension by:
    
    - creating a temp directory and copying `package.json` over to it with
    the target value for `"version"`
    - finding the GitHub workflow that corresponds to the
    `--release-version` and copying the various `codex` artifacts to
    respective `vendor/TARGET_TRIPLE/codex` folder
    - downloading the `rg` artifacts specified in the DotSlash file and
    copying them over to the respective `vendor/TARGET_TRIPLE/path` folder
    - if `--pack-output` is specified, runs `npm pack` on the temp directory
    
    To test, I downloaded the artifact produced by this CI job:
    
    
    https://github.com/openai/codex/actions/runs/17961595388/job/51085840022?pr=3660
    
    and verified that `node ./bin/codex.js 'which -a rg'` worked as
    intended.
  • fix: include arm64 Windows executable in npm module (#3067)
    This is in support of https://github.com/openai/codex/issues/2979.
    
    Tested by running:
    
    ```
    ./codex-cli/scripts/install_native_deps.sh --workflow-url https://github.com/openai/codex/actions/runs/17416421450
    ```
  • [codex-cli] Add ripgrep as a dependency for node environment (#2237)
    ## Summary
    Ripgrep is our preferred tool for file search. When users install via
    `brew install codex`, it's automatically installed as a dependency. We
    want to ensure that users running via an npm install also have this
    tool! Microsoft has already solved this problem for VS Code - let's not
    reinvent the wheel.
    
    This approach of appending to the PATH directly might be a bit
    heavy-handed, but feels reasonably robust to a variety of environment
    concerns. Open to thoughts on better approaches here!
    
    ## Testing
    - [x] confirmed this import approach works with `node -e "const { rgPath
    } = require('@vscode/ripgrep'); require('child_process').spawn(rgPath,
    ['--version'], { stdio: 'inherit' })"`
    - [x] Ran codex.js locally with `rg` uninstalled, asked it to run `which
    rg`. Output below:
    
    ```
     Ran command which rg; echo $?
      ⎿ /Users/dylan.hurd/code/dh--npm-rg/node_modules/@vscode/ripgrep/bin/rg
        0
    
    codex
    Re-running to confirm the path and exit code.
    
    - Path: `/Users/dylan.hurd/code/dh--npm-rg/node_modules/@vscode/ripgrep/bin/rg`
    - Exit code: `0`
    ```
  • feat: include Windows binary of the CLI in the npm release (#2040)
    To date, the build scripts in `codex-cli` still supported building the
    old TypeScript version of the Codex CLI to give Windows users something
    they can run, but we are just going to have them use the Rust version
    like everyone else, so:
    
    - updates `codex-cli/bin/codex.js` so that we run the native binary or
    throw if the target platform/arch is not supported (no more conditional
    usage based on `CODEX_RUST`, `use-native` file, etc.)
    - drops the `--native` flag from `codex-cli/scripts/stage_release.sh`
    and updates all the code paths to behave as if `--native` were passed
    (i.e., it is the only way to run it now)
    
    Tested this by running:
    
    ```
    ./codex-cli/scripts/stage_rust_release.py --release-version 0.20.0-alpha.2
    ```
  • check for updates (#1764)
    1. Ping https://api.github.com/repos/openai/codex/releases/latest (at
    most once every 20 hrs)
    2. Store the result in ~/.codex/version.jsonl
    3. If CARGO_PKG_VERSION < latest_version, print a message at boot.
    
    ---------
    
    Co-authored-by: easong-openai <easong@openai.com>
  • fix: update bin/codex.js so it listens for exit on the child process (#1590)
    When Codex CLI is installed via `npm`, we use a `.js` wrapper script to
    launch the Rust binary.
    
    - Previously, we were not listening for signals to ensure that killing
    the Node.js process would also kill the underlying Rust process.
    - We also did not have a proper `exit` handler in place on the child
    process to ensure we exited from the Node.js process.
    
    This PR fixes these things and hopefully addresses
    https://github.com/openai/codex/issues/1570.
    
    This also adds logic so that Windows falls back to the TypeScript CLI
    again, which should address https://github.com/openai/codex/issues/1573.
  • Add Android platform support for Codex CLI (#1488)
    ## Summary
    Add Android platform support to Codex CLI
    
    ## What?
    - Added `android` to the list of supported platforms in
    `codex-cli/bin/codex.js`
    - Treats Android as Linux for binary compatibility
    
    ## Why?
    - Fixes "Unsupported platform: android (arm64)" error on Termux
    - Enables Codex CLI usage on Android devices via Termux
    - Improves platform compatibility without affecting other platforms
    
    ## How?
    - Modified the platform detection switch statement to include `case
    "android":`
    - Android falls through to the same logic as Linux, using appropriate
    ARM64 binaries
    - Minimal change with no breaking effects on existing functionality
    
    ## Testing
    - Tested on Android/Termux environment
    - Verified the fix resolves the platform detection error
    - Confirmed no impact on other platforms
    
    ## Related Issues
    Fixes the "Unsupported platform: android (arm64)" error reported by
    Termux users
  • fix: use aarch64-unknown-linux-musl instead of aarch64-unknown-linux-gnu (#1228)
    Now that we have published a GitHub Release that contains arm64 musl
    artifacts for Linux, update the following scripts to take advantage of
    them:
    
    - `dotslash-config.json` now uses musl artifacts for the `linux-aarch64`
    target
    - `install_native_deps.sh` for the TypeScript CLI now includes
    `codex-linux-sandbox-aarch64-unknown-linux-musl` instead of
    `codex-linux-sandbox-aarch64-unknown-linux-gnu` for sandboxing
    - `codex-cli/bin/codex.js` now checks for `aarch64-unknown-linux-musl`
    artifacts instead of `aarch64-unknown-linux-gnu` ones
  • fix: for the @native release of the Node module, use the Rust version by default (#1084)
    Added logic so that when we run `./scripts/stage_release.sh --native`
    (for the `@native` version of the Node module), we drop a `use-native`
    file next to `codex.js`. If present, `codex.js` will now run the Rust
    CLI.
    
    Ran `./scripts/stage_release.sh --native` and verified that when the
    running `codex.js` in the staged folder:
    
    ```
    $ /var/folders/wm/f209bc1n2bd_r0jncn9s6j_00000gp/T/tmp.efvEvBlSN6/bin/codex.js --version
    codex-cli 0.0.2505220956
    ```
    
    it ran the expected Rust version of the CLI, as desired.
    
    While here, I also updated the Rust version to one that I cut today,
    which includes the new shell environment policy config option:
    https://github.com/openai/codex/pull/1061. Note this may "break" some
    users if the processes spawned by Codex need extra environment
    variables. (We are still working to determine what the right defaults
    should be for this option.)
  • chore: introduce new --native flag to Node module release process (#844)
    This PR introduces an optional build flag, `--native`, that will build a
    version of the Codex npm module that:
    
    - Includes both the Node.js and native Rust versions (for Mac and Linux)
    - Will run the native version if `CODEX_RUST=1` is set
    - Runs the TypeScript version otherwise
    
    Note this PR also updates the workflow URL to
    https://github.com/openai/codex/actions/runs/14872557396, as that is a
    build from today that includes everything up through
    https://github.com/openai/codex/pull/843.
    
    Test Plan:
    
    In `~/code/codex/codex-cli`, I ran:
    
    ```
    pnpm stage-release --native
    ```
    
    The end of the output was:
    
    ```
    Staged version 0.1.2505121317 for release in /var/folders/wm/f209bc1n2bd_r0jncn9s6j_00000gp/T/tmp.xd2p5ETYGN
    Test Node:
        node /var/folders/wm/f209bc1n2bd_r0jncn9s6j_00000gp/T/tmp.xd2p5ETYGN/bin/codex.js --help
    Test Rust:
        CODEX_RUST=1 node /var/folders/wm/f209bc1n2bd_r0jncn9s6j_00000gp/T/tmp.xd2p5ETYGN/bin/codex.js --help
    Next:  cd "/var/folders/wm/f209bc1n2bd_r0jncn9s6j_00000gp/T/tmp.xd2p5ETYGN" && npm publish --tag native
    ```
    
    I verified that running each of these commands ran the expected version
    of Codex.
    
    While here, I also added `bin` to the `files` list in `package.json`,
    which should have been done as part of
    https://github.com/openai/codex/pull/757, as that added new entries to
    `bin` that were matched by `.gitignore` but should have been included in
    a release.
  • fix: /bug report command, thinking indicator (#381)
    - Fix `/bug` report command
    - Fix thinking indicator
  • fix: Improper spawn of sh on Windows Powershell (#318)
    # Fix CLI launcher on Windows by replacing `sh`-based entrypoint with
    cross-platform Node script
    
    ## What's changed
    
    * This PR attempts to replace the sh-based entry point with a node
    script that works on all platforms including Windows Powershell and CMD
    
    ## Why 
    
    * Previously, when installing Codex globally via `npm i -g
    @openai/codex`, Windows resulted in a broken CLI issue due to the `ps1`
    launcher trying to execute `sh.exe`.
    
    * If users don't have Unix-style shell, running the command will fail as
    seen below since `sh.exe` can't be found
    
    * Output:
     ``` 
    & : The term 'sh.exe' is not recognized as the name of a cmdlet,
    function, script file, or operable program. Check the
    spelling of the name, or if a path was included, verify that the path is
    correct and try again.
    At C:\Users\{user}\AppData\Roaming\npm\codex.ps1:24 char:7
    +     & "sh$exe"  "$basedir/node_modules/@openai/codex/bin/codex" $args
    +       ~~~~~~~~
    + CategoryInfo : ObjectNotFound: (sh.exe:String) [],
    CommandNotFoundException
        + FullyQualifiedErrorId : CommandNotFoundException
    ```
    
    
    
    ## How
    * By using a Node based entry point that resolves the path to the compiled ESM bundle and dynamically loads it using native ESM
    
    * Removed dependency on platform-specific launchers allowing a single entrypoint to work everywhere Node.js runs.
    
    
    ## Result
    
    Codex CLI now supports cross-platform and launches correctly via:
    * macOS / Linux
    * Windows PowerShell
    * GitBash
    * CMD
    * WSL
    
    Directly addresses #316 
    
    ![image](https://github.com/user-attachments/assets/85faaca4-24bc-47c9-8160-4e30df6da4c3)
    
    
    ![image](https://github.com/user-attachments/assets/a13f7adc-52c1-4c0e-af02-e35a35dc45d4)
  • add: changelog (#308)
    - Release `@openai/codex@0.1.2504172304`
    - Add changelog
  • feat(bin): support bun fallback runtime for codex CLI (#282)
    This PR adds a shell wrapper in `codex-cli/bin/codex` to detect node or
    bun as the runtime.
    
    It updates:
    - `package.json` bin entry
    - published files list to include bin/
    - README install instructions to include `bun install -g @openai/codex`